CINI MINIS: Domain Isolation for Fault and Combined Security
- Observation and manipulation of physical characteristics are well-known and powerful threats to cryptographic devices. While countermeasures against passive side-channel and active fault-injection attacks are well understood individually, combined attacks, i.e., the combination of fault injection and side-channel analysis, is a mostly unexplored area. Naturally, the complexity of analysis and secure construction increases with the sophistication of the adversary, making the combined scenario especially challenging. To tackle complexity, the side-channel community has converged on the construction of small building blocks, which maintain security properties even when composed. In this regard, Probe-Isolating Non-Interference (PINI) is a widely used notion for secure composition in the presence of side-channel attacks due to its efficiency and elegance. In this work, we transfer the core ideas behind PINI to the context of fault and combined security and, from that, construct the first trivially composable gadgets in the presence of a combined adversary.
| Author: | Jakob FeldtkellerORCiDGND, Jan Richter-BrockmannORCiDGND, Pascal SasdrichORCiDGND, Tim GüneysuORCiDGND |
|---|---|
| URN: | urn:nbn:de:hbz:294-109912 |
| DOI: | https://doi.org/10.1145/3548606.3560614 |
| Parent Title (English): | CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security |
| Publisher: | Association for Computing Machinery |
| Place of publication: | New York City, New York |
| Document Type: | Conference Proceeding |
| Language: | English |
| Date of Publication (online): | 2024/03/01 |
| Date of first Publication: | 2022/11/07 |
| Publishing Institution: | Ruhr-Universität Bochum, Universitätsbibliothek |
| Tag: | Combined Attacks; Fault-Injection Analysis; Gadgets; Probe-Isolating Non-Interference; Side-Channel Analysis |
| Volume: | 2022 |
| First Page: | 1023 |
| Last Page: | 1036 |
| Institutes/Facilities: | Horst Görtz Institut für IT-Sicherheit |
| Dewey Decimal Classification: | Allgemeines, Informatik, Informationswissenschaft / Informatik |
| open_access (DINI-Set): | open_access |
| faculties: | Fakultät für Informatik |
| Licence (English): |  Creative Commons - CC BY 4.0 - Attribution 4.0 International |
