Attacks on Cryptoprocessor Transaction Sets
نویسنده
چکیده
Attacks are presented on the IBM 4758 CCA (the first ever security module to have achieved all round FIPS140-1 Level 4 certification) and the Visa Security Module. Two new attack principles are demonstrated. Related key attacks use known or chosen differences between two cryptographic keys. Data protected with one key can then be abused by manipulation using the other key. Meet in the middle attacks work by generating a large number of unknown keys of the same type, thus reducing the key space that must be searched to discover the value of one of the keys in the type. Design heuristics are presented to avoid these attacks and other common errors.
منابع مشابه
A hybrid approach for database intrusion detection at transaction and inter-transaction levels
Nowadays, information plays an important role in organizations. Sensitive information is often stored in databases. Traditional mechanisms such as encryption, access control, and authentication cannot provide a high level of confidence. Therefore, the existence of Intrusion Detection Systems in databases is necessary. In this paper, we propose an intrusion detection system for detecting attacks...
متن کاملSecurity of Prime Field Pairing Cryptoprocessor against Differential Power Attack
This paper deals with the differential power attack on a pairing cryptoprocessor. The cryptoprocessor is designed for pairing computations on elliptic curves defined over finite fields with large prime characteristic. The work pinpoints the vulnerabilities of such pairing computations against side-channel attacks. By exploiting the power consumptions, the paper experimentally demonstrates such ...
متن کاملThe TrustNo 1 Cryptoprocessor Concept
Cryptoprocessors feature an on-chip block cipher hardware between the cache and the bus interface. Code and data are decrypted on-the-fly while being fetched from RAM and are encrypted while being written into RAM. Even someone with full physical access to the printed circuit board cannot observe the executed cleartext software and its data structures. Cryptoprocessors have been used for many y...
متن کاملSystemC design flow for a DES/AES CryptoProcessor
As the complexity of electronic systems increases every day, new ways for describing these systems also appear. One interesting way consists of capturing the whole system's functionality using a system level executable specification language. This high level specification is the entry point to a top-down design flow that results in the final implementation of the system. In this context synthes...
متن کاملDifferential Power Analysis Attacks
—cryptographic devices have found their way into a wide range of application and the topic of their security has reached great research importance. It has been proved that encryption device leaks information, which can be exploited by various attacks such as power analysis, timing analysis and electromagnetic radiation. Differential power analysis is a powerful and efficient cryptanalytic techn...
متن کامل