Smart security management in secure devices - Mines Saint-Étienne
Journal Articles Journal of Cryptographic Engineering Year : 2016

Smart security management in secure devices

Abstract

Among other threats, secure components aresubjected to physical attacks whose aim is to recoverthe secret information they store. Most of the work carried out to protect these components generally consistsin developing protections (or countermeasures) takenone by one. But this “countermeasure-centered” approach drastically decreases the performance of the chipin terms of power, speed and availability. In order toovercome this limitation, we propose a complementaryapproach: smart dynamic management of the whole setof countermeasures embedded in the component. Threemain specifications for such management are requiredin a real world application (for example, a conditionalaccess system for Pay-TV): it has to provide capabilities for the chip to distinguish between attacks and normal use cases (without the help of a human being andin a robust but versatile way); it also has to be basedon mechanisms which dynamically find a trade-off between security and performance; all these mecanismshave to be formalized in a way that is clearly understandable by the designer. In this article, a prototype implementing such a security management system isdescribed. The solution is based on a double-processorarchitecture: one processor embeds a representative setof countermeasures (and mechanisms to define their parameters) and executes the application code. The second processor, on the same chip, applies a given securitystrategy, but without requesting sensitive data from thefirst processor. The chosen strategy is based on fuzzylogic reasoning to enable the designer to describe, using a fairly simple formalism, both the attack paths andthe normal use cases. A proof of concept has been proposed for the smart card part of a conditional accessfor Pay-TV, but it could be easily fine-tuned for otherapplications.
Fichier principal
Vignette du fichier
2015-670.pdf (476.87 Ko) Télécharger le fichier
Origin Files produced by the author(s)

Dates and versions

emse-01447976 , version 1 (08-12-2023)

Identifiers

Cite

Bruno Robisson, Michel Agoyan, Patrick Soquet, Sébastien Le-Henaff, Franck Wajsbürt, et al.. Smart security management in secure devices. Journal of Cryptographic Engineering, 2016, ⟨10.1007/s13389-016-0143-4⟩. ⟨emse-01447976⟩
284 View
42 Download

Altmetric

Share

More