2020 Fiscal Year Research-status Report
Security Evaluation of IoT Devices against Medium and Long-Range Side-Channel Attacks
| Project/Area Number |
20K19798
|
|---|
| Research Institution | The University of Electro-Communications |
|---|
Principal Investigator |
李 陽 電気通信大学, 大学院情報理工学研究科, 准教授 (20821812)
|
|---|
| Project Period (FY) |
2020-04-01 – 2024-03-31
|
| Keywords | Side-Channel Attack / Range SCA / IoT Devices / AES / Key Recovery |
|---|
| Outline of Annual Research Achievements |
This year, we mainly have 2 achievements.
First, using the public remote side-channel traces, we reproduced and improved the key recovery for remote attacks in previous work. The secret key can be successfully recovered. Also the data complexity was improved by optimizing the attack parameters in the profiling phase.
Second, we have partially constructed an experimental environment for the remote side-channel attack. We use the same attack target from the previous work named BLEnano. By far, we can control BLEnano to send bluetooth signals or to execute cryptographic calculations. Also, we can observe the corresponding radio signal from a small distance. Using our current setup, we can see an obvious change in the histogram of the RF signal that are caused by cryptographic operations.
|
| Current Status of Research Progress |
Current Status of Research Progress
2: Research has progressed on the whole more than it was originally planned.
Reason
According to the research plan, in the first two years, we plan to achieve 3 goals as 1. key recovery using public data, 2. construct experiment setup and 3. evaluation of the measures from different distances. By far, we have already achieved the 1st goal and a half of the 2nd goal.
As for the 2nd goal of constructing the experiment setup, we can control the attack target and observe the RF signal from a small distance. The signal changes caused by executing AES can be clearly observed. The rest can be achieved by RF signal capture and signal processing, which should be finished in this year.
As for the 3rd goal, we are starting to apply classic EM-based side-channel attack against the same target. It will allow us to evaluate the quality of leakage from different distances.
|
| Strategy for Future Research Activity |
The research scheme will be followed as the plan. This year's focus is as follows.
First, we will collect the EM emanation from the device. Then, we will apply the key recovery as classic side-channel attack. The key recovery efficiency will be compared and analyzed with the distance side-channel attack. This will lead to a transformation model between the measurements collected directly from the device and those collected from a distance.
Second, we will continue to build the experimental setup for remote attacks and complete the entire key recovery process. The focus will be the capture of RF signals, the signal processing of the collected RF signals including filtering, cropping, and alignment. The complete process from acquiring the RF signal to recovering the key will be achieved.
|
