NotesFAQContact Us
Collection
Advanced
Search Tips
ERIC Number: ED534812
Record Type: Non-Journal
Publication Date: 2011
Pages: 221
Abstractor: As Provided
Reference Count: 0
ISBN: ISBN-978-1-1249-9261-7
ISSN: N/A
Exploitation of Unintentional Information Leakage from Integrated Circuits
Cobb, William E.
ProQuest LLC, Ph.D. Dissertation, Air Force Institute of Technology
The information leakage of electronic devices, especially those used in cryptographic or other vital applications, represents a serious practical threat to secure systems. While physical implementation attacks have evolved rapidly over the last decade, relatively little work has been done to allow system designers to effectively counter the identified threats. This work addresses the technology gap between identified problems and potential solutions, and significantly advances the study of information leakage in two primary areas of investigation: 1. "Radio-Frequency 'Distinct Native Attribute' (RF-DNA) fingerprinting" of integrated circuits (ICs) for device authentication, and 2. "Leakage mapping" to assess the information leakage of arbitrary cryptographic implementations. First, the "RF-DNA fingerprinting" technique is used to recognize unique ICs based on fabrication process-induced variations in unintentional electromagnetic (EM) emissions in a manner analogous to biometric human identification. The effectiveness of the technique is demonstrated through an extensive empirical study, indicating the technique scales well for both identification and verification tasks. Empirical results are presented for 40 near-identical devices, with correct device identification success rates of greater than 99.5%, and average verification equal error rates (EERs) of less than 0.05%. Correct identification success rates exceeding 90% were maintained under analysis conditions of SNR greater than or equal to 15 dB. Whereas all previously known techniques require device hardware or software modifications, RF-DNA fingerprinting permits opportunistic passive authentication using unintentional RF emissions during pre-existing processes and protocols. This characteristic makes the approach suitable for security applications involving commodity commercial ICs, with substantial cost and scalability advantages over previous approaches. Second, a systematic "leakage mapping" methodology is developed and demonstrated to comprehensively assess the information leakage of arbitrary block cipher implementations. The proposed framework provides a comprehensive approach to assess the information leakage of all algorithmically specified key-dependent intermediate computations for implementations of symmetric block ciphers. The resulting leakage assessment quantitatively bounds the resistance of an implementation to the general class of differential side channel analysis techniques, and provides system designers and evaluators with a tool to objectively assess whether countermeasures implemented are justified given the added cost in time, space, and energy compared to the obtained reduction in exploitable information leakage. Furthermore, the systematic approach enables evaluators to quickly and efficiently repeat the assessment process for different variations of implementations, which helps to ensure the addition of countermeasures does not inadvertently introduce new unexpected sources of information leakage. The "leakage mapping" framework is demonstrated using the well-known Hamming Weight and Hamming Distance leakage models, with recommendations to extend the technique using more accurate models. The approach effectiveness is demonstrated through empirical assessment of two typical unprotected implementations of the Advanced Encryption Standard, and the assessment results are empirically validated against correlation-based differential power and electromagnetic analysis attacks. [The dissertation citations contained here are published with the permission of ProQuest LLC. Further reproduction is prohibited without permission. Copies of dissertations may be obtained by Telephone (800) 1-800-521-0600. Web page: http://www.proquest.com/en-US/products/dissertations/individuals.shtml.]
ProQuest LLC. 789 East Eisenhower Parkway, P.O. Box 1346, Ann Arbor, MI 48106. Tel: 800-521-0600; Web site: http://www.proquest.com/en-US/products/dissertations/individuals.shtml
Publication Type: Dissertations/Theses - Doctoral Dissertations
Education Level: N/A
Audience: N/A
Language: English
Sponsor: N/A
Authoring Institution: N/A