1,223 research outputs found
Execution Integrity with In-Place Encryption
Instruction set randomization (ISR) was initially proposed with the main goal
of countering code-injection attacks. However, ISR seems to have lost its
appeal since code-injection attacks became less attractive because protection
mechanisms such as data execution prevention (DEP) as well as code-reuse
attacks became more prevalent.
In this paper, we show that ISR can be extended to also protect against
code-reuse attacks while at the same time offering security guarantees similar
to those of software diversity, control-flow integrity, and information hiding.
We present Scylla, a scheme that deploys a new technique for in-place code
encryption to hide the code layout of a randomized binary, and restricts the
control flow to a benign execution path. This allows us to i) implicitly
restrict control-flow targets to basic block entries without requiring the
extraction of a control-flow graph, ii) achieve execution integrity within
legitimate basic blocks, and iii) hide the underlying code layout under
malicious read access to the program. Our analysis demonstrates that Scylla is
capable of preventing state-of-the-art attacks such as just-in-time
return-oriented programming (JIT-ROP) and crash-resistant oriented programming
(CROP). We extensively evaluate our prototype implementation of Scylla and show
feasible performance overhead. We also provide details on how this overhead can
be significantly reduced with dedicated hardware support
Stacco: Differentially Analyzing Side-Channel Traces for Detecting SSL/TLS Vulnerabilities in Secure Enclaves
Intel Software Guard Extension (SGX) offers software applications enclave to
protect their confidentiality and integrity from malicious operating systems.
The SSL/TLS protocol, which is the de facto standard for protecting
transport-layer network communications, has been broadly deployed for a secure
communication channel. However, in this paper, we show that the marriage
between SGX and SSL may not be smooth sailing.
Particularly, we consider a category of side-channel attacks against SSL/TLS
implementations in secure enclaves, which we call the control-flow inference
attacks. In these attacks, the malicious operating system kernel may perform a
powerful man-in-the-kernel attack to collect execution traces of the enclave
programs at page, cacheline, or branch level, while positioning itself in the
middle of the two communicating parties. At the center of our work is a
differential analysis framework, dubbed Stacco, to dynamically analyze the
SSL/TLS implementations and detect vulnerabilities that can be exploited as
decryption oracles. Surprisingly, we found exploitable vulnerabilities in the
latest versions of all the SSL/TLS libraries we have examined.
To validate the detected vulnerabilities, we developed a man-in-the-kernel
adversary to demonstrate Bleichenbacher attacks against the latest OpenSSL
library running in the SGX enclave (with the help of Graphene) and completely
broke the PreMasterSecret encrypted by a 4096-bit RSA public key with only
57286 queries. We also conducted CBC padding oracle attacks against the latest
GnuTLS running in Graphene-SGX and an open-source SGX-implementation of mbedTLS
(i.e., mbedTLS-SGX) that runs directly inside the enclave, and showed that it
only needs 48388 and 25717 queries, respectively, to break one block of AES
ciphertext. Empirical evaluation suggests these man-in-the-kernel attacks can
be completed within 1 or 2 hours.Comment: CCS 17, October 30-November 3, 2017, Dallas, TX, US
Teaching FPGA Security
International audienceTeaching FPGA security to electrical engineering students is new at graduate level. It requires a wide field of knowledge and a lot of time. This paper describes a compact course on FPGA security that is available to electrical engineering master's students at the Saint-Etienne Institute of Telecom, University of Lyon, France. It is intended for instructors who wish to design a new course on this topic. The paper reviews the motivation for the course, the pedagogical issues involved, the curriculum, the lab materials and tools used, and the results. Details are provided on two original lab sessions, in particular, a compact lab that requires students to perform differential power analysis of FPGA implementation of the AES symmetric cipher. The paper gives numerous relevant references to allow the reader to prepare a similar curriculum
Secure ADS-B: Towards Airborne Communications Security in the Federal Aviation Administration\u27s Next Generation Air Transportation System
The U.S. Congress has mandated that all aircraft operating within the National Airspace System, military or civilian, be equipped with ADS-B transponders by the year 2020. The ADS-B aircraft tracking system, part of the Federal Aviation Administration\u27s NextGen overhaul of the Air Transportation System, replaces Radar-based surveillance with a more accurate satellite-based surveillance system. However, the unencrypted nature of ADS-B communication poses an operational security risk to military and law enforcement aircraft conducting sensitive missions. The non-standard format of its message and the legacy communication channels used by its transponders make the ADS-B system unsuitable for traditional encryption mechanisms. FPE, a recent development in cryptography, provides the ability to encrypt arbitrarily formatted data without padding or truncation. Indeed, three new algorithms recommended by the NIST, may be suitable for encryption of ADS-B messages. This research assesses the security and hardware performance characteristics of the FF1, FF2, and FF3 algorithms, in terms of entropy of ciphertext, operational latency and resource utilization when implemented on a Field-Programmable Gate Array. While all of the algorithms inherit the security characteristics of the underlying AES block cipher, they exhibit differences in their performance profiles. Findings demonstrate that a Bump-in-the-Wire FPE cryptographic engine is a suitable solution for retrofitting encryption to ADS-B communication
Security analysis of NIST-LWC contest finalists
Dissertação de mestrado integrado em Informatics EngineeringTraditional cryptographic standards are designed with a desktop and server environment in mind, so, with the
relatively recent proliferation of small, resource constrained devices in the Internet of Things, sensor networks,
embedded systems, and more, there has been a call for lightweight cryptographic standards with security,
performance and resource requirements tailored for the highly-constrained environments these devices find
themselves in.
In 2015 the National Institute of Standards and Technology began a Standardization Process in order to select
one or more Lightweight Cryptographic algorithms. Out of the original 57 submissions ten finalists remain, with
ASCON and Romulus being among the most scrutinized out of them.
In this dissertation I will introduce some concepts required for easy understanding of the body of work, do
an up-to-date revision on the current situation on the standardization process from a security and performance
standpoint, a description of ASCON and Romulus, and new best known analysis, and a comparison of the two,
with their advantages, drawbacks, and unique traits.Os padrões criptográficos tradicionais foram elaborados com um ambiente de computador e servidor em mente.
Com a proliferação de dispositivos de pequenas dimensões tanto na Internet of Things, redes de sensores e
sistemas embutidos, apareceu uma necessidade para se definir padrões para algoritmos de criptografia leve, com
prioridades de segurança, performance e gasto de recursos equilibrados para os ambientes altamente limitados
em que estes dispositivos operam.
Em 2015 o National Institute of Standards and Technology lançou um processo de estandardização com o
objectivo de escolher um ou mais algoritmos de criptografia leve. Das cinquenta e sete candidaturas originais
sobram apenas dez finalistas, sendo ASCON e Romulus dois desses finalistas mais examinados.
Nesta dissertação irei introduzir alguns conceitos necessários para uma fácil compreensão do corpo deste
trabalho, assim como uma revisão atualizada da situação atual do processo de estandardização de um ponto
de vista tanto de segurança como de performance, uma descrição do ASCON e do Romulus assim como as
suas melhores análises recentes e uma comparação entre os dois, frisando as suas vantagens, desvantagens e
aspectos únicos
An overview of memristive cryptography
Smaller, smarter and faster edge devices in the Internet of things era
demands secure data analysis and transmission under resource constraints of
hardware architecture. Lightweight cryptography on edge hardware is an emerging
topic that is essential to ensure data security in near-sensor computing
systems such as mobiles, drones, smart cameras, and wearables. In this article,
the current state of memristive cryptography is placed in the context of
lightweight hardware cryptography. The paper provides a brief overview of the
traditional hardware lightweight cryptography and cryptanalysis approaches. The
contrast for memristive cryptography with respect to traditional approaches is
evident through this article, and need to develop a more concrete approach to
developing memristive cryptanalysis to test memristive cryptographic approaches
is highlighted.Comment: European Physical Journal: Special Topics, Special Issue on
"Memristor-based systems: Nonlinearity, dynamics and applicatio
Encryption AXI Transaction Core for Enhanced FPGA Security
The current hot topic in cyber-security is not constrained to software layers. As attacks on electronic circuits have become more usual and dangerous, hardening digital System-on-Chips has become crucial. This article presents a novel electronic core to encrypt and decrypt data between two digital modules through an Advanced eXtensible Interface (AXI) connection. The core is compatible with AXI and is based on a Trivium stream cipher. Its implementation has been tested on a Zynq platform. The core prevents unauthorized data extraction by encrypting data on the fly. In addition, it takes up a small area—242 LUTs—and, as the core’s AXI to AXI path is fully combinational, it does not interfere with the system’s overall performance, with a maximum AXI clock frequency of 175 MHz.This work has been supported within the fund for research groups of the Basque university system IT1440-22 by the Department of Education and within the PILAR ZE-2020/00022 and COMMUTE ZE-2021/00931 projects by the Hazitek program, both of the Basque Government, the latter also by the Ministerio de Ciencia e Innovación of Spain through the Centro para el Desarrollo Tecnológico Industrial (CDTI) within the project IDI-20201264 and IDI-20220543 and through the Fondo Europeo de Desarrollo Regional 2014–2020 (FEDER funds)
Recommended from our members
Threat Analysis, Countermeaures and Design Strategies for Secure Computation in Nanometer CMOS Regime
Advancements in CMOS technologies have led to an era of Internet Of Things (IOT), where the devices have the ability to communicate with each other apart from their computational power. As more and more sensitive data is processed by embedded devices, the trend towards lightweight and efficient cryptographic primitives has gained significant momentum. Achieving a perfect security in silicon is extremely difficult, as the traditional cryptographic implementations are vulnerable to various active and passive attacks. There is also a threat in the form of hardware Trojans inserted into the supply chain by the untrusted third-party manufacturers for economic incentives. Apart from the threats in various forms, some of the embedded security applications such as random number generators (RNGs) suffer from the impacts of process variations and noise in nanometer CMOS. Despite their disadvantages, the random and unique nature of process variations can be exploited for generating unique identifiers and can be of tremendous use in embedded security.
In this dissertation, we explore techniques for precise fault-injection in cryptographic hardware based on voltage/temperature manipulation and hardware Trojan insertion. We demonstrate the effectiveness of these techniques by mounting fault attacks on state-of-the-art ciphers. Physically Unclonable Functions (PUFs) are novel cryptographic primitives for extracting secret keys from complex manufacturing variations in integrated circuits (ICs). We explore the vulnerabilities of some of the popular strong PUF architectures to modeling attacks using Machine Learning (ML) algorithms. The attacks use silicon data from a test chip manufactured in IBM 32nm silicon-on-insulator (SOI) technology. Attack results demonstrate that the majority of strong PUF architectures can be predicted to very high accuracies using limited training data. We also explore the techniques to exploit unreliable data from strong PUF architectures and effectively use them to improve the prediction accuracies of modeling attacks. Motivated by the vulnerabilities of existing PUF architectures, we present a novel modeling attack resistant PUF architecture based on non-linear computing elements. Post-silicon validation results are used to demonstrate the effectiveness of the non-linear PUF architecture against modeling and fault-injection attacks. Apart from the techniques to improve the security of PUF circuits, we also present novel solutions to improve the performance of PUF circuits from the perspectives of IC fabrication and system/protocol design. Finally, we present a statistical benchmark suite to evaluate PUFs in conceptualization phase and also to enable fine-grained security assessments for varying PUF parameters. Data compressibility analyses for validating the statistical benchmark suite are also presented
- …