Activity of Tamper-resistance Standardization Research Committee (TSRC) - PowerPoint PPT Presentation

About This Presentation
Title:

Activity of Tamper-resistance Standardization Research Committee (TSRC)

Description:

Japanese Standards Association (JSA) Information Technology Research and Standardization Center (INSTAC) CHES Rump Session Activity of Tamper-resistance ... – PowerPoint PPT presentation

Number of Views:142
Avg rating:3.0/5.0
Slides: 17
Provided by: Tsuto
Learn more at: https://www.iacr.org
Category:

less

Transcript and Presenter's Notes

Title: Activity of Tamper-resistance Standardization Research Committee (TSRC)


1
Activity of Tamper-resistance Standardization
Research Committee (TSRC)
Japanese Standards Association (JSA) Information
Technology Research and Standardization Center
(INSTAC)
CHES Rump Session
  • Shinichi Kawamura
  • Tamper-resistance Standardization Research
    Committee (TSRC)
  • Toshiba Corporation
  • shinichi2.kawamura_at_toshiba.co.jp

2
TSRC Activity Report Completed!
  • Tamper-resistance Standardization Research
    Committee --- The Activity Report 2003-2006
  • Available at the desk in front of the white board
  • Also available at
  • http//www.jsa.or.jp/stdz/instac/committe/index
    .htm

3
Appendix!!
4
Four Main Activities of TSRC
  • Systematic study of various tampering techniques
  • ( Survey of literature )
  • Developing standard evaluation platform for
    side-channel attacks
  • Proposing methods to describe requirements to
    tamper-resistance
  • Contributing to the international standardization
  • ( Ex. Physical Security Testing Workshop, Sept
    2005 hosted with NIST and IPA )

5
Standard Evaluation Platforms
  • Motivation
  • Lack of standard platform seems to hinder the
    development of tamper-resistance technology.
  • It will change the situation if there is a
    standard platform whose specification is publicly
    available and non-proprietary.
  • Solusion
  • INSTAC-8 8bit CPU. Its target is a low-end
    embedded system.
  • INSTAC-32 32-bit CPU and FPGA. Its target is a
    middle to high-end system as well as
    semi-hardware implementation.

6
An INSTAC-8 Compliant Board
7
An INSTAC-32 Compliant Board
8
Some Results Reported
  • K. Fujisaki, et al. ISEC2004-No.55, 2004
  • Proposal of INSTAC-8 and self-evaluation
  • H. Miyake, et al. SCIS2005, January 2005
  • DPA evaluation on INSTAC-8
  • Y. Takahashi, et al. ISEC2004-No.114, March 2005
  • EM analysis on INSTAC-8
  • K. Fujisaki, et al. ISEC2005-No.19, July 2005
  • Proposal of INSTAC-32 and self-evaluation
  • Y. Tsunoo, et al. This conference, Sept. 2005
  • Analysis report on INSTAC-8
  • Notes) ISEC IEICE Tech. Rep. on Information
    Security (Bi-monthly)
  • SCIS Symp. on Cryptography and
    Information Security (Annual)

9
Proposal of metric-based description of security
requirement
  • There are three approaches recognized to describe
    the requirement for tamper-resistance of
    cryptographic module
  • Description focusing on attacks
  • Description focusing on countermeasures
  • Description focusing on metrics
  • We think that approach 3 has not been
    established, so far
  • Our proposal is that intensive research is
    necessary to establish metric-based description

10
Description Focusing on Attacks
Example Cryptographic module is required to be
resistant to Timing Attack
Cryptographic Module
Timing Attack
SPA
Core of Cryptographic Module
DPA
Fault-based Attack
EMA
Other attacks
  • Concrete attack is focused ---Natural approach
  • Appropriate listing up of attacks is necessary
  • Adapting to emerging attack is an issue since
    more attacks seem still to come

11
Description Focusing on Countermeasures
Example Cryptographic module is required to
implement Data Masking or Documentation shall
specify countermeasures employed
Cryptographic Module
Randomized Timing
Timing Attack
Data Masking
Core of Cryptographic Module
SPA
DPA
Other Measures
Fault-based Attack
EMA
Other attacks
  • Countermeasure to prevent attacks is specified
  • Appropriate listing up of countermeasures is
    necessary
  • Adapting emerging attack is an issue since more
    attacks seem still to come
  • Vender would not like to explicitly describe
    countermeasures because they are
  • sometimes vendor know-how

12
Description Focusing on Metrics
Example Cryptographic module is required to
have metric A within a given range B with a
given test method C
Presently, A, B, and C is not established.
Cryptographic Module
Test Method 1
Metric 1
Countermeasures
Core of Cryptographic Module
Test Method 2
Metric 2
Other Test Methods
Metric x
  • Ideal approach -- if appropriate metrics and test
    method are defined
  • Searching for appropriate metrics is a big issue
    --- Intensive research is required
  • Good metrics may cover some emerging attacks

13
Members of TSRC WG1 (As of March 2006)
  • Tsutomu Matsumoto (Chair, Yokohama National
    University)
  • Shinichi Kawamura (Secretary, Toshiba Corp.)
  • Koichi Fujisaki (Toshiba Corp.)
  • Naoya Torii (Fujitsu Laboratories Ltd.)
  • Shuichi Ishida (Hitachi, Ltd.)
  • Yukiyasu Tsunoo (NEC Corp.)
  • Minoru Saeki (Mitsubishi Electric Corp.)
  • Atsuhiro Yamagishi (IPA)

14
Organizational Structure
Ministry of Economy, Trade and Industry
Bureau of Industrial Technology
Environment Standardization Section
Japanese Standardization Association
Information Technology Research and
Standardization Center (INSTAC)
Tamper-resistance Standardization Research
Committee (TSRC)
Research Team
WG1 (Technical Committee)
15
Pointer to Activity Report, again
  • Available at the desk in front of the white board
  • Also available at
  • http//www.jsa.or.jp/stdz/instac/committe/index.ht
    m

Thank you for your attantion.
16
End of Appendix!
Write a Comment
User Comments (0)
About PowerShow.com