5,257 research outputs found
A Security Analysis of IoT Encryption: Side-channel Cube Attack on Simeck32/64
Simeck, a lightweight block cipher has been proposed to be one of the
encryption that can be employed in the Internet of Things (IoT) applications.
Therefore, this paper presents the security of the Simeck32/64 block cipher
against side-channel cube attack. We exhibit our attack against Simeck32/64
using the Hamming weight leakage assumption to extract linearly independent
equations in key bits. We have been able to find 32 linearly independent
equations in 32 key variables by only considering the second bit from the LSB
of the Hamming weight leakage of the internal state on the fourth round of the
cipher. This enables our attack to improve previous attacks on Simeck32/64
within side-channel attack model with better time and data complexity of 2^35
and 2^11.29 respectively.Comment: 12 pages, 6 figures, 4 tables, International Journal of Computer
Networks & Communication
Small Scale AES Toolbox: Algebraic and Propositional Formulas, Circuit-Implementations and Fault Equations
Cryptography is one of the key technologies ensuring security in the digital
domain. As such, its primitives and implementations have been extensively analyzed both
from a theoretical, cryptoanalytical perspective, as well as regarding their capabilities to
remain secure in the face of various attacks.
One of the most common ciphers, the Advanced Encryption Standard (AES) (thus far)
appears to be secure in the absence of an active attacker. To allow for the testing and
development of new attacks or countermeasures a small scale version of the AES with a
variable number of rounds, number of rows, number of columns and data word size, and a
complexity ranging from trivial up to the original AES was developed.
In this paper we present a collection of various implementations of the relevant small scale
AES versions based on hardware (VHDL and gate-level), algebraic representations (Sage
and CoCoA) and their translations into propositional formulas (in CNF). Additionally, we
present fault attack equations for each version.
Having all these resources available in a single and well structured package allows researchers
to combine these different sources of information which might reveal new patterns or solving
strategies. Additionally, the fine granularity of difficulty between the different small scale
AES versions allows for the assessment of new attacks or the comparison of different attacks
Janus: An Uncertain Cache Architecture to Cope with Side Channel Attacks
Side channel attacks are a major class of attacks to crypto-systems.
Attackers collect and analyze timing behavior, I/O data, or power consumption
in these systems to undermine their effectiveness in protecting sensitive
information. In this work, we propose a new cache architecture, called Janus,
to enable crypto-systems to introduce randomization and uncertainty in their
runtime timing behavior and power utilization profile. In the proposed cache
architecture, each data block is equipped with an on-off flag to enable/disable
the data block. The Janus architecture has two special instructions in its
instruction set to support the on-off flag. Beside the analytical evaluation of
the proposed cache architecture, we deploy it in an ARM-7 processor core to
study its feasibility and practicality. Results show a significant variation in
the timing behavior across all the benchmarks. The new secure processor
architecture has minimal hardware overhead and significant improvement in
protecting against power analysis and timing behavior attacks.Comment: 4 pages, 4 figure
Design and validation of a platform for electromagnetic fault injection
Security is acknowledged as one of the main challenges in the design and deployment of embedded circuits. Devices need to operate on-the-field safely and correctly, even when at physical reach of potential adversaries. One of the most powerful techniques to compromise the correct functioning of a device are fault injection attacks. They enable an active adversary to trigger errors on a circuit in order to bypass security features or to gain knowledge of security-sensitive information. There are several methods to induce such errors. In this work we focus on the injection of faults through the electromagnetic (EM) channel. In particular, we document our efforts towards building a suitable platform for EM pulse injection. We design a pulse injection circuit that can provide currents over 20 A to an EM injector in order to generate abrupt variations of the EM field on the vicinity of a circuit. We validate the suitability of our platform by applying a well-know attack on an embedded 8-bit microcontroller implementing the AES block cipher. In particular, we show how to extract the AES secret cryptographic keys stored in the device by careful injection of faults during the encryption operations and simple analysis of the erroneous outputs.Peer ReviewedPostprint (published version
Sequential Circuit Design for Embedded Cryptographic Applications Resilient to Adversarial Faults
In the relatively young field of fault-tolerant cryptography, the main research effort has focused exclusively on the protection of the data path of cryptographic circuits. To date, however, we have not found any work that aims at protecting the control logic of these circuits against fault attacks, which thus remains the proverbial Achilles’ heel. Motivated by a hypothetical yet realistic fault analysis attack that, in principle, could be mounted against any modular exponentiation engine, even one with appropriate data path protection, we set out to close this remaining gap. In this paper, we present guidelines for the design of multifault-resilient sequential control logic based on standard Error-Detecting Codes (EDCs) with large minimum distance. We introduce a metric that measures the effectiveness of the error detection technique in terms of the effort the attacker has to make in relation to the area overhead spent in
implementing the EDC. Our comparison shows that the proposed EDC-based technique provides superior performance when compared against regular N-modular redundancy techniques. Furthermore, our technique scales well and does not affect the critical path delay
- …