TIMING ATTACKS ON INFORMATION IN UNTRUSTED ENVIRONMENTS
V. A. Minaev, E. V. Zelentsova, S. S. Petrov
The relevance of improving the software and algorithmic protection of hardware devices operating in untrusted environments (UTE), due to the fact that they are most likely to be exposed to the purpose of disruption of their internal structure. The purpose of the article is to analyze, evaluate the effectiveness, and predict the development of promising tools and methods of attacks on information in the UTE. The article discusses the main characteristics of attacks on information in untrusted environments. A detailed analysis of these characteristics is given. Attention is paid to algorithmic and hardware methods of information protection from time attacks. Among these attacks are considered using cache memory, analysis of power consumption and characteristics of electromagnetic fields. The advantages of attacks over other methods of side-channel attacks are shown: no expensive laboratory equipment is required; they can be implemented remotely, without physical access to the attacked information security tool; can be included as part of a complex attack. The disadvantages of time attacks are: the need for high accuracy of determining the time of the encryption operation; the requirement of a large amount of data for analysis; understanding of all the features of the implementation of the algorithm used in this type of processor, its architecture; the availability of access to the cache memory used by the process under study. Among the shortcomings of the methods of countering attacks over time are: they are not complex; they can create a side channel of information leakage; there are no estimates of their effectiveness. The results are valuable in the practical organization of information protection in UTE.
Keywords: : information protection, untrusted environment, time attack, energy consumption analysis, electromagnetic field, algorithmic and hardware methods.