Military & Aerospace Electronics editor John Keller recently confirmed that cyber warfare and cyber security are “hot issues” in the aerospace and defense electronics industry.
“Cyber security is considered to be one of the few growth areas in the defense business, and the Pentagon is pouring millions of dollars into safeguarding the military from malicious computer hackers,” writes Keller.
“Still, neither the military, private business, nor crucial public concerns like power utilities, energy pipeline operations, and water treatment plants are adequately prepared today to resist determined cyber attacks.”
As Austin W. Fritzke, Second Lieutenant, USAF, notes, information security is absolutely critical to ensuring the defense of the United States. It is therefore important, says Fritzke, for sensitive data to remain intact even after hostile elements gain access to a system. More specifically, data should be encrypted to ensure the secure storage and transfer of information.
“Encryption is defined as the process of transforming information using an algorithm to make it unintelligible to anyone except those possessing a secret key,” Fritzke wrote in 2012 USAF report.
“There are two main types of cryptographic algorithms commonly used today: public and symmetric key encryption. By encrypting data, a user prevents all but the authorized parties from accessing the protected information.”
As Fritzke points out, the current standard for symmetric key cryptography is the Advanced Encryption Standard (AES). This algorithm is based on computational security, meaning that the encrypted message can only be broken if an attacker has sufficient time and resources. Fortunately, a computationally secure algorithm such as AES would require more time and computational resources than is currently available – making it nearly impossible to break the encrypted message in any reasonable timeframe.
“However, there have been ways found to circumvent the computational security of cryptographic algorithms and to decipher the messages without significant difficulty,” Fritzke explained.
“Often overlooked when designing secure algorithms is that the hardware used to process the encryption is vulnerable to side channel analysis (SCA), an unobtrusive attack capable of defeating even the most computationally secure systems.”
Power analysis attacks – discovered by Rambus’ Paul Kocher – are effective against both public and symmetric key encryption algorithms.
“While the algorithms may be secure on paper, power analysis evaluates the power used by circuits performing the encryption or decryption process. Power usage can be measured on a transistor level and is heavily dependent upon the data,” Fritzke continued.
“Because of this ability, patterns form which correlate to the message trying to be protected. The benefits of power analysis are that it is fast and unobtrusive. All an adversary has to do is achieve close proximity to the device performing the encryption for a given period of time. This vulnerability is too great to ignore and must be addressed before true information security can be achieved.”
To be sure, protecting government and military systems from cyber adversaries requires a hardware-centric security approach that thwarts hostile electronic eavesdropping by implementing a variety of Simple Power Analysis (SPA) and Differential Power Analysis (DPA) countermeasures. These include adding amplitude and temporal noise, incorporating randomness and minimizing observable data-dependent variations within the side channel.
Perhaps the most effective method of thwarting side-channel attacks is to start with the core itself. This approach helps to ensure that the processing components powering warfighter equipment are immune to hostile eavesdropping from the moment they roll off the production line.
It should be noted that Rambus offers both AES-128 and AES-256 cryptographic cores, both of which are fully capable of resisting both first– and second– order DPA attacks up to 10 million traces. The cores can also be optimized based on size, speed and security level requirements.
Interested in learning more? You can check out our official DPA resistant AES core here and browse our DPA countermeasures portfolio here.
Leave a Reply