Physical security for cryptographic implementations with open hardware
- Speaker: Gaëtan Cassiers
- email: email@example.com
One of the founding bases of modern cryptography is Kerckhoff's principle: a cryptosystem should be secure even if everything about the system, except the key, is public knowledge. This concept can be opposed to so-called "security by obscurity", which instead relies on the secrecy of the algorithms and protocols used in an information system. Kerckhoff's principle is at the core of modern cryptographic algorithms and standards, and it enables high security assurance thanks to public scrutiny. Despite using secure algorithms, the cryptography on an embedded system may still be vulnerable to physical attacks. In their seminal work on Differential Power Analysis, Kocher et al. showed that, without special care, cryptographic implementations leak "side-channel information" that can be easily exploited to recover the key material of cryptographic algorithms. Boneh et al. showed that a similar issue occurs if faults can be injected during the execution of the algorithms.
Given the limited (theoretical and practical) understanding of these new physical attack vectors, the industry developed the first implementations to counteract them in a closed source setting, partially motivated by a "security-by-obscurity" paradigm. This strongly contrasts with the state of cryptographic implementation in mainstream computing environments, which is primarily open-source, even in closed-source platforms. Our vision is that as research advances, the security by obscurity paradigm becomes less justified, and its drawbacks outweigh its benefits. That is, while a closed source approach can limit the adversary's understanding of the target implementations as long as their specifications remain opaque, it also limits the public understanding of the mechanisms on which security relies and, therefore, the possibility to improve them. By contrast, an open approach to security can lead to a better evaluation of the worst-case security level targeted by cryptographic designs.
We started the SIMPLE-Crypto nonprofit organization as a place to turn state-of-the-art research results into high-quality and well-maintained open-source implementations. Our primary targets are embedded systems, and we develop software and hardware implementations. We recently released our first open-hardware implementation: SMAesH. It is a hardware (Verilog) implementation of the AES block cipher that uses masking as a countermeasure against side-channel attacks. More precisely, we use the Hardware Private Circuits (HPC) masking scheme, which provides state-of-the-art guarantees in terms of resistance against physical defaults (i.e., glitches and transitions) and composability. The security of SMAesH is undergoing public evaluation in the form of an open side-channel cryptanalysis challenge for the cryptographic hardware research community.
In this talk, we first discuss the challenges in securing embedded cryptography implementations against physical attacks. We then describe SMAesH and the guiding principles behind its development. Finally, we discuss the vision of SIMPLE-Crypto, the opportunities, and the challenges for open-hardware cryptography.
- Looking for sponsors: industrial, institutional. https://www.simple-crypto.org/sponsors
- Homepage: https://www.simple-crypto.org/activities/smaesh
- Repository: https://github.com/simple-crypto/smaesh
- Evaluation challenge:
- Looking for users
- Open to feedback (or even contributions).