19 research outputs found
Vulnerabilidad y análisis diferencial mediante inserción de fallos de cifradores Trivium en FPGA y ASIC.
Las comunicaciones entre dispositivos aumenta dÃa a dÃa y un gran ejemplo
de ello es el crecimiento del Internet de las cosas, en inglés Internet of things
(IoT). De entre todas las comunicaciones que se producen, parte de ella está
compuesta por información sensible susceptible de ser interceptada por terceras partes con fines malintencionados. Con el fin de evitar este gran problema, la comunidad cientÃfica se ha centrado en la constante búsqueda y desarrollo de algoritmos criptográficos o criptosistemas, algoritmos orientados tanto a software como a hardware, que permitan asegurar unas comunicaciones donde los canales de transmisión son potencialmente inseguros. A la hora de poder establecer nuevos estándares de seguridad, es necesario estudiar la seguridad ofrecida por los nuevos algoritmos desde el punto de vista de su vulnerabilidad con el objetivo de reducirla. Estas vulnerabilidades de los llamados criptosistemas es posible estudiarlas tomando el rol de una tercera parte que trata de obtener la información secreta del dispositivo y con ello conocer dónde se encuentran sus puntos débiles. Es aquà donde se enmarca la presente Tesis Doctoral. A lo largo de este texto, se realiza un estudio del estado del arte de la criptografÃa, asà como las técnicas más importantes para comprometer la seguridad de los criptosistemas actuales, siendo objeto de estudio el cifrador de flujo Trivium, tanto el diseño original presentado en el portfolio del proyecto eSTREAM, como diferentes variantes de éste. Para poder estudiar la vulnerabilidad de estos criptosistemas y poder recuperar su información secreta, se han diseñado diferentes sistemas de inserción de fallos tanto en tecnologÃa FPGA como en ASIC. Estos sistemas de ataque se han implementado para poder atacar al cifrador mediante la manipulación de su señal de reloj y sus señales de control. Gracias a estos sistemas de ataque experimentales, es posible determinar los puntos débiles de estos criptosistemas y mediante el uso de análisis diferenciales recuperar su información secreta, clave y vector de inicialización. Este estudio, por tanto, presenta la primera rotura de este cifrador de forma experimental, consiguiendo en el 100% de los casos la recuperación de su clave secreta y probando que este criptosistema es
vulnerable a los ataques por inserción de fallos
How is a digital circuit designed and implemented? Application of theoretical concepts about digital electronics
El desarrollo del Ciclo de Mejora en el Aula (CIMA) se ha llevado a cabo en la
asignatura Electrónica Digital de segundo curso del Grado de IngenierÃa Electrónica
Industrial impartido en la Escuela Politécnica Superior de la Universidad de
Sevilla. En este capÃtulo se detallan el diseño y resultados del CIMA desarrollado
durante ocho horas de sesiones prácticas, donde se ha introducido a los alumnos
en el uso de las herramientas de diseño y donde se les ha guiado a través
del proceso de diseño y testado de circuitos digitales, aplicando los conceptos
teóricos vistos en clase. Para ello, se ha fomentado un ambiente de trabajo participativo
por parte de los alumnos, dándoles el protagonismo e incitándoles a
ayudarse entre ellos y donde el docente ha tenido un papel de guÃa en las situaciones
necesarias para que los alumnos interiorizaran los contenidos y completaran
o modificaran sus ideas previas.The development of the improvement cycle in the class has been carried out
in the Digital Electronics course of the second year of the Industrial Electronics
Engineering Degree imparted at the Escuela Politécnica Superior of the University
of Seville. This chapter details the design and results of the improvement cycle
developed during eight hours of practical classes, where students have been
introduced to the use of design tools and where they have been led through the
process of design and testing of digital circuits, applying the theoretical concepts
covered in class. For this, a participative work environment has been created for
the students, giving them the leading role and encouraging them to help each
other, and where the teacher has played a guidance role in the necessary situations
for the students to incorporate the contents covered and complete their
previous ideas
Fault Injection on FPGA implementations of Trivium Stream Cipher using Clock Attacks
Ministerio de EconomÃa y Competitividad TEC2010-16870Ministerio de EconomÃa y Competitividad TEC2013-45523-RMinisterio de EconomÃa y Competitividad CSIC 201550E03
Fault Attack on FPGA implementations of Trivium Stream Cipher
This article presents the development of an experimental
system to introduce faults in Trivium stream ciphers
implemented on FPGA. The developed system has made possible
to analyze the vulnerability of these implementations against
fault attacks. The developed system consists of a mechanism
that injects small pulses in the clock signal, and elements that
analyze if a fault has been introduced, the number of faults
introduced and its position in the inner state. The results obtained
demonstrate the vulnerability of these implementations against
fault attacks. As far as we know, this is the first time that
experimental results of fault attack over Trivium are presented.Ministerio de EconomÃa y Competitividad TEC2010-16870Ministerio de EconomÃa y Competitividad TEC2013-45523- RMinisterio de EconomÃa y Competitividad CSIC 201550E039
Design and evaluation of countermeasures against fault injection attacks and power side-channel leakage exploration for AES block cipher
Differential Fault Analysis (DFA) and Power Analysis (PA) attacks, have become the main
methods for exploiting the vulnerabilities of physical implementations of block ciphers, currently used in
a multitude of applications, such as the Advanced Encryption Standard (AES). In order to minimize these
types of vulnerabilities, several mechanisms have been proposed to detect fault attacks. However, these
mechanisms can have a signi cant cost, not fully covering the implementations against fault attacks or not
taking into account the leakage of the information exploitable by the power analysis attacks. In this paper,
four different approaches are proposed with the aim of protecting the AES block cipher against DFA. The
proposed solutions are based on Hamming code and parity bits as signature generators for the internal state of
the AES cipher. These allow to detect DFA exploitable faults, from bit to byte level. The proposed solutions
have been applied to a T-box based AES block cipher implemented on Field Programmable Gate Array
(FPGA). Experimental results suggest a fault coverage of 98.5% and 99.99% with an area penalty of 9%
and 36% respectively, for the parity bit signature generators and a fault coverage of 100% with an area
penalty of 18% and 42% respectively when Hamming code signature generator is used. In addition, none
of the proposed countermeasures impose a frequency degradation, in respect to the unprotected cipher. The
proposed work goes further in the evaluation of the proposed DFA countermeasures by evaluating the impact
of these structures in terms of power side-channel. The obtained results suggest that no extra information
leakage is produced that can be exploited by PA. Overall, the proposed DFA countermeasures provide a
high fault coverage protection with a low cost in terms of area and power consumption and no PA security
degradation
Automated experimental setup for EM cartography to enhance EM attacks
Side-channel attacks are a real threat, exploiting and
revealing the secret data stored in our electronic devices just
analyzing the leaked information of the cryptographic modules
during their normal encryption/decryption operations. In this
sense, electromagnetic attacks have been posed as one of the most
powerful attacks, retrieving the secret information by analyzing
the existing relation between the leaked electromagnetic radiation
and the data being processed. These attacks are known as
ElectroMagnetic (EM) attacks and a extremely critic point for
their success is the EM probe positioning. In this paper, an
automated experimental setup for EM cartography is described
to enhance EM attacks and to help hardware designers to detect
the possible information leakage flaws, as well as to determine the
security level reached by the hardware implementations against
EM attacks
Floorplanning as a practical countermeasure against clock fault attack in Trivium stream cipher
The fault injection in ciphers operation is a very
successful mechanism to attack them. The inclusion of elements
of protection against this kind of attacks is more and more
necessary. These mechanisms are usually based on introducing
redundancy, which leads to a greater consumption of resources
or a longer processing time. This article presents how the
introduction of placement restrictions on ciphers can make it
difficult to inject faults by altering the clock signal. It is therefore
a countermeasure that neither increases the consumption of
resources nor the processing time. This mechanism has been
tested on FPGA implementations of the Trivium cipher. Several
tests have been performed on a Spartan 3E device from Xilinx
and the experimental measurements have been carried out with
ChipScope Pro. The tests showed that an adequate floorplanning
is a good countermeasure against these kind of attacks.Ministerio de EconomÃa y Competitividad TEC2013-45523-RMinisterio de EconomÃa y Competitividad TEC2016-80549-RMinisterio de EconomÃa y Competitividad CSIC 201550E03
FPGA design example for maximum operating frequency measurements
The best way to learn how to design digital systems
at the RT level is to use practical examples. In addition, from a
teaching point of view, the more practical they are, the more
attractive to students. But for a design to be attractive, even if it
is presented with a low complexity, it is not possible to do it in a
single practice session. This paper presents, as a demonstrator,
the design at RT level and its implementation in FPGA of a
digital system that uses the Trivium flow cipher and on which
measurements of maximum operating frequency are made. This
circuit is designed in three laboratory sessions of about two hours
each.Ministerio de EconomÃa y Competitividad TEC2013-45523-RMinisterio de EconomÃa y Competitividad TEC2016-80549-RConsejo Superio de Investigaciones CientÃficas (CSIC) LACRE CSIC 201550E03
Distance measurement as a practical example of FPGA design
Digital design learning at the RT level
requires practical examples and as learning progresses, the
examples need to become more complex. FPGAs and
development boards offer a very suitable platform for the
implementation of these designs. However, classroom
practice sessions usually last two hours, which does not
allow the complexity of the designs be high enough. For
this reason, interesting designs that can be made in several
sessions are required In this paper, the construction of a
distance measuring system is presented as a demonstrator.
For this purpose, a distance measurement module based
on ultrasound is available and the results are displayed in
7-segment displays on a Nexys4 board.Ministerio de EconomÃa y Competitividad TEC2013-45523-RMinisterio de EconomÃa y Competitividad TEC2016-80549-RConsejo Superio de Investigaciones CientÃficas (CSIC) LACRE CSIC 201550E03
Diseño de circuitos integrados y seguridad de circuitos criptográficos frente a ataques
Muchos sistemas electrónicos incorporan dispositivos criptográficos que implementan algoritmos que cifran la información almacenada. Pero aun cuando los algoritmos sean muy seguros, estos dispositivos pueden llegar a revelar cierta información debido a su implementación fÃsica, mediante el empleo de los llamados ataques laterales. Estos ataques hacen uso de información obtenida durante del funcionamiento del circuito para obtener información sobre la clave utilizada. Por lo tanto, hay que cuidar la implementación fÃsica de los dispositivos criptográficos, para minimizar la posibilidad de pérdida de información mediante estos ataques.
En nuestras lÃneas de investigación estamos trabajando en analizar la vulnerabilidad de implementaciones de circuitos criptográficos, fundamentalmente cifradores de clave privada, frente a ataques laterales pasivos y activos. Estos ataques obtienen información de la clave almacenada mediante la medida de magnitudes fÃsicas como el consumo de potencia o la radiación electromagnética durante el funcionamiento del circuito o alterando las condiciones de funcionamiento para introducirles fallos y comparar las salidas sin y con fallos.
En esta comunicación presentamos un breve resumen del estado del arte en los ataques laterales sobre implementaciones hardware de cifradores, algunos de los temas en los que estamos trabajando y algunos resultados obtenidos por nuestro grupo de investigación.Many electronic systems include devices that implement cryptographic algorithms that encrypt stored information. But even if the algorithms are very safe, these devices can reveal some information because of its physical implementation, through the use of so-called side channel attacks. These attacks make use of information obtained during the operation of the circuit to obtain information of the used key. Therefore, we must take care of the physical implementation of cryptographic devices to minimize the possibility of loss of information through these types of attacks. In our research we are working on analyzing the vulnerability of implementations of cryptographic circuits, mainly private key ciphers, against side channel attacks, passive and active. These attacks obtain key information stored by measuring physical quantities such as power consumption or electromagnetic radiation during operation of the circuit, or altering the operating conditions to introduce faults and compare the output with and without faults.
In this paper we present a brief summary of the state of art of side channel attacks on ciphers hardware implementations, some of the topics we are working and some results obtained by our research group.Junta de AndalucÃa CRIPTO-BIO (Diseño Microelectrónico para Autenticación Cripto-Biométrica)Ministerio de Ciencia y TecnologÃa (España) P08-TIC3674, CITIES (Circuitos Integrados para transmisión de información especialmente segura)Ministerio de EconomÃa y Competitividad (España) TEC2010-16870 y CESAR (Circuitos microelectrónicos seguros frente a ataques laterales) y TEC2013-45523-