Paper 2015/670

Smart Security Management in Secure Devices

Bruno Robisson, Michel Agoyan, Patrick Soquet, Sébastien Le Henaff, Franck Wajsbürt, Pirouz Bazargan-Sabet, and Guillaume Phan

Abstract

Among other threats, secure components are subjected to physical attacks whose aim is to recover the secret information they store. Most of the work carried out to protect these components generally consists in developing protections (or countermeasures) taken one by one. But this ``countermeasure-centered'' approach drastically decreases the performance of the chip in terms of power, speed and availability. In order to overcome this limitation, we propose a complementary approach: smart dynamic management of the whole set of countermeasures embedded in the component. Two main specifications for such management are required in a real world application (for example, a conditional access system for Pay-TV): it has to provide capabilities for the chip to distinguish between attacks and normal use cases (without the help of a human being and in a robust but versatile way); it also has to be based on mechanisms which dynamically find a trade-off between security and performance. In this article, a prototype which enables such security management is described. The solution is based on a double-processor architecture: one processor embeds a representative set of countermeasures (and mechanisms to define their parameters) and executes the application code. The second processor, on the same chip, applies a given security strategy, but without requesting sensitive data from the first processor. The chosen strategy is based on fuzzy logic reasoning to enable the designer to describe, using a fairly simple formalism, both the attack paths and the normal use cases. A proof of concept has been proposed for the smart card part of a conditional access for Pay-TV, but it could easily be fine-tuned for other applications.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Preprint. MINOR revision.
Keywords
Hardware tamper resistanceArchitectures and implementationsArchitectures for trusted computingApplication of fuzzy logic
Contact author(s)
bruno robisson @ cea fr
History
2015-07-05: received
Short URL
https://ia.cr/2015/670
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/670,
      author = {Bruno Robisson and Michel Agoyan and Patrick Soquet and Sébastien Le Henaff and Franck Wajsbürt and Pirouz Bazargan-Sabet and Guillaume Phan},
      title = {Smart Security Management  in Secure Devices},
      howpublished = {Cryptology {ePrint} Archive, Paper 2015/670},
      year = {2015},
      url = {https://eprint.iacr.org/2015/670}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.