Why Cryptography Should Not Rely on Physical Attack Complexity
Why Cryptography Should Not Rely on Physical Attack Complexity
Springer | Computer Science | October 4, 2015 | ISBN-10: 981287786X | 122 pages | pdf | 3.9 mb
Springer | Computer Science | October 4, 2015 | ISBN-10: 981287786X | 122 pages | pdf | 3.9 mb
by Juliane Krämer (Author)
Presents two practical physical attacks, the complexity of which has been overestimated and the implied security threats of which have been underestimated
Demonstrates that the assessment of physical attack complexity is error-prone and cryptography should not rely on it
Demonstrates how attackers can reveal the secret key of cryptographic algorithms based on these physical attacks
From the Back Cover
This book presents two practical physical attacks. It shows how attackers can reveal the secret key of symmetric as well as asymmetric cryptographic algorithms based on these attacks, and presents countermeasures on the software and the hardware level that can help to prevent them in the future. Though their theory has been known for several years now, since neither attack has yet been successfully implemented in practice, they have generally not been considered a serious threat. In short, their physical attack complexity has been overestimated and the implied security threat has been underestimated.
First, the book introduces the photonic side channel, which offers not only temporal resolution, but also the highest possible spatial resolution. Due to the high cost of its initial implementation, it has not been taken seriously. The work shows both simple and differential photonic side channel analyses. Then, it presents a fault attack against pairing-based cryptography. Due to the need for at least two independent precise faults in a single pairing computation, it has not been taken seriously either.
Based on these two attacks, the book demonstrates that the assessment of physical attack complexity is error-prone, and as such cryptography should not rely on it. Cryptographic technologies have to be protected against all physical attacks, whether they have already been successfully implemented or not. The development of countermeasures does not require the successful execution of an attack but can already be carried out as soon as the principle of a side channel or a fault attack is sufficiently understood.
Number of Illustrations and Tables
11 illus., 15 in colour
Topics
Communications Engineering, Networks
Coding and Information Theory
Security Science and Technology
Mathematical Applications in Computer Science