CASED is funded by
"RESIST" project of the Federal Ministry of Education and Research (BMBF) started under the leadership of the Fraunhofer SIT
RESIST - Methods and tools for safeguarding embedded and mobile systems against attacks of the next generation
July 1st marked the start of the "RESIST" research project of the Federal Ministry of Education and Research under the direction of Prof. Claudia Eckert, Manager of the Fraunhofer Institute for Secure Information Technology. For the Technical University Darmstadt the CASED scientists Prof. Sorin A. Huss and Prof. Johannes Buchmann are taking part. For the Bundesamt für Sicherheit in der Informationstechnik (BSI) CASED scientist Prof. Werner Schindler is taking part. It is the goal of the project to reduce the economic damages resulting from weak points in electronic access and authentication systems.
The security and reliability of embedded and mobile systems and their integration in existing IT landscapes will gain considerably in significance in the future. This applies particularly to the attack resistance of security-critical embedded and mobile systems with respect to so-called side-channel attacks and error-provoking attacks.
In order to optimize this attack resistance, scientists in RESIST will develop sophisticated analyses of security leaks of programmable circuits, chip cards, and selected security software and propose evaluation criteria. Then, on this basis, methods and protective techniques are to be developed to build resistance to attacks of the next generation as well as corresponding verification methods.
For this purpose, engineering knowledge is to be combined with mathematical methods. In a third project step an attempt will be made to translate into practice resistant software and hardware components, security modules, and reference implementations. The underwriting group of the research association is bringing together highly qualified partners from the areas of industry and research. The Federal Office for Security in Information Technology is associated as evaluator. (Source: BMBF)
Research work of the partner Technical University Darmstadt
The project partner, TU Darmstadt, is participating in close co-operation with the LOEWE Research Center CASED in RESIST in the field of basic research. The respective subprojects are under the direction of Prof. Sorin A. Huss, Dept. of Integrated Circuits and Systems and Manager of the CASED area of operation Secure Entities, as well as Prof. Johannes Buchmann, Dept. of Theoretical Computer Science, CASED Director and Manager of the CASED area of operation Secure Data. Another part project is led by CASED scientist Prof. Werner Schindler (BSI).
The focus is on algebraic side-channel analyses, the advanced theoretical development of side-channel attacks and stochastic analytical methods. On the basis of the results a novel type of methodology is to be elaborated and used for the construction of IT-secure, embedded systems.
In the future, the design tools are intended to enable even medium-sized businesses, e. g. in the area of the supply industry, to significantly improve the quality of the IT-based products developed by them, or to have the products improved by experts in available test and development laboratories.
Topical background
The security and reliability of embedded and mobile systems and their integration in existing IT landscapes will gain considerably in significance in the future, since the danger potential for security-critical IT systems is extremely high. Important here is the attack resistance of security-critical embedded and mobile systems with respect to so-called side-channel attacks and error-provoking attacks.
The focus of these types of attacks does not lie on possible algorithmic weak points, but rather on the utilization of existing implementation deficiencies. It is hereby attempted to selectively influence information that has been supplied unintentionally in order to access confidential information which is used by the respective security module.
For example, the attackers can thereby make use of the execution time of calculations or the power consumption, the electromagnetic radiation as well as calculation steps in an actual implementation. More sophisticated analysis processes for these classes of attacks are based on stochastic methods. These procedures, but in particular variants and advanced future models, belong to the next generation of attack techniques which represent a formidable risk for embedded and mobile systems.