Asymmetric Leakage from Multiplier and Collision-Based Single-Shot Side-Channel Attack

The single-shot collision attack on RSA proposed by Hanley et al. is studied focusing on the difference between two operands of multiplier. It is shown that how leakage from integer multiplier and long-integer multiplication algorithm can be asymmetric between two operands. The asymmetric leakage is verified with experiments on FPGA and micro-controller platforms. Moreover, we show an experimental result in which success and failure of the attack is determined by the order of operands. Therefore, designing operand order can be a cost-effective countermeasure. Meanwhile we also show a case in which a particular countermeasure becomes ineffective when the asymmetric leakage is considered. In addition to the above main contribution, an extension of the attack by Hanley et al. using the signal-processing technique of Big Mac Attack is presented

CSI Neural Network: Using Side-channels to Recover Your Artificial Neural Network Information

Machine learning has become mainstream across industries. Numerous examples proved the validity of it for security applications. In this work, we investigate how to reverse engineer a neural network by using only power side-channel information. To this end, we consider a multilayer perceptron as the machine learning architecture of choice and assume a non-invasive and eavesdropping attacker capable of measuring only passive side-channel leakages like power consumption, electromagnetic radiation, and reaction time. We conduct all experiments on real data and common neural net architectures in order to properly assess the applicability and extendability of those attacks. Practical results are shown on an ARM CORTEX-M3 microcontroller. Our experiments show that the side-channel attacker is capable of obtaining the following information: the activation functions used in the architecture, the number of layers and neurons in the layers, the number of output classes, and weights in the neural network. Thus, the attacker can effectively reverse engineer the network using side-channel information. Next, we show that once the attacker has the knowledge about the neural network architecture, he/she could also recover the inputs to the network with only a single-shot measurement. Finally, we discuss several mitigations one could use to thwart such attacks.Comment: 15 pages, 16 figure

Higher-point conformal blocks and entanglement entropy in heavy states

We consider conformal blocks of two heavy operators and an arbitrary number of light operators in a (1+1)-d CFT with large central charge. Using the monodromy method, these higher-point conformal blocks are shown to factorize into products of 4-point conformal blocks in the heavy-light limit for a class of OPE channels. This result is reproduced by considering suitable worldline configurations in the bulk conical defect geometry. We apply the CFT results to calculate the entanglement entropy of an arbitrary number of disjoint intervals for heavy states. The corresponding holographic entanglement entropy calculated via the minimal area prescription precisely matches these results from CFT. Along the way, we briefly illustrate the relation of these conformal blocks to Riemann surfaces and their associated moduli space.Comment: 41 pages, 10 figures. (Published version; typos corrected and references added.

RSA Power Analysis Obfuscation: A Dynamic FPGA Architecture

The modular exponentiation operation used in popular public key encryption schemes, such as RSA, has been the focus of many side channel analysis (SCA) attacks in recent years. Current SCA attack countermeasures are largely static. Given sufficient signal-to-noise ratio and a number of power traces, static countermeasures can be defeated, as they merely attempt to hide the power consumption of the system under attack. This research develops a dynamic countermeasure which constantly varies the timing and power consumption of each operation, making correlation between traces more difficult than for static countermeasures. By randomizing the radix of encoding for Booth multiplication and randomizing the window size in exponentiation, this research produces a SCA countermeasure capable of increasing RSA SCA attack protection

Massless Composite Fermions in Two Dimensions and the Overlap

There exist chiral gauge models in two dimensions that have massless composite fermions. Two examples are presented and it is suggested that they be accepted as benchmark test-cases for generic proposals of non-perturbatively regulating chiral gauge theories in any dimension. We apply the overlap to the simpler of the two benchmarks and present the results of a numerical simulation of modest size.Comment: 12 pages, Plain TeX with epsf, 2 PS figure

Measurement of the running of the QED coupling in small-angle Bhabha scattering at LEP

Using the OPAL detector at LEP, the running of the effective QED coupling alpha(t) is measured for space-like momentum transfer from the angular distribution of small-angle Bhabha scattering. In an almost ideal QED framework, with very favourable experimental conditions, we obtain: Delta alpha(-6.07GeV^2) - Delta alpha(-1.81GeV^2) = (440 pm 58 pm 43 pm 30) X 10^-5, where the first error is statistical, the second is the experimental systematic and the third is the theoretical uncertainty. This agrees with current evaluations of alpha(t).The null hypothesis that alpha remains constant within the above interval of -t is excluded with a significance above 5sigma. Similarly, our results are inconsistent at the level of 3sigma with the hypothesis that only leptonic loops contribute to the running. This is currently the most significant direct measurment where the running alpha(t) is probed differentially within the measured t range.Comment: 43 pages, 12 figures, Submitted to Euro. Phys. J.

Modeling the Lyman-alpha Forest in Collisionless Simulations

Cosmological hydrodynamic simulations can accurately predict the properties of the intergalactic medium (IGM), but only under the condition of retaining high spatial resolution necessary to resolve density fluctuations in the IGM. This resolution constraint prohibits simulating large volumes, such as those probed by BOSS and future surveys, like DESI and 4MOST. To overcome this limitation, we present Iteratively Matched Statistics (IMS), a novel method to accurately model the Lyman-alpha forest with collisionless N-body simulations, where the relevant density fluctuations are unresolved. We use a small-box, high-resolution hydrodynamic simulation to obtain the probability distribution function (PDF) and the power spectrum of the real-space Lyman-alpha forest flux. These two statistics are iteratively mapped onto a pseudo-flux field of an N-body simulation, which we construct from the matter density. We demonstrate that our method can perfectly reproduce line-of-sight observables, such as the PDF and power spectrum, and accurately reproduce the 3D flux power spectrum (5-20%). We quantify the performance of the commonly used Gaussian smoothing technique and show that it has significantly lower accuracy (20-80%), especially for N-body simulations with achievable mean inter-particle separations in large-volume simulations. In addition, we show that IMS produces reasonable and smooth spectra, making it a powerful tool for modeling the IGM in large cosmological volumes and for producing realistic "mock" skies for Lyman-alpha forest surveys.Comment: 25 pages, 15 figures, submitted to Ap

Recurrent correlation associative memories

A model for a class of high-capacity associative memories is presented. Since they are based on two-layer recurrent neural networks and their operations depend on the correlation measure, these associative memories are called recurrent correlation associative memories (RCAMs). The RCAMs are shown to be asymptotically stable in both synchronous and asynchronous (sequential) update modes as long as their weighting functions are continuous and monotone nondecreasing. In particular, a high-capacity RCAM named the exponential correlation associative memory (ECAM) is proposed. The asymptotic storage capacity of the ECAM scales exponentially with the length of memory patterns, and it meets the ultimate upper bound for the capacity of associative memories. The asymptotic storage capacity of the ECAM with limited dynamic range in its exponentiation nodes is found to be proportional to that dynamic range. Design and fabrication of a 3-mm CMOS ECAM chip is reported. The prototype chip can store 32 24-bit memory patterns, and its speed is higher than one associative recall operation every 3 µs. An application of the ECAM chip to vector quantization is also described

The Kentucky Noisy Monte Carlo Algorithm for Wilson Dynamical Fermions

We develop an implementation for a recently proposed Noisy Monte Carlo approach to the simulation of lattice QCD with dynamical fermions by incorporating the full fermion determinant directly. Our algorithm uses a quenched gauge field update with a shifted gauge coupling to minimize fluctuations in the trace log of the Wilson Dirac matrix. The details of tuning the gauge coupling shift as well as results for the distribution of noisy estimators in our implementation are given. We present data for some basic observables from the noisy method, as well as acceptance rate information and discuss potential autocorrelation and sign violation effects. Both the results and the efficiency of the algorithm are compared against those of Hybrid Monte Carlo. PACS Numbers: 12.38.Gc, 11.15.Ha, 02.70.Uu Keywords: Noisy Monte Carlo, Lattice QCD, Determinant, Finite Density, QCDSPComment: 30 pages, 6 figure