ProHoster > Blog > internet nhau > Kucherekedza kusasimba uye kuongorora kuramba kwehacker kurwiswa kwemakadhi akangwara uye crypto processors ine yakavakirwa-mukati chengetedzo.

Kucherekedza kusasimba uye kuongorora kuramba kwehacker kurwiswa kwemakadhi akangwara uye crypto processors ine yakavakirwa-mukati chengetedzo.

Mumakore gumi apfuura, pamusoro penzira dzekuburitsa zvakavanzika kana kuita zvimwe zviito zvisina kutenderwa, vapambi vatanga kushandisa kusaziva kuburitswa kwedata uye kunyengera kwekuita kwechirongwa kuburikidza nematanho epadivi.

Nzira dzechinyakare dzekurwisa dzinogona kudhura maererano neruzivo, nguva uye simba rekugadzirisa. Side-channel kurwisa, kune rumwe rutivi, inogona kuita zviri nyore kuita uye isingaparadze sezvo ichifumura kana kushandura zvimiro zvemuviri zvinowanikwa panguva yekushanda kwakajairika.

Nekushandisa nzira dzechiverengero kugadzirisa zviyero zveparutivi-chaneli kana nekuisa zvikanganiso mumatanho akavanzika echip, anorwisa anogona kuwana zvakavandika mukati memaawa mashoma.

Kucherekedza kusasimba uye kuongorora kuramba kwehacker kurwiswa kwemakadhi akangwara uye crypto processors ine yakavakirwa-mukati chengetedzo.

Neanopfuura 5,000 miriyoni smart makadhi anopihwa gore rega rega uye matsva akadzamidzirwa ekriptographic matekinoroji achipinda mumisika, pane kuwedzera kuri kuda kwekuona zvese zviri zviviri bhizinesi nekuchengetedzwa kwekuvanzika.

MuNetherlands, Riscure yakagadzira Inspector, iyo inopa maR&D labs pamwe nevagadziri vane hutsva, hunobudirira hwekuchengetedza kutyisidzira kugona.

Iyo Inspector Risk system inotsigira akasiyana chiteshi chiteshi chekuongorora (SCA) matekiniki akadai sekushandisa simba rekushandisa (SPA/DPA), nguva, RF, pamwe nekuongorora kwemagetsi (EMA) uye kukanganisa (FI) kurwiswa senge voltage glitches, wachi glitches uye. Laser manipulation. Iyo sisitimu yakavakirwa-mukati mashandiro inotsigira akawanda cryptographic algorithms, application protocol, interfaces, uye chiridzwa.

Iyo sisitimu inobvumidza iwe kuti uwedzere nekushandisa nzira nyowani uye tsika kunyorera yekuona kusasimba.

Iyo Inspector SCA parutivi chiteshi chekuongorora system inosanganisira:

  • Power Tracer;
  • kuiswa kwe electromagnetic inonzwika EM Probe Station;
  • icWaves trigger jenareta;
  • CleanWave sefa;
  • ikozvino probe Current Probe.

Pakati pezvikuru "zvakanaka" tinogona kusimbisa izvo zvikuru:

  • Icho chinhu chimwe chete, chakabatanidzwa chekuongorora chiteshi chedivi uye kukanganisa jekiseni kuongororwa;
  • Inspector anosangana neEMVco uye CMVP Common Criteria yakasimbiswa padivi-chiteshi chekuongorora zvinodiwa;
  • Inzvimbo yakavhurika inosanganisira kodhi yekodhi yemamodule, nekudaro ichibvumira nzira dziripo kuti dzigadziriswe uye nzira nyowani dzekuyedza dzibatanidzwe dzinogona kugadzirwa nemushandisi weInspector;
  • Yakagadzikana uye yakabatanidzwa software uye hardware zvinosanganisira yakakwirira-kumhanya yekutora data mumamiriyoni ekutsvaga;
  • Iyo software yemwedzi mitanhatu yekuburitswa kutenderera inoita kuti vashandisi vasvike neazvino matekiniki ekuyedza nzira dzepadivi mumunda.

Inspector inowanikwa mumhando dzakasiyana papuratifomu imwe chete:

  • Inspector SCA inopa ese anodiwa sarudzo dzekuita DPA uye EMA padivi chiteshi chekuongorora.
  • Inspector FI inopa yakazara kukanganisa jekiseni kushanda (perturbation kurwisa) pamwe nekusiyanisa kukanganisa kuongororwa (DFA).
  • Inspector Core uye SP (Signal Processing) inopa yakakosha SCA mashandiro akaiswa mumamodule akaparadzana kuti ipe inosvikika software package yekutora data kana post-kugadzirisa.

Inspector SCA

Kamwe mhedzisiro yekuyera yawanikwa, akasiyana-siyana ekugadzirisa masaini maitiro anowanikwa kuti abudise akawanda-akakwirira-chiratidzo, yakaderera-ruzha rutsva. Siginecha yekugadzirisa mabasa akagadzirwa anofunga zvakapusa mutsauko pakati peEM trace, simba rekutsvaga, uye RF trace chiratidzo chekugadzirisa. Inspector ine simba graphical trace mharidzo inobvumira vashandisi kuita ongororo yenguva kana kuongorora zviteshi, semuenzaniso, zvekusagadzikana kweSPA.

Kucherekedza kusasimba uye kuongorora kuramba kwehacker kurwiswa kwemakadhi akangwara uye crypto processors ine yakavakirwa-mukati chengetedzo.
Kuita DPA paunenge uchiita ECC

Kune akawanda ekuchengetedza ekuita anoonekwa seSPA-inodzivirira mazuva ano, chinotariswa chekuyedza chinowanzo siyana nzira dzekuyedza (kureva, DPA/CPA). Kuti izvi zviitike, Inspector inopa nzira dzakasiyana siyana dzinogadziriswa dzinovhara huwandu hwakawanda hwekriptographic algorithms uye algorithms anoshandiswa zvakanyanya senge (3) DES, AES, RSA uye ECC.

Kucherekedza kusasimba uye kuongorora kuramba kwehacker kurwiswa kwemakadhi akangwara uye crypto processors ine yakavakirwa-mukati chengetedzo.
EM radiation ye chip kuti uwane yakanakisa nzvimbo paunenge uchiita DEMA

Zvinhu Zvikuru

  • Mhinduro iyi inosanganisa kuongororwa kwesimba (SPA/DPA/CPA), electromagnetic (SEMA/DEMA/EMA-RF), uye nzira dzisiri dzekusangana dzekuyedza (RFA).
  • Iko kumhanya kwekutora data kunovandudzwa zvakanyanya neiyo oscilloscope's yakasimba yekubatanidza neInspector.
  • Advanced equalization maitiro anoshandiswa kudzivirira wachi jitter uye randomization
  • Mushandisi anogona kugadzirisa cryptanalysis modules inotsigira yekutanga uye yakakwirira-kurongeka kurwiswa pane ese makuru algorithms akadai (3)DES, AES, RSA uye ECC.
  • Yakawedzerwa rutsigiro rwedomeini-chaiyo algorithms inoshandiswa, kusanganisira SEED, MISTY1, DSA, kusanganisira Camellia.

Hardware

Pamusoro pePC Inspector workstation, SCA inoshandisa hardware yakagadziridzwa yedivi chiteshi data uye chiratidzo chekutora:

  • Power Tracer yeSPA/DPA/CPA pamakadhi akangwara
  • EM Probe chiteshi cheSEMA / DEMA / EMA RF
  • Yazvino Probe yeSPA/DPA/CPA pamidziyo yakamisikidzwa
  • CleanWave sefa ine Micropross MP300 TCL1/2 yeRFA uye RF EMA
  • IVI-inoenderana oscilloscope

Zvinhu zviri kuongororwa zvinowanzoda kuyerwa, kuchinjika, uye kutonga kwehardware izvo zvinodiwa kuita SCA. Inspector's inochinjika Hardware maneja, yakavhurika budiriro nharaunda, uye yakakura interface sarudzo inopa hwaro hwakasimba hwekuyerwa kwemhando yepamusoro uchishandisa tsika hardware.

Kucherekedza kusasimba uye kuongorora kuramba kwehacker kurwiswa kwemakadhi akangwara uye crypto processors ine yakavakirwa-mukati chengetedzo.
Inspector SCA

Inotungamira mukati mekuchengetedza mainjiniya Joh John Connor anoti nezve system:
"Inspector vakashandura nzira yatinoongorora mutsauko wezvigadzirwa zvedu. simba rekushandisa kurwisa DPA. Simba rayo riri mukuti inobatanidza kuunganidza uye maitiro ekuongorora anotibvumira kukurumidza kuongorora kushanda kwezvitsva zvekristptographic hardware designs. Uyezve, iyo yepamusoro graphical interface inobvumira mushandisi kuona siginecha yesimba kubva kuunganidzwa discrete data ega kana panguva imwe chete-yakakosha pakugadzirira data yeDPA panguva yekurwiswa-ukuwo maraibhurari ayo ane simba ekuongorora achitsigira anonyanya kushandiswa kutengeserana encryption algorithms. Inoenderana nenguva software uye tekinoroji inotsigirwa neRiscure inotibatsira kuchengetedza chengetedzo yezvigadzirwa zvedu. "

Inspector FI

Inspector FI - Fault Injection - inopa huwandu hwakasiyana hwekuita bvunzo jekiseni pane smart kadhi uye yakadzamidzirwa mudziyo matekinoroji. Nzira dzekuyedza dzinotsigirwa dzinosanganisira wachi glitches, voltage glitches, uye optical laser kurwisa. Kurwiswa kwemajekiseni emhosva-kunozivikanwawo sekurwisa kwekuvhiringidza-kuchinja maitiro echip, zvichikonzera kutadza kushandiswa.

NeInspector FI, vashandisi vanogona kuyedza kana kiyi inogona kutorwa nekukonzera kutadza muiyo chip's cryptographic mashandiro, nekupfuura cheki senge yechokwadi kana hupenyu hwehupenyu, kana kugadzirisa kuti chirongwa chinofamba sei pachip.

Yakawanda inogadziriswa sarudzo

Inspector FI inosanganisira huwandu hukuru hwemushandisi-inogadziriswa paramita kune programmatically kudzora switching uye kuvhiringika senge pulses yenguva yakasiyana-siyana, kudzokororwa kwepulse, uye voltage level shanduko. Iyo software inopa mhedzisiro, ichiratidza maitiro anotarisirwa, kuseta kadhi, uye maitiro asingatarisirwe, pamwe nekutema matanda. DFA kurwisa ma modules aripo kune makuru encryption algorithms. Kushandisa "wizard", vashandisi vanogonawo kugadzira purogiramu yekuvhiringidza ne API.

Zvinhu Zvikuru

  • Isiri-inoenderana uye nyore kudhirowa kurongeka uye nguva yeese glitching Hardware.
  • Kurwisa dhizaini dhizaini uchishandisa ine simba rekuraira system uye yakabatanidzwa IDE Inspector.
  • Yakakura Inspector yekumisikidza sarudzo dze automated fault jekiseni kuyedzwa.
  • Laser midziyo yeakawanda-inopenya kumashure uye kumberi mativi emakadhi, yakasarudzika-yakagadzirirwa kuyedza uchishandisa glitch jekiseni nzira.
  • DFA modules yekushandiswa kweanozivikanwa encryption algorithms, kusanganisira RSA, AES, uye 3DES.
  • Kusimudzira kune akawanda-point laser kunopa mukana wekupesvedzera iyo microcircuit munzvimbo dzinoverengeka kamwechete.
  • Kushanda-inotsamira kuwiriranisa uchishandisa iyo icWaves trigger jenareta inogona kudzivirira kupikisa uye kudzivirira kurasikirwa kwemuenzaniso.

Hardware

Inspector FI inogona kushandiswa neinotevera hardware zvikamu kuita kurwisa:

  • VC Glitcher ine yakawedzera glitch amplifier
  • Diode laser station ine sarudzo yakawanda-poindi yekusimudzira
  • PicoScope 5203 kana IVI-inoenderana oscilloscope

Kucherekedza kusasimba uye kuongorora kuramba kwehacker kurwiswa kwemakadhi akangwara uye crypto processors ine yakavakirwa-mukati chengetedzo.
Inspector FI ine VC Glitcher, icWaves Trigger Generator, Glitch Amplifier uye Laser Station.

Iyo VC Glitcher jenareta inoumba musimboti weiyo Inspector system's glitch jekiseni architecture. Uchishandisa tekinoroji yepamusoro yeFPGA, zvikanganiso zvakapfupika sema nanoseconds maviri anogona kugadzirwa. Iyo hardware ine mushandisi-inoshamwaridzika programming interface. Chirongwa chinokanganisa chakagadzirwa nemushandisi chinoiswa muFPGA bvunzo isati yatanga. Iyo VC Glitcher inosanganisira dunhu rakabatanidzwa rekuunza magetsi glitches uye wachi glitches, pamwe nechiteshi chinobuda chekudzora laser station.

Iyo Diode Laser Station ine yakasarudzika yemhando yepamusoro-simba diode lasers ine tsika optics inodzorwa nekukurumidza uye nyore neVC Glitcher. Midziyo yacho inotora kuyedzwa kwemaziso kune inotevera nhanho nekupa zvikanganiso zvakawanda, kutonga kwesimba chaiko, uye nekukurumidza uye kufembera mhinduro yekuputsika kwekuchinja.

Nekusimudzira diode laser station kune yakawanda-point vhezheni, nzvimbo dzakawanda dzinogona kuyedzwa pane chip uchishandisa akasiyana ma paramita uye magetsi ekupa.

Signal-based triggering uchishandisa iyo icWaves trigger jenareta

Clock jitter, random process inovhiringa, uye zvinoenderana nedata nguva yenguva inoda kuchinjika kukanganisa kuchinjika uye kudivi-chiteshi kuunganidzwa kwedata. Iyo Inspector system's icWaves jenareta inogadzira inokonzeresa pulse mukupindura chaiyo-nguva yekuona misiyano kubva kune yakapihwa modhi mune chip simba rekupa kana EM chiratidzo. Chishandiso ichi chinosanganisira yakakosha notch sefa kuti ive nechokwadi chekufananidza kunoonekwa kunyangwe mumasaini ane ruzha.

Iyo yereferensi yekutsvaga inoshandiswa kuenzanisa modhi mukati meFPGA mudziyo inogona kugadziridzwa uchishandisa masaini ekugadzirisa mabasa eInspector. Kadhi rakangwara raona jekiseni rekukanganisa rinogona kutangisa nzira yekudzivirira yekubvisa data rakavanzika kana kuvhara kadhi. Iyo icWaves chikamu chinogona zvakare kushandiswa kukonzeresa kuvharika kwekadhi pese pakushandiswa kwesimba kana iyo EM mbiri inotsauka kubva pakushanda kwakajairwa.

Kucherekedza kusasimba uye kuongorora kuramba kwehacker kurwiswa kwemakadhi akangwara uye crypto processors ine yakavakirwa-mukati chengetedzo.
Laser Station (LS) ine multipoint yekuwana sarudzo,
ine microscope uye kuronga tafura

Integrated Development Environment (IDE)

Iyo Inspector budiriro nharaunda yakagadzirirwa kupa yakanyanya kuchinjika kumushandisi kushandisa SCA neFI kune chero chinangwa.

  • Vhura API: inoita kuti zvive nyore kuita mamodule matsva
  • Source kodhi: Imwe neimwe module inouya neyayo sosi kodhi, saka ma module anogona kuchinjika kune zvishuwo zvemushandisi kana kushandiswa sechikonzero chekugadzira mamodule matsva.

Kucherekedza kusasimba uye kuongorora kuramba kwehacker kurwiswa kwemakadhi akangwara uye crypto processors ine yakavakirwa-mukati chengetedzo.
Inspector FI

Inspector inosanganisa jekiseni rekukanganisa uye nzira yekuongorora-yeparutivi mune imwe yepamusoro-inoshanda pasuru.

Muenzaniso wekutadza maitiro ekuongorora:

Kucherekedza kusasimba uye kuongorora kuramba kwehacker kurwiswa kwemakadhi akangwara uye crypto processors ine yakavakirwa-mukati chengetedzo.

Munda wekurwiswa kwepadivi-chiteshi chiri kukurumidza kubuda, nezvitsva zvetsvagiridzo zvinoburitswa gore rega rega, zvichizivikanwa pachena, kana kuita chitupa chezvirongwa nezviyero zvinosungirwa. Inspector inobvumira vashandisi kuti varambe vachiziva nezvezvitsva zvitsva uye zvenguva dzose zvigadziriso zvesoftware zvinoshandisa matekiniki matsva.

Source: www.habr.com

Voeg