Project description
Side-channel analysis on in-memory computing for reverse engineering
Side-channel analysis (SCA) is a cryptanalytic technique that targets the implementation of a cryptographic primitive. Examples of channels include power consumption, electromagnetic radiation, acoustic emanations and various timings. The EU-funded SCARE project will work to develop a new generation of SCA that extends to full-fledged end-to-end attacks. It will identify specific vulnerabilities in widely deployed cryptography software libraries such as OpenSSL and hardware-assisted security technologies such as trusted execution environments. Delivering a new methodology for SCA security assurance, it will introduce a non-invasive approach to reverse engineering that exploits SCA to extract IP implemented in emerging in-memory computing.
Objective
"As the recent ""HeartBleed"" bug in OpenSSL demonstrates, the security of cryptographic software and devices cannot be understated. They build the foundation for basic security guarantees such as confidentiality and authentication, enabling technologies such as secure communication. For example, Transport Layer Security enables e-commerce, a 1.9 trillion USD global industry in 2016.
The more modern trend, especially in the embedded space, is towards hardware-assisted security. Here the aim is to leverage hardware to accomplish security goals that are simply unrealistic in software-only solutions. One example is Trusted Execution Environments (TEE) that provide a secure sandbox to execute security-critical software. TEEs, often driven by ARM TrustZone Technology, are present in the majority of smartphones on the market today.
Side-channel analysis (SCA) is a cryptanalytic technique that targets not the formal description of a cryptographic primitive but the implementation of it. Examples of side-channels include power consumption, electro-magnetic radiation, acoustic emanations, and various timings. Attackers then use this auxiliary signal to recover critical algorithm state and, in combination with cryptanalytic techniques, secret key material. This is a young but very active field within security and cryptography stemming from covert channels.
SCA is the focus of SCARE. Objectives include the discovery of next generation covert channels, paving the way for novel SCA classes, and extending these to full-fledged end-to-end SCA attacks by identifying specific vulnerabilities in widely-deployed cryptography software libraries such as OpenSSL and hardware-assisted security technologies such as TEEs. In turn, SCARE will deliver a methodology for SCA security assurance: not just development, evaluation, and deployment of acute countermeasures, but bringing SCA into the product life cycle as part of continuous integration."
Fields of science (EuroSciVoc)
CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques. See: The European Science Vocabulary.
CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques. See: The European Science Vocabulary.
- natural sciences computer and information sciences software
- natural sciences computer and information sciences internet transport layer
- natural sciences computer and information sciences computer security cryptography
- social sciences economics and business business and management commerce e-commerce
- engineering and technology electrical engineering, electronic engineering, information engineering information engineering telecommunications mobile phones
You need to log in or register to use this function
We are sorry... an unexpected error occurred during execution.
You need to be authenticated. Your session might have expired.
Thank you for your feedback. You will soon receive an email to confirm the submission. If you have selected to be notified about the reporting status, you will also be contacted when the reporting status will change.
Keywords
Project’s keywords as indicated by the project coordinator. Not to be confused with the EuroSciVoc taxonomy (Fields of science)
Project’s keywords as indicated by the project coordinator. Not to be confused with the EuroSciVoc taxonomy (Fields of science)
Programme(s)
Multi-annual funding programmes that define the EU’s priorities for research and innovation.
Multi-annual funding programmes that define the EU’s priorities for research and innovation.
-
H2020-EU.1.1. - EXCELLENT SCIENCE - European Research Council (ERC)
MAIN PROGRAMME
See all projects funded under this programme
Topic(s)
Calls for proposals are divided into topics. A topic defines a specific subject or area for which applicants can submit proposals. The description of a topic comprises its specific scope and the expected impact of the funded project.
Calls for proposals are divided into topics. A topic defines a specific subject or area for which applicants can submit proposals. The description of a topic comprises its specific scope and the expected impact of the funded project.
Funding Scheme
Funding scheme (or “Type of Action”) inside a programme with common features. It specifies: the scope of what is funded; the reimbursement rate; specific evaluation criteria to qualify for funding; and the use of simplified forms of costs like lump sums.
Funding scheme (or “Type of Action”) inside a programme with common features. It specifies: the scope of what is funded; the reimbursement rate; specific evaluation criteria to qualify for funding; and the use of simplified forms of costs like lump sums.
ERC-STG - Starting Grant
See all projects funded under this funding scheme
Call for proposal
Procedure for inviting applicants to submit project proposals, with the aim of receiving EU funding.
Procedure for inviting applicants to submit project proposals, with the aim of receiving EU funding.
(opens in new window) ERC-2018-STG
See all projects funded under this callHost institution
Net EU financial contribution. The sum of money that the participant receives, deducted by the EU contribution to its linked third party. It considers the distribution of the EU financial contribution between direct beneficiaries of the project and other types of participants, like third-party participants.
33100 TAMPERE
Finland
The total costs incurred by this organisation to participate in the project, including direct and indirect costs. This amount is a subset of the overall project budget.