1,676 research outputs found
Analysis Of Variance and CPA in SCA
This paper introduces Side-Channel Analysis results obtained on an unprotected circuit characterized by a surprisingly non-linear leakage. While in such a case, Correlation Power Analysis is not adapted, we show that a more generic attack, based on the Analysis Of Variance (AOV) outperfoms CPA. It has the advantage of detecting non-linear leakage, unlike Correlation Power Analysis, and of providing similar or much better results in all cases, with a similar computation time
Recommended from our members
Memory-Based High-Level Synthesis Optimizations Security Exploration on the Power Side-Channel
High-level synthesis (HLS) allows hardware designers to think algorithmically and not worry about low-level, cycle-by-cycle details. This provides the ability to quickly explore the architectural design space and tradeoffs between resource utilization and performance. Unfortunately, security evaluation is not a standard part of the HLS design flow. In this article, we aim to understand the effects of memory-based HLS optimizations on power side-channel leakage. We use Xilinx Vivado HLS to develop different cryptographic cores, implement them on a Spartan-6 FPGA, and collect power traces. We evaluate the designs with respect to resource utilization, performance, and information leakage through power consumption. We have two important observations and contributions. First, the choice of resource optimization directive results in different levels of side-channel vulnerabilities. Second, the partitioning optimization directive can greatly compromise the hardware cryptographic system through power side-channel leakage due to the deployment of memory control logic. We describe an evaluation procedure for power side-channel leakage and use it to make best-effort recommendations about how to design more secure architectures in the cryptographic domain
Stress, social support and psychological well-being in British chartered accountants
School of Managemen
Explointing FPGA block memories for protected cryptographic implementations
Modern Field Programmable Gate Arrays (FPGAs) are power packed with features to facilitate designers. Availability of features like huge block memory (BRAM), Digital Signal Processing (DSP) cores, embedded CPU makes the design strategy of FPGAs quite different from ASICs. FPGA are also widely used in security-critical application where protection against known attacks is of prime importance. We focus ourselves on physical attacks which target physical implementations. To design countermeasures against such attacks, the strategy for FPGA designers should also be different from that in ASIC. The available features should be exploited to design compact and strong countermeasures. In this paper, we propose methods to exploit the BRAMs in FPGAs for designing compact countermeasures. BRAM can be used to optimize intrinsic countermeasures like masking and dual-rail logic, which otherwise have significant overhead (at least 2X). The optimizations are applied on a real AES-128 co-processor and tested for area overhead and resistance on Xilinx Virtex-5 chips. The presented masking countermeasure has an overhead of only 16% when applied on AES. Moreover Dual-rail Precharge Logic (DPL) countermeasure has been optimized to pack the whole sequential part in the BRAM, hence enhancing the security. Proper robustness evaluations are conducted to analyze the optimization for area and security
High Efficiency Power Side-Channel Attack Immunity using Noise Injection in Attenuated Signature Domain
With the advancement of technology in the last few decades, leading to the
widespread availability of miniaturized sensors and internet-connected things
(IoT), security of electronic devices has become a top priority. Side-channel
attack (SCA) is one of the prominent methods to break the security of an
encryption system by exploiting the information leaked from the physical
devices. Correlational power attack (CPA) is an efficient power side-channel
attack technique, which analyses the correlation between the estimated and
measured supply current traces to extract the secret key. The existing
countermeasures to the power attacks are mainly based on reducing the SNR of
the leaked data, or introducing large overhead using techniques like power
balancing. This paper presents an attenuated signature AES (AS-AES), which
resists SCA with minimal noise current overhead. AS-AES uses a shunt
low-drop-out (LDO) regulator to suppress the AES current signature by 400x in
the supply current traces. The shunt LDO has been fabricated and validated in
130 nm CMOS technology. System-level implementation of the AS-AES along with
noise injection, shows that the system remains secure even after 50K
encryptions, with 10x reduction in power overhead compared to that of noise
addition alone.Comment: IEEE International Symposium on Hardware Oriented Security and Trust
(HOST) 201
Physical Time-Varying Transfer Functions as Generic Low-Overhead Power-SCA Countermeasure
Mathematically-secure cryptographic algorithms leak significant side channel
information through their power supplies when implemented on a physical
platform. These side channel leakages can be exploited by an attacker to
extract the secret key of an embedded device. The existing state-of-the-art
countermeasures mainly focus on the power balancing, gate-level masking, or
signal-to-noise (SNR) reduction using noise injection and signature
attenuation, all of which suffer either from the limitations of high power/area
overheads, performance degradation or are not synthesizable. In this article,
we propose a generic low-overhead digital-friendly power SCA countermeasure
utilizing physical Time-Varying Transfer Functions (TVTF) by randomly shuffling
distributed switched capacitors to significantly obfuscate the traces in the
time domain. System-level simulation results of the TVTF-AES implemented in
TSMC 65nm CMOS technology show > 4000x MTD improvement over the unprotected
implementation with nearly 1.25x power and 1.2x area overheads, and without any
performance degradation
Advances in SCA and RF-DNA Fingerprinting Through Enhanced Linear Regression Attacks and Application of Random Forest Classifiers
Radio Frequency (RF) emissions from electronic devices expose security vulnerabilities that can be used by an attacker to extract otherwise unobtainable information. Two realms of study were investigated here, including the exploitation of 1) unintentional RF emissions in the field of Side Channel Analysis (SCA), and 2) intentional RF emissions from physical devices in the field of RF-Distinct Native Attribute (RF-DNA) fingerprinting. Statistical analysis on the linear model fit to measured SCA data in Linear Regression Attacks (LRA) improved performance, achieving 98% success rate for AES key-byte identification from unintentional emissions. However, the presence of non-Gaussian noise required the use of a non-parametric classifier to further improve key guessing attacks. RndF based profiling attacks were successful in very high dimensional data sets, correctly guessing all 16 bytes of the AES key with a 50,000 variable dataset. With variable reduction, Random Forest still outperformed Template Attack for this data set, requiring fewer traces and achieving higher success rates with lower misclassification rate. Finally, the use of a RndF classifier is examined for intentional RF emissions from ZigBee devices to enhance security using RF-DNA fingerprinting. RndF outperformed parametric MDA/ML and non-parametric GRLVQI classifiers, providing up to GS =18.0 dB improvement (reduction in required SNR). Network penetration, measured using rogue ZigBee devices, show that the RndF method improved rogue rejection in noisier environments - gains of up to GS =18.0 dB are realized over previous methods
Residual Vulnerabilities to Power side channel attacks of lightweight ciphers cryptography competition Finalists
The protection of communications between Internet of Things (IoT) devices is of great concern because the information exchanged contains vital sensitive data. Malicious agents seek to exploit those data to extract secret information about the owners or the system. Power side channel attacks are of great concern on these devices because their power consumption unintentionally leaks information correlatable to the device\u27s secret data. Several studies have demonstrated the effectiveness of authenticated encryption with advanced data, in protecting communications with these devices. A comprehensive evaluation of the seven (out of 10) algorithm finalists of the National Institute of Standards and Technology (NIST) IoT lightweight cipher competition that do not integrate builtâin countermeasures is proposed. The study shows that, nonetheless, they still present some residual vulnerabilities to power side channel attacks (SCA). For five ciphers, an attack methodology as well as the leakage function needed to perform correlation power analysis (CPA) is proposed. The authors assert that Ascon, Sparkle, and PHOTONâBeetle security vulnerability can generally be assessed with the security assumptions âChosen ciphertext attack and leakage in encryption only, with nonceâmisuse resilience adversary (CCAmL1)â and âChosen ciphertext attack and leakage in encryption only with nonceârespecting adversary (CCAL1)â, respectively. However, the security vulnerability of GIFTâCOFB, Grain, Romulus, and TinyJambu can be evaluated more straightforwardly with publicly available leakage models and solvers. They can also be assessed simply by increasing the number of traces collected to launch the attack
RSA Power Analysis Obfuscation: A Dynamic FPGA Architecture
The modular exponentiation operation used in popular public key encryption schemes, such as RSA, has been the focus of many side channel analysis (SCA) attacks in recent years. Current SCA attack countermeasures are largely static. Given sufficient signal-to-noise ratio and a number of power traces, static countermeasures can be defeated, as they merely attempt to hide the power consumption of the system under attack. This research develops a dynamic countermeasure which constantly varies the timing and power consumption of each operation, making correlation between traces more difficult than for static countermeasures. By randomizing the radix of encoding for Booth multiplication and randomizing the window size in exponentiation, this research produces a SCA countermeasure capable of increasing RSA SCA attack protection
- âŠ