SaTC: CORE: Small: An Automated Framework for Mitigating Single-Trace Side-Channel Leakage
North Carolina State University, Raleigh NC
Investigators
Abstract
Quantum computers can break existing cryptography algorithms (e.g., RSA - Rivest–Shamir–Adleman) that are used to secure data transmission in everyday applications, such as point-of-sale purchases and online payments. Post-quantum cryptography seeks new cybersecurity solutions for such applications that are resilient to quantum computer attacks. The National Institute of Science and Technology (NIST) is currently evaluating and standardizing such algorithms for mass-scale adoption. Although these algorithms can be shown to be theoretically secure, their practical implementation can be vulnerable to attacks. Specifically, adversaries can use the power consumption or electromagnetic radiation of a device running the cryptography algorithm to reverse-engineer computations and steal secret cryptographic keys. Therefore, practical deployment of next-generation cybersecurity standards requires protected software implementations against such attacks. At the same time, the validation and application of such defenses need automation to broadly address these vulnerabilities in a variety of computing devices. The project’s novelties are exposing unknown risks of software running post-quantum cryptography to reverse-engineering attacks and developing a new framework to automatically address those risks. The project’s broader significance and importance are improving national security and training a cybersecurity-aware science, technology, engineering and mathematics (STEM) workforce. This project analyzes side-channel security vulnerabilities in the software implementations of lattice-based cryptography algorithms that were chosen by NIST for post-quantum standardization. The primary research objective of this project is to develop a framework to automatically expose and mitigate single-trace side-channel vulnerabilities. Single-trace attacks aim to steal information from a single execution's leakage and are harder to mitigate than those needing repeated measurements. The project augments low-level virtual machine frameworks by applying static and dynamic program analysis to detect vulnerabilities, and by using program repair with randomization techniques to address the leakage. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
View original record on NSF Award Search →