Advertisement

An Industrial Outlook on Challenges of Hardware Security in Digital Economy—Extended Abstract—

  • Shivam Bhasin
  • Victor Lomné
  • Karim Tobich
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10662)

Abstract

Thanks to the seminal works of Kocher on side-channel attacks [1, 2] and Boneh et al. on fault injection attacks [3] in the 1990s, the domain of physical attacks has emerged as an active research domain as well as a potential threat on commercial devices. Practical hacks using physical attacks have been demonstrated on commercial products like NXP MiFare [4], KEELOQ [5], Sony PlayStation, etc. The threat becomes even bigger with the emergence of the Internet of Things (IoT), digital economy and identity. Digital economy is a push towards cashless society, encouraging digital banking with use of modern payment methods based on smartcards and now smartphones. Digital identity now uses biometric data, like fingerprints, to authenticate people. Several governments are giving a push for digital economy and identity. This has led to rapid adoption of mobile payments, cashless solutions, biometric identities. Often biometrics are linked to payment solution.

References

  1. 1.
    Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999).  https://doi.org/10.1007/3-540-48405-1_25 Google Scholar
  2. 2.
    Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996).  https://doi.org/10.1007/3-540-68697-5_9 Google Scholar
  3. 3.
    Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997).  https://doi.org/10.1007/3-540-69053-0_4 Google Scholar
  4. 4.
    de Koning Gans, G., Hoepman, J.-H., Garcia, F.D.: A practical attack on the MIFARE classic. In: Grimaud, G., Standaert, F.-X. (eds.) CARDIS 2008. LNCS, vol. 5189, pp. 267–282. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-85893-5_20 CrossRefGoogle Scholar
  5. 5.
    Indesteege, S., Keller, N., Dunkelman, O., Biham, E., Preneel, B.: A practical attack on KeeLoq. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 1–18. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-78967-3_1 CrossRefGoogle Scholar
  6. 6.
    EMV Book 2 - Integrated Circuit Card Specifications for Payment Systems - Security and Key Management v4.2 (2011). https://www.emvco.com/
  7. 7.
    EMV Book 3 - Integrated Circuit Card Specifications for Payment Systems - Application Specification v4.3 (2011). https://www.emvco.com/
  8. 8.
  9. 9.
  10. 10.
    Poucheret, F., Tobich, K., Lisarty, M., Chusseauz, L., Robissonx, B., Maurine, P.: Local and direct EM injection of power into CMOS integrated circuits. In: FDTC, pp. 100–104. IEEE, Nara (2011). http://ieeexplore.ieee.org/document/6076472/
  11. 11.
    Tobich, K., Maurine, P., Liardet, P.-Y., Lisart, M., Ordas, T.: Voltage spikes on the substrate to obtain timing faults. In: 2013 Euromicro Conference on Digital System Design, DSD 2013, Los Alamitos, CA, USA, pp. 483–486, 4–6 September 2013. http://ieeexplore.ieee.org/document/6628318/
  12. 12.
    Anceau, S., Bleuet, P., Clédière, J., Maingault, L., Rainard, J., Tucoulou, R.: Nanofocused X-ray beam to reprogram secure circuits. In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 175–188. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-66787-4_9 CrossRefGoogle Scholar
  13. 13.
  14. 14.
  15. 15.
    Biometric passport Protection Profile. https://www.sogis.org/uk/pp_en.html
  16. 16.

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.Temasek LaboratoriesNanyang Technological UniversitySingaporeSingapore
  2. 2.NinjaLabMontpellierFrance
  3. 3.UL Transaction SecurityBasingstokeUK

Personalised recommendations