Cargando…

Why cryptography should not rely on physical attack complexity

This book presents two practical physical attacks. It shows how attackers can reveal the secret key of symmetric as well as asymmetric cryptographic algorithms based on these attacks, and presents countermeasures on the software and the hardware level that can help to prevent them in the future. Tho...

Descripción completa

Detalles Bibliográficos
Autor principal: Krämer, Juliane
Lenguaje:eng
Publicado: Springer 2015
Materias:
Acceso en línea:https://dx.doi.org/10.1007/978-981-287-787-1
http://cds.cern.ch/record/2112720
_version_ 1780948939130798080
author Krämer, Juliane
author_facet Krämer, Juliane
author_sort Krämer, Juliane
collection CERN
description This book presents two practical physical attacks. It shows how attackers can reveal the secret key of symmetric as well as asymmetric cryptographic algorithms based on these attacks, and presents countermeasures on the software and the hardware level that can help to prevent them in the future. Though their theory has been known for several years now, since neither attack has yet been successfully implemented in practice, they have generally not been considered a serious threat. In short, their physical attack complexity has been overestimated and the implied security threat has been underestimated. First, the book introduces the photonic side channel, which offers not only temporal resolution, but also the highest possible spatial resolution. Due to the high cost of its initial implementation, it has not been taken seriously. The work shows both simple and differential photonic side channel analyses. Then, it presents a fault attack against pairing-based cryptography. Due to the need for at least two independent precise faults in a single pairing computation, it has not been taken seriously either. Based on these two attacks, the book demonstrates that the assessment of physical attack complexity is error-prone, and as such cryptography should not rely on it. Cryptographic technologies have to be protected against all physical attacks, whether they have already been successfully implemented or not. The development of countermeasures does not require the successful execution of an attack but can already be carried out as soon as the principle of a side channel or a fault attack is sufficiently understood.
id cern-2112720
institution Organización Europea para la Investigación Nuclear
language eng
publishDate 2015
publisher Springer
record_format invenio
spelling cern-21127202021-04-21T20:01:30Zdoi:10.1007/978-981-287-787-1http://cds.cern.ch/record/2112720engKrämer, JulianeWhy cryptography should not rely on physical attack complexityEngineeringThis book presents two practical physical attacks. It shows how attackers can reveal the secret key of symmetric as well as asymmetric cryptographic algorithms based on these attacks, and presents countermeasures on the software and the hardware level that can help to prevent them in the future. Though their theory has been known for several years now, since neither attack has yet been successfully implemented in practice, they have generally not been considered a serious threat. In short, their physical attack complexity has been overestimated and the implied security threat has been underestimated. First, the book introduces the photonic side channel, which offers not only temporal resolution, but also the highest possible spatial resolution. Due to the high cost of its initial implementation, it has not been taken seriously. The work shows both simple and differential photonic side channel analyses. Then, it presents a fault attack against pairing-based cryptography. Due to the need for at least two independent precise faults in a single pairing computation, it has not been taken seriously either. Based on these two attacks, the book demonstrates that the assessment of physical attack complexity is error-prone, and as such cryptography should not rely on it. Cryptographic technologies have to be protected against all physical attacks, whether they have already been successfully implemented or not. The development of countermeasures does not require the successful execution of an attack but can already be carried out as soon as the principle of a side channel or a fault attack is sufficiently understood.Springeroai:cds.cern.ch:21127202015
spellingShingle Engineering
Krämer, Juliane
Why cryptography should not rely on physical attack complexity
title Why cryptography should not rely on physical attack complexity
title_full Why cryptography should not rely on physical attack complexity
title_fullStr Why cryptography should not rely on physical attack complexity
title_full_unstemmed Why cryptography should not rely on physical attack complexity
title_short Why cryptography should not rely on physical attack complexity
title_sort why cryptography should not rely on physical attack complexity
topic Engineering
url https://dx.doi.org/10.1007/978-981-287-787-1
http://cds.cern.ch/record/2112720
work_keys_str_mv AT kramerjuliane whycryptographyshouldnotrelyonphysicalattackcomplexity