[HGI-News-de] HGI Kolloquium am Donnerstag 12.11 - Constructive use of side-channels
Newsletter des Horst Görtz Instituts
hgi-news-deutschland at lists.ruhr-uni-bochum.de
Mo Nov 9 15:58:54 CET 2009
Hallo,
im Rahmen des HGI Kolloquiums "Aktuelle Themen der IT-Sicherheit" wird
am kommenden Donnerstag der folgende Vortrag angeboten:
Georg Becker
* Constructive use of side-channels *
Termin:
Donnerstag, den 12. November um 11.00 Uhr (*s.t.*)
Raum: IC 4/161
Interessierte sind herzlichst eingeladen!
==============================================================
Abstract:
Side-channel attacks, such as power analysis attacks, have been studied
now for 10 years. Side-channel attacks are still one of the biggest
security threats to real-world applications. In this talk we will look
at side channels from a new perspective. Instead of seeing side-channels
only as a threat to security, we will look at the constructive use of
side-channels.
At CHESS 09, the idea of building hardware trojans using side-channels
was first introduced. But to embed side-channels into the hardware
design is not only lucrative for attackers who want to leak out secret
information. Side-channels can be used to set up a hidden and encrypted
communication channel. This can be achieved by transmitting the
information under the noise level of the side-channel, e.g. the
power-consumption. The information is hidden in the noise and can only
be revealed with the knowledge of a secret. The advantage of using
side-channels such as the power consumption to set up a communication
channel is that no additional I/O periphery is needed and that they can
be implemented using only a few gates.
As an example aplication for the use of side-channels we will introduce
a watermark for integrated circuits that is based on side-channels. Such
a watermark could be used to detect IP theft.
==============================================================
Vorankündigung: 19. November 2009: Mathias Herrmann(CITS), Attacking
Power Generators Using Unravelled Linearization - 26. November 2009:
Stefan Heyse(EmSec), Coding based crypto for embedded devices:
Performance, Sidechannels and Countermeasures - 4. Februar 2010:Florian
Kerschbaum(SAP), Security Challenges in Supply Chain Management
Informationen über die nächsten geplanten Vorträge im Rahmen des HGI
Kolloquiums sind auch im Web zu finden:
http://www.hgi.rub.de/hgi/hgi-seminar/aktuelles
Viele Grüße,
Georg Becker und Timo Kasper
Mehr Informationen über die Mailingliste Hgi-News-Deutschland