Závěrečná práce: Bc. Ján Jančár, učo 445358: PYECSCA: Reverse-engineering black-box Elliptic Curve Cryptography implementations via side-channels
Diplomová práce
PYECSCA: Reverse-engineering black-box Elliptic Curve Cryptography implementations via side-channels
Anotace
Oblasť side-channel útokov má dva hlavné ciele. Prvým je vyhodnotenie implementácii na zraniteľnosti z pohľadu side-channelov. Druhým je vývoj nových side-channel útokov, pri predpoklade nejakej zrantieľnosti implementácie. Práve tento druhý cieľ často vyžaduje veľmi presné vedomosti o detailoch implementácie, ktoré v prípade algoritmov ako AES alebo RSA môžu byť jednoduché na získanie. Avšak priestor …více
Abstract
The usual goals of offensive Side Channel Analysis are mostly two-fold. One is to assess and quantify the presence of side channel leakage, the other is to assume leakage and target the secret key. The second goal often requires very precise knowledge of the implementation details, which might not be very extensive for algorithms like AES or RSA. However, the space of possible equivalent implementations …více
Zadání práce
The goal of this work is to develop an open-source toolkit for side-channel analysis of black-box implementations of Elliptic Curve Cryptography, from power or EM traces. The toolkit will support acquisition and preprocessing of traces, and simulation of ECC computations.
This toolkit will use side-channel analysis methods to extract details about an unknown implementation, such as the curve model, coordinates, addition formulas and scalar multiplication algorithm.
This toolkit will be evaluated on
1) custom implementations on development boards, serving as the ground truth for the methods developed, and on
2) real production JavaCards, which are a popular platform of programmable cryptographic smartcard.
Literature:
Mangard S., Oswald E., Popp T.: Power Analysis Attacks: Revealing the Secrets of Smart Cards, ISBN 978-0-387-38162-6
Rankl W., Effing W.: Smart Card Handbook, ISBN 0-470-85668-8
21. 7. 2020 09:05, doc. RNDr. Petr Švenda, Ph.D., učo 4085
Přílohy
Citace dle normy ČSN ISO 690
Práce na příbuzné téma
Seznam prací, které mají shodná klíčová slova.
-
Security considerations for elliptic curve domain parameters selection
RNDr. Ján Jančár, Ph.D., učo 445358 -
Analýza mechanismu RMI u čipových karet s platformou JavaCard
Mgr. Martin Kvočka, učo 173286 -
Analysis of implementations of ECC libraries
Mgr. David Hofman -
On cryptographic weaknesses related to elliptic curves
RNDr. Vladimír Sedláček, Ph.D., učo 408178 -
Source code security transformations for JavaCard platform
Bc. Ondřej Šebek -
Algoritmy pro differenciální odběrovou analýzu kryptografických čipových karet (DPA)
RNDr. Jiří Kůr, Ph.D. -
New Approaches to Design and Development of Secure SmartCard Applications
RNDr. Václav Lorenc -
Reverzní inženýrství kódu vykonávaného na čipové kartě
Bc. Tomáš Kramoliš, učo 99272




