※このページを正しく表示するにはFlashPlayer9以上が必要です
Vol.3 No.1 2010
97/110
Research paper : Secure implementation of cryptographic modules (A. Satoh et al.)−94−Synthesiology - English edition Vol.3 No.1 (2010) cryptographic circuits implemented on the SASEBO boards developed as part of constructing a standard experimental platform, we showed that power analysis attacks successfully compromise such implementations, if they lack proper countermeasures, even with inexpensive measurement instruments, suggesting that urgent action is required. We also pointed out that it is necessary to immediately begin developing proper countermeasures and evaluation methods even for attacks requiring higher skills such as fault-injection attacks and invasive attacks.Research on information security subjects including cryptography aim to construct protection measures against attackers with malicious intent. At the same time, as information systems are becoming more and more complex, the development of technology that prevents damage from incidental errors or faults is also in great demand. For example, although software bugs can be fixed on the running system even over the network, hardware bugs or faults not only require the system to halt, but also may take much time, in the case of a remote site, to be treated. To address this problem, the dynamic partial reconfiguration technology of FPGA, which enables altering a part of the logic circuit with the system operating, is offering a promising solution. The SASEBO-GII, the latest in the series, is equipped with functions that make possible research and development of dynamic partial reconfiguration, and has already begun driving research on applications of online circuit reconfiguration. Once it becomes possible to exchange hardware configuration information through the network, new threats including potential theft and falsification of such information, and hardware viruses involving a system failure may emerge. Therefore, these future pressing issues will also need to be addressed.Our ultimate goal is to construct a dependable information system where highly-improved security and reliability of the entire hardware system are achieved following the fulfillment of the research on cryptographic hardware security. Toward this goal, we will pursue the research and development of the new hardware technology that will be in demand in the future. NIST, Data Encryption Standard (DES), FIPS Publication, 46-3 (1999).http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdfR. L. Rivest, A. Shamir and L. Adleman: A method for obtaining digital signatures and public key cryptosystems, Comm. ACM, 21 (2), 120-126 (1978).NIST, Advanced Encryption Standard (AES), FIPS Publication, 197 (2001).http://csrc.nist.gov/publications/fips/fips197/fips-197.pdfNIST, AES home pagehttp://csrc.nist.gov/encryption/aesCRYPTREC (Cryptography Research and Evaluation Committees)[1][2][3][4][5]References[6][7][8][9][10][11][12][13][14][15][16][17][18][19][20][21][22][23][24][25]http://www.cryptrec.go.jp/english/index.htmlNESSIE (New European Scheme for Signatures, Integrity and Encryption)https://www.cosic.esat.kuleuven.ac.be/nessieISO/IEC 18033-1/-2/-3/-4, “Information technology – Security techniques – Encryption algorithms” Part 1: General / Part 2: Asymmetric ciphers / Part 3: Block ciphers / Part 4: Stream ciphers.ISO/IEC 15408-1/-2/-3, “Information technology – Security techniques – Evaluation criteria for IT security” Part 1: Introduction and general model / Part 2: Security functional requirements / Part 3: Security assurance requirements.Common Criteria – Common Criteria portalhttp://www.commoncriteriaportal.org/ISO/IEC 19790:2006, “Information technology – Security techniques – Security requirements for cryptographic modules.”Common Criteria Supporting Document: Mandatory Technical Document – Application of Attack Potential to Smartcards, 2.7 (1), (2009).http://www.commoncriteriaportal.org/files/supdocs/CCDB-2009-03-001.pdfNIST, Security Requirements for Cryptographic Modules, FIPS Publication 140-2 (2001).http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdfNIST, Derived Test Requirements for FIPS 140-2, Security Requirements for Cryptographic Modules (Draft), (2004).ISO/IEC 24759:2008, “Information technology – Security techniques – Security requirements for cryptographic modules.”IPA, Japan Information Technology Security Evaluation and Certification Scheme (JISEC).http://www.ipa.go.jp/security/jisec/jisec_e/index.htmlIPA, Japan Cryptographic Module Validation Program (JCMVP). http://www.ipa.go.jp/security/english/jcmvp.htmlNIST, Security Requirements for Cryptographic Modules, FIPS Publication 140-3 (Draft), (2007).http://csrc.nist.gov/publications/fips/fips140-3/fips1403Draft.pdfCHES (Cryptographic Hardware and Embedded Systems)http://www.iacr.org/workshops/ches/AIST, Side-channel Attack Standard Evaluation Board (SASEBO).http://www.rcis.aist.go.jp/special/SASEBO/index-en.htmlNIST, DRAFT Security Requirements for Cryptographic Modules (Revised Draft), (2009).http://csrc.nist.gov/publications/drafts/fips140-3/revised-draft-fips140-3_PDF-zip_document-annexA-to-annexG.zipP. Kocher: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems, CRYPTO’96, LNCS1109, 104-113 (1996).http://www.cryptography.com/public/pdf/TimingAttacks.pdfP. Kocher, J. Jaffe and B. Jun: Differential Power Analysis, CRYPTO’99, LNCS1666, 388-397 (1999).http://www.cryptography.com/public/pdf/DPA.pdfAoki Laboratory, Tohoku University, Cryptographic Hardware Project.http://www.aoki.ecei.tohoku.ac.jp/crypto/Tohoku University & AIST, Cryptographic Hardware Project, SASEBO-AES Cryptographic FPGA Board, Cryptographic Module Validation List, Cert. # F0003.http://www.ipa.go.jp/security/jcmvp/jcmvp_e/val.html#F0003E. Brier, C. Clavier and F. Olivier: Correlation Power Analysis with a Leakage Model, CHES 2004, LNCS3156, 135-152 (2004).
元のページ
10秒後に元のページに移動します