Skip to main content

Robust and Efficient Approaches to Evaluating Side Channel and Fault Attack Resilience

Cel

Implementing cryptography on embedded devices is an ongoing challenge: every year new implementation flaws are discovered and new attack paths are being used by real life adversaries. Whilst cryptography can guarantee many security properties, it crucially depends on the ability to keep the used keys secret even in face of determined adversaries.
Over the last two decades a new type of adversary has emerged, able to obtain, from the cryptographic implementation, side channel leakage such as recording of response times, power or EM signals, etc. To account for such adversaries, sophisticated security certification and evaluation methods (Common Criteria, EMVCo, FIPS…) have been established to give users assurance that security claims have withstood independent evaluation and testing. Recently the reliability of these evaluations has come into the spotlight: the Taiwanese citizen card proved to be insecure, and Snowden’s revelations about NSA's tampering with FIPS standards eroded public confidence.
REASSURE will (1) improve the efficiency and quality of all aspects of certification using a novel, structured detect-map-exploit approach that will also improve the comparability of independently conducted evaluations, (2) cater for emerging areas such as the IoT by automating leakage assessment practices in order to allow resistance assessment without immediate access to a testing lab, (3) deliver tools to stakeholders, such as reference data sets and an open-source leakage simulator based on instruction-level profiles for a processor relevant for the IoT, (4) improve existing standards by actively pushing the novel results to standardization bodies.
REASSURE's consortium is ideal to tackle such ambitious tasks. It features two major circuits manufacturers (NXP, IDEMIA), a highly respected side channel testing lab (Riscure), an engaged governmental representative (ANSSI), and two of the most prominent research institutions in this field (UCL, University of Bristol).

Zaproszenie do składania wniosków

H2020-DS-LEIT-2016
Zobacz inne projekty w ramach tego zaproszenia

Leaflet | Map data © OpenStreetMap contributors, Credit: EC-GISCO, © EuroGeographics for the administrative boundaries

Koordynator

UNIVERSITE CATHOLIQUE DE LOUVAIN
Adres
Place De L Universite 1
1348 Louvain La Neuve
Belgia
Rodzaj działalności
Higher or Secondary Education Establishments
Wkład UE
€ 831 624,61

Uczestnicy (7)

UNIVERSITY OF BRISTOL
United Kingdom
Wkład UE
€ 518 863,75
Adres
Tyndall Avenue Senate House
BS8 1TH Bristol
Rodzaj działalności
Higher or Secondary Education Establishments
RISCURE BV
Niderlandy
Wkład UE
€ 749 254,69
Adres
Delftechpark 49
2628XJ Delft
Rodzaj działalności
Private for-profit entities (excluding Higher or Secondary Education Establishments)
SECRETARIAT GENERAL DE LA DEFENSE ET DE LA SECURITE NATIONALE
Francja
Wkład UE
€ 41 250
Adres
Boulevard De 51 Bd De Latour Maubourg
75700 Paris 07 Sp
Rodzaj działalności
Public bodies (excluding Research Organisations and Secondary or Higher Education Establishments)
IDEMIA IDENTITY & SECURITY FRANCE
Francja
Wkład UE
€ 143 566,55
Adres
2, Place Samuel De Champlain
92400 Courbevoie
Rodzaj działalności
Private for-profit entities (excluding Higher or Secondary Education Establishments)
NXP SEMICONDUCTORS GERMANY GMBH
Niemcy
Wkład UE
€ 875 706,66
Adres
Troplowitzstrasse 20
22529 Hamburg
Rodzaj działalności
Private for-profit entities (excluding Higher or Secondary Education Establishments)
IDEMIA FRANCE
Francja
Wkład UE
€ 244 661,24
Adres
420 Rue D'estienne D'orves
92700 Colombes
Rodzaj działalności
Private for-profit entities (excluding Higher or Secondary Education Establishments)
UNIVERSITAET KLAGENFURT
Austria
Wkład UE
€ 73 820
Adres
Universitaetsstrasse 65-67
9020 Klagenfurt
Rodzaj działalności
Higher or Secondary Education Establishments