Project Details
Bezpečnost informačních systémů - výzkum útoků na kryptograficky bezpečná zařízení
Project Period: 1. 1. 2004 – 31. 12. 2006
Project Type: grant
Code: GA102/04/0871
Agency: Czech Science Foundation
Program: Standardní projekty
cryptography;tamper resistant hardware;attacks
The main goal of the project is a research of security aspects of hardware implementations of cryptographic mechanisms. The implementations are called tamper-proof devices and they are typically smart cards or cryptographic coprocessors. The design of majority of available tamper-proof devices does not deal with various forms of side effects of cryptographic algorithms execution. A side-channel is the term commonly used for places where such undesirable information appears. The volume and usefulness of information we are able to extract depends on the form of the side-channel. However, number of scientific papers proves that it is possible to effectively analyse information from side-channels and use the results for compromise of tamper-proof devices.The project consists of three main areas. We will design and build laboratory instruments for implementation of attacks exploiting side-channels. The attacks will produce experimental data. The second area consists of a design of analytic methods for effective processing of experimental data in such a form that allows reconstruction of sensitive data. The proposed methods will be checked on real devices. The last area deals with the design of countermeasures against side-channel attacks. We will use already known approaches as well as the principles of our analytic methods. The goal is to decrease the amount of useful information in side-channels and determine minimum amount necessary for successful attack.
Cvrček Daniel, doc. Ing., Ph.D.
Hrubý Martin, Ing., Ph.D. (DITS)
Hruška Tomáš, prof. Ing., CSc. (DIFS)
Peringer Petr, Dr. Ing. (DITS)
Rábová Zdeňka, doc. Ing., CSc.
2007
- BLAHÁK, P.; CVRČEK, D. Alternativní zabezpečení WiFi sití. IT SYSTEM, 2007, roč. 2007, č. 2,
s. 1-6. ISSN: 1212-4567. Detail
2006
- CVRČEK, D.; KOUŘIL, D.; LORENC, V.; MATYÁŠ, V. Autentizační hardwarový token nové generace. In DATAKON 2006. Brno: Masarykova universita, 2006.
s. 229-238. ISBN: 80-210-4102-1. Detail - HANÁČEK, P. Bezpečnost informačních systémů a chyby při návrhu - jsme schopni jim zabránit?. In Sborník příspěvků MKB06. Brno: TNS, a.s., 2006.
s. 89-94. ISBN: 978-80-903083-7-4. Detail - PERINGER, P. Open Source Simulation and Data Analysis Tools. In Proceedings of ASIS 2006. Ostrava: 2006.
p. 109-112. ISBN: 80-86840-26-3. Detail - RÁBOVÁ, Z.; HANÁČEK, P.; HRUBÝ, M. Prostředí pro modelování bezpečných systémů. In Proceedings of NETSS06. Ostrava: MARQ, 2006.
s. 39-42. ISBN: 80-86840-06-9. Detail - SAMEK, J. Security Model of Information Systems. In Proceedings of XXVIIIth International Autumn Colloquium ASIS 2006. Ostrava: 2006.
p. 101-105. ISBN: 80-86840-26-3. Detail
2005
- CVRČEK, D., LATISLAV, R. TCP - resetovací útok. In DATAKON 2005, Proceedings of the Annual Database Conference. Brno: Masarykova universita, 2005.
s. 301-310. ISBN: 8021038136. Detail - HANÁČEK, P. Problems of Security in Ad Hoc Sensor Network. In Proceedings of MOSIS'05. Ostrava: 2005.
p. 79-84. ISBN: 80-86840-10-7. Detail - HANÁČEK, P., PERINGER, P., RÁBOVÁ, Z. Získávání vstupních dat pro modely bezpečnosti. In Proceedings of ASIS 2005. Ostrava: MARQ, 2005.
s. 68-73. ISBN: 80-86840-16-6. Detail - HANÁČEK, P., STAUDEK, J. Správa identity. In Sborník konference DATAKON 2005. Brno: Masarykova universita, 2005.
s. 123-146. ISBN: 80-210-3813-6. Detail - KUNOVSKÝ, J., ZEMAN, D. Experimental Simulation Computations. In ASIS 2005. Ostrava: 2005.
p. 211-215. ISBN: 80-86840-16-6. Detail - KUNOVSKÝ, J.; TOMICA, P.; PETŘEK, J. Parasitic Effects in Electronic Circuits Simulations. In Proceedings of 39th International Conference MOSIS '05. Ostrava: 2005.
p. 128-134. ISBN: 80-86840-10-7. Detail - MARTINEK, D. Modelling of a Waste Incinerator. In Proceedings of XXVII International Autumn Colloquium ASIS 2005 Advanced Simulation of Systems. Ostrava: 2005.
p. 62-67. ISBN: 80-86840-16-6. Detail - MARTINEK, D., KUNOVSKÝ, J., ZACIOS, D. Taylor Series in Control and Simulation. In Proceedings of 39th International Conference MOSIS '05. Ostrava: 2005.
p. 56-60. ISBN: 80-86840-10-7. Detail - MATYÁŠ, V., CVRČEK, D., KUMPOŠT, M. On Privacy Classification in Ubiquitous Computing Systems. International Scientific Journal of Computing, 2005, vol. 4, no. 2,
p. 26-35. ISSN: 1727-6209. Detail - ONDRÁČEK, T.; ZBOŘIL, F. Constructive Gradient Neural Network. In MOSIS '05. Ostrava: 2005.
p. 196-201. ISBN: 80-86840-10-7. Detail - RÁBOVÁ, Z., HANÁČEK, P., HRUBÝ, M. Heterogeneous Modelling Applied in System Security. In Proceedings of the International Workshop MOSMIC'2005. Žilina: Faculty of management science and Informatics of Zilina University, 2005.
p. 30-36. ISBN: 80-8070-139-3. Detail - ZBOŘIL, F. Development of a New Simulation Tool for Intelligent Distributed Systems. In Proceedings of the International Workshop MOSMIC'2005. Žilina: Faculty of management science and Informatics of Zilina University, 2005.
p. 67-72. ISBN: 80-8070-468-6. Detail - ZBOŘIL, F. Low Level Language for Agent Behaviour Control. In Proceedings of XXVIIth International Autumn Colloquium ASIS 2005. Ostrava: 2005.
p. 138-143. ISBN: 80-86840-16-6. Detail - ZBOŘIL, F. Trilobot Robot Control. In MOSMIC'2005. Žilina: Zilina University Publisher, 2005.
p. 47-52. ISBN: 80-8070-468-6. Detail - ZBOŘIL, F., ZBOŘIL, F. Inteligentní systémy. In Proceedings of the I&IT '04. Banská Bystrica: Fakulta prírodných vied Universita Meteja Bela, 2005.
s. 20-25. ISBN: 80-8083-017-7. Detail
2004
- CVRČEK, D. Dynamics of Reputation. In NordSec'04. Publications in Telecommunication Software and Multimedia. Publications in Telecommunications Software and Multimedia. Helsinki: Helsinki University of Technology, 2004.
p. 1-7. ISSN: 1455-9749. Detail - CVRČEK, D., KRHOVJÁK, J. Útoky na a přes API: PIN Recovery Attacks. In Mikulášská kryptobesídka - Sborník přednášek. Brno: Trusted Network Solutions, a.s., 2004.
s. 55-62. ISBN: 80-903083-4. Detail - CVRČEK, D., MATYÁŠ, V. Informační soukromí a jeho měřitelnost. DSM Data Security Management, 2004, roč. 2004, č. 6,
s. 10-14. ISSN: 1211-8737. Detail - CVRČEK, D., MATYÁŠ, V. On the role of contectual information for privacy attacks and classification. In Workshop on Privacy and Security Aspects of Data Mining. Brighton: 2004.
p. 31-39. Detail - CVRČEK, D., MATYÁŠ, V. Privacy - what do you mean?. In UBICOMP Privacy Workshop. Nottingham: 2004.
p. 12-18. Detail - CVRČEK, D., MATYÁŠ, V. Pseudonymity in the light of evidence-based trust. Lecture Notes in Computer Science, 2004, vol. 2006, no. 3957,
p. 267-274. ISSN: 0302-9743. Detail - FLORIÁN, V.; HANÁČEK, P.; SLAVÍČEK, P. Analysing methods for modelling attacks on security devices. Proceedings of 38th International Conference MOSIS'04. Ostrava: 2004.
p. 261-265. ISBN: 80-85988-98-4. Detail - HANÁČEK, P. Informační systémy podle norem ISO. e-biz, 2004, roč. 2004, č. 2,
s. 57-58. ISSN: 1213-063X. Detail - HANÁČEK, P.; LASOŇ, M. Securing Web Services. Proceedings of ISIM04 - Tutorial. Ostrava: 2004.
p. 1-20. ISBN: 80-86840-01-8. Detail - HANÁČEK, P.; ZBOŘIL, F.; ZBOŘIL, F. Bezpečná komunikace autonomních agentů-robotů v nepřátelském prostředí. NETSS2004. Ostrava: MARQ, 2004.
s. 91-95. ISBN: 80-85988-92-5. Detail - HRUBÝ, M.; PERINGER, P.; RÁBOVÁ, Z. Modelling of Tamper-Proof Devices. Proceedings of 38th International Conference MOSIS'04. Ostrava: 2004.
p. 255-260. ISBN: 80-85988-98-4. Detail - KRHOVJÁK, J., CVRČEK, D., MATYÁŠ, V. Hardwarové bezpečnostní moduly - API a útoky. In Europen, XXV. konference, sborník příspěvků. Plzeň: ECOM-MONITOR, 2004.
s. 91-114. ISBN: 80-86583-07-4. Detail - KRHOVJÁK, J., CVRČEK, D., MATYÁŠ, V. Útoky a kryptografie v hardwarovém provedení. DSM Data Security Management, 2004, roč. 2004, č. 5,
s. 16-19. ISSN: 1211-8737. Detail - KUNOVSKÝ, J., ŘEZÁČ, D., TOMICA, P. Non-autonomous Example of Stiff System. In Proceedings of the sixth international scientific conference Electronic Computers and Informatics ECI 2004. Košice: The University of Technology Košice, 2004.
p. 81-85. ISBN: 80-8073-150-0. Detail - KUNOVSKÝ, J.; ŘEZÁČ, D.; MELKES, F. Modern Taylor Series Method. Proceedings of 38th International Conference MOSIS '04. Ostrava: 2004.
p. 9-20. ISBN: 80-85988-98-4. Detail - KUNOVSKÝ, J.; ZACIOS, D.; TOMICA, P. Modern Taylor Series Method and Coefficients of Fourier Transform Series. Proceedings of 38th International Conference MOSIS '04. Ostrava: 2004.
p. 87-92. ISBN: 80-85988-98-4. Detail - MIKE, B., CVRČEK, D., STEVEN, M. Unwrapping the Chrysalis. Technical report. Cambridge: Computer Laboratory, Cambridge University, 2004. ISSN: 1476-2986. Detail
- MIKE, B., CVRČEK, D., STEVEN, M. Bezpečný hardware, který není zase tak bezpečný - kryptoanalyza Luny CA3. DSM Data Security Management, 2004, roč. 2004, č. 5,
s. 44-47. ISSN: 1211-8737. Detail - MIKE, B., CVRČEK, D., STEVEN, M. Reverse-engineering kryptografického modulu. Crypto-world, 2004, roč. 2004, č. 9,
s. 8-14. ISSN: 1801-2140. Detail - PERINGER, P., HANÁČEK, P., RÁBOVÁ, Z. Analýza simulačních dat získaných z kryptografického modulu. In Proceedings of ASIS 2004. Ostrava: MARQ, 2004.
s. 66 ( s.) ISBN: 80-86840-03. Detail - RÁBOVÁ, Z.; HANÁČEK, P.; PERINGER, P. Využití modelů při analýze bezpečnosti kryptografických modulů. NETSS2004. Ostrava: MARQ, 2004.
s. 115-120. ISBN: 80-85988-92-5. Detail - ZBOŘIL, F.; ZBOŘIL, F. Building of Multiagent Models. Proceedings of the ECI2004. Košice: The University of Technology Košice, 2004.
p. 388-393. ISBN: 80-8073-150. Detail
2003
- ŘEZÁČ, D. TKSL/C and Partial Differential Equations. Proceedings of the 9th Conference and Competition STUDENT EEICT 2003. Brno: Faculty of Electrical Engineering and Communication BUT, 2003.
p. 645-649. ISBN: 80-214-2379-X. Detail
2002
- ŘEZÁČ, D. Solving Stiff Systems in Parallel Utilizing the Taylor Series Method. Proceedings of 8th Conference STUDENT EEICT 2002. Brno: Faculty of Electrical Engineering and Communication BUT, 2002.
p. 486-490. ISBN: 80-214-2116-9. Detail