1RIEC, TOHOKU UNIVERSITY
Naofumi Homma
Recent topics on
hardware security
Tohoku University/RIEC, Japan TélécomParisTech/Comelec/SEN
RIEC, TOHOKU UNIVERSITY 2
Tohoku University
Main building
Founded in 1907 in Sendai
as Tohoku Imperial University
3rd national university in Japan
One of the largest national universities
10 undergraduate schools
15 graduate schools
5 research institutesResearch Institute of Electrical Communication (RIEC)
RIEC building
Sendai
Tokyo
1.5 h
RIEC, TOHOKU UNIVERSITY
Environmentally Conscious Secure
Information System Laboratory
(Professor: Naofumi Homma)
Tohoku University/RIEC, Japan
2009.6-2010.3/2016.9-2017.3:
Visiting Professor,
Telecom ParisTech/Comelec/SEN
Research Interests:
Computing Theory, Embedded
Systems, Information Security
Homma laboratory
3
Research team
2009-2010
RIEC, TOHOKU UNIVERSITY
Collaboration with Telecom ParisTech
4
SPACES Project (2010-2014)
Security evaluation of Physically Attacked
Cryptoprocessors in Embedded Systems
Collaborators:
Tohoku U, Kobe U, UEC, AIST
Telecom ParisTech, LIP6, Morpho
Developed board
SPACES chip
RIEC, TOHOKU UNIVERSITY
Outline
Introduction
What’s hardware security Side-channel attacks
Research activities and collaborations
Future prospects
5
RIEC, TOHOKU UNIVERSITY
Research on information security
Application
Network
Hardware
Today’s topic
Hardware Security
Application Security
Network Security
ICT devices
6
RIEC, TOHOKU UNIVERSITY
What is hardware security?
- Securing HW (and SW on HW)
- Anti-counterfeiting
- Attacks to hardware
7
Hardware for
Security(≒Security
Hardware)
Hardware with
Security(≒Secure
Hardware)
Expanding research field on all the matters related to security and secure HW
- Cryptographic processor
- Random Number Generator
- Physically Unclonable Function
- etc.
RIEC, TOHOKU UNIVERSITY
Device accessibility in IoT/IoE/CPS…
In room
Past
In town
Present Future
Attackers’ accessibility
Physical access to hardware becomes much easier Cyber security is coming close to HW security
Everywhere
8
RIEC, TOHOKU UNIVERSITY
Attacks from/to “things” in IoT era
Source: IEEE Spectrum 2015
9
RIEC, TOHOKU UNIVERSITY
Cryptographic modules
www.jreast.co.jp
www.sonyericsson.co.jp
www.orse.or.jp
www.jp.playstation.com
www.sharp.co.jp
www.sony.co.jp
www.apple.com
Cryptographic module is a part of our daily lives
Progress of IoT pushes security chips towards into many things
www.elstermetering.com
10
RIEC, TOHOKU UNIVERSITY
Crypto.
algorithm
Crypto.
algorithm
Attacks on cryptographic modules
Physical attack(Implementation attack) Attacks based on physical access to module
Cannot be addressed in cryptographic algorithm design
Plaintext
Cipher text
Sender Receiver
Steal Tamper
Attacker
Crypto. modulesEncryption key Decryption key
Steal Tamper Steal Tamper
Plaintext
11
RIEC, TOHOKU UNIVERSITY
Plaintext
CiphertextCrypto
module
Irregular inputs
(Fault injection
attacks)
Frequency/voltage
control, clock glitch,
EM interference
Physical attacks on crypto modules
Side-channel attacks have been drawing more attention as practical threats
Circuit pattern probing, FIB,
laser/EM irradiation
Destructive
Non-destructive TimingVoltage variation EM radiation
Side channel attacks
・・・
12
RIEC, TOHOKU UNIVERSITY
Side channel attacks on real products
Breaking Mifare DESFire MF3ICD40:
Power Analysis and Templates in the Real
World (CHES 2011)
Smartcards ever used in subway systems were
broken by side channel attacks
Get Your Hands Off My Laptop
(MIT Review 2014)
RSA key steal by grabbing a laptop chassis
Defend encryption systems against
side-channel attacks (EDN Network 2015)
Side channel attacks on FPGA, set-top box chip,
or mobile application processors
13
RIEC, TOHOKU UNIVERSITY
Cracking the cloud by side-channel attacks
Timing attack to Amazon web services(EC2)[2016]
Attacker and target use a shared cache memoryon a cloud server
– Secret key can be stolen by the time difference ofcache hit and miss
Side-channel attack without physical access
14
RIEC, TOHOKU UNIVERSITY
Differential power/EM analysis attack
A number of
measurements
(102-109)
Correlation
Coefficients
Correct key
Wrong keys
Power traces
C-
textC-
text...
C-
textC-
textC-
textC-
textC-
textC-
text
E-
Val.C-
text...
C-
textC-
textC-
textC-
textC-
textE-
val.
Estimated
sub-key
Estimated
power values
Statistical analysis using many side-channel info.
15
RIEC, TOHOKU UNIVERSITY
Why differential analysis works
Sub key
Cipher text
Sub
8
8
Intermediate
value
8 Calculate correlation
between measured and
estimated values
Candidates:
28 = 256
Intermediate data are determined by sub-key Substitution function with 8-bit input and sub-key
Bit operation orthogonal to other bit operations High peak appears only at a specific timing
Estimate power/EM
values from intermediate
values by Hamming
weight or distance
16
RIEC, TOHOKU UNIVERSITY
Example of differential EM analysis
DEMA on AES software in microcontroller Clock frequency: 8MHz
Sampling frequencies: 400MHz
Number of traces: 1000
EM probing over module Measured EM trace
17
RIEC, TOHOKU UNIVERSITY
Analysis result
Highest peak appears in correct key estimation
Corr
ela
tion
coeffic
ient
10-2
Sampled pointKey guess
Correct key: 209
18
RIEC, TOHOKU UNIVERSITY
Major ideas of countermeasures
Hiding: to remove data dependency Constant operation flow, complementary logic style…
Masking: to randomize intermediate data Bynames: secret sharing, threshold implementation…
M S MMS S SSSS S S SSSM M M M M
Encryption/
DecryptionMasking Unmasking
Random number
Input
(Plaintext)Output
(ciphertext)
Random number
W/O countermeasure W/ countermeasure
19
RIEC, TOHOKU UNIVERSITY
Current issues/challenges
Countermeasure works only if leak and
measurement assumption are valid
Can be defeated by attacks beyond assumptions
Measurement assumption (i.e., position, # of times,
SNR) is sometimes different from reality
Potential vulnerabilities by advancement of
measurement and analysis techniques
High security requires more HW/SW resources
Even countermeasures against simple attacks
sometimes require large overhead (e.g. x5)
20
RIEC, TOHOKU UNIVERSITY
Outline
Introduction
What’s hardware security Side-channel attacks
Research activities and collaborations
Future prospects
RIEC, TOHOKU UNIVERSITY
Security evaluation of
embedded systems
Cryptographic LSI
computing
EM information security
EM security analysis
method
High-speed/
Light-weight
crypto LSIs
Security
evaluation
platforms
Tamper-resistant
crypto LSIs
Research activities
Side-channel attacks &
countermeasures
Standards work
3-Turn Coil
L1
4-Turn Coil
L2
Understanding of
EM leakage and IEMI
22
RIEC, TOHOKU UNIVERSITY
Highly efficient hardware architecture [CHES ‘16]
http://phys.org/
23
RIEC, TOHOKU UNIVERSITY
Energy-efficient AES hardware [CHES ‘16]
24
Signal gating
Unification of
linear functions
Only one
4:1 selector
Redundant
GF arithmetic
optimization
RIEC, TOHOKU UNIVERSITY
Power estimation
Power estimation by gate-level dynamic
simulation calculating switching activities with
glitch effects
Our architecture achieved lowest power and
power-time (PT) product
25
Power [mW] @ 10 MHz PT product
Satoh et al. 4.05 316.31
Lutz et al. 3.43 234.96
Liu et al. 4.51 384.48
Mathew et al. 5.49 536.26
This work 2.76 129.63-45%-20%
RIEC, TOHOKU UNIVERSITY
New circuit-level countermeasure against physical
attacks “EM attack sensor”
Sense EM field variation caused by probe approach
Prevent microprobe-based EMAs on chip surface
Countermeasure technology [ISSCC2016]
Die photo of prototype sensor
Coil L1
Frequency
Shift
fre
quency s
pectr
um
Freq. shift caused by probing
Cryptographic LSI
Sensor
Coil
fLC
Micro EM Probe
M
Basic concept
28
RIEC, TOHOKU UNIVERSITY
Demonstration of EM attack sensor
Demo
29
RIEC, TOHOKU UNIVERSITY
Power
Consumption
AES core Sensor
0.25mW
(+9%)
Total(Sensor Overhead)
0.23mW 0.02mW
Layout Area0.49mm2
(+2%)0.48mm2 0.01mm2
Performance125.3ms
(-0.2%)125ms/Enc 0.3ms/Sense
2NAND Gate
Count
24.6k
(+1.2%)24.3k 0.3k
Wire Resource0.45
(+11%)0.40mm2 0.05mm2
Overhead of EM attack sensor
30
RIEC, TOHOKU UNIVERSITY
Evaluation platform for hardware security
29
Side-channel Attack Standard Evaluation
Board: SASEBO
Distributed to more than 100 companies,
universities, and research institutes
IP cores (HDL codes) of the ISO/IEC 18033-3
standard block ciphers
SASEBO-W for
Smartcard
implementation (2012)
SASEBO
SeriesRuhr Univ. Bochum (ドイツ)Darmstat Univ.
IAIK, Graz Univ. (オーストリア)
UCL Crypto Group (ベルギー)Katholieke Univ. Leuven
Luxembourg Univ. (ルクセンブルグ)
Indian Institute of Techinology (インド)
Weizmann Institute (イスラエル)
ETRI (韓国)ICUSamsung
NECマイクロシステム東北大学横浜国立大学電気通信大学防衛大学早稲田大学立命館大学茨城大学九州大学豊橋技術科学大学警察大学校
IPANICTNTTNTTデータ NHKSONY富士通日立東芝キヤノンTEDNEC
NIST (米国)
Virginia Tech. (米国)
CRI (米国)
LIMM (フランス)TELECOM Paris Tech
Univ. Bristol (イギリス)Queen’s Univ. belfast
BrightSite (オランダ)Riscure BV
Worcester Polytechnic Institute(米国)
Example of experiment
with SASEBO
Distribution map
RIEC, TOHOKU UNIVERSITY
Information security via EM radiation EM analysis at a distance with high sensitivity current probe Local EM analysis with on-chip micro EM probe
30
EM information security
Visualization of EM info
leakage on board
Fault occurrence and
propagation inside LSI
Far field Near field
Fault injection at a distance
from cable/antenna
RIEC, TOHOKU UNIVERSITY
Simulation of EM information leakage
Detailed analysis using Finite
Difference Time Domain
(FDTD) method
31
Target device
Extraction of wiring pattern
FDTD computation
RIEC, TOHOKU UNIVERSITY
Leakage source at VDD/GND pin of cryptographic LSI
Standing wave on power line
Information on current goes further through power cable connected to device
Visualization of EM information leakage
Detailed analysis using Finite Difference Time Domain
(FDTD) method
EM-field analysis
by FDTD method
35
RIEC, TOHOKU UNIVERSITY
EMC-based countermeasure (Decoupling capacitor)
Before After
EMC-based countermeasure
36
RIEC, TOHOKU UNIVERSITY
Future prospects
Systematic design methodology
No perfect security, but higher security
Security technology for IoT/IoE/CPS
Hardware-assisted cyber security
Security on things (e.g. cars and body devices)
Collaborations for cryptographic HW design
Applications to IoT sensors and battery-driven devices
HW security research has just appeared
Interdisciplinary collaborations are necessary!
42
RIEC, TOHOKU UNIVERSITY
Thank you for your attention