Who cares about side-channel attacks?
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Fri Oct 24 22:25:25 EDT 2008
Thierry Moreau <thierry.moreau at connotech.com> writes:
>I find the question should be refined.
It could if there was a large enough repondent base to draw samples from :-).
This is one of those surveys that can never be done because no vendor will
publicly talk to you about security measures in their embedded systems.
In fact none of the people/organisations I queried about this fitted into any
of the proposed categories, it was all embedded devices, typically SCADA
systems, home automation, consumer electronics, that sort of thing, so it was
really a single category which was "Embedded systems". Given the string of
attacks on crypto in embedded devices (XBox, iPhone, iOpener, Wii, some
not-yet-published ones on HDCP devices :-), etc) this is by far the most
at-risk category because there's a huge incentive to attack them, the result
affects tens/hundreds of millions of devices, and the attacks are immediately
and widely actively exploited (modchips/device unlocking/etc, an important
difference between this and academic proof-of-concept attacks), so this is the
one where I'd expect the vendors to care most.
>Also, for organizations mandated to comply with IT security
>certification/guidelines/best-practice, a risk analysis is performed to
>keep the auditor at bay, in which SCA protection has very little chance
>of even merely being mentioned. How can the SCA protection mechanism fit
>the risk analysis discipline? I.e., is it possible to even define SCA
>protection in a way that might trigger interest from security
>consultants or their clients?
Actually that's a special case, or more generally having certification/
auditing requirements (which a private-email responder also mentioned) is a
special case in that the risk analysis is now "if I don't do this I don't get
sign-off" rather than "it makes good security sense to do this so we'll do
it". In the immortal words of the Bastard Operator from Hell, when you have
the audit/certification gun pointed at someone's head you can pretty much
"[get them to] to run naked across campus with a power-cord rammed up [their]
backside" and they'd do it not because they thought it was a terribly good
idea but because they had a gun pointed at their head.
An associated problem with this is that if vendors are motivated solely by
checkbox requirements then they'll often ship the product in a non-approved
mode (coughFIPS140cough) to reduce manufacturing or support costs/increase
performance/increase ease of use/whatever. It's a nasty catch-22, hold a gun
to someone's head and they'll only do what you tell them for as long as the
gun is applied.
Getting back to the SCADA/home automation/consumer electronics embedded
market, the only certification that applies is the likes of FCC Class B, ROHS,
CE, and UL. This is why I was interested in finding cases (or
counterexamples) of informed-consent use of SCA countermeasures, because in
the general embedded-systems case vendor cost/benefit analysis is the only
deciding factor on whether it gets used or not, and vendors seem to be
deciding (from my own experience and some private-email replies) that it's not
worth it.
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list