| Popis: |
Authentication in GSM networks uses COMP128, which is vulnerable to side-channel attack called partitioning attack. On the device constrained in resources, such as SIM-card, table lookups are quite unreliable, so the attack can be carried out using up to 1000 queries. Proposed method — combined side-channel attack — can speed up key retrieving. Partitioning attack measures only power consumption, while it can be combined with timing attack, fault injection or probing attack. Study of combination with timing attack shows that it will be the least effective variant, because used in COMP128 operations are not vulnerable to timing attack. Probing attack gives way more opportunities as it is invasive attack. Increased number of rounds that can be monitored give 8-time speed gain. However, best combination of non-invasive execution and efficiency is fault injection attack. This combination gives the opportunity of power measurement on each round and reduces quantity of needed queries by 8 times as well. Despite the increased speed of the attack, defence against combined attacks comes down to defence against the weakest component. |
