Advanced search
Start date
Betweenand

Side channel and invasive attacks on a secure code execution computer architecture

Grant number: 16/25532-3
Support type:Scholarships abroad - Research Internship - Doctorate
Effective date (Start): May 01, 2017
Effective date (End): December 31, 2017
Field of knowledge:Physical Sciences and Mathematics - Computer Science - Computer Systems
Principal Investigator:Guido Costa Souza de Araújo
Grantee:Caio Hoffman
Supervisor abroad: Catherine Gebotys
Home Institution: Instituto de Computação (IC). Universidade Estadual de Campinas (UNICAMP). Campinas , SP, Brazil
Local de pesquisa : University of Waterloo, Canada  
Associated to the scholarship:15/06829-2 - Computer security by Hardware-Intrinsic Authentication, BP.DR

Abstract

Tamper-resistance and tamper-evidence for Internet of Things (IoT) devices will be required in many applications. These properties can be achieved by secure code execution, which means to provide authenticity and integrity for programs that will run in IoT devices. We recently proposed Computer Security by Hardware-Intrinsic Authentication (CSHIA), a computer architecture solution for secure code execution. CSHIA relies on generating and verifying authentication tags that are created through a random cryptographic key uniquely extracted from Physical Unclonable Functions (PUFs) in each IoT device. However, PUFs depend on post-processing schemes, like Fuzzy Extractors, which are susceptible to side channel and semi-invasive attacks. If those attacks succeed, the unique device's key can be exposed and the security broken. In order to strengthen CSHIA's security, new countermeasures against side channel and semi-invasive attacks in Fuzzy Extractors have to be devised. Currently, we have proposed a side channel countermeasure that overcomes many limitations of the current known countermeasure and now we aim at improving it and thinking up solutions against semi-invasive attacks. (AU)