8,710 research outputs found
On Mitigation of Side-Channel Attacks in 3D ICs: Decorrelating Thermal Patterns from Power and Activity
Various side-channel attacks (SCAs) on ICs have been successfully
demonstrated and also mitigated to some degree. In the context of 3D ICs,
however, prior art has mainly focused on efficient implementations of classical
SCA countermeasures. That is, SCAs tailored for up-and-coming 3D ICs have been
overlooked so far. In this paper, we conduct such a novel study and focus on
one of the most accessible and critical side channels: thermal leakage of
activity and power patterns. We address the thermal leakage in 3D ICs early on
during floorplanning, along with tailored extensions for power and thermal
management. Our key idea is to carefully exploit the specifics of material and
structural properties in 3D ICs, thereby decorrelating the thermal behaviour
from underlying power and activity patterns. Most importantly, we discuss
powerful SCAs and demonstrate how our open-source tool helps to mitigate them.Comment: Published in Proc. Design Automation Conference, 201
Differential Privacy: on the trade-off between Utility and Information Leakage
Differential privacy is a notion of privacy that has become very popular in
the database community. Roughly, the idea is that a randomized query mechanism
provides sufficient privacy protection if the ratio between the probabilities
that two adjacent datasets give the same answer is bound by e^epsilon. In the
field of information flow there is a similar concern for controlling
information leakage, i.e. limiting the possibility of inferring the secret
information from the observables. In recent years, researchers have proposed to
quantify the leakage in terms of R\'enyi min mutual information, a notion
strictly related to the Bayes risk. In this paper, we show how to model the
query system in terms of an information-theoretic channel, and we compare the
notion of differential privacy with that of mutual information. We show that
differential privacy implies a bound on the mutual information (but not
vice-versa). Furthermore, we show that our bound is tight. Then, we consider
the utility of the randomization mechanism, which represents how close the
randomized answers are, in average, to the real ones. We show that the notion
of differential privacy implies a bound on utility, also tight, and we propose
a method that under certain conditions builds an optimal randomization
mechanism, i.e. a mechanism which provides the best utility while guaranteeing
differential privacy.Comment: 30 pages; HAL repositor
Quantifying Timing Leaks and Cost Optimisation
We develop a new notion of security against timing attacks where the attacker
is able to simultaneously observe the execution time of a program and the
probability of the values of low variables. We then show how to measure the
security of a program with respect to this notion via a computable estimate of
the timing leakage and use this estimate for cost optimisation.Comment: 16 pages, 2 figures, 4 tables. A shorter version is included in the
proceedings of ICICS'08 - 10th International Conference on Information and
Communications Security, 20-22 October, 2008 Birmingham, U
- …