SWORD | Security Without Obscurity for Reliable Devices

Summary
Cryptographic implementations are traditionally evaluated based on a trade-off between security and efficiency. However, when it comes to physical security against attacks exploiting side-channel leakages or fault insertions, this approach is limited by the difficulty to define the adversaries (e.g. their knowledge about the target implementation) and to specify sound physical assumptions. Quite naturally, the problem becomes even more challenging in contexts where implementations can be maliciously modified during design or fabrication via so-called hardware Trojans. To a large extent, these vulnerabilities echo the general challenge of restoring trust that is faced by cryptographic research in view of the recent Snowden revelations. In this context, we believe that the design of small components able to perform secure computations locally will be an important building block of future information systems. For this purpose, the SWORD project envisions a paradigm shift in embedded security, by adding trust as an essential element in the evaluation of physically secure objects. Our two main ingredients to reach this ambitious goal are a good separation between mathematics and physics, and improved transparency in security evaluations. That is, we want cryptographic implementations to rely on physical assumptions that can be empirically verified, in order to obtain sound security guarantees based on mathematical proofs or arguments. And we want to make the empirical verification of physical assumptions more transparent, by considering open source hardware and software. By allowing adversaries and evaluators to know implementation details, we expect to enable a better understanding of the fundamentals of physical security, therefore leading to improved security, efficiency and trust in the longer term. That is, we hope to establish security guarantees based on a good understanding of the physics, rather than the (relative) misunderstanding caused by closed systems.
Unfold all
/
Fold all
More information & hyperlinks
Web resources: https://cordis.europa.eu/project/id/724725
Start date: 01-09-2017
End date: 31-08-2023
Total budget - Public funding: 1 997 661,34 Euro - 1 997 661,00 Euro
Cordis data

Original description

Cryptographic implementations are traditionally evaluated based on a trade-off between security and efficiency. However, when it comes to physical security against attacks exploiting side-channel leakages or fault insertions, this approach is limited by the difficulty to define the adversaries (e.g. their knowledge about the target implementation) and to specify sound physical assumptions. Quite naturally, the problem becomes even more challenging in contexts where implementations can be maliciously modified during design or fabrication via so-called hardware Trojans. To a large extent, these vulnerabilities echo the general challenge of restoring trust that is faced by cryptographic research in view of the recent Snowden revelations. In this context, we believe that the design of small components able to perform secure computations locally will be an important building block of future information systems. For this purpose, the SWORD project envisions a paradigm shift in embedded security, by adding trust as an essential element in the evaluation of physically secure objects. Our two main ingredients to reach this ambitious goal are a good separation between mathematics and physics, and improved transparency in security evaluations. That is, we want cryptographic implementations to rely on physical assumptions that can be empirically verified, in order to obtain sound security guarantees based on mathematical proofs or arguments. And we want to make the empirical verification of physical assumptions more transparent, by considering open source hardware and software. By allowing adversaries and evaluators to know implementation details, we expect to enable a better understanding of the fundamentals of physical security, therefore leading to improved security, efficiency and trust in the longer term. That is, we hope to establish security guarantees based on a good understanding of the physics, rather than the (relative) misunderstanding caused by closed systems.

Status

CLOSED

Call topic

ERC-2016-COG

Update Date

27-04-2024
Images
No images available.
Geographical location(s)
Structured mapping
Unfold all
/
Fold all
Horizon 2020
H2020-EU.1. EXCELLENT SCIENCE
H2020-EU.1.1. EXCELLENT SCIENCE - European Research Council (ERC)
ERC-2016
ERC-2016-COG