Vol.3 No.1 2010

92/110

Research paper : Secure implementation of cryptographic modules (A. Satoh et al.)−89−Synthesiology - English edition Vol.3 No.1 (2010) engage in cryptographic hardware implementation or side-channel attack research. It is expected that this activity would further speed the promotion of side-channel attack research. At the same time, such an activity might be suspected of being an antisocial behavior encouraging malicious hackers. Comparing this situation with the case of security evaluation for cryptographic algorithms will lead to the answer to this question. The development of security evaluation schemes corresponds to that of attack schemes by a researcher of goodwill. The previous chapter demonstrated that making cryptographic algorithms open to the public for experts’ third-party evaluations, rather than hiding them, will turn out to be an advantage. The same can be said for the security evaluations of cryptographic hardware implementations. In other words, through the evaluations done on the common experimental platform by many researchers, the evaluation framework efficiently determines the effective countermeasures and the effective evaluation (or attacking) techniques from various proposals, accumulating and utilizing the know-how of implementations and measurements. On that basis, we conduct the research activities with the goal of improving the security of information security products as well as contributing to constructing a dependable information network infrastructure, taking advantage of this knowledge.3.2 Formulation of international standard specification and expansion toward security evaluation businessToward the above-mentioned goals, as a public research institution, AIST addresses not only technological development but also various tasks as shown in Fig. 1 in cooperation with companies and related organizations domestic and overseas. Firstly, AIST has sent a researcher to NIST to pursue collaboration works for contributions to international standardization of security evaluation schemes for side-channel attacks. While there is no question that the standardization activity by public research institutions of the U.S. and Japan is important for each of them individually, it was also important for AIST to demonstrate to NIST the advantages of working together. Therefore, we promoted our in-depth academic knowledge and advanced technology by showing a demonstration of an evaluation system prototype using the SASEBO as well as introducing AIST’s activities in major related academic societies. In consequence, we took charge of the input for the description in the Physical Security – Non-Invasive Attacks section of the FIPS 140-3 second draft[20] published in December 2009. In addition, we have taken the lead in developing the evaluation testing technology for side-channel attacks.Meanwhile, in Japan, to take advantage of the opportunity provided by the revisions of FIPS 140-3 and ISO/IEC 19790, CRYPTREC is advancing the discussion of the security evaluation guidelines for side-channel attacks. In the endeavor, AIST plays a central role and provides domestic companies and universities with a variety of technologies such as the SASEBO. Through information sharing in the CRYTPREC activity, AIST promotes not only gathering of domestic knowledge and the technological advancement but also improvement of the testing environment for a new evaluation system for cryptographic modules.The aforementioned JHAS, in their ISO/IEC 15408 activity, is exchanging information on a variety of physical analysis methods including side-channel attacks targeting smart cards. However, they will not disclose details of such information because it contains proprietary information on their individual products. This may be considered as a way of assuring the security by hiding. However, remember that in our research activities for standardization of FIPS 140-3 or ISO/IEC 19790, disclosing the analysis results of individual products or implementation know-how is not our primary goal either. Our primary goal is to demonstrate the effectiveness and versatility of the attack methods and countermeasures through experiments on the common evaluation platform SASEBO and to formulate a security evaluation standard. In fact, even a JHAS member is not allowed to analyze a smart card of another member’s without proper consent. In this respect, they are demanding a cryptographic LSI or an evaluation platform on which unrestricted analysis experiments for technology accumulation are allowed. Thus, we plan to be providing JHAS with the SASEBO technology through IPA, which is the contact point of JHAS in Japan.Although ISO/IEC 19790 and ISO/IEC 15408 have different standardization directions, our analysis technology is applicable to the evaluation work under either one. It is difficult for cryptographic product vendors to disclose their know-how related to such analysis technology. At the same time, from the viewpoint of fairness, it is objectionable that the vendors whose products are evaluated lead the standardization of evaluation. Hence, it is significant in the standardization movements that AIST pursue the research Fig. 1 Research activities for cryptographic module evaluation at AIST.TechnicalreportBoardsupplyAcademicadvancementDomestic and oversearesearch institutionsInternationalstandardizationContribution toInternational standardsR&D of evaluation technologySide-channel attackevaluation technologyStandardevaluation boardStandardcryptographic LSIDevelopment of standard evaluation testing environmentContribution toindustryProductionTechnicalassistanceEvaluationValidationSecurity evaluationservicesISO/IEC 24759ISO/IEC 19790NISTIPAJCMVPCRYPTRECNICTFIPS 140-3Secure information systemsCommercial evaluation toolsSecure information systemsCommercial evaluation toolsCollaborativeresearch

※このページを正しく表示するにはFlashPlayer9以上が必要です