This content is not included in your SAE MOBILUS subscription, or you are not logged in.

Power Analysis and Fault Attacks against Secure CAN: How Safe Are Your Keys?

Published February 14, 2018 by SAE International in United States
Power Analysis and Fault Attacks against Secure CAN: How Safe Are Your Keys?
Sector:
Citation: O’Flynn, C. and d’Eon, G., "Power Analysis and Fault Attacks against Secure CAN: How Safe Are Your Keys?," SAE Int. J. Transp. Cyber. & Privacy 1(1):3-18, 2018, https://doi.org/10.4271/11-01-01-0001.
Language: English

References

  1. Miller, C. and Valasek, C., “Remote Exploitation of an Unaltered Passenger Vehicle,” IOActive White Paper, 2015.
  2. Greenberg, A., “Hackers Remotely Kill a Jeep on the Highway-With Me in It,” Wired 7:21, 2015.
  3. International Organization for Standardization, “Road Vehicles-Controller Area Network (ISO 11898),” 2015.
  4. Jain, S. and Guajardo, J., “Physical Layer Group Key Agreement for Automotive Controller Area Networks,” Workshop on Cryptographic Hardware and Embedded Systems (CHES), Santa Barbara, 85-105, 2016.
  5. International Organization for Standardization, “Road Vehicles-Unified Diagnostic Services (ISO 14229),” 2013.
  6. Scott, M., “The Face Whisperer for USB Glitching,” PoC||GTFO 13:30-37, 2016.
  7. Kocher, P., Jaffe, J., and Jun, B., “Differential Power Analysis,” Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology, Santa Barbara, 388-397, 1999.
  8. Brier, E., Clavier, C., and Olivier, F., “Correlation Power Analysis with a Leakage Model,” Proceedings of Workshop on Cryptographic Hardware and Embedded Systems (CHES), Boston, 16-29, 2004.
  9. Oswald, E., Mangard, S., and Popp, T., Power Analysis Attacks: Revealing the Secrets of Smart Cards, (New York: Springer, 2007). ISBN 978-0-387-30857-9.
  10. Genkin, D., Pipman, I., and Tromer, E., “Get Your Hands Off My Laptop: Physical Side-Channel Key-Extraction Attacks on PCs,” International Workshop on Cryptographic Hardware and Embedded Systems (CHES), Busan, Korea, 242-260, 2014.
  11. Balasch, J., Gierlichs, B., Reparaz, O., and Verbauwhede, I., “DPA, Bitslicing and Masking at 1 GHz,” Workshop on Cryptographic Hardware and Embedded Systems (CHES), Saint-Malo, France, 599-619, 2015.
  12. O’Flynn, C. and Zhizhang, C., “ChipWhisperer: An Open-Source Platform for Hardware Embedded Security Research,” COSADE, Paris, France, 2014.
  13. Ronen, E., O’Flynn, C., Shamir, A., and Weingarten, A.O., “IoT Goes Nuclear: Creating a ZigBee Chain Reaction,” IEEE Symposium on Security and Privacy (SP), San Jose, 195-212, 2017.
  14. Oswald, D., Richter, B., and Paar, C., “Side-Channel Attacks on the Yubikey 2 One-Time Password Generator,” International Workshop on Recent Advances in Intrusion Detection (RAID), St. Lucia, 204-222, 2013.
  15. Moradi, A. and Schneider, T., “Improved Side-Channel Analysis Attacks on Xilinx Bitstream Encryption of 5, 6, and 7 Series,” Workshop on Constructive Side-Channel Analysis and Secure Design (COSADE), Graz, Austria, 71-87, 2016.
  16. Moradi, A., Oswald, D., Paar, C., and Swierczynski, P., “Side-Channel Attacks on the Bitstream Encryption Mechanism of Altera Stratix II: Facilitating Black-Box Analysis Using Software Reverse-Engineering,” Proceedings of the ACM/SIGDA International Symposium on Field Programmable Gate Arrays, Monterey, 91-100, 2013.
  17. Skorobogatov, S. and Woods, C., “In the Blink of an Eye: There Goes Your AES Key,” 2012.
  18. Paar, C., Eisenbarth, T., Kasper, M., Kasper, T. et al., “KeeLoq and Side-Channel Analysis-Evolution of an Attack,” Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), Lausanne, Switzerland, 2009.
  19. Jaffe, J., “A First-Order DPA Attack against AES in Counter Mode with Unknown Initial Counter,” Workshop on Cryptographic Hardware and Embedded Systems (CHES), Vienna, Austria, 1-13, 2007.
  20. National Institute of Advanced Industrial Science and Technology (AIST), “Power Analysis Attacks on SASEBO,” 2010.
  21. Agrawal, D., Rao, J., and Rohatgi, P., “Multi-Channel Attacks,” Workshop on Cryptographic Hardware and Embedded Systems (CHES), Cologne, Germany, 2003.
  22. Zussa, L., Dutertre, J.M., Clediere, J., and Robisson, B., “Analysis of the Fault Injection Mechanism Related to Negative and Positive Power Supply Glitches Using an On-Chip Voltmeter,” Symposium on Hardware-Oriented Security and Trust (HOST), Arlington, 2014.
  23. Carpi, R., Picek, S., Batina, L., Menarini, F. et al., “Glitch It If You Can: Parameter Search Strategies for Successful Fault Injection,” Smart Card Research and Advanced Applications (CARDIS), Paris, France, 2014.
  24. Veredas, R.P. and Wiersma, N., “Safety != Security. A Security Assessment of State of the Art ASIL-D Certified Microcontrollers,” ESCAR, Detroit, 2017.
  25. Guillen, O., Gruber, M., and De Santis, F., “Low-Cost Setup for Localized Semi-Invasive Optical Fault Injection Attacks—How Low Can We Go?” Workshop on Constructive Side-Channel Analysis and Secure Design (COSADE), Graz, Austria, 2017.
  26. Cui, A. and Housley, R., “BADFET: Defeating Modern Secure Boot Using Second-Order Pulsed Electromagnetic Fault Injection,” USENIX Workshop on Offensive Technology (WOOT), Vancouver, Canada, 2017.
  27. O’Flynn, C., “Fault Injection Using Crowbars on Embedded Systems,” IACR E-Print, 2016.
  28. van Woudenberg, J.J., Witteman, M., and Bakker, B., “Improving Differential Power Analysis by Elastic Alignment,” Topics in Cryptology-CT-RSA, San Francisco, 2011.
  29. Bhasin, S., Bruneau, N., Danger, J.L., Guilley, S. et al., “Analysis and Improvements of the DPA Contest v4 Implementation,” Conference on Security, Privacy, and Applied Cryptography Engineering (SPACE), Pune, India, 2014.
  30. Popp, T. and Mangard, S., “Masked Dual-Rail Pre-Charge Logic: DPA-Resistance without Routing Constraints,” Workshop on Cryptographic Hardware and Embedded Systems (CHES), Edinburgh, Scotland, 2005.
  31. Bernstein, D.J., “Curve25519: New Diffie-Hellman Speed Records,” International Conference on Theory and Practice of Public-Key Cryptography (PKC), New York, 207-228, 2006.
  32. Genkin, D., Valenta, L., and Yarom, Y., “May the Fourth Be with You: A Microarchitectural Side Channel Attack on Several Real-World Applications of Curve 25519,” ACM Conference on Computer and Communications Security (CCS), Dallas, 2017.
  33. O’Flynn, C. and Zhizhang, C., “Power Analysis Attacks against IEEE 802.15.4 Nodes,” Workshop on Constructive Side-Channel Analysis and Secure Design (COSADE), Paris, France, 2016.

Cited By