研究課題/領域番号 |
20K19798
|
研究機関 | 電気通信大学 |
研究代表者 |
李 陽 電気通信大学, 大学院情報理工学研究科, 准教授 (20821812)
|
研究期間 (年度) |
2020-04-01 – 2024-03-31
|
キーワード | side-channel attack / screaming channel / AES |
研究実績の概要 |
This year, we mainly had two achievements. First, we have constructed an experimental environment for the remote side-channel attack. We used the same attack target from the previous work named BLEnano. We are able to remotely observe and collect the radio signal, which is used for Bluetooth communication and contains side-channel leakage. Also, we successfully recovered the secret key using the collected radio signal. Second, we noticed the difference between Bluetooth-based signal and near-field electromagnetic radiation in their leakage models and proposed a new key recovery method to combine these two types of information leakage. The new method can reduce the number of accessing the attack target. The relevant result was published at SCIS 2022.
|
現在までの達成度 (区分) |
現在までの達成度 (区分)
1: 当初の計画以上に進展している
理由
According to the research plan, in the first two years, we plan to achieve three goals 1. key recovery using public data, 2. construct experiment setup and 3. evaluation of the measures from different distances. By far, we have already achieved all these goals. We are able to complete a remote attack from the measurement to the key recovery at several distances to the target. Besides the original plan, we noticed that Bluetooth-based radio signals and near-field electromagnetic radiation leak different information of the same calculation. Therefore, we applied the research to clarify the mechanism of this difference in the leakage model and tried to combine two types of leakages to achieve a more efficient key recovery.
|
今後の研究の推進方策 |
The research scheme will follow the original plan and this year's focus is as follows. First, we will focus on the leakage model. Since we find an accurate leakage model for the remote attack setup, we will propose a non-profiling attack and compare the result with the existing profiling attacks. Second, we plan to continue to elucidate the similarities and differences between Bluetooth-based radio signals and near-field electromagnetic radiation at the side-channel leakage level. This investigation can be applied to construct a better defense against side-channel attacks. Third, we will investigate the leakage profile when a new crypto algorithm is implemented in the same experimental setup. The goal is to obtain a general leakage profile for a remote side-channel attack.
|