52 Things: Number 38: What is the difference between a covert channel and a side-channel?
52件事:第38件:隐蔽通道和侧通道之间的区别是什么? This is the latest in a series of blog posts to address the list of '52 Things Every PhD Student Should Know To Do Cryptography': a set of questions compiled to give PhD candidates a sense of what they should know by the end of their first year. In this week, we discuss the difference between a covert channel and a side-channel.这是一系列博客文章中的最新一篇,旨在解决“每个博士生在做密码学时应该知道的52件事”:这是一组问题,旨在让博士生在第一年结束时了解他们应该知道什么。在本周,我们将讨论隐蔽通道和侧通道之间的区别。
Covert channels and side-channels are two types of information leakage channels.
隐蔽通道和侧通道是信息泄漏通道的两种类型。 A covert channel uses mechanisms that are not intended for communications, e.g., writing and checking if a file is locked to convey a “1” or “0”. In a covert channel an insider process leaks information to an outsider process not normally allowed to access that information. The insider (sending) process could be a Trojan horse program previously inserted stealthily into the computer. An outsider (receiving) process need only be an unprivileged process [1].
隐蔽通道使用不用于通信的机制,例如,写入和检查文件是否被锁定以传递“1”或“0”。在秘密通道中,内部进程将信息泄露给通常不允许访问该信息的外部进程。内部(发送)过程可能是以前偷偷插入计算机的特洛伊木马程序。一个外部(接收)进程只需要是一个没有特权的进程[1]。
In side-channel attacks, also known as passive non-invasive attacks, the cryptographic device is essentially attacked as it is, i.e. only directly accessible interfaces are exploited. The device is not permanently altered and therefore no evidence of an attack is left behind. The basic idea of side-channel attacks is to determine the secret key of a cryptographic device by measuring its execution time, its power consumption, or its electromagnetic field [2].
在侧信道攻击(也称为被动非侵入性攻击)中,加密设备本质上是按原样受到攻击的,即仅利用直接可访问的接口。该设备没有被永久更改,因此没有留下任何攻击的证据。侧信道攻击的基本思想是通过测量加密设备的执行时间、功耗或电磁场来确定其密钥[2]。 In a physical side-channel attack, unconventional techniques are used to deduce secret information. Typically, the device has been stolen or captured by the adversary who then has physical access to it for launching a physical side-channel attack. Traditional side-channel attacks involved differential power analysis and timing analysis. Different amounts of power (or time) used by the device in performing an encryption can be measured and analysed to deduce some or all of the key bits. The number of trials needed in a power or timing side-channel attack could be much less than that needed in mathematical cryptanalysis [1].
在物理侧信道攻击中,使用非常规技术来推断秘密信息。通常,该设备已被对手窃取或捕获,然后对手可以物理访问该设备以发起物理侧信道攻击。传统的侧信道攻击涉及差分功率分析和定时分析。可以测量和分析设备在执行加密时使用的不同电量(或时间),以推断出一些或全部密钥位。功率或定时侧信道攻击所需的试验次数可能远少于数学密码分析[1]所需的次数。 In software side-channel attacks a victim process inadvertently assumes the role of the sending process, and a listening (attacker) process assumes the role of the receiving process. If the victim process is performing an encryption using a secret key, a software side-channel attack allows the listening process to get information that leads to partial or full recovery of the key [1].
在软件侧通道攻击中,受害者进程无意中扮演发送进程的角色,而侦听(攻击者)进程扮演接收进程的角色。如果受害者进程正在使用密钥执行加密,则软件侧通道攻击允许侦听进程获取导致密钥部分或全部恢复的信息[1]。 标签:What,38,process,covert,52,side,channel,通道 From: https://www.cnblogs.com/3cH0-Nu1L/p/18107518