Researcher: Gavin McWilliams
Research Institution: Queen’s University Belfast
Overview:
Gavin McWilliams from Queen’s University Belfast can provide design services and vulnerability assessments of devices for industry partners using Side Channel Analysis.
Product:
• Side Channel Analysis (SCA) seeks to exploit the underlying implementation of a cryptographic algorithm rather than the algorithm itself;
• SCA applies statistical techniques to analyse information leaked from an electronic device while processing encrypted data;
• Physical characteristics such as power consumption, electromagnetic emanation and timing can be used to extract secret keys and other relevant information;
• Despite recent advances in traditional cryptanalysis and the exponential growth of brute force computing power, the ciphers underpinning global IT security are assumed secure for the short to medium term; and
• An adversary can no longer realistically exploit weaknesses in a cipher in order to break it, and must instead look to side channel attacks or analysis.
Market:
• Any consumer electronics products which depend on cryptographic protection; and
• Customer premises equipment which can be examined for prolonged periods for example smart meters and vehicle key fobs.
Benefits:
• The topic of SCA has moved quickly from an academic curiosity to real-world concern with many practical attacks on devices such as GSM SIM cards, secure microcontrollers, encrypted FPGA bit-streams and more;
• Suppliers of security tokens and secure smart cards must implement countermeasures in their devices or face them being broken trivially; and
• SCA can be used to implement secure countermeasures such that a vendor understands exactly under what scenarios his device will be secure rather than the current ad-hoc methods often used in an attempt to secure devices.
Partners:
Design services and vulnerability assessments of devices is available to industry partners.
Contact Details:
Email Gavin McWilliams at g.mcwilliams@qub.ac.uk
