Takeshi SUGAWARA
| Department of Informatics | Associate Professor |
| Cluster II (Emerging Multi-interdisciplinary Engineering) | Associate Professor |
Researcher Information
Degree
Research Keyword
Career
Educational Background
- 01 Apr. 2008 - 25 Mar. 2011
Tohoku University, Graduate School of Information Sciences, Computer and Mathematical Sciences, Japan - 01 Apr. 2006 - 25 Mar. 2008
Tohoku University, Graduate School of Information Sciences, Computer and Mathematical Sciences, Japan - 01 Apr. 2002 - 25 Mar. 2006
Tohoku University, Engineering, Information Engineering, Japan
Member History
- Apr. 2024 - Present
委員, 電子情報通信学会, 情報通信システムセキュリティ研究専門委員会 - 2023 - Present
Technical Program Committee, IEEE International Solid-State Circuits Conference (ISSCC 2024, 2025), Society - Jan. 2024 - Jun. 2024
USENIX Security Symposium 2024, Program Committee, USENIX Association, Society - Jan. 2024 - May 2024
Program committee, 18th USENIX WOOT Conference on Offensive Technologies (WOOT 2024) - 2023 - May 2024
Symposium on Security and Privacy (S&P 2024), Program Committee, IEEE, Society - Apr. 2023 - Mar. 2024
情報通信システムセキュリティ研究専門委員会・幹事, 電子情報通信学会, Society - Feb. 2024 - Feb. 2024
Paper award committee, Inaugural Symposium on Vehicle Security and Privacy (VehicleSec 2024), Society - 2023 - Feb. 2024
Inaugural Symposium on Vehicle Security and Privacy (VehicleSec 2023), Program Committee, Internet Society (ISOC), Society - 2023 - 2024
Forum co-organizer, IEEE International Solid-State Circuits Conference (ISSCC 2024), Society - 2023 - Dec. 2023
Program Committee, Workshop on Attacks and Solutions in Hardware Security (ASHES 2023), Society - 2023 - May 2023
Program committee, IEEE Secure Development Conference (SecDev 2023), Society - 2023 - May 2023
Program committee, Workshop on Offensive Technologies (WOOT 2023), Society - Apr. 2021 - Mar. 2023
情報通信システムセキュリティ研究専門委員会・幹事補佐, 電子情報通信学会, Society - 2021 - 2023
プログラム委員, コンピュータセキュリティシンポジウム (CSS2021, 2022, 2023), Society - 2020 - 2023
Program committee, Fault Diagnosis and Tolerance in Cryptography (FDTC 2017, 2018, 2020--2024) - 2020 - 2023
Program committee, Euromicro Conference on Digital System Design, special session on Architecture and Hardware for Security Applications (AHSA 2020--2023), Society - 2020 - 2023
Program committee, IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES 2021, 2022, 2023), Society - 2021 - 2021
Program committee, International Workshop on Artificial Intelligence and Industrial Internet-of-Things Security (AIOTS 2021), Society - 2020 - 2020
Program committee, International Workshop on Security (IWSEC 2013, 2014, 2020) - 2019 - 2019
Program committee, Cryptographer’s track at RSA Conference (CT-RSA 2019) - 2019 - 2019
実行委員, 暗号と情報セキュリティシンポジウム, Society - 2017 - 2017
Program committee, Asian Hardware Oriented Security and Trust Symposium (AsianHOST) - 2015 - 2016
Program committee, Smart Card Research and Advanced Application Conference (CARDIS), Society - 2013 - 2014
Program committee, International Workshop on Security (IWSEC)
Research Activity Information
Award
- Feb. 2024
VehicleSec 2024 : Inaugural ISOC Symposium on Vehicle Security & Privacy
Demo: CAN Security Hands-On Education Platform
DENSO Best Demo Award Runner-up, Ayaka Matsushita;Tsuyoshi Toyama;Hisashi Oguma;Takeshi Sugawara - Feb. 2024
VehicleSec 2024 : Inaugural ISOC Symposium on Vehicle Security & Privacy
Outstanding Reviewer Award, Takeshi Sugawara - Dec. 2023
Exploring Leakage Characteristics and Attacks through Profiles of Screaming Channels
KIISC Best Paper Award, Yuki Matsukawa;Daiki Miyahara;Takeshi Sugawara;Kazuo Sakiyama;Yang Li - Nov. 2023
情報処理学会 コンピュータセキュリティ研究会
メモリサイズが最小の置換ベース決定的認証暗号
CSS奨励賞, 平賀幸仁;内藤祐介;佐々木悠;菅原健 - Feb. 2023
VehicleSec 2023 : Inaugural ISOC Symposium on Vehicle Security & Privacy
WIP: Infrared Laser Reflection Attack Against Traffic Sign Recognition Systems
Qualcomm Best Demo Award, Takami Sato;Sri Hrushikesh Varma Bhupathiraju;Michael Clifford;Takeshi Sugawara;Qi Alfred Chen;Sara Rampazzi - Feb. 2023
VehicleSec 2023 : Inaugural ISOC Symposium on Vehicle Security & Privacy
WIP: Infrared Laser Reflection Attack Against Traffic Sign Recognition Systems
ETAS Best Short/WIP Paper Award, Takami Sato;Sri Hrushikesh Varma Bhupathiraju;Michael Clifford;Takeshi Sugawara;Qi Alfred Chen;Sara Rampazzi - Oct. 2022
電子情報通信学会・情報セキュリティ研究専門委員
Secret Can Be Public: Low-Memory AEAD Mode for High-Order Masking
ISEC 研究会活動貢献感謝状, Yusuke Naito;Yu Sasaki;Takeshi Sugawara - Dec. 2021
Asian Hardware Oriented Security and Trust Symposium (AsianHOST2021)
Revisiting System Noise in Side-Channel Attacks: Mutual Assistant SCA vs. Genetic Algorithm
Best Paper Award, R. Kudo;T. Sugawara;K. Sakiyama;Y. Hara-Azumi;Y. Li - May 2021
電子情報通信学会・情報セキュリティ研究専門委員
Simple Electromagnetic Analysis Against Activation Functions of Deep Neural Network
ISEC 研究会活動貢献感謝状, Go Takatoi;Takeshi Sugawara;Kazuo Sakiyama;Yuko Hara-Azumi;Yang Li - Sep. 2020
電子情報通信学会・情報セキュリティ研究専門委員会
Light Commands: Laser-Based Audio Injection Attacks on Voice-Controllable Systems
ISEC 研究会活動貢献感謝状, Takeshi Sugawara;Benjamin Cyr;Sara Rampazzi;Daniel Genkin;Kevin Fu
Japan society - Jul. 2020
2020 International Conference on Solid State Devices and Materials
An Information Leakage Sensor Based on Measurement of Laser-Induced Opto-Electric Bulk Current Density
SSDM Young Researcher Award, K. Matsuda;S. Tada;M. Nagata;Y. Komano;Y. Li;T. Sugawara;M. Iwamoto;K. Ohta;K. Sakiyama;N. Miura
International society - Mar. 2019
サイバーセキュリティシンポジウム道後
分光スペクトルを用いたLEDの個体識別における電流変化の影響
学生研究賞, 藤聡子;李陽;崎山一男;菅原健
Japan society - Mar. 2019
電子情報通信学会
AES暗号への故障差分攻撃のモデル化と攻撃回数の評価
学術奨励賞, 羽田野凌太;庄司奈津;李陽;菅原健;崎山一男
Japan society - Sep. 2018
IPSJ/IEICE
A Case Study of Row Hammer under Different Refresh Rates
IWSEC 2018 Best Poster Award, Erina Tatsumi;Kazuo Sakiyama;Takeshi Sugawara
International society - Mar. 2018
サイバーセキュリティシンポジウム道後
ブロック暗号へのプロービング攻撃における鍵復元効率の正確な評価モデル
学生研究賞, 庄司奈津;菅原健;岩本貢;崎山一男
Japan society - Aug. 2017
IPSJ/IEICE
An Evaluation of Ineffective Fault Analysis on AES using Single-Bit Bit-Set/Reset Faults
IWSEC 2017 Best Poster Award, Natsu Shoji;Ryuga Matsumura;Takeshi Sugawara;Kazuo Sakiyama
International society - Jan. 2016
電子情報通信学会
Involution性を備えた共通鍵暗号の設計
SCIS論文賞, 藤堂洋介;菅原健;村上ユミコ青木和麻呂;松井充 - Jun. 2015
三菱電機株式会社
ハードウェアセキュリティ技術の向上
所長表彰, 菅原健 - Jun. 2015
電子情報通信学会・情報通信システムセキュリティ研究専門委員会
強いリセッシブを用いたCANの電気的データ改ざん
ICSS研究賞, 菅原健;佐伯稔;三澤学 - Apr. 2015
三菱電機株式会社
ドーパントを利用した回路カモフラージュのリバースエンジニアリング
優秀発表賞, 菅原健 - Feb. 2015
National Institute of Standards and Technology
FIPS140-3とISO/IEC17825のドラフト作成に係る顕著な貢献
Letter of Appreciation for Collaboration and Technical Excellence - Jan. 2015
電子情報通信学会
電磁界計測に基づくRSAの内部コリジョン攻撃
SCIS論文賞, 菅原健;鈴木大輔;佐伯稔 - Apr. 2014
三菱電機株式会社
電磁界計測に基づくRSAの内部コリジョン攻撃
優秀発表賞, 菅原健 - Jun. 2013
三菱電機株式会社
模倣品対策のためのデバイス固有ID生成技術の開発
開発本部長表彰, 菅原健 - May 2011
情報処理学会
楕円曲線暗号ハードウェアの電力解析による安全性評価
東北支部・支部奨励賞, 齋藤和也;菅原健;本間尚文;青木孝文;佐藤証 - Mar. 2011
東北大学大学院情報科学研究科
研究科長賞, 菅原健 - Jul. 2010
情報処理学会
ハッシュ関数 Luffa のハードウェア実装
DICOMO2010シンポジウム・優秀論文賞, 佐藤証;片下敏宏;菅原健;本間尚文;青木孝文 - Oct. 2009
情報処理学会
重回帰分析を用いたサイドチャネル攻撃の高精度化
第12回コンピュータセキュリティシンポジウム・優秀論文賞, 金用大;菅原健;林優一;本間尚文;青木孝文;佐藤証 - Jul. 2008
情報処理学会
シフトレジスタ・アーキテクチャによるハッシュ関数 Whirlpool の高性能回路実装
DICOMO2008 シンポジウム・優秀プレゼンテーション賞, 菅原健 - Jul. 2007
情報処理学会
サイドチャネル攻撃標準評価FPGAボードを用いた暗号ハードウェアに対する電力解析実験
DICOMO2007 シンポジウム・ヤングリサーチャ賞, 菅原健
Japan society - May 2006
情報処理学会
漏洩電磁波による共通鍵暗号処理ハードウェアの動作解析
東北支部・支部奨励賞, 菅原健;本間尚文;青木孝文;佐藤証
Japan society
Paper
- AquaSonic: Acoustic Manipulation of Underwater Data Center Operations and Resource Management
Jennifer Sheldon; Weidong Zhu; Adnan Abdullah; Sri Hrushikesh Varma Bhupathiraju; Takeshi Sugawara; Kevin Butler; Md Jahidul Islam; Sara Rampazzi
45th IEEE Symposium on Security and Privacy (S&P2024), May 2024, Peer-reviwed
International conference proceedings - Demo: CAN Security Hands-On Education Platform
Ayaka Matsushita; Tsuyoshi Toyama; Hisashi Oguma; Takeshi Sugawara
VehicleSec, Feb. 2024, Peer-reviwed
International conference proceedings - Random Spoofing Attack against LiDAR-Based Scan Matching SLAM
Masashi Fukunaga; Takeshi Sugawara
VehicleSec, Feb. 2024, Peer-reviwed
International conference proceedings - On the Vulnerability of Traffic Light Recognition Systems to Laser Illumination Attacks
Sri Hrushikesh Varma Bhupathiraju; Takami Sato; Michael Clifford; Takeshi Sugawara; Qi Alfred Chen; Sara Rampazzi
VehicleSec, Feb. 2024, Peer-reviwed
International conference proceedings - Invisible Reflections: Leveraging Infrared Laser Reflections to Target Traffic Sign Perception
Takami Sato; Sri Hrushikesh Varma Bhupathiraju; Michael Clifford; Takeshi Sugawara; Qi Alfred Chen; Sara Rampazzi
Network and Distributed System Security (NDSS) Symposium, Feb. 2024, Peer-reviwed
International conference proceedings - Exploring Leakage Characteristics and Attacks through Profiles of Screaming Channels
Yuki Matsukawa, Daiki Miyahara, Takeshi Sugawara, Kazuo Sakiyama, Yang Li
MobiSec 2023, Dec. 2023, Peer-reviwed
International conference proceedings - EMI-LiDAR: Uncovering Vulnerabilities of LiDAR Sensors in Autonomous Driving Setting using Electromagnetic Interference
Sri Hrushikesh Varma Bhupathiraju; Jennifer Sheldon; Luke A. Bauer; Vincent Bindschaedler; Takeshi Sugawara; Sara Rampazzi
Proceedings of the 16th ACM Conference on Security and Privacy in Wireless and Mobile Networks, ACM, 329-340, 29 May 2023, Peer-reviwed, True, with international co-author(s)
International conference proceedings - You Can't See Me: Physical Removal Attacks on LiDAR-based Autonomous Vehicles Driving Frameworks.
Yulong Cao; S. Hrushikesh Bhupathiraju; Pirouz Naghavi; Takeshi Sugawara 0001; Z. Morley Mao; Sara Rampazzi
USENIX Security Symposium, 2993-3010, 2023, Peer-reviwed
International conference proceedings - WIP: Infrared Laser Reflection Attack Against Traffic Sign Recognition Systems
Takami Sato; Sri Hrushikesh Varma Bhupathiraju; Michael Clifford; Takeshi Sugawara; Qi Alfred Chen; Sara Rampazzi
Proceedings Inaugural International Symposium on Vehicle Security & Privacy, Internet Society, 2023
International conference proceedings - Exploring Effect of Residual Electric Charges on Cryptographic Circuits : Extended Version
Mitsuru SHIOZAKI; Takeshi SUGAWARA; Takeshi FUJINO
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, Institute of Electronics, Information and Communications Engineers (IEICE), 106, 3, 281-293, Jan. 2023, Peer-reviwed
Scientific journal - Redshift: Manipulating Signal Propagation Delay via Continuous-Wave Lasers
Kohei Yamashita; Benjamin Cyr; Kevin Fu; Wayne Burleson; Takeshi Sugawara
IACR Transactions on Cryptographic Hardware and Embedded Systems, Universitatsbibliothek der Ruhr-Universitat Bochum, 2022, 4, 463-489, 31 Aug. 2022, Peer-reviwed, We propose a new laser injection attack Redshift that manipulates signal propagation delay, allowing for precise control of oscillator frequencies and other behaviors in delay-sensitive circuits. The target circuits have a significant sensitivity to light, and a low-power continuous-wave laser, similar to a laser pointer, is sufficient for the attack. This is in contrast to previous fault injection attacks that use highpowered laser pulses to flip digital bits. This significantly reduces the cost of the attack and extends the range of possible attackers. Moreover, the attack potentially evades sensor-based countermeasures configured for conventional pulse lasers. To demonstrate Redshift, we target ring-oscillator and arbiter PUFs that are used in cryptographic applications. By precisely controlling signal propagation delays within these circuits, an attacker can control the output of a PUF to perform a state-recovery attack and reveal a secret key. We finally discuss the physical causality of the attack and potential countermeasures.
Scientific journal - The Limits of SEMA on Distinguishing Similar Activation Functions of Embedded Deep Neural Networks
Go Takatoi; Takeshi Sugawara; Kazuo Sakiyama; Yuko Hara-Azumi; Yang Li
Applied Sciences, MDPI AG, 12, 9, 4135-4135, 20 Apr. 2022, Peer-reviwed, Artificial intelligence (AI) is progressing rapidly, and in this trend, edge AI has been researched intensively. However, much less work has been performed around the security of edge AI. Machine learning models are a mass of intellectual property, and an optimized network is very valuable. Trained machine learning models need to be black boxes as well because they may give away information about the training data to the outside world. As selecting the appropriate activation functions to enable fast training of accurate deep neural networks is an active area of research, it is important to conceal the information of the activation functions used in a neural network architecture as well. There has been research on the use of physical attacks such as the side-channel attack (SCA) in areas other than cryptography. The SCA is highly effective against edge artificial intelligence due to its property of the device computing close to the user. We studied a previously proposed method to retrieve the activation functions of a black box neural network implemented on an edge device by using simple electromagnetic analysis (SEMA) and improved the signal processing procedure for further noisy measurements. The SEMA attack identifies activation functions by directly observing distinctive electromagnetic (EM) traces that correspond to the operations in the activation function. This method requires few executions and inputs and also has little implementation dependency on the activation functions. We distinguished eight similar activation functions with EM measurements and examined the versatility and limits of this attack. In this work, the machine learning architecture is a multilayer perceptron, evaluated on an Arduino Uno.
Scientific journal - Mixture-Based 5-Round Physical Attack against AES: Attack Proposal and Noise Evaluation
Go TAKAMI; Takeshi SUGAWARA; Kazuo SAKIYAMA; Yang LI
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, Institute of Electronics, Information and Communications Engineers (IEICE), E105.A, 3, 289-299, 01 Mar. 2022, Peer-reviwed
Scientific journal - Revisiting System Noise in Side-Channel Attacks: Mutual Assistant SCA vs. Genetic Algorithm
Rei Kudo; Takeshi Sugawara; Kazuo Sakiyama; Yuko Hara-Azumi; Yang Li
2021 Asian Hardware Oriented Security and Trust Symposium (AsianHOST), IEEE, 1-6, 16 Dec. 2021, Peer-reviwed
International conference proceedings - Simulation Based Evaluation of Bit-Interaction Side-Channel Leakage on RISC-V Processor
Tamon Asano; Takeshi Sugawara
The 10th International Workshop on Security Proofs for Embedded Systems (PROOFS), EasyChair, Sep. 2021, Peer-reviwed, Masking is a promising countermeasure against side-channel attack, and share slic- ing is its efficient software implementation that stores all the shares in a single register to exploit the parallelism of Boolean instructions. However, the security of share slicing relies on the assumption of bit-independent leakage from those instructions. Gao et al. recently discovered a violation causing a security degradation, called the bit-interaction leakage, by experimentally evaluating ARM processors. However, its causality remained open because of the blackbox inside the target processors. In this paper, we approach this problem with simulation-based side-channel leakage evaluation using a RISC-V processor. More specifically, we use Western Digital’s open-source SweRV EH1 core as a target plat- form and measure its side-channel traces by running logic simulation and counting the number of signal transitions in the synthesized ALU netlist. We successfully replicate the bit-interaction leakage from a shifter using the simulated traces. By exploiting the flexi- bility of simulation-based analysis, we positively verify Gao et al.’s hypothesis on how the shifter causes the leakage. Moreover, we discover a new bit-interaction leakage from an arithmetic adder caused by carry propagation. Finally, we discuss hardware and software countermeasures against the bit-interaction leakage.
International conference proceedings - AES-LBBB: AES Mode for Lightweight and BBB-Secure Authenticated Encryption
Yusuke Naito; Yu Sasaki; Takeshi Sugawara
IACR Transactions on Cryptographic Hardware and Embedded Systems, Universitatsbibliothek der Ruhr-Universitat Bochum, 2021, 3, 298-333, 09 Jul. 2021, Peer-reviwed, In this paper, a new lightweight authenticated encryption scheme AESLBBB is proposed, which was designed to provide backward compatibility with advanced encryption standard (AES) as well as high security and low memory. The primary design goal, backward compatibility, is motivated by the fact that AES accelerators are now very common for devices in the field; we are interested in designing an efficient and highly secure mode of operation that exploits the best of those AES accelerators. The backward compatibility receives little attention in the NIST lightweight cryptography standardization process, in which only 3 out of 32 round-2 candidates are based on AES. Our mode, LBBB, is inspired by the design of ALE in the sense that the internal state size is a minimum 2n bits when using a block cipher of length n bits for the key and data. Unfortunately, there is no security proof of ALE, and forgery attacks have been found on ALE. In LBBB, we introduce an additional feed from block cipher’s output to the key state via a certain permutation λ, which enables us to prove beyond-birthday-bound (BBB) security. We then specify its AES instance, AES-LBBB, and evaluate its performance for (i) software implementation on a microcontroller with an AES coprocessor and (ii) hardware implementation for an application-specific integrated circuit (ASIC) to show that AES-LBBB performs better than the current state-of-the-art Remus-N2 with AES-128.
Scientific journal - Protecting COVID-19 Vaccine Transportation and Storage from Analog Cybersecurity Threats
Yan Long; Sara Rampazzi; Takeshi Sugawara; Kevin Fu
Biomedical Instrumentation & Technology, Association for the Advancement of Medical Instrumentation (AAMI), 55, 3, 112-117, 01 Jul. 2021, Peer-reviwed
Scientific journal - 分光スペクトルを用いた調光機能のある白色 LED の個体識別
藤聡子; 土屋彩夏; 李陽; 崎山一男; 菅原健
情報処理学会論文誌, IET, 62, 9, 1-11, 2021, Peer-reviwed
Scientific journal, Japanese - LM-DAE: Low-Memory Deterministic Authenticated Encryption for 128-bit Security
Yusuke Naito; Yu Sasaki; Takeshi Sugawara
IACR Transactions on Symmetric Cryptology, Universitatsbibliothek der Ruhr-Universitat Bochum, 2020, 4, 1-38, 10 Dec. 2020, Peer-reviwed, This paper proposes a new lightweight deterministic authenticated encryption (DAE) scheme providing 128-bit security. Lightweight DAE schemes are practically important because resource-restricted devices sometimes cannot afford to manage a nonce properly. For this purpose, we first design a new mode LM-DAE that has a minimal state size and uses a tweakable block cipher (TBC). The design can be implemented with low memory and is advantageous in threshold implementations (TI) as a side-channel attack countermeasure. LM-DAE further reduces the implementation cost by eliminating the inverse tweak schedule needed in the previous TBC-based DAE modes. LM-DAE is proven to be indistinguishable from an ideal DAE up to the O(2n) query complexity for the block size n. To achieve 128-bit security, an underlying TBC must handle a 128-bit block, 128-bit key, and 128+4-bit tweak, where the 4-bit tweak comes from the domain separation. To satisfy this requirement, we extend SKINNY-128-256 with an additional 4-bit tweak, by applying the elastic-tweak proposed by Chakraborti et al. We evaluate the hardware performances of the proposed scheme with and without TI. Our LM-DAE implementation achieves 3,717 gates, roughly 15% fewer than state-of-the-art nonce-based schemes, thanks to removing the inverse tweak schedule.
Scientific journal - An Optimized Implementation of AES-GCM for FPGA Acceleration Using High-Level Synthesis
Tsubasa Takaki; Yang Li; Kazuo Sakiyama; Shoei Nashimoto; Daisuke Suzuki; Takeshi Sugawara
2020 IEEE 9th Global Conference on Consumer Electronics (GCCE), IEEE, 176-180, 13 Oct. 2020, Peer-reviwed
International conference proceedings - (Short Paper) Signal Injection Attack on Time-to-Digital Converter and Its Application to Physically Unclonable Function
Takeshi Sugawara; Tatsuya Onuma; Yang Li
Advances in Information and Computer Security (IWSEC2020), Springer International Publishing, 117-127, 26 Aug. 2020, Peer-reviwed
In book - Light Commands: Laser-Based Audio Injection Attacks on Voice-Controllable Systems
Takeshi Sugawara
Proceedings of the USENIX Security Symposium, USENIX Association, abs/2006.11946, 2631-2648, 12 Aug. 2020, Peer-reviwed
Scientific journal, English - Hardware Performance Evaluation of Authenticated Encryption SAEAES with Threshold Implementation
Takeshi Sugawara
Cryptography, MDPI AG, 4, 3, 23-23, 09 Aug. 2020, Peer-reviwed, SAEAES is the authenticated encryption algorithm instantiated by combining the SAEB mode of operation with AES, and a candidate of the NIST’s lightweight cryptography competition. Using AES gives the advantage of backward compatibility with the existing accelerators and coprocessors that the industry has invested in so far. Still, the newer lightweight block cipher (e.g., GIFT) outperforms AES in compact implementation, especially with the side-channel attack countermeasure such as threshold implementation. This paper aims to implement the first threshold implementation of SAEAES and evaluate the cost we are trading with the backward compatibility. We design a new circuit architecture using the column-oriented serialization based on the recent 3-share and uniform threshold implementation (TI) of the AES S-box based on the generalized changing of the guards. Our design uses 18,288 GE with AES’s occupation reaching 97% of the total area. Meanwhile, the circuit area is roughly three times the conventional SAEB-GIFT implementation (6229 GE) because of a large memory size needed for the AES’s non-linear key schedule and the extended states for satisfying uniformity in TI.
Scientific journal - An IC-level countermeasure against laser fault injection attack by information leakage sensing based on laser-induced opto-electric bulk current density
Kohei Matsuda; Sho Tada; Makoto Nagata; Yuichi Komano; Yang Li; Takeshi Sugawara; Mitsugu Iwamoto; Kazuo Ohta; Kazuo Sakiyama; Noriyuki Miura
Japanese Journal of Applied Physics, IOP Publishing, 59, SG, SGGL02-SGGL02, 28 Feb. 2020, Peer-reviwed, Abstract
Laser fault injection (LFI) attacks on cryptographic processor ICs are a critical threat to information systems. This paper proposes an IC-level integrated countermeasure employing an information leakage sensor against an LFI attack. Distributed bulk current sensors monitor abnormal bulk current density caused by laser irradiation for LFI. Time-interleaved sensor operation and sensitivity tuning can obtain partial secret key leakage bit information with small layout area penalty. Based on the leakage information, the secret key can be securely updated to realize high-availability resilient systems. The test chip was designed and fabricated in a 0.18 μm standard CMOS, integrating a 128-bit advanced encryption standard cryptographic processor with the proposed information leakage sensor. This evaluation successfully demonstrated bulk current density and leakage bit monitoring.
Scientific journal - Lightweight Authenticated Encryption Mode of Operation for Tweakable Block Ciphers
Yusuke Naito; Takeshi Sugawara
IACR Transactions on Cryptographic Hardware and Embedded Systems, Universitatsbibliothek der Ruhr-Universitat Bochum, 2020, 1, 66-94, 19 Nov. 2019, Peer-reviwed,
Scientific journal, English - Lightweight Authenticated Encryption Mode of Operation for Tweakable Block Ciphers
Yusuke Naito; Takeshi Sugawara
IACR Cryptology ePrint Archive, 2019, 339-339, 2019
Scientific journal - 3-Share Threshold Implementation of AES S-box without Fresh Randomness
Takeshi Sugawara
IACR Trans. Cryptogr. Hardw. Embed. Syst., The Ruhr-Universität Bochum, 2019, 1, 123-145, 2019, Peer-reviwed, Threshold implementation is studied as a countermeasure against sidechannel attack. There had been no threshold implementation for the AES and Keccak S-boxes that satisfies an important property called uniformity. In the conventional implementations, intermediate values are remasked to compensate for the lack of uniformity. The remasking consumes thousands of fresh random bits and its implementation cost is a serious concern. Daemen recently proposed a 3-share uniform threshold implementation of the Keccak S-box. This is enabled by a new technique called the changing of the guards which can be applied to any invertible functions. Subsequently, Wegener et al. proposed a 4-share threshold implementation of the AES S-box based on the changing of the guards technique. However, a 3-share threshold implementation of AES S-box remains open. The difficulty stays in 2-input multiplication, used in decomposed S-box representations, which is non-invertible because of different input and output sizes. In this study, this problem is addressed by introducing a certain generalization of the changing of the guards technique. The proposed method provides a generic way to construct a uniform sharing for a target function having different input and output sizes. The key idea is to transform a target function into an invertible one by adding additional inputs and outputs. Based on the proposed technique, the first 3-share threshold implementation of AES S-box without fresh randomness is presented. Performance evaluation and simulation-based leakage assessment of the implementation are also presented.
Scientific journal, English - A 286 F2/Cell Distributed Bulk-Current Sensor and Secure Flush Code Eraser Against Laser Fault Injection Attack on Cryptographic Processor
Kohei Matsuda; Tatsuya Fujii; Natsu Shoji; Takeshi Sugawara; Kazuo Sakiyama; Yu-Ichi Hayashi; Makoto Nagata; Noriyuki Miura
IEEE Journal of Solid-State Circuits, Institute of Electrical and Electronics Engineers (IEEE), 53, 11, 3174-3182, Nov. 2018, Peer-reviwed
Scientific journal - Sensor CON-Fusion: Defeating Kalman Filter in Signal Injection Attack
Shoei Nashimoto; Daisuke Suzuki; Takeshi Sugawara; Kazuo Sakiyama
Proceedings of the 2018 on Asia Conference on Computer and Communications Security, ACM, 511-524, 29 May 2018, Peer-reviwed
International conference proceedings - SAEB: A Lightweight Blockcipher-Based AEAD Mode of Operation
Yusuke Naito; Mitsuru Matsui; Takeshi Sugawara; Daisuke Suzuki
IACR Trans. Cryptogr. Hardw. Embed. Syst., The Ruhr-Universität Bochum, 2018, 2, 192-217, 08 May 2018, Peer-reviwed, Lightweight cryptography in computationally constrained devices is actively studied. In contrast to advances of lightweight blockcipher in the last decade, lightweight mode of operation is seemingly not so mature, yet it has large impact in performance. Therefore, there is a great demand for lightweight mode of operation, especially that for authenticated encryption with associated data (AEAD). Among many known properties of conventional modes of operation, the following four properties are essential for constrained devices:
1. Minimum State Size: the state size equals to a block size of a blockcipher.
2. Inverse Free: no need for a blockcipher decryption.
3. XOR Only: only XOR is needed in addition to a blockcipher encryption.
4. Online: a data block is processed only once.
The properties 1 and 4 contribute to small memory usage, and the properties 2 and 3 contribute to small program/circuit footprint. On top of the above properties, the fifth property regarding associated data (AD) is also important for performance:
5. Efficient Handling of Static AD: static AD can be precomputed.
We design a lightweight blockcipher-based AEAD mode of operation called SAEB: the first mode of operation that satisfies all the five properties to the best of our knowledge. Performance of SAEB is evaluated in various software and hardware platforms. The evaluation results show that SAEB outperforms conventional blockcipher-based AEAD modes of operation in various performance metrics for lightweight cryptography.
Scientific journal, English - A 286F2/cell distributed bulk-current sensor and secure flush code eraser against laser fault injection attack
Kohei Matsuda; Tatsuya Fujii; Natsu Shoji; Takeshi Sugawara; Kazuo Sakiyama; Yu-ichi Hayashi; Makoto Nagata; Noriyuki Miura
2018 IEEE International Solid - State Circuits Conference - (ISSCC), IEEE, 352-354, Feb. 2018, Peer-reviwed
International conference proceedings - Q-Class Authentication System for Double Arbiter PUF
Risa YASHIRO; Takeshi SUGAWARA; Mitsugu IWAMOTO; Kazuo SAKIYAMA
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, Institute of Electronics, Information and Communications Engineers (IEICE), E101.A, 1, 129-137, 2018, Peer-reviwed
Scientific journal - Exploiting Bitflip Detector for Non-invasive Probing and its Application to Ineffective Fault Analysis
Takeshi Sugawara; Natsu Shoji; Kazuo Sakiyama; Kohei Matsuda; Noriyuki Miura; Makoto Nagata
2017 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), IEEE, 49-56, Sep. 2017, Peer-reviwed
International conference proceedings - Asymmetric Leakage from Multiplier and Collision-Based Single-Shot Side-Channel Attack
Takeshi SUGAWARA; Daisuke SUZUKI; Minoru SAEKI
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, Institute of Electronics, Information and Communications Engineers (IEICE), E99.A, 7, 1323-1333, 2016, Peer-reviwed
Scientific journal - Reversing stealthy dopant-level circuits
Takeshi Sugawara; Daisuke Suzuki; Ryoichi Fujii; Shigeaki Tawa; Ryohei Hori; Mitsuru Shiozaki; Takeshi Fujino
Journal of Cryptographic Engineering, Springer Science and Business Media LLC, 5, 2, 85-94, 14 May 2015, Peer-reviwed, Invited
Scientific journal - On measurable side-channel leaks inside ASIC design primitives
Takeshi Sugawara; Daisuke Suzuki; Minoru Saeki; Mitsuru Shiozaki; Takeshi Fujino
Journal of Cryptographic Engineering, Springer Science and Business Media LLC, 4, 1, 59-73, 28 Feb. 2014, Peer-reviwed, Invited
Scientific journal - Unified Coprocessor Architecture for Secure Key Storage and Challenge-Response Authentication
Koichi SHIMIZU; Daisuke SUZUKI; Toyohiro TSURUMARU; Takeshi SUGAWARA; Mitsuru SHIOZAKI; Takeshi FUJINO
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, Institute of Electronics, Information and Communications Engineers (IEICE), E97.A, 1, 264-274, 2014, Peer-reviwed
Scientific journal - Fair and Consistent Hardware Evaluation of Fourteen Round Two SHA-3 Candidates
Miroslav Knezevic; Kazuyuki Kobayashi; Jun Ikegami; Shin'ichiro Matsuo; Akashi Satoh; Ünal Kocabas; Junfeng Fan; Toshihiro Katashita; Takeshi Sugawara; Kazuo Sakiyama; Ingrid Verbauwhede; Kazuo Ohta; Naofumi Homma; Takafumi Aoki
IEEE Transactions on Very Large Scale Integration (VLSI) Systems, Institute of Electrical and Electronics Engineers (IEEE), 20, 5, 827-840, May 2012, Peer-reviwed
Scientific journal - A Configurable On-Chip Glitchy-Clock Generator for Fault Injection Experiments
Sho ENDO; Takeshi SUGAWARA; Naofumi HOMMA; Takafumi AOKI; Akashi SATOH
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, Institute of Electronics, Information and Communications Engineers (IEICE), E95-A, 1, 263-266, 2012, Peer-reviwed
Scientific journal - Evaluation of Information Leakage from Cryptographic Hardware via Common-Mode Current
Yu-ichi HAYASHI; Naofumi HOMMA; Takaaki MIZUKI; Takeshi SUGAWARA; Yoshiki KAYANO; Takafumi AOKI; Shigeki MINEGISHI; Akashi SATOH; Hideaki SONE; Hiroshi INOUE
IEICE Transactions on Electronics, Institute of Electronics, Information and Communications Engineers (IEICE), E95.C, 6, 1089-1097, 2012, Peer-reviwed
Scientific journal - ハッシュ関数Luffaのハードウェア実装
片下敏宏; 佐藤証; 菅原健; 本間尚文; 佐藤証; 青木孝文
情報処理学会論文誌, 情報処理学会, 52, 12, 3755-3765, Dec. 2011, Peer-reviwed, 本論文では,次世代ハッシュ関数SHA-3の候補として提案されたスポンジ関数型のアルゴリズムLuffaに対し,複数のハードウェア・アーキテクチャを提案し,90nm CMOSスタンダードセル・ライブラリによるASIC実装およびXilinx Virtex-5とSpartan-6によるFPGA実装性能評価を行った.その結果ASICでは,回路規模14.7K~62.8Kgatesにおいてスループット3.6G~35.1Gbpsとなり,小型からきわめて高速な実装まで実現可能なことが分かった.またFPGA実装でも同様に,Virtex-5では750~1,548Slicesにおいて1.3G~7.0Gbps,Spartan-6では592~1,535Slicesにおいて1.3G~5.5Gbpsと,同様の実装性能が示された.さらに,同じスポンジ関数型でありSHA-3候補のKeccakアルゴリズムと同条件において比較したところ,Luffaはスループットにおいて同等の性能を持ちつつ,小型実装においてはおよそ半分の回路規模となり,回路構成の柔軟性が高いことが分かった.このほか,データバス構成とデータ処理の独立性が演算回路共有の効果に影響することが分かり,ハッシュ関数の設計においてハードウェア実装ではデータ処理の並列性が重要であることが明らかとなった.This paper presents hardware architectures of the hash algorithm Luffa proposed for the next generation hash standard SHA-3. The architectures were evaluated by using a 90nm CMOS standard cell library and Xilinx Virtex-5 and Spartan-6 FPGA devices. The ASIC implementations achieved a variety of circuits, from compact to very high-speed; throughputs of 3.6G-35.1Gbps with hardware resources of 14.7K-62.8Kgates. The FPGA implementations also showed high performances; throughputs of 1.3G-7.0Gbps with hardware sizes of 750-1,548Slices for Virtex-5, and throughputs of 1.3G-5.5Gbps with hardware sizes of 592-1,535Slices for Spartan-6. In comparison with other SHA-3 candidate Keccak that belongs to a category of a sponge function as same as Luffa, Luffa showed advantages in flexibility from high-speed (comparable to Keccak) to compact (half size of Keccak) hardware implementations. The results also show that data bus structure and parallelism of processing effect in design flexible.
Scientific journal, Japanese - Non-invasive Trigger-free Fault Injection Method Based on Intentional Electromagnetic Interference
Y. Hayashi; N. Homma; T. Sugawara; T. Mizuki; T. Aoki; H. Sone
The Non-Invasive Attack Testing Workshop (NIAT 2011), xx-yy, Sep. 2011, Peer-reviwed
International conference proceedings, English - Non-invasive EMI-based fault injection attack against cryptographic modules
Yu-ichi Hayashi; Naofumi Homma; Takeshi Sugawara; Takaaki Mizuki; Takafumi Aoki; Hideaki Sone
2011 IEEE International Symposium on Electromagnetic Compatibility, IEEE, Aug. 2011, Peer-reviwed
International conference proceedings - An on-chip glitchy-clock generator and its application to safe-error attack
S. Endo; T. Sugawara; N. Homma; T. Aoki; A. Satoh
Second International Workshop on Constructive Side-Channel Analysis and Secure Design (COSADE 2011), 175-182, Feb. 2011, Peer-reviwed
International conference proceedings, English - High-Performance Architecture for Concurrent Error Detection for AES Processors
Takeshi SUGAWARA; Naofumi HOMMA; Takafumi AOKI; Akashi SATOH
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, Institute of Electronics, Information and Communications Engineers (IEICE), E94-A, 10, 1971-1980, 2011, Peer-reviwed
Scientific journal - Information leakage from cryptographic hardware via common-mode current
Yu-ichi Hayashi; Takeshi Sugawara; Yoshiki Kayano; Naofumi Homma; Takaaki Mizuki; Akashi Satoh; Takafumi Aoki; Shigeki Minegishi; Hideaki Sone; Hiroshi Inoue
2010 IEEE International Symposium on Electromagnetic Compatibility, IEEE, Jul. 2010, Peer-reviwed
International conference proceedings - Development of an on-chip micro shielded-loop probe to evaluate performance of magnetic film to protect a cryptographic LSI from electromagnetic analysis
Masahiro Yamaguchi; Hideki Toriduka; Shoichi Kobayashi; Takeshi Sugawara; Naofumi Hommaa; Akashi Satoh; Takafumi Aoki
2010 IEEE International Symposium on Electromagnetic Compatibility, IEEE, Jul. 2010, Peer-reviwed
International conference proceedings - Biasing Power Traces to Improve Correlation in Power Analysis Attacks
Y. Kim; T. Sugawara; N. Homma; T. Aoki; A. Satoh
First International Workshop on Constructive Side-Channel Analysis and Secure Design (COSADE 2010), 77-80, Feb. 2010, Peer-reviwed
International conference proceedings, English - ハッシュ関数Whirlpoolの高スケーラブル回路アーキテクチャ
菅原健; 本間尚文; 佐藤証; 青木孝文
情報処理学会論文誌, 情報処理学会, 50, 11, 2618-2632, Nov. 2009, Peer-reviwed
Scientific journal, Japanese - Side Channel Attack to Magnetic Near Field of Cryptographic LSI and Its Protection by Magnetic Thin Film
Masahiro Yamaguchi; Hideki, Toriduka; Shoichi Kobayashi; Takeshi Sugawara; Naofumi Homma; Akashi Satoh; Takafumi Aoki
Soft Magnetic Materials, 19, A3-11, Sep. 2009, Peer-reviwed
International conference proceedings, English - Side Channel Attack to Magnetic Near Field of Cryptographic LSI and its Countermeasure by means of Magnetic Thin Film
M. Yamaguchi; H. Toriduka; S. Kobayashi; T. Sugawara; N. Homma; A. Satoh; T. Aoki
9th Soft Magnetic Materials Conference (SMM19), A3-11, xx-yy, Sep. 2009, Peer-reviwed
International conference proceedings, English - Spectrum Analysis on Cryptographic Modules to Counteract Side-Channel Attacks
T. Sugawara; Y. Hayashi; N. Homma; T. Mizuki; T. Aoki; H. Sone; A. Satoh
International Symposium on Electromagnetic Compatibility (EMC'09), IEICE, 21-24, Jul. 2009, Peer-reviwed
International conference proceedings, English - An Analysis of Information Leakage from a Cryptographic Hardware via Common-Mode Current
Y. Hayashi; T. Sugawara; Y. Kayano; N. Homma; T. Mizuki; A. Satoh; T. Aoki; S. Minegishi; H. Sone; H. Inoue
International Symposium on Electromagnetic Compatibility (EMC'09), IEICE, 17-20, Jul. 2009, Peer-reviwed
International conference proceedings, English - Magnetic Near Field Measurement of Cryptographic LSI using On-Chip Integrated Micro Magnetic Field Probe
TORIZUKA Hideki; YAMAGUCHI Masahiro; SUGAWARA Takeshi; HOMMA Naofumi; SATOH Akashi; AOKI Takafumi
ITE Technical Report, The Institute of Image Information and Television Engineers, 33, 37-42, 2009, Increasingly a side channel attack which is to break a cryptographic key using the electromagnetic radiation and power consumption from the cryptographic module regard as a dangerous. In this paper, the magnetic near field of cryptographic LSI was measured using the on-chip integrated micro magnetic field probe with a shielded-loop coil. As a result, the high frequency current in cryptographic LSI was able to be shown as a distribution map. Moreover, when the cryptographic key was estimated by differential electromagnetic analysis, the time of the key presumption is earlier than a place away from the cryptographic IP core, and it has been found that the vulnerability of the cryptographic LSI is seen on the core. It was confirmed that the magnetic near field was able to be suppressed by putting a magnetic film on the cryptographic LSI, and it became a means to protect cryptographic LSI from side channel attack.
Japanese - Mechanism behind Information Leakage in Electromagnetic Analysis of Cryptographic Modules
Takeshi Sugawara; Yu-ichi Hayashi; Naofumi Homma; Takaaki Mizuki; Takafumi Aoki; Hideaki Sone; Akashi Satoh
Information Security Applications, Springer Berlin Heidelberg, 66-78, 2009, Peer-reviwed
In book - A High-Resolution Phase-Based Waveform Matching and Its Application to Side-Channel Attacks
N. HOMMA; S. NAGASHIMA; T. SUGAWARA; T. AOKI; A. SATOH
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, Institute of Electronics, Information and Communications Engineers (IEICE), E91-A, 1, 193-202, 01 Jan. 2008, Peer-reviwed
Scientific journal - ASIC Performance Comparison for the ISO Standard Block Ciphers
T. Sugawara; N. Homma; T. Aoki; A. Satoh
2nd Joint Workshop on Information Security (JWIS2007), IEICE, 485-498, Aug. 2007, Peer-reviwed
International conference proceedings, English
MISC
- Physically Unclonable Function
菅原健
Lead, 日本銀行金融研究所, 20 Oct. 2020, 日本銀行金融研究所・金融研究, 39, 4, 25-53, Japanese, Peer-reviwed, Introduction research institution - サイドチャネル攻撃と対策
菅原健
Jan. 2020, 電子情報通信学会誌小特集, 103, 1, 45-50, Japanese, Introduction other - Laser Fault Attack
菅原健; 﨑山一男
レーザー学会, 2019, レーザー研究, 47, 7, 305-309, Japanese, Introduction research institution - サイドチャネル攻撃に対する安全性評価の研究動向とEMVカード固有の留意点
鈴木雅貴; 菅原健; 鈴木大輔
Oct. 2015, 日本銀行金融研究所・金融研究, 34, 4, 107-133, Peer-reviwed - 楕円曲線暗号ハードウェアの電力解析による安全性評価
齋藤和也; 菅原健; 本間尚文; 青木孝文; 佐藤証
2010, 電気関係学会東北支部連合大会講演論文集, 2010, 201002268101398604 - ハッシュ関数Luffaのハードウェア実装
佐藤証; 片下敏宏; 菅原健; 本間尚文; 青木孝文
2010, 情報処理学会シンポジウムシリーズ(CD-ROM), 2010, 1, 1882-0840, 201002284350578308 - RFマイクロ磁界プローブによる暗号LSIへの差分電磁波解析とその抑制法
鳥塚英樹; DHUNGANA S.; 山口正洋; 菅原健; 本間尚文; 青木孝文; 佐藤証
2009, 日本磁気学会学術講演概要集, 33rd, 1882-2959, 201202202671827847 - 周波数領域での暗号モジュールの電力解析
菅原健; 本間尚文; 林優一; 水木敬明; 青木孝文; 曽根秀昭; 佐藤証
2009, 情報科学技術フォーラム講演論文集, 8th, 200902204393983813 - A Countermeasure of Side Channel Attack on a Cryptographic LSI by Means of Magnetic Thin Film and Its Experimental Verification
鳥塚英樹; SANDEEP Dhungana; 山口正洋; 菅原健; 本間尚文; 青木孝文; 佐藤証
2009, 電気学会マグネティックス研究会資料, MAG-09, 76-85, 200902244802306871 - An Analysis of Electromagnetic Information Leakage of Cryptographic Modules
林優一; 菅原健; 本間尚文; 水木敬明; 青木孝文; 曽根秀昭; 佐藤証
2009, 電気学会電磁環境研究会資料, EMC-09, 16-25, 200902287337197875 - AESのハードウェア実装に対するテンプレート攻撃
KIM Yongdae; 菅原健; 本間尚文; 青木孝文; 佐藤証
2009, 情報科学技術フォーラム講演論文集, 8th, 200902293683129452 - High-performance Error Detection Hardware Architecture for Block Cipher AES
佐藤証; 菅原健; 本間尚文; 青木孝文
2008, 情報処理学会シンポジウムシリーズ(CD-ROM), 2008, 1, 1882-0840, 200902246502654765 - High-performance Hardware Architectures for the Hash Function Whirlpool Based on Shift-register Architecture
菅原健; 本間尚文; 青木孝文; 佐藤証
2008, 情報処理学会シンポジウムシリーズ(CD-ROM), 2008, 1, 1882-0840, 200902256659187287 - Differential Power Analysis Experiments using an ASIC on a Standard Evaluation Board
菅原健; 本間尚文; 青木孝文; 佐藤証
2008, 情報処理学会シンポジウム論文集, 2008, 8, 1344-0640, 200902201198273438 - Enhanced CPA using Key Screening Techniques
片下敏宏; 佐藤証; 菅原健; 本間尚文; 青木孝文
2008, 情報処理学会シンポジウム論文集, 2008, 8, 1344-0640, 200902205386792219 - Side-channel Attack by Using Leakage Information on Power Cables
林優一; 菅原健; 本間尚文; 水木敬明; 青木孝文; 曽根秀昭; 佐藤証
2008, 情報処理学会シンポジウム論文集, 2008, 8, 1344-0640, 200902264044160349 - ASIC Implementations of the 128-bit Block Cipher CLEFIA
菅原健; 本間尚文; 青木孝文; 佐藤証
2007, 情報処理学会シンポジウム論文集, 2007, 10, 1344-0640, 200902206243810107 - Enhanced Power Analysis on Cryptographic Modules Using Waveform Filtering
長嶋聖; 本間尚文; 菅原健; 青木孝文; 佐藤証
2007, 情報処理学会シンポジウムシリーズ(CD-ROM), 2007, 1, 1882-0840, 200902249892651841 - Power analysis experiments against cryptographic hardware on a side-channel attack standard evaluation FPGA board
菅原健; 本間尚文; 青木孝文; 佐藤証
2007, 情報処理学会シンポジウムシリーズ(CD-ROM), 2007, 1, 1882-0840, 200902277223054319 - A Compact ASIC Implementation of the 64-bit Block Cipher CAST-128
菅原健; 本間尚文; 青木孝文; 佐藤証
2006, 情報処理学会シンポジウム論文集, 2006, 11, 1344-0640, 200902239832510283 - A Compact ASIC Implementation of the 64-bit Block Cipher CAST-128
菅原健; 本間尚文; 青木孝文; 佐藤証
2006, 情報処理学会シンポジウム論文集, 1344-0640, 200902291469640759 - 漏洩電磁波による共通鍵暗号処理ハードウェアの動作解析
菅原健; 本間尚文; 青木孝文; 佐藤証
2006, 電気関係学会東北支部連合大会講演論文集, 2006, 200902224640498037
Books and other publications
Lectures, oral presentations, etc.
- Changing of the Guards の一般化
菅原健
Oral presentation, Japanese, 2019年暗号と情報セキュリティシンポジウム(SCIS2019), Domestic conference
Jan. 2019 - FPGA 搭載サーバにおける秘匿アクセラレーション
鈴木大輔; 梨本翔永; 永塚智之; 高木翼,李陽; 﨑山一男; 菅原健
Oral presentation, Japanese, 2019年暗号と情報セキュリティシンポジウム(SCIS2019), Domestic conference
Jan. 2019 - SDAccel環境を用いたAES暗号CTRモードの高性能実装
高木翼; 李陽; 﨑山一男; 菅原健; 鈴木大輔; 梨本翔永
Oral presentation, Japanese, 2019年暗号と情報セキュリティシンポジウム(SCIS2019), Domestic conference
Jan. 2019 - 分光スペクトルを用いたLEDの個体識別における電流変化の影響
藤聡子,李陽; 崎山一男; 菅原健
Oral presentation, Japanese, 2019年暗号と情報セキュリティシンポジウム(SCIS2019), Domestic conference
Jan. 2019 - AESの指定したラウンド間差分の平文探索アルゴリズムの改良
伊藤俊輔; 菅原健; 﨑山一男; 李陽
Oral presentation, Japanese, IEICE2018ソサイエティ大会, Domestic conference
Sep. 2018 - AES暗号への故障差分攻撃のモデル化と攻撃回数の評価
羽田野凌太; 庄司奈津; 李陽; 菅原健; 﨑山一男
Oral presentation, Japanese, IEICE2018ソサイエティ大会, Domestic conference
Sep. 2018 - Arbiter PUFへのサイドチャネルモデリング攻撃の実装と応用
八代理沙; 藤聡子; 菅原健; 﨑山一男
Oral presentation, Japanese, IEICE2018ソサイエティ大会, Domestic conference
Sep. 2018 - 様々な実験条件におけるジャイロセンサのセンサなりすまし攻撃に関する基礎的検討
西山優太; 李陽; 﨑山一男; 菅原健
Oral presentation, Japanese, IEICE2018ソサイエティ大会, Domestic conference
Sep. 2018 - 分光器を用いたLEDの個体識別に向けた基礎的研究
藤聡子; 李陽; 﨑山一男; 菅原健
Oral presentation, Japanese, IEICE2018ソサイエティ大会, Domestic conference
Sep. 2018 - A Case Study of Row Hammer under Different Refresh Rates
E. Tatsumi; K. Sakiyama; T. Sugawara
Poster presentation, English, IWSEC2018, Domestic conference
Aug. 2018 - レーザー故障注入攻撃対策を備えた暗号ICの設計手法
松田航平; 藤井達哉; 庄司奈津; 菅原健; 﨑山一男; 林優一; 永田真; 三浦典之
Oral presentation, Japanese, 情報処理学会DAシンポジウム2018, Domestic conference
Aug. 2018 - Arbiter PUFに対する攻撃手法に関する一考察
八代理沙; 菅原健; 﨑山一男
Oral presentation, Japanese, 情報処理学会DAシンポジウム2018, Domestic conference
Aug. 2018 - 基盤電流センサと電源瞬断回路を利用した小面積レーザーフォールト注入攻撃対策
松田航平; 藤井達哉; 庄司奈津; 菅原健; 﨑山一男; 林優一; 永田真; 三浦典之
Oral presentation, Japanese, ハードウェアセキュリティ研究会(HWS), Domestic conference
Apr. 2018 - C66xDSPにおけるペアリングの高速実装
松原祐衣子; 宮元景冬; 菅原健; 﨑山一男
Oral presentation, Japanese, 2018年暗号と情報セキュリティシンポジウム(SCIS2018), Domestic conference
Jan. 2018 - 光に重畳したサイドチャネル情報に関する基礎的な解析
松村竜我; 菅原健; 﨑山一男
Oral presentation, Japanese, 2018年暗号と情報セキュリティシンポジウム(SCIS2018), Domestic conference
Jan. 2018 - デバイスドライバを用いたRow Hammerのテストツール
辰巳恵里奈; 菅原健; 﨑山一男
Oral presentation, Japanese, 2018年暗号と情報セキュリティシンポジウム(SCIS2018), Domestic conference
Jan. 2018 - パブリッククラウド上のFPGAにおける悪性ハードウェア
菅原健; 﨑山一男; 梨本翔永; 永塚智之
Oral presentation, Japanese, 2018年暗号と情報セキュリティシンポジウム(SCIS2018), Domestic conference
Jan. 2018 - フォルト検出センサを悪用した非侵襲プロービング攻撃
菅原健; 庄司奈津; 﨑山一男; 松田航平; 三浦典之; 永田真
Oral presentation, Japanese, 2018年暗号と情報セキュリティシンポジウム(SCIS2018), Domestic conference
Jan. 2018 - ブロック暗号へのプロービング攻撃における鍵復元効率の正確な評価モデル
庄司奈津; 菅原健; 岩本貢; 﨑山一男
Oral presentation, Japanese, 2018年暗号と情報セキュリティシンポジウム(SCIS2018), Domestic conference
Jan. 2018 - センサフュージョンの攻撃耐性に関するセキュリティ評価
梨本翔永; 鈴木大輔; 菅原健; 﨑山一男
Oral presentation, Japanese, 2018年暗号と情報セキュリティシンポジウム(SCIS2018), Domestic conference
Jan. 2018 - An Evaluation of Ineffective Fault Analysis on AES using Single-Bit Bit-Set/Reset Faults
N. Shoji; R. Matsumura; T. Sugawara; K. Sakiyama
Poster presentation, English, IWSEC2017, Domestic conference
Aug. 2017 - ダイオードレーザーを用いた光によるサイドチャネル認証
松村竜我; 庄司奈津; 菅原健; 﨑山一男
Oral presentation, Japanese, ハードウェアセキュリティ研究会(HWS), Domestic conference
Jun. 2017 - 誤り暗号文を使わないAESへの故障利用攻撃
庄司奈津; 松村竜我; 菅原健; 﨑山一男
Oral presentation, Japanese, ハードウェアセキュリティ研究会(HWS), Domestic conference
Jun. 2017 - RowHammerに関する基礎実験
辰巳恵里奈; 菅原健; 﨑山一男
Oral presentation, Japanese, ハードウェアセキュリティ研究会(HWS), Domestic conference
Jun. 2017
Courses
- コンテンツセキュリティ特論
Apr. 2023 - Present
Postgraduate courses - 基礎科学実験A
Oct. 2017 - Present
The University of Electro-Communications - Cryptography and Information Security
Oct. 2017 - Present
The University of Electro-Communications - Operating System
Apr. 2017 - Present
The University of Electro-Communications - Graduate Technical English
Apr. 2020 - Sep. 2020
The University of Electro-Communications
Research Themes
- 光音響効果を用いたシグナルインジェクション攻撃とその対策
菅原 健
日本学術振興会, 科学研究費助成事業 基盤研究(C), 電気通信大学, 基盤研究(C), Principal investigator, ・真空容器内でマイクにレーザー照射実験を行い,空気圧によってライトコマンドの結果がどのように変化するか検証した.その結果,主要な原因は熱ピストモンモデルによって生じる光音響効果であるものの,光電効果も同時に生じていることがわかった.本結果を,国際会議(IEEE Sensors)で発表した.より詳細には,真空容器内でマイクにレーザー照射実験を行い,空気圧によってライトコマンドの結果がどのように変化するか検証した.研究当初,ライトコマンドの原理としては,光音響効果と,光電効果の2つが候補となっていた.上記実験は,両者の分離を目的とする.容器内の気圧は,機械的な振動を伴う光音響効果に変化を及ぼすが,半導体チップ内で生じる光電効果には影響しないためである.実験の結果,主要な原因は熱ピストモンモデルによって生じる光音響効果であるものの,光電効果も同時に生じていることがわかった.また,それらの物理メカニズムにより,影響を持つ周波数帯域が異なることを明らかにした.
・また,上記研究からの派生として,実験で用いたレーザー振動計の別のセキュリティ応用として,MLCC から生じる音響リークの周波数特性について研究を行った.この成果は,国内シンポジウム(ソサイエティ大会,SCIS)で発表を行った.
・さらに,別種センサへの拡張として,温度センサに誤情報を挿入する攻撃について研究し,論文誌(AAMI Biomedical Instrumentation & Technology)で発表した., 21K11884
Apr. 2021 - Mar. 2024 - アナログ回路へのレーザーフォールト攻撃の安全性評価
セコム科学技術振興財団, 令和2年度挑戦的研究助成
Apr. 2020 - Mar. 2023 - Resilience Enhancement of IoT Ecosystem by Cryptographic Technologies
崎山 一男; 廣瀬 勝一; 李 陽; 宮原 大輝; 渡邉 洋平; 岩本 貢; 駒野 雄一; 菅原 健; 三浦 典之; 太田 和夫
Japan Society for the Promotion of Science, Grants-in-Aid for Scientific Research Grant-in-Aid for Scientific Research (S), The University of Electro-Communications, Grant-in-Aid for Scientific Research (S), Coinvestigator, リーク耐性暗号、リーク鍵の蒸留、及びリーク検知技術の3つの研究テーマの実績は以下の通りである。得られた成果は国内会議、国際会議、及び論文誌で発表した。 1)リーク耐性暗号: IDベース暗号について、マスター鍵が漏洩する場合でも安全となる構成法を提案した。また、復号鍵の漏洩に耐性のある鍵失効機能付きIDベース暗号の効率化に成功した。さらに、秘密鍵の盗難や紛失時の鍵漏洩耐性や秘密鍵自体の分散管理について検討した。カードベース暗号について、新しい物理道具を用いる秘密計算プロトコルを提案した。暗号利用モードについては、Lesamnta-LWの性能向上と応用について提案した。情報漏洩の形式的モデルへのフィードバックについては、演算器やマイクロアーキテクチャを精査し、新たな漏洩源を発見するとともに対策法を提案した。 2)リーク鍵の蒸留:AES暗号の秘密鍵復元において、検査フェイズを新たに導入し、従来0%の復元成功確率であった解析を約40%に向上することができた。プロービング攻撃への対策であるマスク実装について、あるブール関数を用いることで効率化できることを発見した。また、SHA-256圧縮関数の代数的故障利用解析やMAC関数chop-MDの偽造攻撃について、効率的な解析手法を考案した。チーム三浦/岩本との連携では、リキー方式の安全性と実装性を再考し、攻撃検知後に漏洩リスク下にある部分鍵を更新する新たな方式を構築した。この方式を搭載したAES暗号処理回路を設計した。 3)リーク検知技術:KU Leuven大と共同で作製したM&M技術により対策されたAES暗号ハードウェアの安全性評価を完了した。さらに連携を深めることで、リーケージセンサとアルゴリズムレベルでの対策技術の協調設計手法に着手できた。リーケージセンサについては、物理的なダイレクトプロービング攻撃の検知感度を高めた新たな回路を開発した。, 18H05289
Jun. 2018 - Mar. 2023 - 複製不可能デバイスを活用したIoT ハードウェアセキュリティ基盤の研究開発
NEDO: 国立研究開発法人新エネルギー・産業技術総合開発機構, IoT 推進のための横断技術開発プロジェクト
01 Apr. 2019 - 31 Mar. 2021 - A study on laser-based signal injection attack and its countermeasure
Sugawara Takeshi
Japan Society for the Promotion of Science, Grants-in-Aid for Scientific Research Grant-in-Aid for Early-Career Scientists, The University of Electro-Communications, Grant-in-Aid for Early-Career Scientists, Principal investigator, We discovered a new attack that injects arbitrary audio signals to a target microphone by aiming an amplitude-modulated light at the microphone’s aperture, and proposed a command injection attack on voice-controllable systems such as smartphones and smart speakers. We evaluated several products showing that we can achieve a successful injection from more than 100 meters using laser power similar to ordinary laser pointers. The paper is accepted at USENIX Security 2020, which is one of the most prestigious conference in the computer-security research field. We made responsible disclosure and collaborated with the vendors for mitigating the vulnerability., 18K18047
Apr. 2018 - Mar. 2021 - Analog Cybersecurity of Laser-Based Sensor Spoofing Attack
Sugawara Takeshi
Japan Society for the Promotion of Science, Grants-in-Aid for Scientific Research Fund for the Promotion of Joint International Research (Fostering Joint International Research (A)), The University of Electro-Communications, Fund for the Promotion of Joint International Research (Fostering Joint International Research (A)), Principal investigator, We discovered a new attack that injects arbitrary audio signals to a target microphone by aiming an amplitude-modulated light at the microphone’s aperture, and proposed a command injection attack on voice-controllable systems such as smartphones and smart speakers. We evaluated several products showing that we can achieve a successful injection from more than 100 meters using laser power similar to ordinary laser pointers. The paper is accepted at USENIX Security 2020, which is one of the most prestigious conference in the computer-security research field. We made responsible disclosure and collaborated with the vendors for mitigating the vulnerability., 18KK0312
2018 - 2020 - 複製不可能デバイスを活用したIoT ハードウェアセキュリティ基盤の研究開発
NEDO: 国立研究開発法人新エネルギー・産業技術総合開発機構, IoT 推進のための横断技術開発プロジェクト
01 Jun. 2017 - 31 Mar. 2019 - IoT機器のサイドチャネル攻撃耐性評価のためのテストベッド構築
菅原 健
日本学術振興会, 科学研究費助成事業 研究活動スタート支援, 電気通信大学, 研究活動スタート支援, Principal investigator, プロジェクト遂行への効率化を目的として,当初の計画から実行順を修正し,まず,仕様書・実装の調査に基づく脅威分析を行った.より具体的には,(I)機器への認証情報の遠隔初期設定,(II)機器間グループへの参加 ・離脱管理,および(III)ファームウェアアップデートを包含する IoT フレームワークである LWM2M とThread を対象として脅威分析を実施した.その結果,リバースエンジニアリングなどの従来良く知られた脅威に加え,(i) サーバ・ゲートウェイにおける遠隔からマイクロアーキテクチャ・サイドチャネル攻撃, および (ii)エッジデバイスの暗号実装としてデファクトスタンダードになりつつある DTLS(Datagram Transport Layer Security,暗号通信のための通信プロトコル)の電力解析攻撃を,IoT 特有で,これまでに見逃されていた重要な脅威として洗い出した.その過程で得た知見を元に,日本銀行が主催する情報セキュリティ・セミナーにおいて,IoTセキュリティに関する講演を行った. 以上の分析に基づき,テストベッドを構成するサーバ・ゲートウェイ・エッジデバイスを調達し,それらの設定・立ち上げを行った.また,脅威を検証するための実証実験に先駆けて着手した.(i) マイクロアーキテクチャ・サイドチャネル攻撃については,優先して評価環境構築・実証実験を優先して行った.その結果,サーバにおける攻撃の実現可能性を明らかにするための可視化を行なうとともに, ゲートウェイにおいて問題の存在を検証するためのチェックツールを開発した.(ii) DTLS については,エッジデバイスを模したマイコン上にDTLS を移植し,電力解析攻撃の安全性評価を行なうためのテストベッド構築を行った., 17H06681
Aug. 2017 - Mar. 2019 - Comprehensive study on anti-tamper techniques to prevent information leakage by laser fault injection attacks
Sakiyama Kazuo; VERBAUWHEDE Ingrid; DANGER Jean-Luc; BHASIN Shivam
Japan Society for the Promotion of Science, Grants-in-Aid for Scientific Research Grant-in-Aid for Scientific Research (A), The University of Electro-Communications, Grant-in-Aid for Scientific Research (A), Coinvestigator, In this research, we have established fundamental countermeasure techniques against laser fault injection attacks, where an attacker intentionally induces soft errors in a cryptographic circuit to retrieve secret information. Specifically, we have conducted four research items; (1) construction of evaluation environment of laser fault injection attacks, (2) measurement of substrate potential fluctuation at laser irradiation and development of attack detection method, (3) development of countermeasure techniques for cryptographic-algorithm level based on detection, and (4) safety evaluation of countermeasure technology. We have deepened our understandings of the information leakage mechanism in the laser fault injection attack from physical and mathematical viewpoints and clarified the feasibility of countermeasure techniques using a prototype IC chip., 15H01688
Apr. 2015 - Mar. 2019 - 暗号ハードウェアのリアルワールド解析技術に関する研究
菅原 健
日本学術振興会, 科学研究費助成事業, 東北大学, 特別研究員奨励費, 平成22年度は,高安全暗号モジュール設計理論について研究を行い,交付申請書の項目に対応して以下の成果を得た。 1.安全性評価手法の高度化として,攻撃者が計測波形に対してプリプロセスを行うことを想定した評価法を示した.まず,時間領域での解析法として,重回帰分析に基づき,時間波形の移動平均などによる品質改善の限界を評価する手法を示した.また,周波数領域での解析法として,漏洩情報を含む狭帯域を同定する手法を示し,帯域制限による波形整形の影響の評価に応用できることを示した. 2.項目1の手法に基づき,ケーブルからの電磁界放射や,チップ近傍からの磁界計測など,計測手法に応じた攻撃の能力を定量的に評価・分類した.数十マイクロメートルの空間分解能を有する磁界プローブを、開封したチップの100マイクロメートル程度に配置した近傍からの計測では,回路内の信号線の寄与がばらつきを考慮した評価が必要であることを示した.一方,遠隔からの計測波形では,周辺機器から伝導する無相関ノイズは,項目1の信号処理技術による波形整形により,効率的に除去できることを示した. 3.脅威を定量的に評価するための手法として,漏洩信号のモデル化と,鍵が既知の条件で行うシミュレーション(既知鍵検査)に基づく安全性評価法を考案した.本手法により,暗号回路の信号線の寄与分の違いを考慮した信号雑音比(SNR)を波形のみを用いて評価できることを示した.また,本シミュレーション手法を応用することで,適合する漏洩モデルの推定が可能であることを示した., 08J08039
2008 - 2010
Industrial Property Rights
- RADAR DEVICE AND CONTROL SYSTEM
Patent right, Takeshi Sugawara, 特願2018-550931, Date applied: 17 Nov. 2016, 特許6490320, Date issued: 27 Mar. 2019 - SIGNAL PROCESSING DEVICE, SIGNAL PROCESSING METHOD, AND SIGNAL PROCESSING PROGRAM
Patent right, Shoei Nashimoto, Takeshi Sugawara, 特願2018-540578, Date applied: 26 Sep. 2019, 特許6448878, Date issued: 09 Jan. 2019 - WIRELESS COMMUNICATION APPARATUS, LOGICAL VALUE SELECTION METHOD, AND LOGICAL VALUE SELECTION PROGRAM
Patent right, Takeshi Sugawara, 特願2016-560844, Date applied: 27 Apr. 2016, 特許6109445, Date issued: 05 Apr. 2017 - SECURITY APPARATUS AND SECURITY METHOD
Patent right, Hisashi Fukuda, Takeshi Yoneda, Nobuhiro Kobayashi, Daisuke Suzuki, Manabu Misawa, Koichi Shimizu, Takeshi Sugawara, 特願2016-571759, Date applied: 05 Nov. 2015, 特許6103169, Date issued: 29 Mar. 2017 - RANDOM NUMBER EXPANDING DEVICE, RANDOM NUMBER EXPANDING METHOD, AND RANDOM NUMBER EXPANDING PROGRAM
Patent right, Takeshi Sugawara, 特願2016-558424, Date applied: 15 Jan. 2015, 特許6058245, Date issued: 11 Jan. 2017 - SOFTWARE UPDATE DEVICE, AND SOFTWARE UPDATE PROGRAM
Patent right, Takeshi Sugawara, 特願2015-546189, Date applied: 06 Nov. 2013, 特許6053950, Date issued: 27 Dec. 2016 - SEMICONDUCTOR DEVICE
Patent right, Takeshi Sugawara, 特願2015-527087, Date applied: 16 Jul. 2013, 特許5976220, Date issued: 23 Aug. 2016 - ATTACK DETECTION DEVICE
Patent right, Minoru Saeki, Takeshi Sugawara, JP2015/064025, Date applied: 15 May 2015 - ERROR DETECTION DEVICE
Patent right, Akashi Satoh, Takeshi Sugawara, Naofumi Homma, Takafumi Aoki, 特願2008-130361, Date applied: 19 May 2008, 特許5164154, Date issued: 13 Mar. 2013 - SEMICONDUCTOR DEVICE
Patent right, Camille Vuillaume, Daisuke Suzuki, Takeshi Sugawara, Takashi Endo, 特願2013-15227, Date applied: 30 Jan. 2013