Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
113 views35 pages

Hardware Security Insights

This document discusses hardware security and side-channel attacks. It provides an overview of Tohoku University and the Homma laboratory, which conducts research on secure information systems and hardware security. Some key points discussed include side-channel attacks on cryptographic modules becoming more practical threats, especially differential power and electromagnetic analysis attacks. The document also covers challenges in hardware security like developing effective countermeasures against side-channel attacks while devices become more accessible in emerging technologies like IoT.

Uploaded by

Krishna Kumar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
113 views35 pages

Hardware Security Insights

This document discusses hardware security and side-channel attacks. It provides an overview of Tohoku University and the Homma laboratory, which conducts research on secure information systems and hardware security. Some key points discussed include side-channel attacks on cryptographic modules becoming more practical threats, especially differential power and electromagnetic analysis attacks. The document also covers challenges in hardware security like developing effective countermeasures against side-channel attacks while devices become more accessible in emerging technologies like IoT.

Uploaded by

Krishna Kumar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 35

Recent topics on

hardware security

Naofumi Homma
Tohoku University/RIEC, Japan
TélécomParisTech/Comelec/SEN

RIEC, TOHOKU UNIVERSITY 1


Tohoku University
 Founded in 1907 in Sendai
as Tohoku Imperial University
 3rd national university in Japan Sendai
 One of the largest national universities
 10 undergraduate schools 1.5 h
 15 graduate schools Tokyo
 5 research institutes
Research Institute of Electrical Communication (RIEC)

Main building RIEC building


RIEC, TOHOKU UNIVERSITY 2
Homma laboratory

Environmentally Conscious Secure


Information System Laboratory
(Professor: Naofumi Homma)
Tohoku University/RIEC, Japan

Research team
2009.6-2010.3/2016.9-2017.3:
Visiting Professor,
Telecom ParisTech/Comelec/SEN

Research Interests:
Computing Theory, Embedded
Systems, Information Security 2009-
2010

RIEC, TOHOKU UNIVERSITY 3


Collaboration with Telecom ParisTech
 SPACES Project (2010-2014)
Security evaluation of Physically Attacked
Cryptoprocessors in Embedded Systems
 Collaborators:
 Tohoku U, Kobe U, UEC, AIST
 Telecom ParisTech, LIP6, Morpho

SPACES chip

Developed board
RIEC, TOHOKU UNIVERSITY 4
Outline

 Introduction

 What’s hardware security


 Side-channel attacks

 Research activities and collaborations

 Future prospects

RIEC, TOHOKU UNIVERSITY 5


Research on information security

Application Security
Application
ICT Network
devices
Hardware Network Security

Hardware Security
Today’s topic

RIEC, TOHOKU UNIVERSITY 6


What is hardware security?

Hardware for Hardware with


Security Security
(≒Security (≒Secure
Hardware) Hardware)

- Cryptographic processor - Securing HW (and SW on HW)


- Random Number Generator - Anti-counterfeiting
- Physically Unclonable Function - Attacks to hardware
- etc.

Expanding research field on all the matters related


to security and secure HW
RIEC, TOHOKU UNIVERSITY 7
Device accessibility in IoT/IoE/CPS…

In room In town Everywhere


Past Present Future

Attackers’ accessibility

Physical access to hardware becomes much easier


 Cyber security is coming close to HW security
RIEC, TOHOKU UNIVERSITY 8
Attacks from/to “things” in IoT era

Source: IEEE Spectrum 2015

RIEC, TOHOKU UNIVERSITY 9


Cryptographic modules

www.jp.playstation.com

www.jreast.co.jp
www.sonyericsson.co.jp
www.sharp.co.jp

www.sony.co.jp

www.apple.com www.elstermetering.com www.orse.or.jp

 Cryptographic module is a part of our daily lives


 Progress of IoT pushes security chips towards into many
things

RIEC, TOHOKU UNIVERSITY 10


Attacks on cryptographic modules
 Physical attack(Implementation attack)
 Attacksbased on physical access to module
 Cannot be addressed in cryptographic algorithm design

Sender Crypto. modules Receiver


Encryption key Decryption key

Cipher text
Plain Crypto. Crypto. Plain
text algorithm algorithm text
Steal Tamper
Steal Tamper Steal Tamper
Attacker

RIEC, TOHOKU UNIVERSITY 11


Physical attacks on crypto modules

Destructive
Plaintext Circuit pattern probing, FIB,
Crypto
Ciphertext module laser/EM irradiation

Irregular inputs
(Fault injection
attacks)
Side channel attacks
Frequency/voltage
control, clock glitch,
EM interference
Voltage
Non-destructive variation EM radiation Timing ・・・

 Side-channel attacks have been drawing more attention


as practical threats

RIEC, TOHOKU UNIVERSITY 12


Side channel attacks on real products

 Breaking Mifare DESFire MF3ICD40:


Power Analysis and Templates in the Real
World (CHES 2011)
 Smartcards ever used in subway systems were
broken by side channel attacks

 Get Your Hands Off My Laptop


(MIT Review 2014)
 RSA key steal by grabbing a laptop chassis

 Defend encryption systems against


side-channel attacks (EDN Network 2015)
 Side channel attacks on FPGA, set-top box chip,
or mobile application processors

RIEC, TOHOKU UNIVERSITY 13


Cracking the cloud by side-channel attacks

Timing attack to Amazon web services(EC2)[2016]


 Attacker and target use a shared cache memory
on a cloud server
– Secret key can be stolen by the time difference of
cache hit and miss
Side-channel attack without physical access

RIEC, TOHOKU UNIVERSITY 14


Differential power/EM analysis attack

Power traces Correct key

Estimated
power values
C-C-
C- E-
C-
C-
C-
C-
C-
C- C-
C-
C-
C-
C-
E-
A number of text
text
text Val.
text
measurements
... text
text
text
text
text ... text
text
text
text
text
val.
Wrong keys
(102-109)
Estimated
Correlation
sub-key
Coefficients

 Statistical analysis using many side-channel info.

RIEC, TOHOKU UNIVERSITY 15


Why differential analysis works

Intermediate Estimate power/EM


value values from intermediate
8 values by Hamming
weight or distance
Sub key Sub
8 Calculate correlation
Candidates: 8
28 = 256 between measured and
Cipher text estimated values

 Intermediate data are determined by sub-key


 Substitution function with 8-bit input and sub-key
 Bit operation orthogonal to other bit operations
 High peak appears only at a specific timing
RIEC, TOHOKU UNIVERSITY 16
Example of differential EM analysis

EM probing over module Measured EM trace

 DEMA on AES software in microcontroller


 Clock frequency: 8MHz
 Sampling frequencies: 400MHz
 Number of traces: 1000

RIEC, TOHOKU UNIVERSITY 17


Analysis result

10-2

Correct key: 209


Correlation
coefficient

Sampled point
Key guess

 Highest peak appears in correct key estimation

RIEC, TOHOKU UNIVERSITY 18


Major ideas of countermeasures
 Hiding: to remove data dependency
 Constant operation flow, complementary logic style…

S S M S M S S S MS S M SM SM SM SM

W/O countermeasure W/ countermeasure

 Masking: to randomize intermediate data


 Bynames: secret sharing, threshold implementation…
Random number Random number

Input Encryption/ Output


Masking Unmasking
(Plaintext) Decryption (ciphertext)
RIEC, TOHOKU UNIVERSITY 19
Current issues/challenges

 Countermeasure works only if leak and


measurement assumption are valid
 Can be defeated by attacks beyond assumptions
 Measurement assumption (i.e., position, # of times,
SNR) is sometimes different from reality

 Potential vulnerabilities by advancement of


measurement and analysis techniques

 High security requires more HW/SW resources


 Even countermeasures against simple attacks
sometimes require large overhead (e.g. x5)

RIEC, TOHOKU UNIVERSITY 20


Outline

 Introduction

 What’s hardware security


 Side-channel attacks

 Research activities and collaborations

 Future prospects

RIEC, TOHOKU UNIVERSITY


Research activities
Cryptographic LSI Security evaluation of
computing embedded systems

3-Turn Coil 4-Turn Coil


L1
L2

Tamper-resistant Security
crypto LSIs Side-channel attacks & evaluation
countermeasures platforms

High-speed/
Light-weight
crypto LSIs

EM security analysis Understanding of Standards work


method EM leakage and IEMI

EM information security
RIEC, TOHOKU UNIVERSITY 22
Highly efficient hardware architecture [CHES ‘16]

http://phys.org/

RIEC, TOHOKU UNIVERSITY 23


Energy-efficient AES hardware [CHES ‘16]

Redundant
GF arithmetic Signal gating
optimization

Unification of
linear functions

Only one
4:1 selector
RIEC, TOHOKU UNIVERSITY 24
Power estimation

 Power estimation by gate-level dynamic


simulation calculating switching activities with
glitch effects
Power [mW] @ 10 MHz PT product
Satoh et al. 4.05 316.31
Lutz et al. 3.43 234.96
Liu et al. 4.51 384.48
Mathew et al. 5.49 536.26
This work 2.76 129.63
-20% -45%

Our architecture achieved lowest power and


power-time (PT) product
RIEC, TOHOKU UNIVERSITY 25
Countermeasure technology [ISSCC2016]
 New circuit-level countermeasure against physical
attacks “EM attack sensor”
 Sense EM field variation caused by probe approach
 Prevent microprobe-based EMAs on chip surface

Micro EM Probe Coil L1

frequency spectrum
Sensor
Coil
M
Frequency
fLC Shift

Cryptographic LSI
Basic concept Die photo of prototype Freq. shift caused
sensor by probing
RIEC, TOHOKU UNIVERSITY 28
Demonstration of EM attack sensor

Demo

RIEC, TOHOKU UNIVERSITY 29


Overhead of EM attack sensor

Total
AES core Sensor (Sensor Overhead)

2NAND Gate 24.6k


24.3k 0.3k (+1.2%)
Count
0.45
Wire Resource 0.40mm2 0.05mm2 (+11%)
0.49mm2
Layout Area 0.48mm2 0.01mm2 (+2%)
125.3ms
Performance 125ms/Enc 0.3ms/Sense (-0.2%)

Power 0.25mW
0.23mW 0.02mW (+9%)
Consumption

RIEC, TOHOKU UNIVERSITY 30


Evaluation platform for hardware security
 Side-channel Attack Standard Evaluation
Board: SASEBO
 Distributed to more than 100 companies,
universities, and research institutes
 IP cores (HDL codes) of the ISO/IEC 18033-3
standard block ciphers

Univ. Bristol (イギリス)


Queen’s Univ. belfast
BrightSite (オランダ)
Riscure BV
UCL Crypto Group (ベルギー)
SASEBO
Katholieke Univ. Leuven
Ruhr Univ. Bochum (ドイツ)
Darmstat Univ.
ETRI (韓国)
Series
IAIK, Graz Univ. (オーストリア) ICU Worcester Polytechnic Institute(米国)
Luxembourg Univ. (ルクセンブルグ) Samsung CRI (米国)
LIMM (フランス) Virginia Tech. (米国)
TELECOM Paris Tech Weizmann Institute (イスラエル) NIST (米国)
IPA NECマイクロシステム
NICT 東北大学
Indian Institute of Techinology (インド) NTT 横浜国立大学
NTTデータ電気通信大学
NHK 防衛大学
SONY 早稲田大学
富士通
立命館大学
日立
茨城大学
東芝
九州大学
キヤノン
TED 豊橋技術科学大学
NEC 警察大学校

Distribution map SASEBO-W for


Example of experiment Smartcard
with SASEBO implementation (2012)
RIEC, TOHOKU UNIVERSITY 29
EM information security
 Information security via EM radiation
 EM analysis at a distance with high sensitivity current probe
 Local EM analysis with on-chip micro EM probe

Fault injection at a distance Visualization of EM info Fault occurrence and


from cable/antenna leakage on board propagation inside LSI

Far field Near field


RIEC, TOHOKU UNIVERSITY 30
Simulation of EM information leakage
Detailed analysis using Finite
Difference Time Domain
(FDTD) method

Extraction of wiring patter

Target device

FDTD computation
RIEC, TOHOKU UNIVERSITY 31
Visualization of EM information leakage
Detailed analysis using Finite Difference Time Domain
(FDTD) method

Standing wave on
power line

Leakage source at VDD/GND


pin of cryptographic LSI

Information on current
goes further through
power cable connected
EM-field analysis
to device
by FDTD method
RIEC, TOHOKU UNIVERSITY 35
EMC-based countermeasure

EMC-based countermeasure (Decoupling capacitor)

Before After

RIEC, TOHOKU UNIVERSITY 36


Future prospects
 Systematic design methodology
 No perfect security, but higher security

 Security technology for IoT/IoE/CPS


 Hardware-assisted cyber security
 Security on things (e.g. cars and body devices)

 Collaborations for cryptographic HW design


 Applications to IoT sensors and battery-driven devices

 HW security research has just appeared


 Interdisciplinary collaborations are necessary!

RIEC, TOHOKU UNIVERSITY 42


Thank you for your attention

RIEC, TOHOKU UNIVERSITY

You might also like