1,307 research outputs found
A new countermeasure against side-channel attacks based on hardware-software co-design
This paper aims at presenting a new countermeasure against Side-Channel Analysis (SCA) attacks, whose implementation is based on a hardware-software co-design. The hardware architecture consists of a microprocessor, which executes the algorithm using a false key, and a coprocessor that performs several operations that are necessary to retrieve the original text that was encrypted with the real key. The coprocessor hardly affects the power consumption of the device, so that any classical attack based on such power consumption would reveal a false key. Additionally, as the operations carried out by the coprocessor are performed in parallel with the microprocessor, the execution time devoted for encrypting a specific text is not affected by the proposed countermeasure. In order to verify the correctness of our proposal, the system was implemented on a Virtex 5 FPGA. Different SCA attacks were performed on several functions of AES algorithm. Experimental results show in all cases that the system is effectively protected by revealing a false encryption key.Peer ReviewedPreprin
A Comprehensive Survey on the Implementations, Attacks, and Countermeasures of the Current NIST Lightweight Cryptography Standard
This survey is the first work on the current standard for lightweight
cryptography, standardized in 2023. Lightweight cryptography plays a vital role
in securing resource-constrained embedded systems such as deeply-embedded
systems (implantable and wearable medical devices, smart fabrics, smart homes,
and the like), radio frequency identification (RFID) tags, sensor networks, and
privacy-constrained usage models. National Institute of Standards and
Technology (NIST) initiated a standardization process for lightweight
cryptography and after a relatively-long multi-year effort, eventually, in Feb.
2023, the competition ended with ASCON as the winner. This lightweight
cryptographic standard will be used in deeply-embedded architectures to provide
security through confidentiality and integrity/authentication (the dual of the
legacy AES-GCM block cipher which is the NIST standard for symmetric key
cryptography). ASCON's lightweight design utilizes a 320-bit permutation which
is bit-sliced into five 64-bit register words, providing 128-bit level
security. This work summarizes the different implementations of ASCON on
field-programmable gate array (FPGA) and ASIC hardware platforms on the basis
of area, power, throughput, energy, and efficiency overheads. The presented
work also reviews various differential and side-channel analysis attacks (SCAs)
performed across variants of ASCON cipher suite in terms of algebraic,
cube/cube-like, forgery, fault injection, and power analysis attacks as well as
the countermeasures for these attacks. We also provide our insights and visions
throughout this survey to provide new future directions in different domains.
This survey is the first one in its kind and a step forward towards
scrutinizing the advantages and future directions of the NIST lightweight
cryptography standard introduced in 2023
A Survey on Wireless Sensor Network Security
Wireless sensor networks (WSNs) have recently attracted a lot of interest in
the research community due their wide range of applications. Due to distributed
nature of these networks and their deployment in remote areas, these networks
are vulnerable to numerous security threats that can adversely affect their
proper functioning. This problem is more critical if the network is deployed
for some mission-critical applications such as in a tactical battlefield.
Random failure of nodes is also very likely in real-life deployment scenarios.
Due to resource constraints in the sensor nodes, traditional security
mechanisms with large overhead of computation and communication are infeasible
in WSNs. Security in sensor networks is, therefore, a particularly challenging
task. This paper discusses the current state of the art in security mechanisms
for WSNs. Various types of attacks are discussed and their countermeasures
presented. A brief discussion on the future direction of research in WSN
security is also included.Comment: 24 pages, 4 figures, 2 table
Algebraic Watchdog: Mitigating Misbehavior in Wireless Network Coding
We propose a secure scheme for wireless network coding, called the algebraic
watchdog. By enabling nodes to detect malicious behaviors probabilistically and
use overheard messages to police their downstream neighbors locally, the
algebraic watchdog delivers a secure global self-checking network. Unlike
traditional Byzantine detection protocols which are receiver-based, this
protocol gives the senders an active role in checking the node downstream. The
key idea is inspired by Marti et al.'s watchdog-pathrater, which attempts to
detect and mitigate the effects of routing misbehavior.
As an initial building block of a such system, we first focus on a two-hop
network. We present a graphical model to understand the inference process nodes
execute to police their downstream neighbors; as well as to compute, analyze,
and approximate the probabilities of misdetection and false detection. In
addition, we present an algebraic analysis of the performance using an
hypothesis testing framework that provides exact formulae for probabilities of
false detection and misdetection.
We then extend the algebraic watchdog to a more general network setting, and
propose a protocol in which we can establish trust in coded systems in a
distributed manner. We develop a graphical model to detect the presence of an
adversarial node downstream within a general multi-hop network. The structure
of the graphical model (a trellis) lends itself to well-known algorithms, such
as the Viterbi algorithm, which can compute the probabilities of misdetection
and false detection. We show analytically that as long as the min-cut is not
dominated by the Byzantine adversaries, upstream nodes can monitor downstream
neighbors and allow reliable communication with certain probability. Finally,
we present simulation results that support our analysis.Comment: 10 pages, 10 figures, Submitted to IEEE Journal on Selected Areas in
Communications (JSAC) "Advances in Military Networking and Communications
Using quantum key distribution for cryptographic purposes: a survey
The appealing feature of quantum key distribution (QKD), from a cryptographic
viewpoint, is the ability to prove the information-theoretic security (ITS) of
the established keys. As a key establishment primitive, QKD however does not
provide a standalone security service in its own: the secret keys established
by QKD are in general then used by a subsequent cryptographic applications for
which the requirements, the context of use and the security properties can
vary. It is therefore important, in the perspective of integrating QKD in
security infrastructures, to analyze how QKD can be combined with other
cryptographic primitives. The purpose of this survey article, which is mostly
centered on European research results, is to contribute to such an analysis. We
first review and compare the properties of the existing key establishment
techniques, QKD being one of them. We then study more specifically two generic
scenarios related to the practical use of QKD in cryptographic infrastructures:
1) using QKD as a key renewal technique for a symmetric cipher over a
point-to-point link; 2) using QKD in a network containing many users with the
objective of offering any-to-any key establishment service. We discuss the
constraints as well as the potential interest of using QKD in these contexts.
We finally give an overview of challenges relative to the development of QKD
technology that also constitute potential avenues for cryptographic research.Comment: Revised version of the SECOQC White Paper. Published in the special
issue on QKD of TCS, Theoretical Computer Science (2014), pp. 62-8
Building Correlation Immune Functions from Sets of Mutually Orthogonal Cellular Automata
Correlation immune Boolean functions play an important role in the implementation of efficient masking countermeasures for side-channel attacks in cryptography. In this paper, we investigate a method to construct correlation immune functions through families of mutually orthogonal cellular automata (MOCA). First, we show that the orthogonal array (OA) associated to a family of MOCA can be expanded to a binary OA of strength at least 2. To prove this result, we exploit the characterization of MOCA in terms of orthogonal labelings on de Bruijn graphs. Then, we use the resulting binary OA to define the support of a second-order correlation immune function. Next, we perform some computational experiments to construct all such functions up to variables, and observe that their correlation immunity order is actually greater, always at least 3. We conclude by discussing how these results open up interesting perspectives for future research, with respect to the search of new correlation-immune functions and binary orthogonal arrays
Fault Attacks In Symmetric Key Cryptosystems
Fault attacks are among the well-studied topics in the area of cryptography. These attacks constitute a powerful tool to recover the secret key used in the encryption process. Fault attacks work by forcing a device to work under non-ideal environmental conditions (such as high temperature) or external disturbances (such as glitch in the power supply) while performing a cryptographic operation. The recent trend shows that the amount of research in this direction; which ranges from attacking a particular primitive, proposing a fault countermeasure, to attacking countermeasures; has grown up substantially and going to stay as an active research interest for a foreseeable future. Hence, it becomes apparent to have a comprehensive yet compact study of the (major) works. This work, which covers a wide spectrum in the present day research on fault attacks that fall under the purview of the symmetric key cryptography, aims at fulfilling the absence of an up-to-date survey. We present mostly all aspects of the topic in a way which is not only understandable for a non-expert reader, but also helpful for an expert as a reference
- …