当前位置:
X-MOL 学术
›
IEEE Trans. Comput.-Aided Design Integr. Circuits Syst.
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
SAFARI: Automatic Synthesis of Fault-Attack Resistant Block Cipher Implementations
IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems ( IF 2.9 ) Pub Date : 2020-04-01 , DOI: 10.1109/tcad.2019.2897629 Indrani Roy , Chester Rebeiro , Aritra Hazra , Swarup Bhunia
IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems ( IF 2.9 ) Pub Date : 2020-04-01 , DOI: 10.1109/tcad.2019.2897629 Indrani Roy , Chester Rebeiro , Aritra Hazra , Swarup Bhunia
Most cipher implementations are vulnerable to a class of cryptanalytic attacks known as fault injection attacks. To reveal the secret key, these attacks make use of faults induced at specific locations during the execution of the cipher. Countermeasures for fault injection attacks require these vulnerable locations in the implementation to be first identified and then protected. However, both these steps are difficult and error-prone and, hence, it requires considerable expertise to design efficient countermeasures. Incorrect or insufficient application of the countermeasures would cause the implementation to remain vulnerable, while inefficient application of the countermeasures could lead to significant performance penalties to achieve the desired fault-attack resistance. In this paper, we present a novel framework called SAFARI for automatically synthesizing fault-attack resistant implementations of block ciphers. The framework takes as input the security requirements and a high-level specification of the block cipher. It automatically detects the vulnerable locations from the specification, applies an appropriate countermeasure based on the user-specified security requirements, and then synthesizes an efficient, fault-attack protected, RTL, or C code for the cipher. We take AES, CAMELLIA, and CLEFIA as case studies and demonstrate how the framework would explore different countermeasures, based on the vulnerability of the locations, the output format, and the required security margins. We then evaluate the efficacy of SAFARI in hardware and software to the design overhead incurred and the fault coverage.
中文翻译:
SAFARI:自动合成抗故障分组密码实现
大多数密码实现都容易受到一类称为故障注入攻击的密码分析攻击。为了揭示密钥,这些攻击利用在执行密码期间在特定位置引起的故障。故障注入攻击的对策需要首先识别实施中的这些易受攻击的位置,然后进行保护。然而,这两个步骤都很困难且容易出错,因此需要相当多的专业知识来设计有效的对策。不正确或不充分的对策应用将导致实施仍然脆弱,而对策的低效应用可能导致显着的性能损失,以实现所需的抗故障能力。在本文中,我们提出了一个名为 SAFARI 的新框架,用于自动合成块密码的抗故障攻击实现。该框架将安全要求和分组密码的高级规范作为输入。它会根据规范自动检测易受攻击的位置,根据用户指定的安全要求应用适当的对策,然后为密码合成有效的、受故障攻击保护的 RTL 或 C 代码。我们以 AES、CAMELLIA 和 CLEFIA 作为案例研究,并展示了该框架如何根据位置的漏洞、输出格式和所需的安全余量探索不同的对策。然后,我们评估 SAFARI 在硬件和软件中对产生的设计开销和故障覆盖率的功效。
更新日期:2020-04-01
中文翻译:
SAFARI:自动合成抗故障分组密码实现
大多数密码实现都容易受到一类称为故障注入攻击的密码分析攻击。为了揭示密钥,这些攻击利用在执行密码期间在特定位置引起的故障。故障注入攻击的对策需要首先识别实施中的这些易受攻击的位置,然后进行保护。然而,这两个步骤都很困难且容易出错,因此需要相当多的专业知识来设计有效的对策。不正确或不充分的对策应用将导致实施仍然脆弱,而对策的低效应用可能导致显着的性能损失,以实现所需的抗故障能力。在本文中,我们提出了一个名为 SAFARI 的新框架,用于自动合成块密码的抗故障攻击实现。该框架将安全要求和分组密码的高级规范作为输入。它会根据规范自动检测易受攻击的位置,根据用户指定的安全要求应用适当的对策,然后为密码合成有效的、受故障攻击保护的 RTL 或 C 代码。我们以 AES、CAMELLIA 和 CLEFIA 作为案例研究,并展示了该框架如何根据位置的漏洞、输出格式和所需的安全余量探索不同的对策。然后,我们评估 SAFARI 在硬件和软件中对产生的设计开销和故障覆盖率的功效。
京公网安备 11010802027423号