Gano raunin da kuma tantance juriya ga hare-haren hacker na katunan wayo da na'urori na crypto tare da ginanniyar kariyar.

A cikin shekaru goma da suka gabata, baya ga hanyoyin fitar da sirri ko aiwatar da wasu ayyuka marasa izini, maharan sun fara amfani da leken asirin da ba da niyya ba tare da yin amfani da aiwatar da shirye-shiryen ta tashoshi na gefe.

Hanyoyin kai hari na gargajiya na iya yin tsada ta fuskar ilimi, lokaci da ikon sarrafawa. Hare-haren tashoshi na gefe, a gefe guda, ana iya aiwatar da su cikin sauƙi kuma ba lalacewa ba tunda suna fallasa ko sarrafa kaddarorin jiki waɗanda ke samun dama yayin aiki na yau da kullun.

Ta amfani da hanyoyin ƙididdiga don aiwatar da ma'aunin tashoshi na gefe ko ta hanyar shigar da kurakurai a cikin tashoshi masu zaman kansu na guntu, maharin na iya samun damar yin amfani da sirrinsa a cikin 'yan sa'o'i kaɗan.

Tare da katunan wayo fiye da miliyan 5,000 da ake bayarwa kowace shekara da sabbin fasahohin da ke shiga kasuwanni, ana samun karuwar bukatar tabbatar da kasuwanci da tsaro na sirri.

A cikin Netherlands, Riscure ya ƙirƙiri Inspector, wanda ke ba da dakunan gwaje-gwaje na R&D da kuma masana'antun da sabbin, ingantaccen ƙarfin gano barazanar tsaro.

Tsarin Haɗarin Inspector yana goyan bayan dabarun nazarin tashar tashoshi daban-daban (SCA) kamar nazarin amfani da wutar lantarki (SPA/DPA), lokaci, RF, da kuma nazarin lantarki (EMA) da rikice-rikice (FI) kamar glitches na wutar lantarki, glitches na agogo da Laser magudi. Ayyukan ginanniyar tsarin suna goyan bayan algorithms na sirri da yawa, ka'idojin aikace-aikacen, musaya, da kayan aiki.

Tsarin yana ba ku damar haɓakawa da aiwatar da sabbin hanyoyin da aikace-aikacen al'ada don gano rashin ƙarfi.

Tsarin nazarin tashar tashoshin Inspector SCA ya ƙunshi:

• Wutar Wuta;
• shigarwa na lantarki sauti na EM Probe Station;
• icWaves jawo janareta;
• CleanWave tace;
• bincike na yanzu Binciken Yanzu.

Daga cikin manyan "mai kyau" za mu iya haskaka manyan su:

• Yana da kayan aiki guda ɗaya, haɗaɗɗen kayan aiki don nazarin tashar tashar gefe da gwajin allurar kuskure;
• Inspector ya hadu da EMVco da CMVP Sharuɗɗan gama gari ƙwararrun buƙatun gwajin tashoshi;
• Yana da wani wuri mai buɗewa wanda ya haɗa da lambar tushe don kayayyaki, ta yadda za a iya canza hanyoyin da ake da su da kuma sababbin hanyoyin gwaji waɗanda za a iya haɓaka ta mai amfani don Inspector;
• Stable da hadedde software da hardware sun haɗa da sayan bayanai masu sauri a cikin miliyoyin burbushi;
• Zagayowar sakin software na wata shida na sa masu amfani da su sabunta sabbin dabarun gwajin tashoshi na gefen filin.

Ana samun Inspector a nau'ikan daban-daban akan dandamali guda:

• Inspector SCA yana ba da duk zaɓuɓɓukan da suka dace don yin nazarin tashar tashar DPA da EMA.
• Inspector FI yana ba da cikakken aikin allura na kuskure (hargin tashin hankali) da kuma nazarin kuskuren bambancin (DFA).
• Inspector Core da SP (Tsarin Sigina) yana ba da ainihin ayyukan SCA waɗanda aka aiwatar a cikin sassa daban-daban don samar da fakitin software mai sauƙi don sayan bayanai ko aiwatarwa.

Inspector SCA

Da zarar an sami sakamakon aunawa, ana samun dabarun sarrafa sigina iri-iri don samar da manyan sigina masu yawa, ƙananan amo. An haɓaka ayyukan sarrafa sigina waɗanda ke yin la'akari da bambance-bambance masu sauƙi tsakanin alamar EM, alamar wuta, da sarrafa siginar RF. Ƙaƙƙarfan nunin hoto na inspector yana ba masu amfani damar yin nazarin lokaci ko bincika alamun, misali, don raunin SPA.

Yin DPA lokacin aiwatar da ECC

Don yawancin aiwatar da tsaro da aka yi la'akari da SPA-resistant kwanakin nan, mayar da hankali kan gwaji yawanci akan hanyoyin gwaji daban-daban (watau DPA/CPA). Don wannan, Inspector yana ba da hanyoyi masu yawa na daidaitawa wanda ke rufe nau'ikan algorithms masu yawa da kuma algorithms masu amfani da yawa kamar (3)DES, AES, RSA da ECC.

EM radiation na guntu don nemo wuri mafi kyau lokacin aiwatar da DEMA

Main Features

• Wannan bayani ya haɗu da nazarin wutar lantarki (SPA/DPA/CPA), electromagnetic (SEMA/DEMA/EMA-RF), da hanyoyin gwaji marasa lamba (RFA).
• An inganta saurin siyan bayanai sosai ta hanyar haɗin oscilloscope tare da Inspector.
• Ana amfani da dabarun daidaitawa na ci gaba don hana jujjuyawar agogo da bazuwar
• Mai amfani zai iya saita nau'ikan cryptanalysis waɗanda ke goyan bayan harin farko da babban oda akan duk manyan algorithms kamar (3)DES, AES, RSA da ECC.
• Ana amfani da faɗaɗa tallafi don takamaiman algorithms na yanki, gami da SEED, MISTY1, DSA, gami da Camellia.

Hardware

Baya ga aikin Inspector na PC, SCA tana amfani da kayan aikin da aka inganta don bayanan tashar tasha da siginar sigina:

• Wutar Wuta don SPA/DPA/CPA akan katunan wayo
• Tashar binciken EM don SEMA / DEMA / EMA RF
• Binciken Yanzu don SPA/DPA/CPA akan na'urorin da aka saka
• CleanWave tace tare da Micropross MP300 TCL1/2 don RFA da RF EMA
• IVI-mai jituwa oscilloscope

Abubuwan da ake tantancewa galibi suna buƙatar ma'auni, sauyawa, da sarrafa kayan aiki waɗanda ke da mahimmanci don yin SCA. Mai sarrafa kayan masarufi mai sassauƙa na Inspector, buɗe yanayin ci gaba, da zaɓuɓɓukan mu'amala mai yawa suna ba da tushe mai ƙarfi don ma'auni masu inganci ta amfani da kayan aikin al'ada.

Inspector SCA

Jagoran injiniyan tsaron cikin gida Joh John Connor ya ce game da tsarin:
“Sufeto ya kawo sauyi kan yadda muke kimanta juriya na samfuranmu. harin amfani da makamashi DPA. Ƙarfinsa ya ta'allaka ne a cikin gaskiyar cewa yana haɗawa da tattarawa da hanyoyin bincike waɗanda ke ba mu damar kimanta tasirin sabbin ƙirar kayan masarufi da sauri. Bugu da ƙari, mafi kyawun ƙirar ƙirar sa yana bawa mai amfani damar hango sa hannun kuzari daga tattara bayanai masu ma'ana daban-daban ko lokaci guda-mai mahimmanci yayin shirya bayanai don DPA yayin harin-yayin da ɗakunan karatu masu ƙarfi na nazari ke goyan bayan bayanan sirrin kasuwanci da aka fi amfani da su. Sabunta software na kan lokaci da fasaha wanda Riscure ke tallafawa yana taimaka mana kiyaye amincin samfuranmu.

Inspector FI

Inspector FI - Laifin Injection - yana ba da fa'idodi da yawa don yin gwajin allura na kuskure akan katin wayo da fasahar na'ura da aka haɗa. Hanyoyin gwaji da aka goyan baya sun haɗa da glitches na agogo, glitches na lantarki, da harin Laser na gani. Hare-haren alluran kuskure-wanda kuma aka sani da harin ɓarna-canza halayen guntu, yana haifar da gazawar da za a iya amfani da su.

Tare da Inspector FI, masu amfani zasu iya gwada ko za'a iya fitar da maɓalli ta hanyar haifar da gazawa a cikin ayyukan sirri na guntu, ƙetare cak kamar tantancewa ko matsayi na rayuwa, ko gyara yadda shirin ke gudana akan guntu.

Zaɓuɓɓukan daidaitawa masu faɗi

Inspector FI ya haɗa da adadi mai yawa na ma'auni mai daidaitawa mai amfani don sarrafa tsarin sauyawa da tashe-tashen hankula kamar bugun jini na tsawon lokaci, maimaita bugun bugun jini, da canje-canjen matakin ƙarfin lantarki. Software yana gabatar da sakamakon, yana nuna halayen da ake tsammani, sake saitin kati, da halayen da ba a zata ba, tare da cikakken shiga. Akwai nau'ikan harin DFA don manyan algorithms na ɓoyewa. Yin amfani da "mayen", masu amfani kuma za su iya ƙirƙirar shirin tashin hankali na al'ada tare da API.

Main Features

• Ba daidai ba kuma cikin sauƙin sake fasalin daidaito da lokaci don duk kayan aikin glitching.
• Yanayin ƙira hari ta amfani da tsarin umarni mai ƙarfi da haɗaɗɗen Inspector IDE.
• Zaɓuɓɓukan daidaitawar Inspector don gwajin kuskure ta atomatik.
• Laser kayan aiki don Multi-glitching a baya da gaban katin, al'ada yi don gwaji ta amfani da glitch allura hanyar.
• Samfuran DFA don aiwatar da shahararrun algorithms boye-boye, gami da RSA, AES, da 3DES
• Haɓakawa zuwa Laser mai ma'ana da yawa yana ba da damar yin tasiri ga microcircuit a wurare da yawa a lokaci ɗaya.
• Aiki tare da dogaro da aiki ta amfani da janareta na jawo icWaves na iya hana matakan ƙima da hana asarar samfur.

Hardware

Ana iya amfani da Inspector FI tare da kayan aikin kayan masarufi masu zuwa don kai hari:

• VC Glitcher tare da ƙarin glitch amplifier
• Tashar Laser Diode tare da haɓakar maki da yawa na zaɓi
• PicoScope 5203 ko IVI-mai jituwa oscilloscope

Inspector FI tare da VC Glitcher, icWaves Trigger Generator, Glitch Amplifier da Laser Station

Babban janareta na VC Glitcher shine ainihin ƙirar ƙirar allurar glitch na tsarin Inspector. Yin amfani da fasahar FPGA mai saurin gaske, za a iya haifar da kurakurai kamar gajeriyar nanoseconds biyu. Kayan kayan masarufi yana da masarrafar shirye-shirye masu dacewa da mai amfani. Kuskuren shirin da mai amfani ya ƙirƙira ana loda shi cikin FPGA kafin gwajin gwaji. VC Glitcher ya haɗa da haɗaɗɗiyar da'ira don gabatar da glitches na lantarki da glitches na agogo, da kuma tashar tashar don sarrafa tashar laser.

Tashar Laser ta Diode ta ƙunshi tsarin al'ada na laser diode mai ƙarfi tare da na'urorin gani na al'ada waɗanda VC Glitcher ke sarrafa su cikin sauri da sassauƙa. Kayan aiki yana ɗaukar gwajin gani zuwa mataki na gaba ta hanyar samar da ingantattun kurakurai da yawa, daidaitaccen ikon sarrafa wutar lantarki, da sauri da kuma tsinkayar amsa don sauyawa bugun bugun jini.

Ta haɓaka tashar laser diode zuwa nau'in ma'auni da yawa, ana iya gwada yankuna da yawa akan guntu ta amfani da sigogin lokaci daban-daban da kuma samar da wutar lantarki.

Tunatarwa na tushen sigina ta amfani da janareta na icWaves

Jitter agogo, bazuwar tsari yana katsewa, da tsawon lokaci mai dogaro da bayanai yana buƙatar sauya kuskure mai sassauƙa da tarin bayanan tashoshi. Na'urar janareta na icWaves na tsarin Inspector yana haifar da bugun bugun jini don mayar da martani ga gano bambance-bambance na ainihin lokaci daga samfurin da aka bayar a cikin wutar lantarkin guntu ko siginar EM. Na'urar ta haɗa da matattarar ƙira ta musamman don tabbatar da an gano madaidaicin ƙirar koda a cikin sigina masu hayaniya.

Za'a iya gyaggyara alamar tunani da aka yi amfani da shi don dacewa da ƙirar cikin na'urar FPGA ta amfani da ayyukan sarrafa sigina na Inspector. Katin wayo wanda ya gano allura na kuskure zai iya fara tsarin kariya don cire bayanai masu mahimmanci ko toshe katin. Hakanan za'a iya amfani da bangaren icWaves don jawo kashe katin a duk lokacin da amfani da wutar lantarki ko bayanin martabar EM ya kauce daga daidaitaccen aiki.

Tashar Laser (LS) tare da zaɓin damar shiga multipoint,
tare da microscope da tebur daidaitawa

Integrated Development Environment (IDE)

An tsara yanayin ci gaban Inspector don samar da mafi girman sassauci ga mai amfani don amfani da SCA da FI don kowane dalili.

• Buɗe API: yana sauƙaƙa aiwatar da sabbin kayayyaki
• Lambar tushe: Kowane module yana zuwa da lambar tushe na kansa, don haka za a iya daidaita na'urorin zuwa buƙatun mai amfani ko kuma a yi amfani da su azaman tushen ƙirƙirar sabbin kayayyaki.

Inspector FI

Inspector yana haɗa alluran kuskure da dabarun binciken tashar tasha a cikin fakitin aiki mai girma ɗaya.

Misalin nazarin halayen gazawa:

Filin hare-haren tashoshi na gefe yana ci gaba cikin sauri, tare da buga sabbin binciken bincike kowace shekara, zama sananne a bainar jama'a, ko sanya takaddun shaida da ƙima. Inspector yana ba masu amfani damar ci gaba da kasancewa tare da sabbin ci gaba da sabunta software na yau da kullun waɗanda ke aiwatar da sabbin dabaru.

source: www.habr.com