Use this URL to cite or link to this record in EThOS: https://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.787670
Title: Side channel attacks on IoT applications
Author: Yan, Yan
Awarding Body: University of Bristol
Current Institution: University of Bristol
Date of Award: 2019
Availability of Full Text:
Access from EThOS:
Access from Institution:
Abstract:
The Internet of Things (IoT) has become a reality: small connected devices feature in everyday objects including childrens' toys, TVs, fridges, heating control units, etc. Supply chains feature sensors throughout, and significant investments go into researching next-generation healthcare, where sensors monitor wellbeing. A future in which sensors and other (small) devices interact to create sophisticated applications seems just around the corner. All of these applications have a fundamental need for security and privacy and thus cryptography is deployed as part of an attempt to secure them. This thesis explores a particular type of security threat against IoT devices, namely side channel attacks (SCA), that has been proven only more powerful over the years. In brief, a side channel attack targets the implementation of security measures and recovers secret data by exploiting execution related information. For instance, secret keys can be recovered by statistically analysing the timing or power consumption of the execution of cryptographic algorithms, or sometimes results of faulty executions; data protected in encrypted packets can be revealed by the length of packets and timing of responses. Three vulnerabilities in IoT applications have been identified in this work including a flawed Random Number Generator (RNG) design, an effective application of Differential Power Analysis (DPA) and the practicability of Traffic Analysis (TA). These vulnerabilities commonly exist in many IoT scenarios and thus should be taken into account when designing new applications.
Supervisor: Oswald, Elisabeth ; Tryfonas, Theo Sponsor: Not available
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID: uk.bl.ethos.787670  DOI: Not available
Share: