• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Microprocessors and microsystems >On the Complexity of Attacking Commercial Authentication Products
【24h】

On the Complexity of Attacking Commercial Authentication Products

机译:论攻击商业认证产品的复杂性

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

In this paper we discuss the difficulties of mounting successful attacks against crypto implementations if essential information is missing. We start with a detailed description of our attack against our own design, to highlight which information is needed to increase the success of an attack, i.e. we use it as a blueprint to the following attack against commercially available crypto chips. We would like to stress that our attack against our own design is very similar to what happens during certification e.g. according to the Common Criteria Standard as in those cases the manufacturer needs to provide detailed information. If attacking commercial designs without signing NDAs, we were forced to intensively search the Internet for information about the designs. We were able to reveal information on the processing sequence during the authentication process even as detailed as identifying the clock cycles in which the individual key bits are processed. But we could not reveal the private keys used by the attacked commercial authentication chips 100% correctly. Moreover, as we did not knew the used keys we could not evaluate the success of our attack. To summarize, the effort of such an attack is significantly higher than the one of attacking a well-known implementation.
机译:在本文中,如果缺少基本信息,我们讨论了对Crypto实现的成功攻击的困难。我们从对我们自己设计的攻击进行详细描述,突出需要增加哪些信息来增加攻击的成功,即我们将其作为下列攻击的蓝图对抗商业上可获得的加密芯片。我们要强调,我们对自己设计的攻击非常类似于在认证期间发生的事情。根据常见的标准标准,如在这些情况下,制造商需要提供详细信息。如果在不签署NDA的情况下攻击商业设计,我们被迫密集地搜索互联网以获取有关设计的信息。我们能够在认证过程中揭示关于处理序列的信息,甚至详细地识别处理各个密钥比特的时钟周期。但我们无法透露攻击的商业认证芯片100%正确使用的私钥。而且,正如我们没有知道使用的钥匙,我们无法评估我们攻击的成功。总而言之,这种攻击的努力明显高于攻击知名实施的努力。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号