October 2006JSA/INSTAC/Tamper-resistance Standardization Research Committee1 Activity of Tamper-resistance Standardization Research Committee (TSRC) Shinichi

October 2006 JSA/INSTAC/Tamper-resistance Standardization Research Committee 1

Activity of Tamper-resistance Standardization Research Committee (TSRC)

Shinichi KawamuraTamper-resistance Standardization Research Committee (TSRC)

Toshiba Corporation

[email protected]

Japanese Standards Association (JSA)Information Technology Research and Standardization Center (INSTAC)

CHES Rump Session

mailto:[email protected]


TSRC Activity Report Completed!

“Tamper-resistance Standardization Research Committee --- The Activity Report 2003-2006”

Available at the desk in front of the white board

Also available at

http://www.jsa.or.jp/stdz/instac/committe/index.htm


Appendix!!


Four Main Activities of TSRC

1. Systematic study of various tampering techniques ( Survey of literature )

2. Developing standard evaluation platform for side-channel attacks

3. Proposing methods to describe requirements to tamper-resistance

4. Contributing to the international standardization ( Ex. Physical Security Testing Workshop, Sept 2005

hosted with NIST and IPA )


Standard Evaluation Platforms

• Motivation:– Lack of standard platform seems to hinder the development of tamper-

resistance technology.

– It will change the situation if there is a standard platform whose specification is publicly available and non-proprietary.

• Solusion:– INSTAC-8 ： 8bit CPU. Its target is a low-end embedded system.

– INSTAC-32 ： 32-bit CPU and FPGA. Its target is a middle to high-end system as well as semi-hardware implementation.


An INSTAC-8 Compliant Board


An INSTAC-32 Compliant Board


Some Results Reported

• K. Fujisaki, et al. ISEC2004-No.55, 2004– Proposal of INSTAC-8 and self-evaluation

• H. Miyake, et al. SCIS2005, January 2005– DPA evaluation on INSTAC-8

• Y. Takahashi, et al. ISEC2004-No.114, March 2005– EM analysis on INSTAC-8

• K. Fujisaki, et al. ISEC2005-No.19, July 2005– Proposal of INSTAC-32 and self-evaluation

• Y. Tsunoo, et al. This conference, Sept. 2005– Analysis report on INSTAC-8

Notes) ISEC : IEICE Tech. Rep. on Information Security (Bi-monthly) SCIS: Symp. on Cryptography and Information Security (Annual)


Proposal of metric-based description of security requirement

• There are three approaches recognized to describe the requirement for tamper-resistance of cryptographic module:

1. Description focusing on attacks

2. Description focusing on countermeasures

3. Description focusing on metrics

• We think that approach 3 has not been established, so far

• Our proposal is that intensive research is necessary to establish metric-based description


Description Focusing on Attacks

Core ofCryptographic

Module

Timing Attack

SPA

DPA

EMA

Fault-based Attack

Other attacks

•Concrete attack is focused ---Natural approach•Appropriate listing up of attacks is necessary•Adapting to emerging attack is an issue since more attacks seem still to come

•Concrete attack is focused ---Natural approach•Appropriate listing up of attacks is necessary•Adapting to emerging attack is an issue since more attacks seem still to come

Example:“Cryptographic module is required to be resistant to Timing Attack”

Cryptographic Module


Description Focusing on Countermeasures

Other

Measures

Data M

asking

Random

ized T

iming


Module

Timing Attack

SPA

DPA

EMA

Fault-based Attack

Other attacks

•Countermeasure to prevent attacks is specified•Appropriate listing up of countermeasures is necessary•Adapting emerging attack is an issue since more attacks seem still to come•Vender would not like to explicitly describe countermeasures because they are sometimes vendor know-how

•Countermeasure to prevent attacks is specified•Appropriate listing up of countermeasures is necessary•Adapting emerging attack is an issue since more attacks seem still to come•Vender would not like to explicitly describe countermeasures because they are sometimes vendor know-how

Example:“Cryptographic module is required to implement Data Masking” or“Documentation shall specify countermeasures employed”



Description Focusing on Metrics

Counterm

easures


Module

•Ideal approach -- if appropriate metrics and test method are defined•Searching for appropriate metrics is a big issue --- Intensive research is required•Good metrics may cover some emerging attacks

•Ideal approach -- if appropriate metrics and test method are defined•Searching for appropriate metrics is a big issue --- Intensive research is required•Good metrics may cover some emerging attacks

Example:“Cryptographic module is required to have metric A within a given range B with a given test method C”

TestMethod 1

Metric 1

TestMethod 2

Other TestMethods

Metric 2

Metric x


Presently, A, B, and C is not established.


Members of TSRC WG1 (As of March 2006)

• Tsutomu Matsumoto (Chair, Yokohama National University)

• Shinichi Kawamura (Secretary, Toshiba Corp.)

• Koichi Fujisaki (Toshiba Corp.)

• Naoya Torii (Fujitsu Laboratories Ltd.)

• Shuichi Ishida (Hitachi, Ltd.)

• Yukiyasu Tsunoo (NEC Corp.)

• Minoru Saeki (Mitsubishi Electric Corp.)

• Atsuhiro Yamagishi (IPA)


Organizational Structure

Bureau of Industrial Technology EnvironmentStandardization Section

Japanese Standardization Association

Information Technology Research and Standardization Center

(INSTAC)

Tamper-resistance Standardization Research Committee (TSRC)

Research TeamWG1 (Technical Committee)

Ministry of Economy, Trade and Industry


Pointer to Activity Report, again

Available at the desk in front of the white board

Also available athttp://www.jsa.or.jp/stdz/instac/committe/index.htm

Thank you for your attantion.


End of Appendix!

Documents

October 2006JSA/INSTAC/Tamper-resistance Standardization Research Committee1 Activity of Tamper-resistance Standardization Research Committee (TSRC) Shinichi