Retrofitting Leakage Resilient Authenticated Encryption to Microcontrollers

Unterstein, Florian; Schink, Marc; Schamberger, Thomas; Tebelmann, Lars; Ilg, Manuel; Heyszl, Johann

doi:10.13154/tches.v2020.i4.365-388

Benutzer: Gast

Sicherheit in der Informationstechnik (Prof. Sigl)

Zurück
Zurück zum Anfang der Trefferliste
Dauerhafter Link zum angezeigten Objekt

Titel:: Retrofitting Leakage Resilient Authenticated Encryption to Microcontrollers
Dokumenttyp:: Zeitschriftenaufsatz
Autor(en):: Unterstein, Florian; Schink, Marc; Schamberger, Thomas; Tebelmann, Lars; Ilg, Manuel; Heyszl, Johann
Abstract:: The security of Internet of Things (IoT) devices relies on fundamentalconcepts such as cryptographically protected firmware updates. In this contextattackers usually have physical access to a device and therefore side-channel attackshave to be considered. This makes the protection of required cryptographic keysand implementations challenging, especially for commercial off-the-shelf (COTS)microcontrollers that typically have no hardware countermeasures. In this work, wedemonstrate how unprotected hardware AES engines of COTS microcontrollers canbe efficiently protected against side-channel attacks by constructing a leakage resilientpseudo random function (LR-PRF). Using this side-channel protected building block,we implement a leakage resilient authenticated encryption with associated data(AEAD) scheme that enables secured firmware updates. We use concepts fromleakage resilience to retrofit side-channel protection on unprotected hardware AESengines by means of software-only modifications. The LR-PRF construction leveragesfrequent key changes and low data complexity together with key dependent noise fromparallel hardware to protect against side-channel attacks. Contrary to most otherprotection mechanisms such as time-based hiding, no additional true randomness isrequired. Our concept relies on parallelS-boxesin the AES hardware implementation,a feature that is fortunately present in many microcontrollers as a measure to increaseperformance. In a case study, we implement the protected AEAD scheme for twopopular ARMCortex-Mmicrocontrollers with differing parallelism. We evaluate theprotection capabilities in realistic IoT attack scenarios, where non-invasive EM probesor power consumption measurements are employed by the attacker. We show thatthe concept provides the side-channel hardening that is required for the long-termsecurity of IoT devices. «
The security of Internet of Things (IoT) devices relies on fundamentalconcepts such as cryptographically protected firmware updates. In this contextattackers usually have physical access to a device and therefore side-channel attackshave to be considered. This makes the protection of required cryptographic keysand implementations challenging, especially for commercial off-the-shelf (COTS)microcontrollers that typically have no hardware countermeasures. In this work, wedemonstrate how unprotecte... »
Stichworte:: leakage resilience·SCA·AEAD·AES·microcontroller
Dewey Dezimalklassifikation:: 620 Ingenieurwissenschaften
Zeitschriftentitel:: IACR Transactions on Cryptographic Hardware and Embedded Systems
Jahr:: 2020
Band / Volume:: 2020
Jahr / Monat:: 2020-08
Quartal:: 3. Quartal
Monat:: Aug
Heft / Issue:: 4
Seitenangaben Beitrag:: 365-388
Reviewed:: ja
Sprache:: en
Volltext / DOI:: doi:10.13154/tches.v2020.i4.365-388
WWW:: https://tches.iacr.org/index.php/TCHES/article/view/8687
BibTeX

Vorkommen:

mediaTUM Gesamtbestand Einrichtungen Schools TUM School of Computation, Information and Technology Departments Computer Engineering Sicherheit in der Informationstechnik (Prof. Sigl)2020

mediaTUM Gesamtbestand Hochschulbibliographie 2020 Fakultäten Elektrotechnik und Informationstechnik Sicherheit in der Informationstechnik (Prof. Sigl)