USF Computer Science and Engineering Assistant Professor Mehran Mozaffari Kermani
is the Principal Investigator (PI) for a 4-year, $500,000 National Institute of Standards
and Technology (NIST) federal agency grant to carry on fundamental research for the
project titled Investigating Active Side-Channel Attacks and Developing Countermeasures
for Standardization of Lightweight Cryptography.
Lightweight embedded hardware and software computing systems have been utilized traditionally
to provide efficiency in diverse usage models. These usage models range from active/passive
near-field communication (NFC), implantable medical devices, and smart buildings/fabrics
to the sensitive Internet of nano-Things in military front-fields. The emerging changes
in the usage models of embedded systems (referred to as deeply-embedded architectures
to reflect these changes), suggest that traditional security solutions through cryptographic
architectures either fail in terms of security or provide sub-optimal efficiency (fail
in lightweight applications). The tight resource constraints (calling for lightweight
security) and extremely-sensitive nature of deeply-embedded systems create larger
attack surface compared to traditional systems. Because of such gaps and security
concerns that will plague these emerging systems, one needs to propose new research
trends and feasibly execute them without jeopardizing the required security properties.
This project is in line with NIST鈥檚 lightweight cryptography initiative, providing
sensitive and constrained applications with new research routes to have feasible security.
Such feasible mechanisms need to be secure against implementation attacks and any
countermeasure provided needs to have the lightweight nature of such crypto-solutions
intact. For the applications such as implantable medical devices where replacing batteries
would require surgery and could be life-threatening, this is of significant importance
(for example, cardiac devices are often expected to run for over 10 years on a limited
size battery). The limited battery capacity, in turn, places stringent limits on processor
capability and memory size. In this project, considering these knowledge gaps, devising
secure and fault attack immune architectures considering the bottlenecks of traditional
security solutions for embedded systems is investigated. Moreover, the project plans
to explore the potential adverse effects of the devised countermeasures to vulnerability
to the attacks based on the leaked information gained from power consumption traces
(power analysis attacks) in deeply-embedded systems.
The goal of this four-year project is exploring a paradigm shift in fault analysis
attack immunity for lightweight cryptographic architectures without compromising false-alarm
resiliency, energy efficacy, and resistance to power analysis attacks. For the first
time, the project proposes architectures for lightweight cryptographic authenticated
encryption and respective implementation attack countermeasures through the results
of case studies for hash-counter-hash lightweight architectures including false-alarm-immune
architectures to counteract distrust. This project鈥檚 duration is from April 2020 to
April 2024.