Security evaluation of Tree Parity Re-keying Machine implementations utilizing side-channel emissions
Tóm tắt
In this work, side-channel attacks (SCAs) are considered as a security metric for the implementation of hybrid cryptosystems utilizing the neural network-based Tree Parity Re-Keying Machines (TPM). A virtual study is presented within the MATLAB environment that explores various scenarios in which the TPM may be compromised. Performance metrics are evaluated to model possible embedded system implementations. A new algorithm is proposed and coined as Man-in-the-Middle Power Analysis (MIMPA) as a means to copy the TPM’s generated keys. It is shown how the algorithm can identify vulnerabilities in the physical device in which the cryptosystem is implemented by using its power emissions. Finally, a machine learning approach is used to identify the capabilities of neural networks to recognize properties of keys produced in the TPM as they are transferred to an encryption algorithm. The results show that physical exploits of TPM implementations in embedded systems can be identified and accounted for before a final release. The experiments and data acquisition is demonstrated with an implementation of a TPM-AES hybrid cryptosystem in an AVR microcontroller.
Tài liệu tham khảo
PW Shor, Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Rev. 41(2), 303–332 (1999).
I Kanter, W Kinzel, E Kanter, Secure exchange of information by synchronization of neural networks. EPL Europhys. Lett. 57(1), 141 (2002).
G Botella, U Meyer-Baese, A García, M Rodríguez, Quantization analysis and enhancement of a VLSI gradient-based motion estimation architecture. Digit. Signal Proc. 22(6), 1174–1187 (2012).
G Botella, A García, M Rodríguez-Álvarez, E Ros, U Meyer-Baese, MC Molina, Robust bioinspired architecture for optical-flow computation. IEEE Trans. Very Large Scale Integr.(VLSI) Syst.18(4), 616–629 (2010).
U Meyer-Baese, G Botella, DE Romero, M Kumm, in Independent Component Analyses, Compressive Sampling, Wavelets, Neural Net, Biosystems, and Nanoengineering X, 8401. Optimization of high speed pipelining in FPGA-based FIR filter design using genetic algorithm (SPIEMaryland, 2012), p. 84010R.
PC Kocher, in Annual International Cryptology Conference. Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems (SpringerBerlin, 1996), pp. 104–113.
J-J Quisquater, D Samyde, in Proceedings of the International Conference on Research in Smart Cards: Smart Card Programming and Security. E-SMART ’01. Electromagnetic analysis (EMA): measures and counter-measures for smart cards (SpringerLondon, 2001), pp. 200–210.
A Matthews, Low cost attacks on smart cards: the electromagnetic sidechannel. Next Generation Security Software, 1–15 (2006). Manchester.
J Friedman, Tempest: a signal problem. NSA Cryptologic Spectr. 35:, 76 (1972).
E Brier, M Joye, in International Workshop on Public Key Cryptography. Weierstraß elliptic curves and side-channel attacks (SpringerBerlin, 2002), pp. 335–345.
K Okeya, K Sakurai, ed. by L Batten, J Seberry. On insecurity of the side channel attack countermeasure using addition-subtraction chains under distinguishability between addition and doubling (SpringerBerlin, Heidelberg, 2002), pp. 420–435.
P Kocher, J Jaffe, B Jun, Differential power analysis. (M Wiener, ed.) (Springer, Berlin, Heidelberg, 1999).
E Brier, C Clavier, F Olivier, Correlation power analysis with a leakage model. (M Joye, J-J Quisquater, eds.) (Springer, Berlin, Heidelberg, 2004).
S Chari, JR Rao, P Rohatgi, in International Workshop on Cryptographic Hardware and Embedded Systems. Template attacks (SpringerBerlin, 2002), pp. 13–28.
CG Günther, An identity-based key-exchange protocol. (J-J Quisquater, J Vandewalle, eds.) (Springer, Berlin, Heidelberg, 1990).
C Paar, J Pelzl, Understanding cryptography: a textbook for students and practitioners. 1st edn (Springer, New York, 2009).
NIST, in Proc. FIPS PUB. Federal information processing standards publication 197: Advanced Encryption Standard (National Insitute of Standards and TechnologyUnited States, 2001), pp. 46–53.
NIST, Cnss policy no. 15, fact sheet no. 1: National policy on the use of the advanced encryption standard (AES) to protect national security systems and national security information. Technical report, National Insitute of Standards and Technology, United States (2003).
J Daemen, V Rijmen, The design of Rijndael: AES-the advanced encryption standard (Springer, Secaucus, 2013).
M Volkmer, Entity authentication and authenticated key exchange with tree parity machines. IACR Cryptol. ePrint Arch.2006:, 112 (2006).
R Mislovaty, Y Perchenok, I Kanter, W Kinzel, Secure key-exchange protocol with an absence of injective functions. Phys. Rev. E. 66(6), 0661021–0661025 (2002). APS.
Inc TekVISA, TekVISA Version 1.1 Programmer Manual, 1.1 edn. (TekVISA, Beaverton.
L Zhuang, F Zhou, JD Tygar, in Proceedings of the 12th ACM Conference on Computer and Communications Security. CCS ’05. Keyboard acoustic emanations revisitedACMNew York, 2005), pp. 373–382.
G Hospodar, B Gierlichs, E De Mulder, I Verbauwhede, J Vandewalle, Machine learning in side-channel analysis: a first study. J Cryptographic Eng. 1(4), 293 (2011).
J Martínez Padilla, NN Side channel classifier dataset (GitHub, 2017). https://github.com/dbossnirvana/NN_SideChannelClassifier. Accessed 10 Dec 2017.