Academic literature on the topic 'Side channels attacks'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Side channels attacks.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Journal articles on the topic "Side channels attacks"
1
Mostovoy, R. A., A. B. Levina, D. M. Sleptsova, and P. S. Borisenko. "SIDE-CHANNEL ATTACKS ON THE MOBILE PHONES." Vestnik komp'iuternykh i informatsionnykh tekhnologii, no. 186 (December 2019): 46–53. http://dx.doi.org/10.14489/vkit.2019.12.pp.046-053.
Full textAbstract:
Currently, attacks on side channels are the main method of cryptanalysis, but despite this, these attacks have a very specific model of the attacker. As a result, the practical usage of side-channel attacks is sometimes disputable. The level of threat in each case should be assessed taking into account the individual characteristics of a specific target system. Client applications, such as mobile phone applications, are especially vulnerable due to easy access to the device, so it's required to pay sufficient attention to their security, since they are more accessible to the attacker and usually contain a large amount of confidential information. This study represents an assessment of the informativeness of signals from side channels received from mobile phones. The studies used not expensive equipment to minimize the requirements for the level of the attacker and, consequently, increase the applicability of the attack. This undoubtedly leads to the complication of the attacks, so the NICV algorithm was used to analyze the data obtained. The NICV (normalized interclass variance) algorithm can significantly improve the efficiency of the analysis of the traces obtained during an attack by reducing the number of points.
2
Brotzman, Robert, Danfeng Zhang, Mahmut Taylan Kandemir, and Gang Tan. "SpecSafe: detecting cache side channels in a speculative world." Proceedings of the ACM on Programming Languages 5, OOPSLA (October 20, 2021): 1–28. http://dx.doi.org/10.1145/3485506.
Full textAbstract:
The high-profile Spectre attack and its variants have revealed that speculative execution may leave secret-dependent footprints in the cache, allowing an attacker to learn confidential data. However, existing static side-channel detectors either ignore speculative execution, leading to false negatives, or lack a precise cache model, leading to false positives. In this paper, somewhat surprisingly, we show that it is challenging to develop a speculation-aware static analysis with precise cache models: a combination of existing works does not necessarily catch all cache side channels. Motivated by this observation, we present a new semantic definition of security against cache-based side-channel attacks, called Speculative-Aware noninterference (SANI), which is applicable to a variety of attacks and cache models. We also develop SpecSafe to detect the violations of SANI. Unlike other speculation-aware symbolic executors, SpecSafe employs a novel program transformation so that SANI can be soundly checked by speculation-unaware side-channel detectors. SpecSafe is shown to be both scalable and accurate on a set of moderately sized benchmarks, including commonly used cryptography libraries.
3
Boroda, Anatoly, and Taras Petrenko. "IMPACT OF ATTACKS THROUGH SIDE CHANNELS ON INFORMATION SECURITY." TECHNICAL SCIENCES AND TECHNOLOGIES, no. 4(34) (2023): 91–103. http://dx.doi.org/10.25140/2411-5363-2023-4(34)-91-103.
Full textAbstract:
The main structural elements of security mechanisms based on cryptography are cryptographic primitives, namely cryptographic algorithms -symmetric ciphers, public key ciphers and hash functions, which are used to implement the necessary functions of the security mechanism. In order for the cryptographic system to ensure information security, it is necessary that the secret keys used in the cryptographic algorithms for security implementation remain secret (not revealed) under any circumstances. However, in practice, the implementation and operation of cryptographic security mechanisms is far from the perfection of an ideal "black box". That is why side channel attacks are a serious threat to the security of cryptographic modules and, as a result, to the information security of computing and communication systems. Therefore, when implementing protection mechanisms, all possibilities of such attacks should be evaluated and all aspects of their application should be taken into account.The analysis of scientific works in the field of protection of cryptographic systems against attacks by side channels proved that these issues are not given enough attention today.The purpose of the article is the study of attacks through side channels on the implementation of crypto-protection mechanisms, the analysis of the features of their implementation, and an overview of the mechanisms for ensuring information security during the destructive effects of these attacks.The paper considers one of the practical directions of cryptanalysis -attacks through side channels on the implementation of crypto-protection mechanisms. The differences between theoretical cryptanalysis and side-channel attacks are studied. The possibilities of side-channel attacks and the specifics of failure injection attacks are analyzed. The features of ensuring information security during the implementation of cryptographic algorithms for protection against side channel attacks are considered. The need to take into account the threat of these attacks when ensuring the information security of computer and communication systems is proven
4
Lou, Xiaoxuan, Tianwei Zhang, Jun Jiang, and Yinqian Zhang. "A Survey of Microarchitectural Side-channel Vulnerabilities, Attacks, and Defenses in Cryptography." ACM Computing Surveys 54, no. 6 (July 2021): 1–37. http://dx.doi.org/10.1145/3456629.
Full textAbstract:
Side-channel attacks have become a severe threat to the confidentiality of computer applications and systems. One popular type of such attacks is the microarchitectural attack, where the adversary exploits the hardware features to break the protection enforced by the operating system and steal the secrets from the program. In this article, we systematize microarchitectural side channels with a focus on attacks and defenses in cryptographic applications. We make three contributions. (1) We survey past research literature to categorize microarchitectural side-channel attacks. Since these are hardware attacks targeting software, we summarize the vulnerable implementations in software, as well as flawed designs in hardware. (2) We identify common strategies to mitigate microarchitectural attacks, from the application, OS, and hardware levels. (3) We conduct a large-scale evaluation on popular cryptographic applications in the real world and analyze the severity, practicality, and impact of side-channel vulnerabilities. This survey is expected to inspire side-channel research community to discover new attacks, and more importantly, propose new defense solutions against them.
5
Su, Chao, and Qingkai Zeng. "Survey of CPU Cache-Based Side-Channel Attacks: Systematic Analysis, Security Models, and Countermeasures." Security and Communication Networks 2021 (June 10, 2021): 1–15. http://dx.doi.org/10.1155/2021/5559552.
Full textAbstract:
Privacy protection is an essential part of information security. The use of shared resources demands more privacy and security protection, especially in cloud computing environments. Side-channel attacks based on CPU cache utilize shared CPU caches within the same physical device to compromise the system’s privacy (encryption keys, program status, etc.). Information is leaked through channels that are not intended to transmit information, jeopardizing system security. These attacks have the characteristics of both high concealment and high risk. Despite the improvement in architecture, which makes it more difficult to launch system intrusion and privacy leakage through traditional methods, side-channel attacks ignore those defenses because of the shared hardware. Difficult to be detected, they are much more dangerous in modern computer systems. Although some researchers focus on the survey of side-channel attacks, their study is limited to cryptographic modules such as Elliptic Curve Cryptosystems. All the discussions are based on real-world applications (e.g., Curve25519), and there is no systematic analysis for the related attack and security model. Firstly, this paper compares different types of cache-based side-channel attacks. Based on the comparison, a security model is proposed. The model describes the attacks from four key aspects, namely, vulnerability, cache type, pattern, and range. Through reviewing the corresponding defense methods, it reveals from which perspective defense strategies are effective for side-channel attacks. Finally, the challenges and research trends of CPU cache-based side-channel attacks in both attacking and defending are explored. The systematic analysis of CPU cache-based side-channel attacks highlights the fact that these attacks are more dangerous than expected. We believe our survey would draw developers’ attention to side-channel attacks and help to reduce the attack surface in the future.
6
Attah, Amankwah. "Mitigating Electromagnetic Side-Channel Attacks." Advances in Multidisciplinary and scientific Research Journal Publication 1, no. 1 (July 20, 2022): 71–76. http://dx.doi.org/10.22624/aims/crp-bk3-p12.
Full textAbstract:
By providing new sources of electronic evidence, the Internet of Things (IoT) has opened up new possibilities for digital forensics. Obtaining electronic data from IoT, on the other hand, is a difficult process for a variety of reasons, including the use of various types of standard interfaces, the use of light-weight data encryption, such as elliptic curve cryptography (ECC), and so on. The use of electromagnetic side-channel analysis (EM-SCA) to obtain forensically valuable electronic data from IoT devices has been proposed. EM side-channel analysis is a technique for eavesdropping on the operations and data handling of computing devices using unintentional electromagnetic emissions. However, successful EM-SCA attacks on IoT devices require expert knowledge and specialized tools that are not available to most digital forensic investigators. The electromagnetic side-channel (EM-SC) is one of several types of side-channel approaches for extracting usable electronic data from IoT devices. This paper with focus on Electromagnetic side-channel (EM-SC), the positive and negative usage and how to mitigate the negative usage. Keywords: Electromagnetic, Side-channels, digital forensics, IOT, electronic evidence, Africa.
7
Derevianko, Ya A., and I. D. Gorbenko. "FALCON signature vulnerability to special attacks and its protection." Radiotekhnika, no. 210 (September 28, 2022): 37–52. http://dx.doi.org/10.30837/rt.2022.3.210.03.
Full textAbstract:
It is well known that quantum algorithms offer exponential speedup in solving the integer factorization and discrete logarithm problems that existing public-key systems rely on. Thus, post-quantum cryptography seeks alternative classical algorithms that can withstand quantum cryptanalysis. Growing concern about the quantum threat has prompted the National Institute of Standards and Technology (NIST) to invite and evaluate applications for a post-quantum cryptography standard, an ongoing process scheduled to be completed by 2023.
Falcon is an electronic signature algorithm based on the mathematics of algebraic lattices. The disadvantage of this algorithm is the small number of studies of resistance against special attacks, as well as attacks through side channels.
This material examines existing attacks on the implementation, and also analyzes the speed with applying countermeasures that would prevent such attacks. Although the Falcon scheme sampler, as well as certain mathematical transformations, are still vulnerable to attacks (which in turn allow the private key to be obtained), the efficiency of the components and mathematics of this signature algorithm make it competitive with other schemes, even with countermeasures against these attacks.
The work will also consider the attack by side channels on the Falcon. Such an attack is a known-plaintext attack that uses the device's electromagnetic radiation to derive secret signature keys, which can then be used to forge signatures in arbitrary messages. The obtained results show that Falcon is quite vulnerable to side-channel attacks and does not yet have protection against such attacks in the proposed implementation. Because of this, standardization or implementation should consider the possibility of physical attacks, as well as options for countering such attacks.
8
Alexander, Geoffrey, Antonio M. Espinoza, and Jedidiah R. Crandall. "Detecting TCP/IP Connections via IPID Hash Collisions." Proceedings on Privacy Enhancing Technologies 2019, no. 4 (October 1, 2019): 311–28. http://dx.doi.org/10.2478/popets-2019-0071.
Full textAbstract:
Abstract We present a novel attack for detecting the presence of an active TCP connection between a remote Linux server and an arbitrary client machine. The attack takes advantage of side-channels present in the Linux kernel’s handling of the values used to populate an IPv4 packet’s IPID field and applies to kernel versions of 4.0 and higher. We implement and test this attack and evaluate its real world effectiveness and performance when used on active connections to popular web servers. Our evaluation shows that the attack is capable of correctly detecting the IP-port 4-tuple representing an active TCP connection in 84% of our mock attacks. We also demonstrate how the attack can be used by the middle onion router in a Tor circuit to test whether a given client is connected to the guard entry node associated with a given circuit. In addition we discuss the potential issues an attacker would face when attempting to scale it to real world attacks, as well as possible mitigations against the attack. Our attack does not exhaust any global resource, and therefore challenges the notion that there is a direct one-to-one connection between shared, limited resources and non-trivial network side-channels. This means that simply enumerating global shared resources and considering the ways in which they can be exhausted will not suffice for certifying a kernel TCP/IP network stack to be free of privacy risk side-channels.
9
Bache, Florian, Christina Plump, Jonas Wloka, Tim Güneysu, and Rolf Drechsler. "Evaluation of (power) side-channels in cryptographic implementations." it - Information Technology 61, no. 1 (February 25, 2019): 15–28. http://dx.doi.org/10.1515/itit-2018-0028.
Full textAbstract:
Abstract Side-channel attacks enable powerful adversarial strategies against cryptographic devices and encounter an ever-growing attack surface in today’s world of digitalization and the internet of things. While the employment of provably secure side-channel countermeasures like masking have become increasingly popular in recent years, great care must be taken when implementing these in actual devices. The reasons for this are two-fold: The models on which these countermeasures rely do not fully capture the physical reality and compliance with the requirements of the countermeasures is non-trivial in complex implementations. Therefore, it is imperative to validate the SCA-security of concrete instantiations of cryptographic devices using measurements on the actual device. In this article we propose a side-channel evaluation framework that combines an efficient data acquisition process with state-of-the-art confidence interval based leakage assessment. Our approach allows a sound assessment of the potential susceptibility of cryptographic implementations to side-channel attacks and is robust against noise in the evaluation system. We illustrate the steps in the evaluation process by applying them to a protected implementation of AES.
10
Zhang, Xiaojuan, Yayun Zhu, Baiji Hu, Jingyi Cao, and Ziqing Lin. "A Novel Power System Side Channel Attack Method Based on Machine Learning CNN-Transformer." Journal of Physics: Conference Series 2615, no. 1 (October 1, 2023): 012011. http://dx.doi.org/10.1088/1742-6596/2615/1/012011.
Full textAbstract:
Abstract Continuous advancements in cryptography and information technology have rendered current cryptographic algorithms highly robust against traditional cryptanalysis methods. However, in modern power systems, the equipment’s inherent process characteristics result in the leakage of side channel information during the operation of cryptographic algorithms. This information includes power consumption, electromagnetic signals, and timing data. Adversaries can exploit these side channels to compromise encryption keys. To address this issue, a groundbreaking power system side-channel attack method is introduced in this paper, leveraging the CNN-Transformer architecture in machine learning. The proposed approach utilizes power consumption analysis techniques to identify relevant points of interest in the side channel power consumption data. By employing a machine learning model for training, encryption can be breached. Empirical results demonstrate the superior attack efficiency of the model compared to LSTM and CNN models in side channel attacks.
Dissertations / Theses on the topic "Side channels attacks"
1
Subramanian, Venkatachalam. "Proximity-based attacks in wireless sensor networks." Thesis, Georgia Institute of Technology, 2013. http://hdl.handle.net/1853/47610.
Full textAbstract:
The nodes in wireless sensor networks (WSNs) utilize the radio frequency (RF) channel to communicate. Given that the RF channel is the primary communication channel, many researchers have developed techniques for securing that
channel. However, the RF channel is not the only interface into a sensor. The sensing components, which are primarily designed to sense characteristics about the outside world, can also be used (or misused) as a communication (side)
channel. In our work, we aim to characterize the side channels for various sensory components (i.e., light sensor, acoustic sensor, and accelerometer). While previous work has focused on the use of these side channels to improve the
security and performance of a WSN, we seek to determine if the side channels have enough capacity to potentially be used for malicious activity. Specifically, we evaluate the feasibility and practicality of the side channels using today's sensor technology and illustrate that these channels have enough capacity to enable the transfer of common, well-known malware. Given that a significant number of modern robotic systems depend on the external side channels for navigation and environment-sensing, they become potential targets for side-channel attacks. Therefore, we demonstrate
this relatively new form of attack which exploits the uninvestigated but predominantly used side channels to trigger malware residing in real-time robotic systems such as the iRobot Create.
The ultimate goal of our work is to show the impact of this new class of attack and also to motivate the need for an intrusion detection system (IDS) that not only monitors the RF channel, but also monitors the values returned by the sensory components.
2
Goudarzi, Dahmun. "Secure implementation of block ciphers against physical attacks." Electronic Thesis or Diss., Paris Sciences et Lettres (ComUE), 2018. http://www.theses.fr/2018PSLEE082.
Full textAbstract:
Depuis leur introduction à la fin des années 1990, les attaques par canaux auxiliaires sont considérées comme une menace majeure contre les implémentations cryptographiques. Parmi les stratégies de protection existantes, une des plus utilisées est le masquage d’ordre supérieur. Elle consiste à séparer chaque variable interne du calcul cryptographique en plusieurs variables aléatoires. Néanmoins, l’utilisation de cette protection entraîne des pertes d’efficacité considérables, la rendant souvent impraticable pour des produits industriels. Cette thèse a pour objectif de réduire l’écart entre les solutions théoriques, prouvées sûres, et les implémentations efficaces déployables sur des systèmes embarqués. Plus particulièrement, nous nous intéressons à la protection de chiffrement par bloc tel que l’AES, dont l’enjeu principal revient à protéger les boîtes-s avec un surcoût minimal. Nous essayons d’abord de trouver des représentations mathématiques optimales pour l’évaluation des boîtes-s en minimisant le nombre de multiplications (un paramètre déterminant pour l’efficacité du masquage, mais aussi pour le chiffrement homomorphe). Pour cela, nous définissons une méthode générique pour décomposer n’importe quelle fonction sur un corps fini avec une complexité multiplicative faible. Ces représentations peuvent alors être évaluées efficacement avec du masquage d’ordre supérieur. La flexibilité de la méthode de décomposition permet également de l’ajuster facilement selon les nécessités du développeur. Nous proposons ensuite une méthode formelle pour déterminer la sécurité d’un circuit évaluant des schémas de masquages. Cette technique permet notamment de déterminer de manière exacte si une attaque est possible sur un circuit protégé ou non. Par rapport aux autres outils existants, son temps de réponse n’explose pas en la taille du circuit, ce qui permet d’obtenir une preuve de sécurité quelque soit l’ordre de masquage employé. De plus, elle permet de diminuer de manière stricte l’emploi d’outils coûteux en aléas, requis pour renforcer la sécurité des opérations de masquages. Enfin, nous présentons des résultats d’implémentation en proposant des optimisations tant sur le plan algorithmique que sur celui de la programmation. Nous utilisons notamment une stratégie d’implémentation bitslice pour évaluer les boîtes-s en parallèle. Cette stratégie nous permet d’atteindre des records de rapidité pour des implémentations d’ordres élevés. Les différents codes sont développés et optimisés en assembleur ARM, un des langages les plus répandus dans les systèmes embarqués tels que les cartes à puces et les téléphones mobiles. Ces implémentations sont, en outre, disponibles en ligne pour une utilisation publiqueSince their introduction at the end of the 1990s, side-channel attacks are considered to be a major threat against cryptographic implementations. Higher-order masking is considered to be one the most popular existing protection strategies. It consists in separating each internal variable in the cryptographic computation into several random variables. However, the use of this type of protection entails a considerable efficiency loss, making it unusable for industrial solutions. The goal of this thesis is to reduce the gap between theoretical solutions, proven secure, and efficient implementations that can be deployed on embedded systems. More precisely, I am analysing the protection of block ciphers such as the AES encryption scheme, where the main issue is to protect the s-boxes with minimal overhead in costs. I have tried, first, to find optimal mathematical representations in order to evaluate the s-boxes while minimizing the number of multiplications (a decisive parameter for masking schemes, but also for homomorphic encryption). For this purpose, I have defined a generic method to decompose any function on any finite field with a low multiplicative complexity. These representations can, then, be efficiently evaluated with higher-order masking. The flexibility of the decomposition technique allows also easy adjusting to the developer’s needs. Secondly, I have proposed a formal method for measuring the security of circuits evaluating masking schemes. This technique allows to define with exact precision whether an attack on a protected circuit is feasible or not. Unlike other tools, its response time is not exponential in the circuit size, making it possible to obtain a security proof regardless of the masking order used. Furthermore, this method can strictly reduce the use of costly tools in randomness required for reinforcing the security of masking operations. Finally, we present the implementation results with optimizations both on algorithmic and programming fronts. We particularly employ a bitslice implementation strategy for evaluating the s-boxes in parallel. This strategy leads to speed record for implementations protected at high order. The different codes are developed and optimized under ARM assembly, one of the most popular programming language in embedded systems such as smart cards and mobile phones. These implementations are also available online for public use
3
Moghimi, Ahmad. "Side-Channel Attacks on Intel SGX: How SGX Amplifies The Power of Cache Attack." Digital WPI, 2017. https://digitalcommons.wpi.edu/etd-theses/399.
Full textAbstract:
In modern computing environments, hardware resources are commonly shared, and parallel computation is more widely used. Users run their services in parallel on the same hardware and process information with different confidentiality levels every day. Running parallel tasks can cause privacy and security problems if proper isolation is not enforced. Computers need to rely on a trusted root to protect the data from malicious entities. Intel proposed the Software Guard eXtension (SGX) to create a trusted execution environment (TEE) within the processor. SGX allows developers to benefit from the hardware level isolation. SGX relies only on the hardware, and claims runtime protection even if the OS and other software components are malicious. However, SGX disregards any kind of side-channel attacks. Researchers have demonstrated that microarchitectural sidechannels are very effective in thwarting the hardware provided isolation. In scenarios that involve SGX as part of their defense mechanism, system adversaries become important threats, and they are capable of initiating these attacks. This work introduces a new and more powerful cache side-channel attack that provides system adversaries a high resolution channel. The developed attack is able to virtually track all memory accesses of SGX execution with temporal precision. As a proof of concept, we demonstrate our attack to recover cryptographic AES keys from the commonly used implementations including those that were believed to be resistant in previous attack scenarios. Our results show that SGX cannot protect critical data sensitive computations, and efficient AES key recovery is possible in a practical environment. In contrast to previous attacks which require hundreds of measurements, this is the first cache side-channel attack on a real system that can recover AES keys with a minimal number of measurements. We can successfully recover the AES key from T-Table based implementations in a known plaintext and ciphertext scenario with an average of 15 and 7 samples respectively.
4
Wen, David M. Eng (David Y. ). Massachusetts Institute of Technology. "Defending against side-channel attacks : DynamoREA." Thesis, Massachusetts Institute of Technology, 2011. http://hdl.handle.net/1721.1/76992.
Full textAbstract:
Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2011.Cataloged from PDF version of thesis.
Includes bibliographical references (p. 67-68).
Modern computer architectures are prone to leak information about their applications through side-channels caused by micro-architectural side-effects. Through these side-channels, attackers can launch timing attacks by observing how long an application takes to execute and using this timing information to exfiltrate secrets from the application. Timing attacks are dangerous because they break mechanisms that are thought to be secure, such as sandboxing or cryptography. Cloud systems are especially vulnerable, as virtual machines that are thought to be completely isolated on the cloud are at risk of leaking information through side-channels to other virtual machines. DynamoREA is a software solution to protect applications from leaking information through micro-architectural side-channels. DynamoREA uses dynamic binary rewriting to transform application binaries at runtime so that they appear to an observer to be executing on a machine that is absent of micro-architectural side-effects and thus do not leak information through micro-architectural side-channels. A set of test applications and standard applications was used to confirm that DynamoREA does indeed prevent sensitive information from leaking through timing channels. DynamoREA is a promising start to using dynamic binary rewriting as a tool to defend against side-channel attacks.
by David Wen.
M.Eng.
5
Raimondi, Gautier. "Secure compilation against side channel attacks." Electronic Thesis or Diss., Université de Rennes (2023-....), 2023. http://www.theses.fr/2023URENS094.
Full textAbstract:
De par leur omniprésence, la sécurité des systèmes informatiques est un enjeu majeur. Dans cette thèse, nous visons à garantir une sécurité contre un certain type d'attaque : les attaques par canal caché temporel. Ces attaques utilisent le temps d'exécution d'un programme pour déduire des informations sur le système. En particulier, on dit d'un programme qu'il est constant-time lorsqu'il n'est pas sensible à ce type d'attaques. Cela passe par des contraintes sur le programmes, qui ne doit ni réaliser de décisions en utilisant de valeurs secrètes, ni utiliser un de ces secrets pour accéder à la mémoire. Nous présentons dans ce document une méthode permettant de garantir la propriété constant-time d'un programme. Cette méthode est une transformation à haut niveau, suivi d'une compilation par Jasmin pour préserver la propriété. Nous présentons également la preuve de la sécurité et de la préservation sémantique de cette méthodeGiven their ubiquity, the security of computer systems is a major issue. In this thesis, we aim to guarantee security against a certain type of attack: timing side-channel attacks. These attacks use the execution time of a program to deduce information about the system. In particular, a program is said to be constant-time when it is not sensitive to this type of attack. This requires constraints on the program, which must neither make decisions using secret values, nor use one of these secrets to access memory. In this document, we present a method for guaranteeing the constant-time property of a program. This method is a high-level transformation, followed by compilation using Jasmin to preserve the property. We also present a proof of the security and semantic preservation of this method
6
Cagli, Eleonora. "Feature Extraction for Side-Channel Attacks." Electronic Thesis or Diss., Sorbonne université, 2018. http://www.theses.fr/2018SORUS295.
Full textAbstract:
La cryptographie embarquée sur les composants sécurisés peut être vulnérable à des attaques par canaux auxiliaires basées sur l’observation de fuites d’information issues de signaux acquis durant l’exécution de l’algorithme. Aujourd’hui, la présence de nombreuses contremesures peut conduire à l’acquisition de signaux à la fois très bruités, ce qui oblige un attaquant, ou un évaluateur sécuritaire, à utiliser des modèles statistiques, et très larges, ce qui rend difficile l’estimation de tels modèles. Dans cette thèse nous étudions les techniques de réduction de dimension en tant que prétraitement, et plus généralement le problème de l’extraction d’information dans le cas des signaux de grandes dimensions. Les premiers travaux concernent l’application des extracteurs de caractéristiques linéaires classiques en statistiques appliquées, comme l'analyse en composantes principales et l’analyse discriminante linéaire. Nous analysons ensuite une généralisation non linéaire de ce deuxième extracteur qui permet de définir une méthode de prétraitement qui reste efficace en présence de contremesures de masquage. Finalement, en généralisant davantage les modèles d’extractions, nous explorons certaines méthodes d’apprentissage profond pour réduire les prétraitements du signal et extraire de façon automatique l’information du signal brut. En particulier, l’application des réseaux de neurones convolutifs nous permet de mener des attaques qui restent efficaces en présence de désynchronisationCryptographic integrated circuits may be vulnerable to attacks based on the observation of information leakages conducted during the cryptographic algorithms' executions, the so-called Side-Channel Attacks. Nowadays the presence of several countermeasures may lead to the acquisition of signals which are at the same time highly noisy, forcing an attacker or a security evaluator to exploit statistical models, and highly multi-dimensional, letting hard the estimation of such models. In this thesis we study preprocessing techniques aiming at reducing the dimension of the measured data, and the more general issue of information extraction from highly multi-dimensional signals. The first works concern the application of classical linear feature extractors, such as Principal Component Analysis and Linear Discriminant Analysis. Then we analyse a non-linear generalisation of the latter extractor, obtained through the application of a « Kernel Trick », in order to let such preprocessing effective in presence of masking countermeasures. Finally, further generalising the extraction models, we explore the deep learning methodology, in order to reduce signal preprocessing and automatically extract sensitive information from rough signal. In particular, the application of the Convolutional Neural Network allows us to perform some attacks that remain effective in presence of signal desynchronisation
7
Akdemir, Kahraman D. "Error Detection Techniques Against Strong Adversaries." Digital WPI, 2010. https://digitalcommons.wpi.edu/etd-dissertations/406.
Full textAbstract:
"Side channel attacks (SCA) pose a serious threat on many cryptographic devices and are shown to be effective on many existing security algorithms which are in the black box model considered to be secure. These attacks are based on the key idea of recovering secret information using implementation specific side-channels. Especially active fault injection attacks are very effective in terms of breaking otherwise impervious cryptographic schemes. Various countermeasures have been proposed to provide security against these attacks. Double-Data-Rate (DDR) computation, dual-rail encoding, and simple concurrent error detection (CED) are the most popular of these solutions. Even though these security schemes provide sufficient security against weak adversaries, they can be broken relatively easily by a more advanced attacker. In this dissertation, we propose various error detection techniques that target strong adversaries with advanced fault injection capabilities. We first describe the advanced attacker in detail and provide its characteristics. As part of this definition, we provide a generic metric to measure the strength of an adversary. Next, we discuss various techniques for protecting finite state machines (FSMs) of cryptographic devices against active fault attacks. These techniques mainly depend on nonlinear robust codes and physically unclonable functions (PUFs). We show that due to the nonuniform behavior of FSM variables, securing FSMs using nonlinear codes is an important and difficult problem. As a solution to this problem, we propose error detection techniques based on nonlinear codes with different randomization methods. We also show how PUFs can be utilized to protect a class of FSMs. This solution provides security on the physical level as well as the logical level. In addition, for each technique, we provide possible hardware realizations and discuss area/security performance. Furthermore, we provide an error detection technique for protecting elliptic curve point addition and doubling operations against active fault attacks. This technique is based on nonlinear robust codes and provides nearly perfect error detection capability (except with exponentially small probability). We also conduct a comprehensive analysis in which we apply our technique to different elliptic curves (i.e. Weierstrass and Edwards) over different coordinate systems (i.e. affine and projective). "
8
Köpf, Boris Alexander. "Formal approaches to countering side-channel attacks /." Zürich : ETH, 2007. http://e-collection.ethbib.ethz.ch/show?type=diss&nr=17500.
Full text
9
Brisfors, Martin, and Sebastian Forsmark. "Deep-Learning Side-Channel Attacks on AES." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-253008.
Full textAbstract:
Nyligen har stora framsteg gjorts i att tillämpa djupinlärning på sidokanalat- tacker. Detta medför ett hot mot säkerheten för implementationer av kryp- tografiska algoritmer. Konceptuellt är tanken att övervaka ett chip medan det kör kryptering för informationsläckage av ett visst slag, t.ex. Energiförbrukning. Man använder då kunskap om den underliggande krypteringsalgoritmen för att träna en modell för att känna igen nyckeln som används för kryptering. Modellen appliceras sedan på mätningar som samlats in från ett chip under attack för att återskapa krypteringsnyckeln. Vi försökte förbättra modeller från ett tidigare arbete som kan finna en byte av en 16-bytes krypteringsnyckel för Advanced Advanced Standard (AES)-128 från över 250 mätningar. Vår modell kan finna en byte av nyckeln från en enda mätning. Vi har även tränat ytterligare modeller som kan finna inte bara en enda nyckelbyte, men hela nyckeln. Vi uppnådde detta genom att ställa in vissa parametrar för bättre modellprecision. Vi samlade vår egen tränings- data genom att fånga en stor mängd strömmätningar från ett Xmega 128D4 mikrokontrollerchip. Vi samlade också mätningar från ett annat chip - som vi inte tränade på - för att fungera som en opartisk referens för testning. När vi uppnådde förbättrad precision märkte vi också ett intressant fenomen: vissa labels var mycket enklare att identifiera än andra. Vi fann också en stor varians i modellprecision och undersökte dess orsak.Recently, substantial progress has been made in applying deep learning to side channel attacks. This imposes a threat to the security of implementations of cryptographic algorithms. Conceptually, the idea is to monitor a chip while it’s running encryption for information leakage of a certain kind, e.g. power consumption. One then uses knowledge of the underlying encryption algorithm to train a model to recognize the key used for encryption. The model is then applied to traces gathered from a victim chip in order to recover the encryption key.We sought to improve upon models from previous work that can recover one byte of the 16-byte encryption key of Advanced Encryption Standard (AES)-128 from over 250 traces. Our model can recover one byte of the key from a single trace. We also trained additional models that can recover not only a single keybyte, but the entire key. We accomplished this by tuning certain parameters for better model accuracy. We gathered our own training data by capturing a large amount of power traces from an Xmega 128D4 microcontroller chip. We also gathered traces from a second chip - that we did not train on - to serve as an unbiased set for testing. Upon achieving improved accuracy we also noticed an interesting phenomenon: certain labels were much easier to identify than others. We also found large variance in model accuracy and investigated its cause.
10
Irazoki, Gorka. "Cross-core Microarchitectural Attacks and Countermeasures." Digital WPI, 2017. https://digitalcommons.wpi.edu/etd-dissertations/160.
Full textAbstract:
In the last decade, multi-threaded systems and resource sharing have brought a number of technologies that facilitate our daily tasks in a way we never imagined. Among others, cloud computing has emerged to offer us powerful computational resources without having to physically acquire and install them, while smartphones have almost acquired the same importance desktop computers had a decade ago. This has only been possible thanks to the ever evolving performance optimization improvements made to modern microarchitectures that efficiently manage concurrent usage of hardware resources. One of the aforementioned optimizations is the usage of shared Last Level Caches (LLCs) to balance different CPU core loads and to maintain coherency between shared memory blocks utilized by different cores. The latter for instance has enabled concurrent execution of several processes in low RAM devices such as smartphones. Although efficient hardware resource sharing has become the de-facto model for several modern technologies, it also poses a major concern with respect to security. Some of the concurrently executed co-resident processes might in fact be malicious and try to take advantage of hardware proximity. New technologies usually claim to be secure by implementing sandboxing techniques and executing processes in isolated software environments, called Virtual Machines (VMs). However, the design of these isolated environments aims at preventing pure software- based attacks and usually does not consider hardware leakages. In fact, the malicious utilization of hardware resources as covert channels might have severe consequences to the privacy of the customers. Our work demonstrates that malicious customers of such technologies can utilize the LLC as the covert channel to obtain sensitive information from a co-resident victim. We show that the LLC is an attractive resource to be targeted by attackers, as it offers high resolution and, unlike previous microarchitectural attacks, does not require core-colocation. Particularly concerning are the cases in which cryptography is compromised, as it is the main component of every security solution. In this sense, the presented work does not only introduce three attack variants that can be applicable in different scenarios, but also demonstrates the ability to recover cryptographic keys (e.g. AES and RSA) and TLS session messages across VMs, bypassing sandboxing techniques. Finally, two countermeasures to prevent microarchitectural attacks in general and LLC attacks in particular from retrieving fine- grain information are presented. Unlike previously proposed countermeasures, ours do not add permanent overheads in the system but can be utilized as preemptive defenses. The first identifies leakages in cryptographic software that can potentially lead to key extraction, and thus, can be utilized by cryptographic code designers to ensure the sanity of their libraries before deployment. The second detects microarchitectural attacks embedded into innocent-looking binaries, preventing them from being posted in official application repositories that usually have the full trust of the customer.
Books on the topic "Side channels attacks"
1
Kim, Sung Justin. Integrated and Distributed Digital Low-Drop-Out Regulators with Event-Driven Controls and Side-Channel Attack Resistance. [New York, N.Y.?]: [publisher not identified], 2021.
Find full text
2
Side Channel Attacks. MDPI, 2019. http://dx.doi.org/10.3390/books978-3-03921-001-5.
Full text
3
GALS System Design: Side channel attack secure cryptographic accelerators. Konstanz: Hartung-Grove, 2006.
Find full text
4
Gunn, Steven. Trade and Tillage. Oxford University Press, 2018. http://dx.doi.org/10.1093/oso/9780198802860.003.0005.
Full textAbstract:
This chapter examines the economic effects of war. Heavy taxation and disrupted export trade threatened recession each time war broke out. Coastal traders and fishing boats were vulnerable to raiders, as was agriculture on the Scottish borders and in the English Pale in Ireland. Yet there was another side to the story. Cloth was bought up to clothe soldiers and food to feed them, while arms traders, iron smelters, horse dealers, fortification builders, and English privateers, who attacked foreign shipping in the Channel and Atlantic, all did well. So did the borderers who raided the Scots for their livestock and those who made different varieties of corruption pay.
Book chapters on the topic "Side channels attacks"
1
Wang, Wubing, Guoxing Chen, Yueqiang Cheng, Yinqian Zhang, and Zhiqiang Lin. "Specularizer : Detecting Speculative Execution Attacks via Performance Tracing." In Detection of Intrusions and Malware, and Vulnerability Assessment, 151–72. Cham: Springer International Publishing, 2021. http://dx.doi.org/10.1007/978-3-030-80825-9_8.
Full textAbstract:
AbstractThis paper presents Specularizer, a framework for uncovering speculative execution attacks using performance tracing features available in commodity processors. It is motivated by the practical difficulty of eradicating such vulnerabilities in the design of CPU hardware and operating systems and the principle of defense-in-depth. The key idea of Specularizer is the use of Hardware Performance Counters and Processor Trace to perform lightweight monitoring of production applications and the use of machine learning techniques for identifying the occurrence of the attacks during offline forensics analysis. Different from prior works that use performance counters to detect side-channel attacks, Specularizer monitors triggers of the critical paths of the speculative execution attacks, thus making the detection mechanisms robust to different choices of side channels used in the attacks. To evaluate Specularizer, we model all known types of exception-based and misprediction-based speculative execution attacks and automatically generate thousands of attack variants. Experimental results show that Specularizer yields superior detection accuracy and the online tracing of Specularizer incur reasonable overhead.
2
Lomné, V., A. Dehaboui, P. Maurine, L. Torres, and M. Robert. "Side Channel Attacks." In Security Trends for FPGAS, 47–72. Dordrecht: Springer Netherlands, 2011. http://dx.doi.org/10.1007/978-94-007-1338-3_3.
Full text
3
Yasin, Muhammad, Jeyavijayan Rajendran, and Ozgur Sinanoglu. "Side-Channel Attacks." In Analog Circuits and Signal Processing, 119–30. Cham: Springer International Publishing, 2019. http://dx.doi.org/10.1007/978-3-030-15334-2_10.
Full text
4
Caddy, Tom. "Side-Channel Attacks." In Encyclopedia of Cryptography and Security, 1204. Boston, MA: Springer US, 2011. http://dx.doi.org/10.1007/978-1-4419-5906-5_227.
Full text
5
Batina, Lejla, and Ileana Buhan. "Side-Channel Attacks." In Encyclopedia of Cryptography, Security and Privacy, 1–4. Berlin, Heidelberg: Springer Berlin Heidelberg, 2023. http://dx.doi.org/10.1007/978-3-642-27739-9_1795-1.
Full text
6
Baksi, Anubhab. "Side Channel Attack." In Computer Architecture and Design Methodologies, 99–108. Singapore: Springer Singapore, 2022. http://dx.doi.org/10.1007/978-981-16-6522-6_4.
Full text
7
Elaabid, M. Abdelaziz, Olivier Meynard, Sylvain Guilley, and Jean-Luc Danger. "Combined Side-Channel Attacks." In Information Security Applications, 175–90. Berlin, Heidelberg: Springer Berlin Heidelberg, 2011. http://dx.doi.org/10.1007/978-3-642-17955-6_13.
Full text
8
Renauld, Mathieu, and François-Xavier Standaert. "Algebraic Side-Channel Attacks." In Information Security and Cryptology, 393–410. Berlin, Heidelberg: Springer Berlin Heidelberg, 2010. http://dx.doi.org/10.1007/978-3-642-16342-5_29.
Full text
9
Carlet, Claude. "S-boxes, Boolean Functions and Codes for the Resistance of Block Ciphers to Cryptographic Attacks, with or without Side Channels." In Security, Privacy, and Applied Cryptography Engineering, 151–71. Cham: Springer International Publishing, 2015. http://dx.doi.org/10.1007/978-3-319-24126-5_10.
Full text
10
Ouladj, Maamar, and Sylvain Guilley. "Foundations of Side-Channel Attacks." In Side-Channel Analysis of Embedded Systems, 9–20. Cham: Springer International Publishing, 2021. http://dx.doi.org/10.1007/978-3-030-77222-2_2.
Full textConference papers on the topic "Side channels attacks"
1
Xu, Yuanzhong, Weidong Cui, and Marcus Peinado. "Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems." In 2015 IEEE Symposium on Security and Privacy (SP). IEEE, 2015. http://dx.doi.org/10.1109/sp.2015.45.
Full text
2
Xue, Guoling. "Session details: Session 4B -- Leakage Attacks: Side Channels." In CCS'14: 2014 ACM SIGSAC Conference on Computer and Communications Security. New York, NY, USA: ACM, 2014. http://dx.doi.org/10.1145/3255152.
Full text
3
Soares, Luigi, and Fernando Magno Quintão Pereira. "Memory-Safe Elimination of Side Channels." In Concurso de Teses e Dissertações. Sociedade Brasileira de Computação - SBC, 2023. http://dx.doi.org/10.5753/ctd.2023.229445.
Full textAbstract:
In this project, we find a new service for partial control-flow linearization (PCFL), a code transformation initially conceived to maximize work performed in vectorized programs. We show that PCFL can be employed as a defense mechanism against timing attacks. This transformation is sound: given an instance of its public inputs, the partially linearized program always runs the same sequence of instructions, regardless of secret inputs. Incidentally, if the original program is publicly safe, then accesses to the data cache will be data oblivious in the transformed code. The transformation is optimal: every branch that depends on some secret data is linearized; no branch that depends on only public data is linearized. Therefore, the transformation preserves loops that depend exclusively on public information. If every branch that leaves a loop depends on secret data, then the transformed program will not terminate. Our transformation extends previous work in non-trivial ways. It handles C constructs such as “break”, “switch” and “continue”, which are absent in the FaCT domain-specific language (2018). Like Constantine (2021), our code transformation ensures operation invariance, but without requiring profiling information. Additionally, in contrast to SC-Eliminator (2018), our implementation handles programs containing general, unbounded loops.
4
Szefer, Jakub. "Thermal and Voltage Side and Covert Channels and Attacks in Cloud FPGAs." In FPGA '20: The 2020 ACM/SIGDA International Symposium on Field-Programmable Gate Arrays. New York, NY, USA: ACM, 2020. http://dx.doi.org/10.1145/3373087.3375881.
Full text
5
Guilley, Sylvain, Olivier Meynard, Maxime Nassar, Guillaume Duc, Philippe Hoogvorst, Houssem Maghrebi, Aziz Elaabid, et al. "Vade mecum on side-channels attacks and countermeasures for the designer and the evaluator." In Technology of Integrated Systems in Nanoscale Era (DTIS). IEEE, 2011. http://dx.doi.org/10.1109/dtis.2011.5941419.
Full text
6
Liu, Chenang, Chen Kan, and Wenmeng Tian. "An Online Side Channel Monitoring Approach for Cyber-Physical Attack Detection of Additive Manufacturing." In ASME 2020 15th International Manufacturing Science and Engineering Conference. American Society of Mechanical Engineers, 2020. http://dx.doi.org/10.1115/msec2020-8503.
Full textAbstract:
Abstract Due to its predominant flexibility in fabricating complex geometries, additive manufacturing (AM) has gain increasing popularity in various mission critical applications, such as aerospace, health care, military, and transportation. The layerby-layer manner of AM fabrication significantly expands the vulnerability space of AM cyber-physical systems, leading to potentially altered AM parts with compromised mechanical properties and functionalities. Moreover, internal alterations of the build are very difficult to detect based on traditional geometric dimensioning and tolerancing (GD&T) features. Therefore, how to achieve effective monitoring and attack detection is a very important problem for broader adoption of AM technology. To address this issue, this paper proposes to utilize side channels for process authentication. An online feature extraction approach is developed based on autoencoder to detect unintended process/product alterations caused by cyber-physical attacks. Both supervised and unsupervised monitoring schemes are implemented based on the extracted features. To validate the effectiveness of the proposed method, two real-world case studies are conducted on a fused filament fabrication (FFF) platform equipped with two accelerometers for process monitoring. Two different types of attacks are implemented. The results demonstrate that the proposed method outperforms conventional process monitoring methods, and can effectively detect part geometry and layer thickness alterations in real time.
7
Kang, Young-Jin, Ndibanje Bruce, SuHyun Park, and HoonJae Lee. "A study on information security attack based side-channel attacks." In 2016 18th International Conference on Advanced Communication Technology (ICACT). IEEE, 2016. http://dx.doi.org/10.1109/icact.2016.7423273.
Full text
8
Kang, Young-Jin, Ndibanje Bruce, SuHyun Park, and HoonJae Lee. "A study on information security attack based side-channel attacks." In 2016 18th International Conference on Advanced Communication Technology (ICACT). IEEE, 2016. http://dx.doi.org/10.1109/icact.2016.7423274.
Full text
9
Yu, Yang, Felipe Marranghello, Victor Diges Teijeira, and Elena Dubrova. "One-Sided Countermeasures for Side-Channel Attacks Can Backfire." In WiSec '18: 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks. New York, NY, USA: ACM, 2018. http://dx.doi.org/10.1145/3212480.3226104.
Full text
10
Sayakkara, Asanka, Nhien-An Le-Khac, and Mark Scanlon. "Electromagnetic side-channel attacks." In ISSTA '18: International Symposium on Software Testing and Analysis. New York, NY, USA: ACM, 2018. http://dx.doi.org/10.1145/3236454.3236512.
Full text