Movatterモバイル変換

[0]ホーム
URL:

Skip to main content
Springer Nature Link
Log in

SoCs security: a war against side-channels

Sécurité des Systèmes sur Puce (SoC): la Chasse aux Canaux Cachés

  • Published:
Annales Des Télécommunications Aims and scope Submit manuscript

Abstract

This article presents the state-of-the-art of the physical security of smart devices.

Electronic devices are getting ubiquitous and autonomous: their security is thus becoming a predominant feature. Attacks targeting the physical layer are all the more serious as hardware is not naturally protected against them. The attacks typically consist in either tampering with the device so as to make it malfunction or in spying at some information it leaks. Those attacks, either active or passive, belong to the side-channel attack class.

Active attacks operate by writing on an ad hoc side-channel: a degree a freedom normally not available to the end-user is modified by force. Passive attacks consist in listening to a side-channel: the attacker is thus able to gain more information about the device operation than it is supposed to.

Counter-measures against both types of attacks have been proposed and we show that only some of them are relevant. Active attacks are forfeited by an appropriate detection mechanism and passive attacks by the removal of all sorts of information leakage. As a consequence, securing hardware consists in watching side-channels or removing them if possible.

The increase of security is mainly driven by two trends: integration of the system (on a SoC) for improved discretion and development of a dedicated symptom-free electroniccad. SoCs security is thus foreseen to become a discipline in itself.

Résumé

Cet article présente l’état de l’art des connaissances sur la sécurité des systèmes électroniques embarqués.

De plus en plus de puces sont disséminées dans notre environnement pour créer une intelligence ambiante. De par l’ouverture de ces réseaux de puces communiquantes, celles-ci ont besoin d’être sécurisées. Les attaques sur les circuits électroniques sont donc préoccupantes, d’autant plus que les circuits sont naturellement vulnérables. Les attaques consistent typiquement à faire dysfonctionner la puce ou bien à espionner l’information qu’elle laisse fuir. Dans les deux cas, on parle d’attaques exploitant un canal caché.

Les attaques actives écrivent sur un canal caché: l’attaquant modifie de force le circuit. Quant aux attaques passives, elles lisent un canal caché: l’attaquant dispose de cette façon de plus d’information sur le fonctionnement du circuit qu’il n’est censé en avoir.

Parmi les contre-mesures proposées, nous montrons que seules certaines résolvent durablement les failles de sécurité. La parade contre les attaques actives est un mécanisme de détection, et la parade contre les attaques passives est l’élimination de toute fuite d’information. Ainsi, la sécurité du matériel repose sur la surveillance des canaux cachés, ou mieux, sur leur éradication quand cela est possible.

Deux leviers servent à augmenter la sécurité physique des circuits électroniques l’intégration de ces circuits sur un même substrat (SoC) pour confiner le système sensible et l’invention puis le développement de méthodes de conception de circuits dépourvus de canaux cachés. On pressent donc que la sécurité des SoC est en passe de devenir une discipline à part entière.

This is a preview of subscription content,log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
¥17,985 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price includes VAT (Japan)

Instant access to the full article PDF.

Similar content being viewed by others

References

  1. Common Criteria website. http://www.commoncriteria.org/.

  2. tcg (formerlytcpa) website. https://www.trustedcomputinggroup.org/.

  3. ches conference website. http://www.chesworkshop.org/.

  4. G3Card website. http://www.g3card.org/.

  5. irts (International Technology Roadmap for Semiconductors) website, http://public.itrs.net/.

  6. Abraham (D.),Dolan (C.),Double (G.),Stevens (J.), Transaction Security System,ibm Systems Journal,30(2):206–229, 1991.

    Article  Google Scholar 

  7. Agrawal (D.),Archambeault (B.),Rao (J. R.),Rohatgi (P.), Theem Side-Channel(s): Attacks and Assessment Methodologies.ibm Report.

  8. Anderson (R.)and Kuhn (M.), Tamper Resistance- a Cautionary Note,Proc. of the Second Usenix Workshop on Electronic Commerce, pages 1–11, November 1996.

  9. Anderson (R.) andKuhn (M.), Low Cost Attacks on Tamper Resistant Devices,Proc. ofiwsp: 5th International Workshop of Security Protocols, 1361:125–136, April 7–9 1997, Paris (France).

    Google Scholar 

  10. Biham (E.),Shamir (A.), Differential fault analysis on secret key cryptosystems,Proc. ofcrpto’97, 1294:513–525, 1997.

    Google Scholar 

  11. Biham (E.),Shamir (A.), Power Analysis of the Key Scheduling of theaes Candidates,Proc. of the Second Advanced Encryption Standard (aes) Candidate Conference, 1999.

  12. Boneh (D.),Brumley (D.), Remote timing attacks are practical,Proc. of the 12th Usenix Security Symposium, 2003.

  13. Boneh (D.),Demillo (R. A.),Lipton (R.J.), On the Importance of Checking Cryptographic Protocols for Faults,Proc. of Eurocrypt ’97, pages 37–51, 1997. http://theory.stanford.edu/dabo/abstracts/faults.html.

  14. Chari (S.),Jutla (C.),Rao (J. R.),and Rohatgi (P.), A Cautionary Note Regarding Evaluation ofaes Candidates on Smart-Cards,Proc. of the Second Advanced Encryption Standard (aes) Candidate Conference.

  15. Gandolfi (K.),Mourtel (C.),Olivier (F.), Electromagnetic Analysis: Concrete Results,Proc. ofches’01, 2162:251–261, 2001.

    Google Scholar 

  16. Gassend (B.),Clarke (D.),Suh (G. E.),van Dijk (M.),and Devadas (S.), Caches and hash trees for efficient memory integrity verification.Proc. of the Nineth International Symposium on High Performance Computer Architecture (hpca91), February 2003.

  17. Guilley (S.),Hoogvorst (P.),Mathieu (Y.),Pacalet (R.),Provost (J.),cmos Structures Suitable for Secured Hardware,Proc. ofdate’04, pages 1414–1415, February 2004.

  18. Joye (M.),Yen (S.-M.), The Montgomery Powering Ladder,Proc. ofches’02, pages 291–302, 2002.

  19. Kömmerling (O.),Kuhu (M.), Design Principles for Tamper-Resistant Smartcard Processors,Proc. of the Usenix Workshop on Smartcard Technology (Smart card’99), pages 9–20, May 1999.

  20. Kocher (P.),Jaffe (J.),Jun (B.), Timing Attacks on Implementations of Diffie-Hellman,rsa, dss, and Other Systems.Proc. ofcrypto’96, 1109:104–113, 1996.

    Google Scholar 

  21. Kocher (P.),Jaffe (J.),Jun (B.), Differential Power Analysis: Leaking Secrets,Proc. ofcrypto’99, 1666:388–397, 1999.

    Google Scholar 

  22. Kuhn (M. G.), Cipher Instruction Search Attack on the Bus-Encryption Security Microcontrollerds5002fp,ieee Transactions on Computers, 47(10):1153–1157, oct 1998.

    Article  Google Scholar 

  23. Lauradoux (C.),Keryell (R.), CryptoPage-2 : un processeur sécurisé contre le rejeu,Proc. ofrenpar’15 /cfse’3 / Sympaaa’2003, octobre 2003.

  24. Matherat (P.),Jaekel (M.-T.), Dissipation logique des implémentations d’automates — dissipation du calcul,Technique et Science Informatiques, 15(8):1079–1104, 1996.

    Google Scholar 

  25. Menezes (A. J.),van Oorschot (P. C.),Vanstone (S. A.), Handbook of Applied Cryptography, 1997,crc Press,isbn: 0-8493-8523-7.

  26. Moore (S.),Mullins (R.),Cunningham (P.),Anderson (R.),Taylor (C.), Improving smart card security using self-timed circuits,Proc. of Async’02, pages 211–218, April 2002.

  27. Nève (M.),Peeters (E.),Samyde (D.),Quisquater (J.-J.), Memories: a Survey of their Secure Uses in Smart Cards,Proc. ofieee slsw 2003, October 2003, Washingtondc, USA.

  28. Oswald (E,),On Side-Channel Attacks and the Application of Algorithmic Countermeasures, PhD thesis, May 2003, http://www.iaik.tu-graz.ac.at/aboutus/people/oswald/papers/PhD.pdf

  29. Shams (M.),Ebergen (J.),Elmasry (M.), Modeling and comparingcmos implementations of the C-element.ieee Transactions onvlsi Systems, 6(4):563–567, 1998.

    Article  Google Scholar 

  30. Skorobogatov (S. P.),Anderson (R. J.), Optical Fault Induction Attacks,Proc. ofches’02, 2002.

Download references

Author information

Authors and Affiliations

  1. Département communication et électronique, GET/Télécom Paris, CNRS LTCI (UMR 5141), 46 rue Barrault, 75634, Paris Cedex 13, France

    Sylvain Guilley

  2. Institut Eurecom, 2229 route des Crêtes, BP 193, 06904, Sophia-Antipolis Cedex, France

    Renaud Pacalet

Authors
  1. Sylvain Guilley

    You can also search for this author inPubMed Google Scholar

  2. Renaud Pacalet

    You can also search for this author inPubMed Google Scholar

Rights and permissions

About this article

Access this article

Subscribe and save

Springer+ Basic
¥17,985 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price includes VAT (Japan)

Instant access to the full article PDF.

Advertisement

[8]ページ先頭
©2009-2025 Movatter.jp