Side-Channel Resistant Cryptosystems for High-Bandwidth Memories
Modern Solid-State Drives (SSD) embedded in Personal Computer (PC), datacenter and automotive application environments, offer a set of security properties for the computing system to which they are connected. Among such properties there are the authentication of the memory module, and the confidentiality and integrity of user data. To achieve the former, a per-device unique secret needs to be either stored securely or derived from the inherent properties of each device. As for the latter, in order to ensure the confidentiality and integrity of user data, cryptographic systems are usually employed, generically called ?self-encryption technologies?, that enable the drive to autonomously encrypt the received data before storing it into a non-volatile SSD, e.g., NAND. Such cryptosystems thus guarantee the aforementioned properties, without decreasing the performance figures of the device itself, and with providing protection against physical threats, where an attacker might attempt at extracting data from the device without the consent of the owner.
However, secret storage has proven to be vulnerable against physical readout attacks, and the cryptosystems employed in both authentication and data protection schemes might be vulnerable against Side-Channel Attacks. The objective of this research is then to assess the susceptibility of real-world devices against Side-Channel Attack methodologies, including non-profiled and profiled attacks. Furthermore, the research should design cryptographic systems that are able to withstand the bandwidth and latency requirements of storage devices, e.g., SSD, and that, at the same time, can provide mitigations against Side-Channel Attacks. Finally, a suitable solution to the guarantee of the device identity should be studied and developed.
Back to Current Students