This is the latest in a series of blog posts to address the list of '52 Things Every PhD Student Should Know To Do Cryptography': a set of questions compiled to give PhD candidates a sense of what they should know by the end of their first year. In this week, we discuss the difference between a covert channel and a side-channel.
Covert channels and side-channels are two types of
information leakage channels.
A covert channel uses mechanisms that are not intended for
communications, e.g., writing and checking if a file is locked to convey a “1”
or “0”. In a covert channel an insider process leaks information to an outsider
process not normally allowed to access that information. The insider (sending)
process could be a Trojan horse program previously inserted stealthily into the
computer. An outsider (receiving) process need only be an unprivileged process [1].
In side-channel attacks, also known as passive non-invasive attacks, the cryptographic device is essentially attacked as it is, i.e. only directly accessible interfaces are exploited. The device is not permanently altered and therefore no evidence of an attack is left behind. The basic idea of side-channel attacks is to determine the secret key of a cryptographic device by measuring its execution time, its power consumption, or its electromagnetic field [2].
In a physical side-channel attack, unconventional techniques
are used to deduce secret information. Typically, the device has been stolen or
captured by the adversary who then has physical access to it for launching a
physical side-channel attack. Traditional side-channel attacks involved
differential power analysis and timing analysis. Different amounts of power (or
time) used by the device in performing an encryption can be measured and analysed
to deduce some or all of the key bits. The number of trials needed in a power
or timing side-channel attack could be much less than that needed in
mathematical cryptanalysis [1].
In software side-channel attacks a victim
process inadvertently assumes the role of the sending process, and a listening
(attacker) process assumes the role of the receiving process. If the victim
process is performing an encryption using a secret key, a software side-channel
attack allows the listening process to get information that leads to partial or
full recovery of the key [1].
[1] Wang, Zhenghong, and Ruby B. Lee. "Covert and side channels due to processor architecture." Computer Security Applications Conference, 2006. ACSAC'06. 22nd Annual. IEEE, 2006.
[2] Mangard, Stefan, Elisabeth Oswald, and Thomas Popp. Power analysis attacks: Revealing the secrets of smart cards. Vol. 31. Springer Science & Business Media, 2008.
No comments:
Post a Comment