side-channel attack
kõrvalkanalrünne, külgkanalrünne
olemus
liik krüptosüsteemi või parooli ründeid, on suunatud mitte algoritmi või parooli nõrkustele, vaid füüsilise ja/või programmilise teostuse nõrkustele, põhineb kaasnevate nähtuste uurimisel (elektromagnetkiirguse iseloom, energiatarbe dünaamika, signaalide ajastus, soojusmuster jms)
ISO/IEC 29192-1:
attack based on information gained from the physical implementation of a cryptosystem, rather than on brute force or theoretical weaknesses in the underlying algorithms
EXAMPLE:Timing information, power consumption, or electromagnetic emissions can provide extra sources of information and can be exploited to attack the system.
ülevaateid
https://www.techtarget.com/searchsecurity/definition/side-channel-attack
https://en.wikipedia.org/wiki/Side-channel_attack
https://www.iaik.tugraz.at/wp-content/uploads/teaching/information-security/S2_Sidechannels1.pdf
https://csrc.nist.gov/csrc/media/events/physical-security-testing-workshop/documents/papers/physecpaper19.pdf
https://escholarship.org/uc/item/1xb249zt
http://cacm.acm.org/magazines/2016/6/202646-physical-key-extraction-attacks-on-pcs/fulltext
https://www.blackhat.com/docs/us-16/materials/us-16-Hornby-Side-Channel-Attacks-On-Everyday-Applications.pdf
https://summerschool-croatia.cs.ru.nl/2016/slides/FX_June%206.pdf
http://www.cse.iitm.ac.in/~chester/courses/16e_cns/slides/07_SCA.pdf
https://perso.uclouvain.be/fstandae/PUBLIS/42.pdf
https://eprint.iacr.org/2022/253.pdf
https://cyber.gouv.fr/sites/default/files/IMG/pdf/Success_through_confidence_Evaluating_the_effectiveness_of_a_side-channel_attack.pdf
https://perso.uclouvain.be/fstandae/PUBLIS/34.pdf
tõrje
https://www.iacr.org/archive/eurocrypt2013/78810139/78810139.pdf
https://www.ijcsmc.com/docs/papers/April2016/V5I4201632.pdf
https://www.darkreading.com/vulnerabilities---threats/side-channel-attacks-and-the-importance-of-hardware-based-security/a/d-id/1331976
http://www.safecrypto.eu/wp-content/uploads/2015/02/SAFEcrypto_D7.1-Approved.pdf
https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-alam.pdf
vt ka
- kõrvalkanal