Desenvolvimento de um Sistema de Ataques Side-Channel
Autor(a) principal: | |
---|---|
Data de Publicação: | 2022 |
Tipo de documento: | Dissertação |
Idioma: | eng |
Título da fonte: | Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
Texto Completo: | http://hdl.handle.net/10400.22/21078 |
Resumo: | Nowadays consumers expect their IoT devices and data to be adequately protected against any vulnerability. As such, the implementation of protection layers should no longer be taken into account once the device is fully developed. The most common method of ensuring the security of the devices is based on the encryption of the communication sent and received by the device. Regardless of the complexity of the algorithm and the theoretical protection against brute force attacks, the attackers have evolved their strategies. Despite the developers’ best efforts to secure and encrypt the device’s communications, there will always be some leakage of information somewhere in the device. Similarly, the attackers have now started to exploit and analyze these leaks in order to successfully break into the so-called secure devices. By its very nature, these leaks of information will always exist, and consequently, the developers should find countermeasures to either confuse the attacker with worthless information or somehow decorrelating the leaked information from the truth. In this context, the work presented in this report presents the development of methods to verify the difficulty of decryption of the different AES 128-bit modes through power analysis, and an application developed to simplify this task for future use. Lastly, the results of the attacks performed on different targets are presented. These include a Raspberry Pi 4 and an Arduino Nano which were not successful due to the overpowering existing noise, and the ChipWhisperer Lite ARM target with 5 different AES 128-bit modes which were successfully attacked, even with countermeasures implemented. |
id |
RCAP_1b51f1b0d41c4ccb6f56b102f609634b |
---|---|
oai_identifier_str |
oai:recipp.ipp.pt:10400.22/21078 |
network_acronym_str |
RCAP |
network_name_str |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
repository_id_str |
7160 |
spelling |
Desenvolvimento de um Sistema de Ataques Side-ChannelSide-channel AttackPower AnalysisAES 128-bitChipWhispererRaspberry PiArduinoNowadays consumers expect their IoT devices and data to be adequately protected against any vulnerability. As such, the implementation of protection layers should no longer be taken into account once the device is fully developed. The most common method of ensuring the security of the devices is based on the encryption of the communication sent and received by the device. Regardless of the complexity of the algorithm and the theoretical protection against brute force attacks, the attackers have evolved their strategies. Despite the developers’ best efforts to secure and encrypt the device’s communications, there will always be some leakage of information somewhere in the device. Similarly, the attackers have now started to exploit and analyze these leaks in order to successfully break into the so-called secure devices. By its very nature, these leaks of information will always exist, and consequently, the developers should find countermeasures to either confuse the attacker with worthless information or somehow decorrelating the leaked information from the truth. In this context, the work presented in this report presents the development of methods to verify the difficulty of decryption of the different AES 128-bit modes through power analysis, and an application developed to simplify this task for future use. Lastly, the results of the attacks performed on different targets are presented. These include a Raspberry Pi 4 and an Arduino Nano which were not successful due to the overpowering existing noise, and the ChipWhisperer Lite ARM target with 5 different AES 128-bit modes which were successfully attacked, even with countermeasures implemented.Atualmente, os consumidores esperam que os seus dispositivos IoT e respetivos dados sejam adequadamente protegidos contra qualquer vulnerabilidade. Como tal, a implementação de camadas de proteção deverá deixar de ser tido em conta uma vez que o dispositivo esteja completamente desenvolvido. O método mais comum para garantir a segurança dos dispositivos é baseado na encriptação das comunicações do dispositivo. Independentemente da complexidade do algoritmo usado e a proteção teórica contra-ataques por força bruta, os atacantes evoluíram as suas estratégias. Apesar dos melhores esforços dos criadores para proteger e codificar as comunicações do dispositivo, há sempre alguma fuga de informação algures no dispositivo (informação side-channel) em forma de vibrações, flutuações na alimentação do sistema, radiação eletromagnética, etc. Os atacantes já começaram a explorar e analisar estas fugas de modo a invadir com sucesso os dispositivos e devido à sua própria natureza, estas fugas de informação existirão sempre. Consequentemente, os criadores dos sistemas devem desenvolver e implementar contramedidas para confundir o atacante com informação inútil ou de alguma forma descorrelacionar a informação libertada da verdade. Neste contexto, o trabalho apresentado neste relatório apresenta o desenvolvimento de métodos para verificar a dificuldade de descodificação dos diferentes modos AES de 128 bits através da análise da alimentação e uma aplicação desenvolvida para simplificar esta tarefa para utilização futura. Finalmente, são apresentados os resultados dos ataques realizados aos diferentes alvos. Estes incluem um Raspberry Pi 4 e um Arduino Nano os quais não foram bem sucedidos devido ao ruído excessivo existente, e o alvo ARM do ChipWhisperer Lite com 5 diferentes modos AES 128-bit que foram atacados com sucesso, mesmo com contramedidas implementadas.Santos, Veríssimo Manuel Brandão LimaRepositório Científico do Instituto Politécnico do PortoOliveira, João Pedro Martins de2022-11-25T15:36:56Z20222022-01-01T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesisapplication/pdfhttp://hdl.handle.net/10400.22/21078TID:203086740enginfo:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2023-03-13T13:16:54Zoai:recipp.ipp.pt:10400.22/21078Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-19T17:41:10.063811Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse |
dc.title.none.fl_str_mv |
Desenvolvimento de um Sistema de Ataques Side-Channel |
title |
Desenvolvimento de um Sistema de Ataques Side-Channel |
spellingShingle |
Desenvolvimento de um Sistema de Ataques Side-Channel Oliveira, João Pedro Martins de Side-channel Attack Power Analysis AES 128-bit ChipWhisperer Raspberry Pi Arduino |
title_short |
Desenvolvimento de um Sistema de Ataques Side-Channel |
title_full |
Desenvolvimento de um Sistema de Ataques Side-Channel |
title_fullStr |
Desenvolvimento de um Sistema de Ataques Side-Channel |
title_full_unstemmed |
Desenvolvimento de um Sistema de Ataques Side-Channel |
title_sort |
Desenvolvimento de um Sistema de Ataques Side-Channel |
author |
Oliveira, João Pedro Martins de |
author_facet |
Oliveira, João Pedro Martins de |
author_role |
author |
dc.contributor.none.fl_str_mv |
Santos, Veríssimo Manuel Brandão Lima Repositório Científico do Instituto Politécnico do Porto |
dc.contributor.author.fl_str_mv |
Oliveira, João Pedro Martins de |
dc.subject.por.fl_str_mv |
Side-channel Attack Power Analysis AES 128-bit ChipWhisperer Raspberry Pi Arduino |
topic |
Side-channel Attack Power Analysis AES 128-bit ChipWhisperer Raspberry Pi Arduino |
description |
Nowadays consumers expect their IoT devices and data to be adequately protected against any vulnerability. As such, the implementation of protection layers should no longer be taken into account once the device is fully developed. The most common method of ensuring the security of the devices is based on the encryption of the communication sent and received by the device. Regardless of the complexity of the algorithm and the theoretical protection against brute force attacks, the attackers have evolved their strategies. Despite the developers’ best efforts to secure and encrypt the device’s communications, there will always be some leakage of information somewhere in the device. Similarly, the attackers have now started to exploit and analyze these leaks in order to successfully break into the so-called secure devices. By its very nature, these leaks of information will always exist, and consequently, the developers should find countermeasures to either confuse the attacker with worthless information or somehow decorrelating the leaked information from the truth. In this context, the work presented in this report presents the development of methods to verify the difficulty of decryption of the different AES 128-bit modes through power analysis, and an application developed to simplify this task for future use. Lastly, the results of the attacks performed on different targets are presented. These include a Raspberry Pi 4 and an Arduino Nano which were not successful due to the overpowering existing noise, and the ChipWhisperer Lite ARM target with 5 different AES 128-bit modes which were successfully attacked, even with countermeasures implemented. |
publishDate |
2022 |
dc.date.none.fl_str_mv |
2022-11-25T15:36:56Z 2022 2022-01-01T00:00:00Z |
dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
dc.type.driver.fl_str_mv |
info:eu-repo/semantics/masterThesis |
format |
masterThesis |
status_str |
publishedVersion |
dc.identifier.uri.fl_str_mv |
http://hdl.handle.net/10400.22/21078 TID:203086740 |
url |
http://hdl.handle.net/10400.22/21078 |
identifier_str_mv |
TID:203086740 |
dc.language.iso.fl_str_mv |
eng |
language |
eng |
dc.rights.driver.fl_str_mv |
info:eu-repo/semantics/openAccess |
eu_rights_str_mv |
openAccess |
dc.format.none.fl_str_mv |
application/pdf |
dc.source.none.fl_str_mv |
reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação instacron:RCAAP |
instname_str |
Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação |
instacron_str |
RCAAP |
institution |
RCAAP |
reponame_str |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
collection |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
repository.name.fl_str_mv |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação |
repository.mail.fl_str_mv |
|
_version_ |
1799131499469996032 |