当前位置:
X-MOL 学术
›
IEEE Trans. Inform. Forensics Secur.
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
A Framework for Evaluation and Analysis on Infection Countermeasures Against Fault Attacks
IEEE Transactions on Information Forensics and Security ( IF 6.8 ) Pub Date : 2019-03-20 , DOI: 10.1109/tifs.2019.2903653 Jingyi Feng , Hua Chen , Yang Li , Zhipeng Jiao , Wei Xi
IEEE Transactions on Information Forensics and Security ( IF 6.8 ) Pub Date : 2019-03-20 , DOI: 10.1109/tifs.2019.2903653 Jingyi Feng , Hua Chen , Yang Li , Zhipeng Jiao , Wei Xi
Infection is a fault attack countermeasure, which aims to destroy the dependency of the faulty ciphertexts on the secret key. However, current security evaluations on infection countermeasures are either tailored for the specific attack scenario or not general enough to apply to various infection instances. They cannot come to convincing results, let alone make comparisons between different countermeasures. Based on information theory, this paper presents a generic evaluation framework that is feasible for various infection countermeasures and attack scenarios. The framework is constructed with the idea to separate the infection function from the unprotected cipher yet consider the fault injection effect on the unprotected cipher in the infection function evaluation. First, the security judging criteria for the infection function under different attack scenarios are personalized according to the injection-caused security loss of the unprotected cipher. Then, a universal method of security quantitative analysis on infection function is proposed with two important steps: the prior knowledge collection and the infection operation decomposition analysis. Because the analysis results of the simple infection operation can be reused within the infection function under various attack scenarios, the security quantifications are efficient. Based on this framework, the paper also reviews some existing infection countermeasures for their fault attack resistances. The result shows that our analysis can expose more infection vulnerabilities than the previous works. Besides, the security quantification and judgment on these countermeasures give us a new insight into their security applicable scopes. They are instructive for the countermeasure selection when the implementation costs are very close. Furthermore, the framework provides an efficient way to evaluate future infection countermeasures.
中文翻译:
故障攻击感染对策的评估与分析框架
感染是一种故障攻击对策,旨在消除错误密文对密钥的依赖性。但是,当前针对感染对策的安全性评估要么针对特定的攻击场景量身定做,要么不够笼统,无法应用于各种感染实例。他们无法得出令人信服的结果,更不用说对不同对策进行比较了。基于信息论,本文提出了一种通用的评估框架,适用于各种感染对策和攻击场景。该框架的构想是将感染功能与不受保护的密码分开,但在感染功能评估中考虑故障注入对不受保护的密码的影响。第一,根据无保护密码的注入导致的安全损失,个性化针对不同攻击场景下的感染功能的安全性判断标准。然后,通过两个重要步骤提出了一种通用的感染功能安全定量分析方法:先验知识收集和感染操作分解分析。因为简单的感染操作的分析结果可以在各种攻击情形下在感染功能内重复使用,所以安全量化是有效的。在此框架的基础上,本文还回顾了一些针对其故障攻击抵抗力的现有感染对策。结果表明,我们的分析比以前的研究可以揭示更多的感染漏洞。除了,这些对策的安全量化和判断使我们对它们的安全适用范围有了新的认识。当实施成本非常接近时,它们对于选择对策具有指导意义。此外,该框架提供了一种评估未来感染对策的有效方法。
更新日期:2020-04-22
中文翻译:
故障攻击感染对策的评估与分析框架
感染是一种故障攻击对策,旨在消除错误密文对密钥的依赖性。但是,当前针对感染对策的安全性评估要么针对特定的攻击场景量身定做,要么不够笼统,无法应用于各种感染实例。他们无法得出令人信服的结果,更不用说对不同对策进行比较了。基于信息论,本文提出了一种通用的评估框架,适用于各种感染对策和攻击场景。该框架的构想是将感染功能与不受保护的密码分开,但在感染功能评估中考虑故障注入对不受保护的密码的影响。第一,根据无保护密码的注入导致的安全损失,个性化针对不同攻击场景下的感染功能的安全性判断标准。然后,通过两个重要步骤提出了一种通用的感染功能安全定量分析方法:先验知识收集和感染操作分解分析。因为简单的感染操作的分析结果可以在各种攻击情形下在感染功能内重复使用,所以安全量化是有效的。在此框架的基础上,本文还回顾了一些针对其故障攻击抵抗力的现有感染对策。结果表明,我们的分析比以前的研究可以揭示更多的感染漏洞。除了,这些对策的安全量化和判断使我们对它们的安全适用范围有了新的认识。当实施成本非常接近时,它们对于选择对策具有指导意义。此外,该框架提供了一种评估未来感染对策的有效方法。
京公网安备 11010802027423号