원문정보
초록
영어
In cryptography module, a side-channel attack is any attack based on information gained from the physical implementation of a cryptosystem, rather than brute force or theoretical weaknesses in the algorithms (compare cryptanalysis). For example, timing information, power consumption, electromagnetic leaks or even sound can provide an extra source of information which can be exploited to break the system. So the advanced many countries are conducting CMVP (Cryptographic Module Validation Program) to manage cryptographic module of safe IT product. But, systematic method that CMVP is such yet is unprepared.
In this paper, we survey about method of side-channel attack and analysis tools about side-channel attack. And we analysis PP (Protection Profile) in CC (Common Criteria) of smart card, identity card, electric money card and electric passport. Finally we suggest safety evaluation method about side-channel attack in CMVP.
목차
1. Introduction
2. What is the Side-Channel Attack?
2.1 Timing Attack (TA)
2.2 Fault Attack (FA)
2.3 Power Analysis Attack
3. Analysis of Evaluation scheme relative with Side-Channel Attacks
3.1 CMVP (Cryptographic Module Validation Program)
3.2 Smart Card Protection Profile
4. Analysis of Testing Tool
4.1 Sideways
4.2 Brightlight
4.3 Inspector
4.4 PINPAS
4.5 Comparison and Analysis
5. Conclusions
References