During the last ten years, the advances in information technology (IT) have significantly changed our society. A very important and continuously growing group of IT applications are those applications that involve high financial values, personal information or other critical data. This is for example the case in payment transactions, e-government, health care, secure communication, and trustworthy computing. These applications are all very critical and need to be secured in order to prevent fraud. Only a high level of security makes these IT systems trustworthy and enables widespread use. In recent times a special group of physical attacks against the implementation of embedded systems, so-called fault attacks, pose a serious threat to secure embedded systems. The basic idea of these attacks is to induce faults in a system by physically stressing it during sensitive operations. Maliciously induced faults can bypass security checks. In the context of cryptographic operations the faulty output of the device can be exploited to directly determine the secret key that is used by the system. The methods to induce faults become increasingly sophisticated and cheaper. Therefore, it is necessary to develop embedded systems that are tamper-resistant against fault attacks. Tamper-resistance in this context means that the system detects induced faults and enters a safe state in order to not reveal any secret information. The goal of the proposed research effort is threefold: Firstly, fault models for low-cost attacks and the propagation effects of faults in embedded systems will be investigated by practical experiments. When developing countermeasures it is important to have a methodology to make a statement on their effectiveness in a real system. The development of a methodological approach to assess the security of an embedded system subject to fault attacks will be the second research target of this proposal. Thirdly, the final goal of the project is the development of efficient countermeasures for embedded systems. Thereby efficient means that the countermeasures are applicable in energy and area constrained embedded secure systems.
|Effective start/end date||1/02/08 → 31/08/10|