1

SPACES : Security evaluation of Physically Attacked Cryptoprocessors in Embedded Systems

Summary

This project aims to establish a new security evaluation methodology for cryptographic modules implemented in embedded systems which are targeted by physical attacks. Physical attacks based on side-channel information, called side-channel attacks, are now of major concern for the evaluation of cryptographic modules. When a cryptographic module performs encryption or decryption, secret parameters correlated to the intermediate data being processed can be leaked via power dissipation, electromagnetic (EM) radiation, or operating times as side-channel information. Such attacks are called power-analysis attack, EM attack, and timing attack, respectively. Another attack of this kind is called fault attack which injects faults into a cryptographic module via power supply or clock signals. These are now essential issues for designers of smartcards and other secure embedded cryptosystems.

Addressing the above issues, this project does a comprehensive study of security evaluation methodologies on cryptographic modules against the physical attacks. The main objective of this project is to propose a novel evaluation platform based on both simulation and in-situ evaluations.

The models of simulation evaluation are studied at various levels of abstraction: high-level symbolic model, middle-level mixed-signal model, and low-level physical model. Symbolic model has not been used for two main reasons so far. The first one comes from the inefficiency of analog and digital simulators to estimate circuit activity or behavior against fault injection. Another reason is the difficulty to know the exact leakage model. The simulator proposed in this project solves the above issues by introducing a new simulation kernel able to consider different abstraction levels of side-channel information. The mixed-signal model allows to obtain a balance between accuracy and computation-time for the security evaluation using partial-applied analog models in analog/digital-mixed environments. The low-level model in this project is intended for the lowest-level simulation based on post-layout circuit data. An effective extraction of physical parameters is proposed as a key technology to simulate a cryptographic module in the low-level simulator. The modeling techniques are expected to be complementary to each other. The in-situ evaluation is studied using Side-channel Attack Standard Evaluation Board (SASEBO) and cryptographic cores that have developed by the project partners (Telecom ParisTech, Tohoku University and AIST). SASEBO is specified for measuring side-channel information from cryptographic modules, and is now the latest experimental board used in the world. The experimental analysis on the real platform is an important stage which allows us to compare the simulation results with the real behaviors. It will also contribute to refine the models which could be built without any particular knowledge of the architecture. We perform the in-situ evaluations of cryptographic modules and side-channel attacks including fault attacks with laser or glitches, and clarify the mechanisms of information leakage and fault injections. Efficient countermeasures are also investigated according to the above studies. The robustness and overhead of the countermeasures are evaluated in both the simulations and the platforms. The expected results of the project are mainly as follows: A comprehensive simulation technology to evaluate instantaneous circuit activities and circuit responses to different fault attacks. Multi-level simulation models to evaluate white/black-box implementations Novel standard evaluation system based on SASEBO and custom ASICs Understanding the mechanisms of information leakage and fault injection in cryptographic modules New countermeasures design and its evaluation based on the simulator and the evaluation system