Nowadays we are experiencing a wide-spreading of embedded systems, sensors and integrated circuits. Such device have to operate into hostile environments that might affect their intended functionality. Cryptography is one of the most common tools used to safeguard the correct functionality of such devices. However, cryptographic implementations on physical systems are subject to side-channel attacks, that are attacks that exploit physical properties of the targeted device. Such physical properties are observed while the device is computing encrypting/decrypting operations. The best attacks that can be employed define a leakage model as the most accurate relationship that links both secret key used in a cryptographic operation and the physical property that it is taken into account. When the leakage model cannot be defined as accurately as intended due to a partial knowledge or complete lack of knowledge of the actual relationship between secret key and physical property, the side-channel attack must be reasonably adapted. As leakage model it has to be used an intermediate value of the implemented cryptographic algorithm instead. The aim of the thesis is to research the best leakage models that allow to execute a successful side-channel attacks on such devices. As shown in literature, during this investigation it was observed that most of the attacks are successful when a leakage model justifies the observed physical properties. However, it has also been observed that it could have been performed successful attacks even when the leakage model was the furthest possible from the correct one, allowing us to study how cryptographic implementations are vulnerable when attacked with such models.
Al giorno d’oggi siamo sempre più invasi da sistemi embedded, sensori e dispositivi integrati. Questi dispositivi operano in ambienti ostili che potrebbero intaccare il loro corretto funzionamento. La crittografia è uno degli strumenti che possono essere utilizzati per salvaguardare le funzionalità di tali dispositivi. Però, le implementazioni crittografiche su sistemi fisici sono soggetti ad attacchi side-channel, attacchi che sfruttano grandezze fisiche (del dispositivo stesso) osservate durante una operazione di cifratura/decifratura. Gli attacchi migliori che possono essere applicati definiscono un modello di leakage come la relazione più accurata possibile che lega la chiave segreta applicata e la grandezza fisica presa in considerazione. Quando il modello di leakage non è definibile per via di una conoscenza parziale o nulla della relazione tra chiave e grandezza fisica, l’attacco side-channel deve essere ragionevolmente adattato. Come modello di leakage dovrà essere utilizzato un valore intermedio estratto dall’algoritmo crittografico implementato. Lo scopo della tesi è quello di ricercare i modelli migliori che permettono di compiere con successo attacchi side-channel su tali dispositivi. In questa investigazione di modelli è stato osservato che, come da teoria, la maggior parte degli attacchi ha successo quando viene definito un modello che giustifica le proprietà fisiche osservate. Tuttavia, sono stati osservati anche attacchi altrettanto soddisfacenti quando il modello di leakage si allontana il più possibile dal modello corretto, dando così la possibilità di investigare la vulnerabilità di implementazioni crittografiche per tali modelli.
Performing SCA against block ciphers using closest and furthest leakage models
Vincifori, Costantino
2020/2021
Abstract
Nowadays we are experiencing a wide-spreading of embedded systems, sensors and integrated circuits. Such device have to operate into hostile environments that might affect their intended functionality. Cryptography is one of the most common tools used to safeguard the correct functionality of such devices. However, cryptographic implementations on physical systems are subject to side-channel attacks, that are attacks that exploit physical properties of the targeted device. Such physical properties are observed while the device is computing encrypting/decrypting operations. The best attacks that can be employed define a leakage model as the most accurate relationship that links both secret key used in a cryptographic operation and the physical property that it is taken into account. When the leakage model cannot be defined as accurately as intended due to a partial knowledge or complete lack of knowledge of the actual relationship between secret key and physical property, the side-channel attack must be reasonably adapted. As leakage model it has to be used an intermediate value of the implemented cryptographic algorithm instead. The aim of the thesis is to research the best leakage models that allow to execute a successful side-channel attacks on such devices. As shown in literature, during this investigation it was observed that most of the attacks are successful when a leakage model justifies the observed physical properties. However, it has also been observed that it could have been performed successful attacks even when the leakage model was the furthest possible from the correct one, allowing us to study how cryptographic implementations are vulnerable when attacked with such models.| File | Dimensione | Formato | |
|---|---|---|---|
|
Poli_Format___Scuola_di_Ingegneria_Industriale_e_dell_Informazione___Politecnico_di_Milano___Cryptography_Thesis.pdf
Open Access dal 28/03/2023
Descrizione: Tesi
Dimensione
11.37 MB
Formato
Adobe PDF
|
11.37 MB | Adobe PDF | Visualizza/Apri |
|
Executive_Summary___Scuola_di_Ingegneria_Industriale_e_dell_Informazione___Politecnico_di_Milano.pdf
Open Access dal 28/03/2023
Descrizione: Executive Summary
Dimensione
361.35 kB
Formato
Adobe PDF
|
361.35 kB | Adobe PDF | Visualizza/Apri |
I documenti in POLITesi sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/10589/185880