13 Hardware cryptography

 

This chapter covers:

  • The issues that cryptography faces in highly-adversarial environments.
  • The solutions that hardware offers to improve the attacker’s cost in such environements.
  • How software mitigations can also help cryptography against side-channel attacks.

At some point, writing cryptographic applications, you end up realizing that you have a number of short-term and long-term keys, and you have to make sure nobody can steal them. It means you’re standing in the world of key management. Makes sense right? You’ve seen some of that in previous chapters, but in this chapter we’ll do things a bit differently: we’ll look at how key management and cryptography can be done in highly-adversarial environments. Environments where the attacker is much more powerful than the typical scenarios we’ve looked at so far.

Let’s first introduce this concept in the next section. The rest of this chapter will then survey the different techniques that allow us to continue to do interesting things in spite of these constraints. Spoiler alert: it involves using specialized hardware. Finally, we’ll see how cryptographic primitives have adapted to these highly-adversarial environments.

13.1  Modern cryptography attacker model

 
 

13.2  Untrusted environments: hardware to the rescue

 
 

13.2.1  Whitebox cryptography, a bad idea

 
 
 
 

13.2.2  You probably have one in your wallet: smart cards

 
 

13.2.3  Secure elements: a generalization of smart cards

 
 

13.2.4  Enforcing user intent with hardware security tokens

 
 
 

13.2.5  Trusted Platform Modules (TPMs): a useful standardization of secure elements

 
 

13.2.6  Banks love them: hardware security modules (HSMs)

 
 

13.2.7  Modern integrated solutions: Trusted Execution Environment (TEE)

 
 
 
 

13.3  What solution is good for me?

 
 
 

13.4  Leakage-resilient cryptography - or how to mitigate side-channel attacks in software

 
 
 
 

13.4.1  Constant-Time Programming

 
 
 

13.4.2  Don’t use the secret! Masking and blinding

 
 
 

13.4.3  What about fault attacks?

 
 
 

13.5  Summary

 
 
sitemap

Unable to load book!

The book could not be loaded.

(try again in a couple of minutes)

manning.com homepage
test yourself with a liveTest