| 研究課題/領域番号 |
20K19798
|
|---|
| 研究機関 | 電気通信大学 |
|---|
研究代表者 |
李 陽 電気通信大学, 大学院情報理工学研究科, 准教授 (20821812)
|
|---|
| 研究期間 (年度) |
2020-04-01 – 2024-03-31
|
| キーワード | Side-Channel Attack / Range SCA / IoT Devices / AES / Key Recovery |
|---|
| 研究実績の概要 |
This year, we mainly have 2 achievements.
First, using the public remote side-channel traces, we reproduced and improved the key recovery for remote attacks in previous work. The secret key can be successfully recovered. Also the data complexity was improved by optimizing the attack parameters in the profiling phase.
Second, we have partially constructed an experimental environment for the remote side-channel attack. We use the same attack target from the previous work named BLEnano. By far, we can control BLEnano to send bluetooth signals or to execute cryptographic calculations. Also, we can observe the corresponding radio signal from a small distance. Using our current setup, we can see an obvious change in the histogram of the RF signal that are caused by cryptographic operations.
|
| 現在までの達成度 (区分) |
現在までの達成度 (区分)
2: おおむね順調に進展している
理由
According to the research plan, in the first two years, we plan to achieve 3 goals as 1. key recovery using public data, 2. construct experiment setup and 3. evaluation of the measures from different distances. By far, we have already achieved the 1st goal and a half of the 2nd goal.
As for the 2nd goal of constructing the experiment setup, we can control the attack target and observe the RF signal from a small distance. The signal changes caused by executing AES can be clearly observed. The rest can be achieved by RF signal capture and signal processing, which should be finished in this year.
As for the 3rd goal, we are starting to apply classic EM-based side-channel attack against the same target. It will allow us to evaluate the quality of leakage from different distances.
|
| 今後の研究の推進方策 |
The research scheme will be followed as the plan. This year's focus is as follows.
First, we will collect the EM emanation from the device. Then, we will apply the key recovery as classic side-channel attack. The key recovery efficiency will be compared and analyzed with the distance side-channel attack. This will lead to a transformation model between the measurements collected directly from the device and those collected from a distance.
Second, we will continue to build the experimental setup for remote attacks and complete the entire key recovery process. The focus will be the capture of RF signals, the signal processing of the collected RF signals including filtering, cropping, and alignment. The complete process from acquiring the RF signal to recovering the key will be achieved.
|
