Security Evaluation of IoT Devices against Medium and Long-Range Side-Channel Attacks
| Project/Area Number |
20K19798
|
|---|
| Research Category |
Grant-in-Aid for Early-Career Scientists
|
| Allocation Type | Multi-year Fund |
|---|
| Review Section |
Basic Section 60070:Information security-related
|
|---|
| Research Institution | The University of Electro-Communications |
|---|
Principal Investigator |
李 陽 電気通信大学, 大学院情報理工学研究科, 准教授 (20821812)
|
|---|
| Project Period (FY) |
2020-04-01 – 2024-03-31
|
| Project Status |
Granted (Fiscal Year 2022)
|
| Budget Amount *help |
¥4,290,000 (Direct Cost: ¥3,300,000、Indirect Cost: ¥990,000)
Fiscal Year 2023: ¥650,000 (Direct Cost: ¥500,000、Indirect Cost: ¥150,000)
Fiscal Year 2022: ¥1,170,000 (Direct Cost: ¥900,000、Indirect Cost: ¥270,000)
Fiscal Year 2021: ¥1,300,000 (Direct Cost: ¥1,000,000、Indirect Cost: ¥300,000)
Fiscal Year 2020: ¥1,170,000 (Direct Cost: ¥900,000、Indirect Cost: ¥270,000)
|
|---|
| Keywords | side-channel attack / screaming channel / AES / Side-Channel Attack / Range SCA / IoT Devices / Key Recovery / IoT / Distance |
|---|
| Outline of Research at the Start |
This research will conduct a security evaluation of distance side-channel attacks for network-enabled devices for the Internet of Things, to reveal the leakage mechanism, to understand the relations between close attacks and distance attacks, and to propose reasonable countermeasures.
|
| Outline of Annual Research Achievements |
This year, our research has yielded 2 achievements.
Firstly, we developed two key recovery methods, based on the unique leakage model we discovered for the screaming channel. These methods leverage different assumptions about the leakage models, leading to the design of second-round attacks and final round key recovery method. In the experiment, we've seen a considerable enhancement in attack efficiency compared to previous methodologies.
In particular, for the second-round attack, we capitalized on the similarity of leakages when the most significant 4 bits of the S-box input are the same. We devised a chosen-plaintext attack that employs the variance of the traces as a distinguisher, enabling independent key byte recovery. Our results indicated that the key could be retrieved with fewer than 200 plaintexts. For the final round attack, we utilized the Hamming weight of the most significant 4 bits of the S-box input to facilitate key recovery, resulting in a further boost in efficiency. These findings were published at SCIS 2023.
Secondly, we investigated the conditions that trigger different leakage profiles. We discovered that the specific leakage observed in the screaming channel is connected to the memory employed in calculations. By altering the location of the S-box table, we can manipulate the leakage profiles for the information leakage.
|
| Current Status of Research Progress |
Current Status of Research Progress
2: Research has progressed on the whole more than it was originally planned.
Reason
We've made expected progress in our research plan, having carried out a successful remote attack, from measurement to key recovery, across various distances to the target.
We've also managed to discern the differences in leakage between Bluetooth-based radio signals and near-field electromagnetic radiation. Importantly, we've refined the existing screaming channel attack, reducing the requirements for the attack and enhancing its efficiency.
Now, our focus is pivoting towards understanding the root cause of these different leakage profiles, which could potentially provide valuable guidance for future implementations.
|
| Strategy for Future Research Activity |
Our research scheme will continue as originally planned, with this year's emphasis being as follows:
Firstly, we will continue to clarify the mechanism of differences in the leakage model for the screaming channel. In order to validate some of our hypotheses, we will make changes to certain implementation methods and observe the changes in the leakage model, which could help us determine the conditions under which special leakage models occur. Subsequently, we will use programs specifically to test the conditions for the occurrence of special leakage profiles.
Secondly, we will organize our existing achievements and compile them into a research paper.
|
Report
(3 results)
Research Products
(2 results)
