1、BSI Standards PublicationBS ISO/IEC 17825:2016Information technology Security techniques Testingmethods for the mitigationof non-invasive attack classesagainst cryptographic modulesBS ISO/IEC 17825:2016 BRITISH STANDARDNational forewordThis British Standard is the UK implementation of ISO/IEC17825:2
2、016. The UK participation in its preparation was entrusted to TechnicalCommittee IST/33/3, Security Evaluation, Testing and Specification.A list of organizations represented on this committee can beobtained on request to its secretary.This publication does not purport to include all the necessarypro
3、visions of a contract. Users are responsible for its correctapplication. The British Standards Institution 2016.Published by BSI Standards Limited 2016ISBN 978 0 580 78158 2ICS 35.040Compliance with a British Standard cannot confer immunity fromlegal obligations.This British Standard was published u
4、nder the authority of theStandards Policy and Strategy Committee on 31 January 2016.Amendments/corrigenda issued since publicationDate T e x t a f f e c t e dBS ISO/IEC 17825:2016Information technology Security techniques Testing methods for the mitigation of non-invasive attack classes against cryp
5、tographic modulesTechonologie de linformation Techniques de scurit Methodes de test pour la protection contre les attaques non intrusives des modules cryptographiquesINTERNATIONAL STANDARDISO/IEC17825Reference numberISO/IEC 17825:2016(E)First edition2016-01-15 ISO/IEC 2016BS ISO/IEC 17825:2016ii ISO
6、/IEC 2016 All rights reservedCOPYRIGHT PROTECTED DOCUMENT ISO/IEC 2016, Published in SwitzerlandAll rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posti
7、ng on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below or ISOs member body in the country of the requester.ISO copyright officeCh. de Blandonnet 8 CP 401CH-1214 Vernier, Geneva, SwitzerlandTel. +41 22 749 01 11Fax +41 22
8、749 09 47copyrightiso.orgwww.iso.orgISO/IEC 17825:2016(E)BS ISO/IEC 17825:2016ISO/IEC 17825:2016(E)Foreword v1 Scope . 12 Normative references 13 Terms and definitions . 14 Symbols and abbreviated terms . 45 Document organization . 46 Non-invasive attack methods 47 Associated Security Functions 78 N
9、on-invasive Attack Test Methods . 98.1 Introduction 98.2 Test Strategy 98.3 Side-Channel Analysis Workflow 98.3.1 Core Test Flow 98.3.2 Side-Channel Resistance Test Framework 108.3.3 Required Vendor Information . 118.3.4 TA Leakage Analysis .128.3.5 SPA/SEMA Leakage Analysis 138.3.6 DPA/DEMA Leakage
10、 Analysis 149 Side-Channel Analysis of Symmetric-Key Cryptosystems .159.1 Introduction . 159.2 Timing Attacks . 159.3 SPA/SEMA 159.3.1 Attacks on Key Derivation Process 159.3.2 Collision Attacks 169.4 DPA/DEMA 169.4.1 Introduction 169.4.2 Test Vectors .189.4.3 Detailed Procedure .1910 ASCA on Asymme
11、tric Cryptography.2510.1 Introduction . 2510.2 Detailed Side-Channel Resistance Test Framework .2710.3 Timing Attacks . 2810.3.1 Introduction 2810.3.2 Standard Timing Analysis . 2810.3.3 Micro-Architectural Timing Analysis 2910.4 SPA/SEMA 2910.4.1 Introduction 2910.4.2 Standard SPA/SEMA 2910.4.3 Mar
12、kov SPA/SEMA 3010.5 DPA/DEMA 3010.5.1 Introduction 3010.5.2 Standard DPA/DEMA 3010.5.3 Address-Bit DPA/DEMA . 3211 Non-invasive attack mitigation pass/fail test metrics 3311.1 Introduction . 3311.2 Security Level 3 . 3411.2.1 Time Limit 3411.2.2 SPA and SEMA .3411.2.3 DPA and DEMA .3411.2.4 Timing A
13、nalysis 34 ISO/IEC 2016 All rights reserved iiiContents PageBS ISO/IEC 17825:2016ISO/IEC 17825:2016(E)11.2.5 Pre-processing conditions in differential analysis 3411.2.6 Pass / Fail condition .3411.3 Security Level 4 . 3511.3.1 Time Limit 3511.3.2 SPA and SEMA .3511.3.3 DPA and DEMA .3511.3.4 Timing
14、Analysis 3511.3.5 Pre-processing conditions in differential analysis 3511.3.6 Pass / Fail condition .36Annex A (normative) Requirements for measurement apparatus 37Annex B (informative) Emerging attacks 38Annex C (informative) Quality criteria for measurement setups 40Annex D (informative) Chosen-in
15、put method to accelerate leakage analysis 42Bibliography .43iv ISO/IEC 2016 All rights reservedBS ISO/IEC 17825:2016ISO/IEC 17825:2016(E)ForewordISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide
16、standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fiel
17、ds of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.The procedures used to develop this do
18、cument and those intended for its further maintenance are described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the different types of document should be noted. This document was drafted in accordance with the editorial rules of the ISO/IEC Directives,
19、 Part 2 (see www.iso.org/directives).Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights. Details of any patent rights identified during the devel
20、opment of the document will be in the Introduction and/or on the ISO list of patent declarations received (see www.iso.org/patents).Any trade name used in this document is information given for the convenience of users and does not constitute an endorsement.For an explanation on the meaning of ISO s
21、pecific terms and expressions related to conformity assessment, as well as information about ISOs adherence to the WTO principles in the Technical Barriers to Trade (TBT) see the following URL: Foreword - Supplementary informationThe committee responsible for this document is ISO/IEC JTC 1, Informat
22、ion technology, SC 27, IT Security techniques. ISO/IEC 2016 All rights reserved vBS ISO/IEC 17825:2016BS ISO/IEC 17825:2016Information technology Security techniques Testing methods for the mitigation of non-invasive attack classes against cryptographic modules1 ScopeThis International Standard spec
23、ifies the non-invasive attack mitigation test metrics for determining conformance to the requirements specified in ISO/IEC 19790 for Security Levels 3 and 4. The test metrics are associated with the security functions specified in ISO/IEC 19790. Testing will be conducted at the defined boundary of t
24、he cryptographic module and I/O available at its defined boundary.The test methods used by testing laboratories to test whether the cryptographic module conforms to the requirements specified in ISO/IEC 19790 and the test metrics specified in this International Standard for each of the associated se
25、curity functions specified in ISO/IEC 19790 are specified in ISO/IEC 24759. The test approach employed in this International Standard is an efficient “push-button” approach: the tests are technically sound, repeatable and have moderate costs.2 Normative referencesThe following documents, in whole or
26、 in part, are normatively referenced in this document and are indispensable for its application. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.ISO/IEC 19790, Information technology Securi
27、ty techniques Security requirements for cryptographic modulesISO/IEC 24759, Information technology Security techniques Test requirements for cryptographic modules3 Terms and definitionsFor the purposes of this document, the terms and definitions given in ISO/IEC 19790 and the following apply.3.1adva
28、nced SCAASCAadvanced exploitation of the fact that the instantaneous side-channels emitted by a cryptographic device depends on the data it processes and on the operation it performs to retrieve secret parameters3.2correlation power analysisCPAanalysis where the correlation coefficient is used as st
29、atistical method3.3critical security parameterCSPsecurity related information whose disclosure or modification can compromise the security of a cryptographic moduleEXAMPLE Secret and private cryptographic keys, authentication data such as passwords, PINs, certificates or other trust anchors.INTERNAT
30、IONAL STANDARD ISO/IEC 17825:2016(E) ISO/IEC 2016 All rights reserved 1BS ISO/IEC 17825:2016ISO/IEC 17825:2016(E)Note 1 to entry: A CSP can be plaintext or encrypted.SOURCE: ISO/IEC 19790:2012, definition 3.183.4CSP classclass into which a CSP is categorisedEXAMPLE Cryptographic keys, authentication
31、 data such as passwords, PINs, biometric authentication data.3.5differential electromagnetic analysisDEMAanalysis of the variations of the electromagnetic field emanated from a cryptographic module, using statistical methods on a large number of measured electromagnetic emanations values for determi
32、ning whether the assumption of the divided subsets of a secret parameter is correct, for the purpose of extracting information correlated to security function operation3.6differential power analysisDPAanalysis of the variations of the electrical power consumption of a cryptographic module, for the p
33、urpose of extracting information correlated to cryptographic operation3.7electromagnetic analysisEMAanalysis of the electromagnetic field emanated from a cryptographic module as the result of its logic circuit switching, for the purpose of extracting information correlated to security function opera
34、tion and subsequently the values of secret parameters such as cryptographic keys3.8horizontal attackHAmodus operandi where sensitive information is extracted from a single measurement split into several parts3.9implementation under testIUTimplementation which is tested based on methods specified in
35、this International Standard3.10mutual information analysisMIAanalysis of the mutual dependence of two random variables3.11power analysisPAanalysis of the electric power consumption of a cryptographic module, for the purpose of extracting information correlated to security function operation and subs
36、equently the values of secret parameters such as cryptographic keys3.12rectangle attackRAmodus operandi where the observations acquisition phase mix horizontal and vertical attacks2 ISO/IEC 2016 All rights reservedBS ISO/IEC 17825:2016ISO/IEC 17825:2016(E)3.13side-channel analysisSCAexploitation of
37、the fact that the instantaneous side-channels emitted by a cryptographic device depends on the data it processes and on the operation it performs to retrieve secret parameters3.14simple electromagnetic analysisSEMAdirect (primarily visual) analysis of patterns of instruction execution or logic circu
38、it activities, obtained through monitoring the variations in the electromagnetic field emanated from a cryptographic module, for the purpose of revealing the features and implementations of cryptographic algorithms and subsequently the values of secret parameters3.15simple power analysisSPAdirect (p
39、rimarily visual) analysis of patterns of instruction execution (or execution of individual instructions), in relation to the electrical power consumption of a cryptographic module, for the purpose of extracting information correlated to a cryptographic operation3.16timing analysisTAanalysis of the v
40、ariations of the response or execution time of an operation in a security function, which may reveal knowledge of or about a security parameter such as a cryptographic key or PIN3.17vertical attackVAmodus operandi where sensitive information is extracted from different algorithm executions ISO/IEC 2
41、016 All rights reserved 3BS ISO/IEC 17825:2016ISO/IEC 17825:2016(E)4 Symbols and abbreviated termsFor the purposes of this document, the symbols and abbreviated terms given in ISO/IEC 19790 and the following apply.DLC Discrete Logarithm CryptographyECC Elliptic Curve CryptographyEM Electro-MagneticH
42、MAC keyed-Hashing Message Authentication CodeIFC Integer Factorization CryptographyMAC Message Authentication CodePC Personal ComputerPCB Printed Circuit BoardRBG Random Bit GeneratorRNG Random Number GeneratorUSB Universal Serial Bus* multiplication symbol exponentiation symbol5 Document organizati
43、onClause 6 of this International Standard specifies the non-invasive attack methods that a cryptographic module shall mitigate against for conformance to ISO/IEC 19790.Clause 7 of this International Standard specifies for each non-invasive attack method the associated security functions specified in
44、 ISO/IEC 19790.Clause 8 of this International Standard specifies the non-invasive attack test methods.Clause 9 of this International Standard specifies the test methods for side-channel analysis of symmetric-key cryptosystems.Clause 10 of this International Standard specifies the test methods for si
45、de-channel analysis of asymmetric-key cryptosystems.Clause 11 of this International Standard specifies the non-invasive attack mitigation pass/fail test metrics for each non-invasive attack method to demonstrate conformance to ISO/IEC 19790.This International Standard shall be used together with ISO
46、/IEC 24759 to demonstrate conformance to ISO/IEC 19790.6 Non-invasive attack methodsThis clause specifies the non-invasive attack methods that need to be addressed for conformance to ISO/IEC 19790.The non-invasive attacks use side-channels (information gained from the physical implementation of a cr
47、yptosystem) emitted by the IUT such as: Its power consumption,4 ISO/IEC 2016 All rights reservedBS ISO/IEC 17825:2016ISO/IEC 17825:2016(E) Its electromagnetic emissions, Its computation time.The number of possible side-channels can increase in the future (e.g. photonic emissions49, acoustic emanatio
48、ns, etc.)In order to be more formal in the attacks taxonomy, a formalism will allow the relationships to be highlighted between the different attacks and to have a systematic way to describe a new attack.An attack is described in the following way:-YYY refers to the statistical treatment used in the
49、 attack (e.g. S for Simple, C for Correlation, MI for Mutual Information, ML for Maximum Likelihood, D for Difference of Means, etc.).NOTE 1 Other statistical treatments can be inserted like dOC which corresponds to a correlation treatment exploiting dth order moments (obtained for instance by raising each targeted point in the traces to a power d, or by combining d points per trace before processing the correlation).XXX refers to the kind of observed side channel: e.g. PA for Power Analysis, E