Development of constitution method for instruction sequence against cyber-physical cooperative attacks on embedded systems

• Project/Area Number: 16K12436
• Research Category: Grant-in-Aid for Challenging Exploratory Research
• Allocation Type: Multi-year Fund
• Research Field: Information security
• Research Institution: Tohoku University
• Principal Investigator: Homma Naofumi 東北大学, 電気通信研究所, 教授 (00343062)
• Project Period (FY): 2016-04-01 – 2018-03-31
• Project Status: Completed (Fiscal Year 2017)
• Budget Amount: ¥3,380,000 (Direct Cost: ¥2,600,000、Indirect Cost: ¥780,000); Fiscal Year 2017: ¥2,210,000 (Direct Cost: ¥1,700,000、Indirect Cost: ¥510,000); Fiscal Year 2016: ¥1,170,000 (Direct Cost: ¥900,000、Indirect Cost: ¥270,000)
• Keywords: 計算機システム / 組込みセキュリティ

Outline of Final Research Achievements

This research clarified the threat of cyber-physical cooperative attacks on embedded systems and developed effective countermeasure techniques for this kind of attack. We first survey and classify cyber-physical cooperative attacks that can pose a threat to embedded systems equipped with general cyber attack countermeasures in a systematic manner. In particular, we focused on buffer overflow (BOF) attack and fault injection attack as a cyber attack and a physical attack, respectively. We have developed an efficient software countermeasure method against their cooperative attacks. In addition, we built an evaluation / analysis system that can reproduce typical cyber-physical cooperative attacks and demonstrated the security and efficiency of the developed countermeasure method.

Research Products

• [Journal Article] Fault Injection Attack on Salsa20 and ChaCha and a Lightweight Countermeasure (2017)
  • Author(s): Kazuhide Fukushima, Rui Xu, Shinsaku Kiyomoto, Naofumi Homma
  • Journal Title: 2017 IEEE International Conference on Trust, Security and Privacy in Computing and Communications Volume: 1 Pages: 1032-1037
  • DOI: 10.1109/trustcom/bigdatase/icess.2017.348
  • Peer Reviewed
• [Journal Article] Practical Power Analysis on KCipher-2 Software on Low-End Microcontrollers (2017)
  • Author(s): Wataru Kawai, Rei Ueno, Naofumi Homma, Takafumi Aoki, Kazuhide Fukushima, Shinsaku Kiyomoto
  • Journal Title: IEEE EuroS&P Workshops on Security for Embedded and Mobile Systems Volume: - Pages: 131-121
  • DOI: 10.1109/eurospw.2017.60
  • Peer Reviewed
• [Journal Article] Buffer overflow attack with multiple fault injection and a proven countermeasure (2017)
  • Author(s): Shoei Nashimoto, Naofumi Homma, Yu-ichi Hayashi, Junko Takahashi, Hitoshi Fuji, Takafumi Aoki
  • Journal Title: Journal of Cryptographic Engineering Volume: 7 Issue: 1 Pages: 35-46
  • DOI: 10.1007/s13389-016-0136-3
  • Peer Reviewed
• [Journal Article] Side channel Security Evaluation for KCipher‐2 Software on Smart Cards (2016)
  • Author(s): Wataru Kawai, Rei Ueno, Naofumi Homma, Takafumi Aoki, Kazuhide Fukushima, and Shinsaku Kiyomoto
  • Journal Title: 25th International Workshop on Post-Binary ULSI Systems Volume: - Pages: 9-12
  • Peer Reviewed
• [Presentation] Salsa20/ChaChaに対する故障利用攻撃とその対策 (2017)
  • Author(s): 福島和英，許 瑞，清本晋作，本間尚文
  • Organizer: 2017年暗号と情報セキュリティシンポジウム
  • Place of Presentation: ロワジールホテル那覇（那覇市）
  • Year and Date: 2017-01-25
• [Presentation] 乗算アルゴリズムに対するハードウェアトロイ挿入可能性の評価 (2017)
  • Author(s): 伊東 燦
  • Organizer: 平成29年度電気関係学会東北支部連合大会
• [Presentation] 数論変換に基づく秘匿計算向け暗号の高効率実装 (2017)
  • Author(s): 遠藤 空
  • Organizer: 平成29年度電気関係学会東北支部連合大会
• [Presentation] 算術演算ハードウェアアルゴリズムの改変検知に関する検討 (2017)
  • Author(s): 伊東 燦
  • Organizer: 第40回多値論理フォーラム
• [Presentation] 剰余演算に基づく秘匿計算向け暗号の高効率実装 (2017)
  • Author(s): 遠藤 空
  • Organizer: 第40回多値論理フォーラム
• [Presentation] ハードウェアトロイ挿入が困難な公開鍵暗号データパスに関する検討 (2017)
  • Author(s): 伊東 燦
  • Organizer: ハードウェアセキュリティフォーラム
• [Presentation] IoTセキュリティを支える暗号技術の最新動向 (2017)
  • Author(s): 本間 尚文
  • Organizer: IEEE SSCS Kansai Chapter 技術セミナー
  • Invited
• [Book] Special Section on PROOFS 2016, Journal of Cryptographic Engineering (2017)
  • Author(s): Naofumi Homma
  • Total Pages: 54
  • Publisher: Springer
• [Remarks] 東北大学電気通信研究所環境調和型セキュア情報システム研究分野
  • URL: http://www.ecsis.riec.tohoku.ac.jp/