Project Details

Bezpečnost informačních systémů - výzkum útoků na kryptograficky bezpečná zařízení

Project Period: 1. 1. 2004 - 31. 12. 2006

Project Type: grant

Code: GA102/04/0871

Agency: Czech Science Foundation

Program:

English title
Information system security - research of attacks on tamper-resistant cryptographic hardware
Type
grant
Keywords

cryptography;tamper resistant hardware;attacks

Abstract

The main goal of the project is a research of security aspects of hardware implementations of cryptographic mechanisms. The implementations are called tamper-proof devices and they are typically smart cards or cryptographic coprocessors. The design of majority of available tamper-proof devices does not deal with various forms of side effects of cryptographic algorithms execution. A side-channel is the term commonly used for places where such undesirable information appears. The volume and usefulness of information we are able to extract depends on the form of the side-channel. However, number of scientific papers proves that it is possible to effectively analyse information from side-channels and use the results for compromise of tamper-proof devices.The project consists of three main areas. We will design and build laboratory instruments for implementation of attacks exploiting side-channels. The attacks will produce experimental data. The second area consists of a design of analytic methods for effective processing of experimental data in such a form that allows reconstruction of sensitive data. The proposed methods will be checked on real devices. The last area deals with the design of countermeasures against side-channel attacks. We will use already known approaches as well as the principles of our analytic methods. The goal is to decrease the amount of useful information in side-channels and determine minimum amount necessary for successful attack.

Team members
Hanáček Petr, doc. Dr. Ing. (UITS FIT VUT) , research leader
Cvrček Daniel, doc. Ing., Ph.D. (UITS FIT VUT) , team leader
Hrubý Martin, Ing., Ph.D. (UITS FIT VUT) , team leader
Hruška Tomáš, prof. Ing., CSc. (UIFS FIT VUT) , team leader
Peringer Petr, Dr. Ing. (UITS FIT VUT) , team leader
Rábová Zdeňka, doc. Ing., CSc. (UITS FIT VUT) , team leader
Publications

2007

  • BLAHÁK Petr and CVRČEK Daniel. Alternativní zabezpečení WiFi sití. IT System, vol. 2007, no. 2, pp. 1-6. ISSN 1212-4567. Detail

2006

  • CVRČEK Daniel, KUMPOŠT Marek and MATYÁŠ Václav. A Privacy Classification Model Based on Linkability Valuation. In: Security and Embedded Systems. NATO Security through Science Series, D: Information and Communication Security, Volume 2. NL: Kluwer Academic Publishers, 2006, pp. 91-98. ISBN 978-1-58603-580-8. Detail
  • CVRČEK Daniel, DANEZIS George, KUMPOŠT Marek and MATYÁŠ Václav. A Study on The Value of Location Privacy. In: Workshop on Privacy in Electronic Society 2006. Washington, 2006, p. 10. Detail
  • BLAHÁK Petr and CVRČEK Daniel. Alternativní zabezpečení pro WiFi sítě. In: DATAKON 2006. Brno, 2006, pp. 1-8. Detail
  • CVRČEK Daniel, KOUŘIL Daniel, LORENC Václav and MATYÁŠ Václav. Autentizační hardwarový token nové generace. In: DATAKON 2006. Brno: Masaryk University, 2006, pp. 229-238. ISBN 80-210-4102-1. Detail
  • HANÁČEK Petr. Bezpečnost informačních systémů a chyby při návrhu - jsme schopni jim zabránit?. In: Sborník příspěvků MKB06. Brno: TNS, 2006, pp. 89-94. ISBN 978-80-903083-7-4. Detail
  • PERINGER Petr. Open Source Simulation and Data Analysis Tools. In: Proceedings of ASIS 2006. Ostrava, 2006, pp. 109-112. ISBN 80-86840-26-3. Detail
  • RÁBOVÁ Zdeňka, HANÁČEK Petr and HRUBÝ Martin. Prostředí pro modelování bezpečných systémů. In: Proceedings of NETSS06. Ostrava, 2006, pp. 39-42. ISBN 80-86840-06-9. Detail
  • SAMEK Jan. Security Model of Information Systems. In: Proceedings of XXVIIIth International Autumn Colloquium ASIS 2006. Ostrava, 2006, pp. 101-105. ISBN 80-86840-26-3. Detail
  • CVRČEK Daniel and PECHO Peter. Systém prihlasovania čipovými kartami v OS Linux. In: DATAKON 2006. Brno, 2006, pp. 1-8. Detail
  • CVRČEK Daniel, DANEZIS George, KUMPOŠT Marek and MATYÁŠ Václav. The Value of Location Information. In: not yet known. Berlin, 2006, pp. 1-4. Detail
  • CVRČEK Daniel and SEDLÁK Michal. Zabezpečení systémů VoIP. In: DATAKON 2006. Brno, 2006, pp. 1-8. Detail

2005

  • ONDRÁČEK Tomáš and ZBOŘIL František V. Constructive Gradient Neural Network. In: MOSIS '05. Ostrava, 2005, pp. 196-201. ISBN 80-86840-10-7. Detail
  • HRUŠKA Tomáš, ed. DATAKON 2005 -Proceedings of the Annual Database Conference (ed. Tomáš Hruška). Brno: Masaryk University, 2005. ISBN 80-210-3813-6. Detail
  • ZBOŘIL František. Development of a New Simulation Tool for Intelligent Distributed Systems. In: Proceedings of the International Workshop MOSMIC'2005. Žilina: Faculty of management science and Informatics of Zilina University, 2005, pp. 67-72. ISBN 80-8070-468-6. Detail
  • KUNOVSKÝ Jiří and ZEMAN David. Experimental Simulation Computations. In: ASIS 2005. Ostrava, 2005, pp. 211-215. ISBN 80-86840-16-6. Detail
  • HANÁČEK Petr, HRUBÝ Martin and RÁBOVÁ Zdeňka. Heterogeneous Modelling Applied in System Security. In: Proceedings of the International Workshop MOSMIC'2005. Žilina: Faculty of management science and Informatics of Zilina University, 2005, pp. 30-36. ISBN 80-8070-139-3. Detail
  • ZBOŘIL František and ZBOŘIL František V. Inteligentní systémy. In: Proceedings of the I&IT '04. Banská Bystrica: Faculty of Natural Sciences of Matej Bel University, 2005, pp. 20-25. ISBN 80-8083-017-7. Detail
  • ZBOŘIL František. Low Level Language for Agent Behaviour Control. In: Proceedings of XXVIIth International Autumn Colloquium ASIS 2005. Ostrava, 2005, pp. 138-143. ISBN 80-86840-16-6. Detail
  • MARTINEK David. Modelling of a Waste Incinerator. In: Proceedings of XXVII International Autumn Colloquium ASIS 2005 Advanced Simulation of Systems. Ostrava, 2005, pp. 62-67. ISBN 80-86840-16-6. Detail
  • CVRČEK Daniel, KUMPOŠT Marek and MATYÁŠ Václav. On Privacy Classification in Ubiquitous Computing Systems. International Scientific Journal of Computing, vol. 4, no. 2, 2005, pp. 26-35. ISSN 1727-6209. Detail
  • KUNOVSKÝ Jiří, TOMICA Petr and PETŘEK Jiří. Parasitic Effects in Electronic Circuits Simulations. In: Proceedings of 39th International Conference MOSIS '05. Ostrava, 2005, pp. 128-134. ISBN 80-86840-10-7. Detail
  • DAO Anh Minh and ZBOŘIL František V. Partition of Fuzzy Parameters in Neuro-Fuzzy System for Monochrome Images Classification. In: Proceedings of the NETSS2005. Ostrava, 2005, pp. 56-62. ISBN 80-86840-07-7. Detail
  • BOND Mike and CVRČEK Daniel. Penetration to Secure Hardware. In: SPI 2005. Brno, 2005, p. 1. Detail
  • CVRČEK Daniel and MATYÁŠ Václav. PIN (&Chip) or signature - beating or cheating?. In: SPW 05 Proceedings - The System Likes You and Wants To Be Your Friend. Berlin: University of Hertfordshire, 2005, p. 5. Detail
  • HANÁČEK Petr. Problems of Security in Ad Hoc Sensor Network. In: Proceedings of MOSIS'05. Ostrava, 2005, pp. 79-84. ISBN 80-86840-10-7. Detail
  • CVRČEK Daniel. RFID - přeceněné ambice?. In: SmartWorld 2005 - soubor prezentací. Zlín, 2005, p. 7. Detail
  • ŠVENDA Petr and CVRČEK Daniel. Smart dust security - key infection revisited. In: STM 2005. ENTCS, vol. 157. Milano, 2005, pp. 11-25. ISSN 1571-0661. Detail
  • HANÁČEK Petr and STAUDEK Jan. Správa identity. In: Sborník konference DATAKON 2005. Brno: Masaryk University, 2005, pp. 123-146. ISBN 80-210-3813-6. Detail
  • ONDRÁČEK Tomáš and ZBOŘIL František V. System Time Coefficients Identification by Constructive Gradient Neural Network. In: ASIS 2005. Ostrava, 2005, pp. 29-36. ISBN 80-86840-16-6. Detail
  • MARTINEK David, KUNOVSKÝ Jiří and ZACIOS Dalibor. Taylor Series in Control and Simulation. In: Proceedings of 39th International Conference MOSIS '05. Ostrava, 2005, pp. 56-60. ISBN 80-86840-10-7. Detail
  • CVRČEK Daniel and LATISLAV Richard. TCP - resetovací útok. In: DATAKON 2005, Proceedings of the Annual Database Conference. Brno: Masaryk University, 2005, pp. 301-310. ISBN 8021038136. Detail
  • ZBOŘIL František V. Trilobot Robot Control. In: MOSMIC'2005. Žilina: Zilina University Publisher, 2005, pp. 47-52. ISBN 80-8070-468-6. Detail
  • HANÁČEK Petr, PERINGER Petr and RÁBOVÁ Zdeňka. Získávání vstupních dat pro modely bezpečnosti. In: Proceedings of ASIS 2005. Ostrava, 2005, pp. 68-73. ISBN 80-86840-16-6. Detail

2004

  • FLORIÁN Vladimír, HANÁČEK Petr and SLAVÍČEK Pavel. Analysing methods for modelling attacks on security devices. In: Proceedings of 38th International Conference MOSIS'04. Ostrava, 2004, pp. 261-265. ISBN 80-85988-98-4. Detail
  • HANÁČEK Petr, PERINGER Petr and RÁBOVÁ Zdeňka. Analýza simulačních dat získaných z kryptografického modulu. In: Proceedings of ASIS 2004. Ostrava, 2004, p. 6. ISBN 80-86840-03. Detail
  • HANÁČEK Petr, ZBOŘIL František and ZBOŘIL František V. Bezpečná komunikace autonomních agentů-robotů v nepřátelském prostředí. In: NETSS2004. Ostrava, 2004, pp. 91-95. ISBN 80-85988-92-5. Detail
  • BOND Mike, CVRČEK Daniel and MURDOCH Steven J. Bezpečný hardware, který není zase tak bezpečný. DSM Data Security Management, vol. 2004, no. 5, pp. 44-47. ISSN 1211-8737. Detail
  • ZBOŘIL František and ZBOŘIL František V. Building of Multiagent Models. In: Proceedings of the ECI2004. Košice: The University of Technology Košice, 2004, pp. 388-393. ISBN 80-8073-150. Detail
  • CVRČEK Daniel. Dynamics of Reputation. In: NordSec'04. Publications in Telecommunications Software and Multimedia. Helsinki: Helsinki University of Technology, 2004, pp. 1-7. ISSN 1455-9749. Detail
  • CVRČEK Daniel, KRHOVJÁK Jan and MATYÁŠ Václav. Hardwarové bezpečnostní moduly - API a útoky. In: Europen, XXV. konference, sborník příspěvků. Plzeň: ECOM-MONITOR, 2004, pp. 91-114. ISBN 80-86583-07-4. Detail
  • CVRČEK Daniel and MATYÁŠ Václav. Informační soukromí a jeho měřitelnost. DSM Data Security Management, vol. 2004, no. 6, pp. 10-14. ISSN 1211-8737. Detail
  • HANÁČEK Petr. Informační systémy podle norem ISO. e-biz, vol. 2004, no. 2, pp. 57-58. ISSN 1213-063X. Detail
  • HRUBÝ Martin, PERINGER Petr and RÁBOVÁ Zdeňka. Modelling of Tamper-Proof Devices. In: Proceedings of 38th International Conference MOSIS'04. Ostrava, 2004, p. 6. ISBN 80-85988-98-4. Detail
  • KUNOVSKÝ Jiří, ŘEZÁČ David and MELKES František. Modern Taylor Series Method. In: Proceedings of 38th International Conference MOSIS '04. Ostrava, 2004, pp. 9-20. ISBN 80-85988-98-4. Detail
  • KUNOVSKÝ Jiří, ZACIOS Dalibor and TOMICA Petr. Modern Taylor Series Method and Coefficients of Fourier Transform Series. In: Proceedings of 38th International Conference MOSIS '04. Ostrava, 2004, pp. 87-92. ISBN 80-85988-98-4. Detail
  • KUNOVSKÝ Jiří, ŘEZÁČ David and TOMICA Petr. Non-autonomous Example of Stiff System. In: Proceedings of the sixth international scientific conference Electronic Computers and Informatics ECI 2004. Košice: The University of Technology Košice, 2004, pp. 81-85. ISBN 80-8073-150-0. Detail
  • CVRČEK Daniel and MATYÁŠ Václav. On the role of contectual information for privacy attacks and classification. In: Workshop on Privacy and Security Aspects of Data Mining. Brighton, 2004, pp. 31-39. Detail
  • CVRČEK Daniel and MATYÁŠ Václav. Privacy - what do you mean?. In: UBICOMP Privacy Workshop. Nottingham, 2004, pp. 12-18. Detail
  • CVRČEK Daniel and MATYÁŠ Václav. Pseudonymity in the light of evidence-based trust. Lecture Notes in Computer Science, vol. 2006, no. 3957, 2004, pp. 267-274. ISSN 0302-9743. Detail
  • BOND Mike, CVRČEK Daniel and MURDOCH Steven J. Reverse-engineering kryptografického modulu. Crypto-world, vol. 2004, no. 9, pp. 8-14. ISSN 1801-2140. Detail
  • HANÁČEK Petr and LASOŇ Martin. Securing Web Services. In: Proceedings of ISIM04 - Tutorial. Ostrava, 2004, pp. 1-20. ISBN 80-86840-01-8. Detail
  • BOND Mike, CVRČEK Daniel and MURDOCH Steven J. Unwrapping the Chrysalis. Technical report, no. 592, 2004. ISSN 1476-2986. Detail
  • CVRČEK Daniel, KRHOVJÁK Jan and MATYÁŠ Václav. Útoky a kryptografie v hardwarovém provedení. DSM Data Security Management, vol. 2004, no. 5, pp. 16-19. ISSN 1211-8737. Detail
  • CVRČEK Daniel and KRHOVJÁK Jan. Útoky na a přes API: PIN Recovery Attacks. In: Mikulášská kryptobesídka - Sborník přednášek. Brno: Trusted Network Solutions, a.s., 2004, pp. 55-62. ISBN 80-903083-4. Detail
  • HANÁČEK Petr, PERINGER Petr and RÁBOVÁ Zdeňka. Využití modelů při analýze bezpečnosti kryptografických modulů. In: NETSS2004. Ostrava, 2004, pp. 115-120. ISBN 80-85988-92-5. Detail

2003

  • ŘEZÁČ David. TKSL/C and Partial Differential Equations. In: Proceedings of the 9th Conference and Competition STUDENT EEICT 2003. Brno: Faculty of Electrical Engineering and Communication BUT, 2003, pp. 645-649. ISBN 80-214-2379-X. Detail

2002

  • ŘEZÁČ David. Solving Stiff Systems in Parallel Utilizing the Taylor Series Method. In: Proceedings of 8th Conference STUDENT EEICT 2002. Brno: Faculty of Electrical Engineering and Communication BUT, 2002, pp. 486-490. ISBN 80-214-2116-9. Detail
Back to top