Automatized Fault Attack Emulation for Penetration Testing

More documents

Recommendations

Info

Autom. Fault Attack Emulation (4/5) Institute for Technical Informatics www.ITI.TUGraz.at • Attack on security relevant regions − Memory regions − Time − Calculation example • Some 100 Addresses • 20-50ms for one command • ~1ms is interesting • ~1M Attack Scenarios • 1sec per attack • 11,6 Days − Long time tests • Attack granularity refinement • Information gain for real-chip testing A. Krieg 2011-9-29 16
Autom. Fault Attack Emulation (5/5) Institute for Technical Informatics www.ITI.TUGraz.at • Power emulation [Bachmann2010] − − − − Automatized control signal extraction Control signal weighting Accumulation Characterization using gate level simulations and physical tests • Information extraction from the power profile • Emulate power information available to attacker − Average error below 10% Power [normalized] 1 Equipment 0.8 0.6 0.4 0.2 P estimated ∑ = c * x[ t] 0 0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1 Time [normalized] [Genser2009] i i Reference Estimated A. Krieg 2011-9-29 17
Page 1 and 2: Institute for Technical Informatics
Page 3 and 4: Motivation (1/3) Institute for Tech
Page 5 and 6: Motivation (3/3) Institute for Tech
Page 7 and 8: Introduction (1/2) Institute for Te
Page 9 and 10: Agenda Institute for Technical Info
Page 11 and 12: Related Work (2/2) Institute for Te
Page 13 and 14: Autom. Fault Attack Emulation (1/5)
Page 15: Autom. Fault Attack Emulation (3/5)
Page 19 and 20: Impact on Certification Flow (1/3)
Page 21 and 22: Impact on Certification Flow (3/3)
Page 23 and 24: Conclusion (1/3) Institute for Tech
Page 25 and 26: Conclusion (3/3) Institute for Tech
Page 27: References Institute for Technical

Automatized Fault Attack Emulation for Penetration Testing

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?