当前位置: X-MOL 学术J. Inf. Secur. Appl. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Side-channel leakage assessment metrics and methodologies at design cycle: A case study for a cryptosystem
Journal of Information Security and Applications ( IF 3.8 ) Pub Date : 2020-07-15 , DOI: 10.1016/j.jisa.2020.102561
V. Samadi Bokharaie , A. Jahanian

Current EDA (electronic design automation) tools are not capable to consider side-channel vulnerabilities at design time. Therefore, designers should manage such security considerations in their designs manually. One of the main reasons for this glaring shortcoming is the lack of feasible metrics to assess the immunity of various crypto-system designs against various attacks at design time. In this paper, we suggest and categorize the required features for a reliable metric for side-channel security assessment in EDA tools and then we show that T-test can be used as a reliable metric to assess the impact of such attacks in a crypto-system. We also present a toolchain called Time-based Power Simulation engine (TPS) to perform required gate-level power measurements during the design phase. TPS is used for tests that are conducting in this research. Using this toolchain, we evaluate the T-test as an assessment metric for analyzing the security at design time against side-channel attacks. Results of our analysis show that it can be used efficiently as a feasible metric to measure the vulnerability level of a design against the SCA attacks. Moreover, the results of the T-test at the design phase show that using different bits of intermediate round values as selection functions in our DES cipher implementation leads to very different levels of information leakage.



中文翻译:

设计周期的边通道泄漏评估指标和方法:一个密码系统的案例研究

当前的EDA(电子设计自动化)工具无法在设计时考虑侧通道漏洞。因此,设计人员应在其设计中手动管理此类安全注意事项。造成这一明显缺陷的主要原因之一是缺乏在设计时评估各种密码系统设计对各种攻击的抵抗力的可行指标。在本文中,我们建议并分类了在EDA工具中进行边信道安全评估的可靠度量所需的功能,然后证明了T-test可用作评估此类攻击在密码系统中的影响的可靠度量。我们还提出了一个名为基于时间的功率仿真引擎(TPS)的工具链,以在设计阶段执行所需的门级功率测量。TPS用于进行这项研究中的测试。使用此工具链,我们评估T检验作为评估指标,以分析设计时针对侧信道攻击的安全性。我们的分析结果表明,它可以有效地用作衡量针对SCA攻击的设计漏洞级别的可行指标。而且,T的结果设计阶段的-test测试表明,在我们的DES密码实现中,使用不同的中间取整值位作为选择函数会导致非常不同的信息泄漏水平。

更新日期:2020-07-15
down
wechat
bug