REGISTER | LOGIN
Home    Bloggers    Blogs    Article Archives    Messages    About Us   
Tw  |  Fb  |  In  |  Rss
Maxim Integrated - Integration Nation
Blaine Bateman

Can We Use Analog Circuits for Cryptography?

Blaine Bateman
Page 1 / 3   >   >>
eafpres1
eafpres1
12/12/2013 12:41:18 AM
User Rank
Blogger
Private key schems
One area this method might be particularly well suited for is private key schemes.  In those schemes, the key is a secret, and since it is indistinguishable from a randome number, the brute force attack requires at least O(2^n) trials where n is teh number of bits in the key.  Concpetually an analog circuit with millions of junctions woudl then be very hard to brute force (i.e. try all possible values from 0 to 2^n.).

50%
50%
Netcrawl
Netcrawl
12/13/2013 8:33:44 AM
User Rank
Master
Re: Private key schems
@easpres goods point, @Blaine that was great! thanks for a great article, @Blaine most of today's cryptographics RFID are based on ciphers and we got some serious challenges because adversaries are making some great advances when it comes to seeking new ways in extracting crucial info and keys, side-channel attack is a serious stuff its target the physical implementation (looking for flaw)of a cipher.      

50%
50%
Victor Lorenzo
Victor Lorenzo
12/13/2013 5:05:00 PM
User Rank
Blogger
Side Channel Attack
@Blaine, "(...)if it has the proper authentication can be hacked if it always returns false faster than it returns true"

Not exactly that way. By itself, the resulting time for the algorithm execution is not enough for inferring the secret key. It is almost meaningless if the cypher/decypher block/function is not part of the previous knowledge about the system's security architecture.

But it does provides extra information for improving the strategy in some other types of attacks.

50%
50%
Victor Lorenzo
Victor Lorenzo
12/13/2013 5:12:50 PM
User Rank
Blogger
Re: Private key schems
@eafpres: "the brute force attack requires at least O(2^n) trials where n is teh number of bits in the key". Depending on the (de)cyphering algorithm some key bits are combined with others or simply ignored (like in DES). That reduces the key values space and is generally considered a weakness. Some relatively new cryptographic algorithms effectively address that issue.

50%
50%
Victor Lorenzo
Victor Lorenzo
12/13/2013 5:27:01 PM
User Rank
Blogger
Re: Private key schems
@Netcrawl, "most of today's cryptographics RFID are based on ciphers"

Some Cryptographic RFIDs (like TI's) are being reported cracked down from 2005 (or even earlier in some other cases). Some tag security schemes were broken due to the fact that they were not using robust cipher/decipher algorithms, some others for using unidirectional ciphered/MACed messages (without using mutual three pass authentication for generating a session key), some because of the usage of non true random generators for generating the challenges and some others by using some side channel attacks like DPA in the case of the DESFire D40.

50%
50%
eafpres1
eafpres1
12/13/2013 8:54:17 PM
User Rank
Blogger
Re: Side Channel Attack
Hi Victor--thanks for all your comments.  I think over time it will become required in many engineering curriculae to have at least introductory cryptography.  As more and more things are connected somewhere, and much over internet, security issues keep growing.

In my remarks I admit I was being simplistic; my point is that side channel attacks result from introducing some non-random bias that is detectable; once an attacker has that, they gain "advantage" (in the language of crypto) meaning that there is some path of discovery that is easier or less computationally intensive than a brute force attack.  The particular details are sometimes quite amazing; there are some very, very smart bad guys out there.

My overall message is that there could be routes in the future using analog cryptography that are better for certain steps of a secure process, whether that is AES or some future scheme.  The main goal is around finding a function which is as indistinguishable from random as possible.  This is where prime factorization and elliptic curves come in.  If you can do it with just a measurement of a chip, for certain applications that has merit.

50%
50%
Victor Lorenzo
Victor Lorenzo
12/14/2013 3:47:36 AM
User Rank
Blogger
Re: Side Channel Attack
Hi Blane, I agree with you in that "The main goal is around finding a function which is as indistinguishable from random as possible". Something that is currently in use and adds strength to overall system security is using variable secret keys, keys that change on every block cipher run, this adds another level of entropy to resulting ciphered text. This way the resulting ciphered texts for two (consecutive or not) cipher runs on the same plain-text message produce two different results.

50%
50%
Victor Lorenzo
Victor Lorenzo
12/14/2013 3:56:10 AM
User Rank
Blogger
Re: Side Channel Attack
@Blane, I also agree with you on that "As more and more things are connected somewhere, and much over internet, security issues keep growing". We've seen several studies regarding security in in-car networks. It's scaring to see how easy it is to make the car controls do really crazy and dangerous things. And part of it's root cause resides in that, perhaps, the designers did not pay enough attention to security vulnerabilities in their code/implementations and possible attacks.

Thanks for the post!

50%
50%
eafpres1
eafpres1
12/14/2013 12:30:48 PM
User Rank
Blogger
Re: Side Channel Attack
@Victor--related to your point about car network security, I won't be installing a front door lock that can be opened by my smartphone and is connected to the WiFi for exactly these reasons.  The maturity of the industry pushing hard for IoT is not sufficient, in my opinion, in many cases.  The do it yourself (DIY) products being sold at the consumer level I expect will be shown at risk in the future.

50%
50%
etnapowers
etnapowers
12/16/2013 5:40:58 AM
User Rank
Master
Re: Side Channel Attack
@Blaine, good point: the presence of a  front door lock that can be opened by a smartphone could be utilized by the  thieves to intercept the signal if a proper level of security is not guaranteed. 

50%
50%
Page 1 / 3   >   >>
More Blogs from Blaine Bateman
Google "proved" the D-Wave 2 they operate jointly with NASA (mainly paid for by Google) can operate "up to ∼ 108 times faster".
I've written before about the impact the Internet of Things (IoT) will have on electronics sales including the special role played by analog devices in IoT.
Until about a decade ago, thermal energy was considered almost entirely as an analog, bulk phenomena.
Unless you live in a cave without any media access (which, I suppose, would preclude your reading this blog) you have heard about the Internet of Things (IoT).
With large scale integration of analog functions, we can probably bring eyesight to the blind.
flash poll
follow Planet Analog on Twitter
Planet Analog Twitter Feed
like us on facebook
Planet Analog
About Us     Contact Us     Help     Register     Twitter     Facebook     RSS