2021 Fiscal Year Research-status Report
Security Evaluation of IoT Devices against Medium and Long-Range Side-Channel Attacks
| Project/Area Number |
20K19798
|
|---|
| Research Institution | The University of Electro-Communications |
|---|
Principal Investigator |
李 陽 電気通信大学, 大学院情報理工学研究科, 准教授 (20821812)
|
|---|
| Project Period (FY) |
2020-04-01 – 2024-03-31
|
| Keywords | side-channel attack / screaming channel / AES |
|---|
| Outline of Annual Research Achievements |
This year, we mainly had two achievements.
First, we have constructed an experimental environment for the remote side-channel attack. We used the same attack target from the previous work named BLEnano. We are able to remotely observe and collect the radio signal, which is used for Bluetooth communication and contains side-channel leakage. Also, we successfully recovered the secret key using the collected radio signal.
Second, we noticed the difference between Bluetooth-based signal and near-field electromagnetic radiation in their leakage models and proposed a new key recovery method to combine these two types of information leakage. The new method can reduce the number of accessing the attack target. The relevant result was published at SCIS 2022.
|
| Current Status of Research Progress |
Current Status of Research Progress
1: Research has progressed more than it was originally planned.
Reason
According to the research plan, in the first two years, we plan to achieve three goals 1. key recovery using public data, 2. construct experiment setup and 3. evaluation of the measures from different distances. By far, we have already achieved all these goals. We are able to complete a remote attack from the measurement to the key recovery at several distances to the target.
Besides the original plan, we noticed that Bluetooth-based radio signals and near-field electromagnetic radiation leak different information of the same calculation. Therefore, we applied the research to clarify the mechanism of this difference in the leakage model and tried to combine two types of leakages to achieve a more efficient key recovery.
|
| Strategy for Future Research Activity |
The research scheme will follow the original plan and this year's focus is as follows.
First, we will focus on the leakage model. Since we find an accurate leakage model for the remote attack setup, we will propose a non-profiling attack and compare the result with the existing profiling attacks.
Second, we plan to continue to elucidate the similarities and differences between Bluetooth-based radio signals and near-field electromagnetic radiation at the side-channel leakage level. This investigation can be applied to construct a better defense against side-channel attacks.
Third, we will investigate the leakage profile when a new crypto algorithm is implemented in the same experimental setup. The goal is to obtain a general leakage profile for a remote side-channel attack.
|
