802 research outputs found
An overview of memristive cryptography
Smaller, smarter and faster edge devices in the Internet of things era
demands secure data analysis and transmission under resource constraints of
hardware architecture. Lightweight cryptography on edge hardware is an emerging
topic that is essential to ensure data security in near-sensor computing
systems such as mobiles, drones, smart cameras, and wearables. In this article,
the current state of memristive cryptography is placed in the context of
lightweight hardware cryptography. The paper provides a brief overview of the
traditional hardware lightweight cryptography and cryptanalysis approaches. The
contrast for memristive cryptography with respect to traditional approaches is
evident through this article, and need to develop a more concrete approach to
developing memristive cryptanalysis to test memristive cryptographic approaches
is highlighted.Comment: European Physical Journal: Special Topics, Special Issue on
"Memristor-based systems: Nonlinearity, dynamics and applicatio
LeakyOhm: Secret Bits Extraction using Impedance Analysis
The threats of physical side-channel attacks and their countermeasures have
been widely researched. Most physical side-channel attacks rely on the
unavoidable influence of computation or storage on current consumption or
voltage drop on a chip. Such data-dependent influence can be exploited by, for
instance, power or electromagnetic analysis. In this work, we introduce a novel
non-invasive physical side-channel attack, which exploits the data-dependent
changes in the impedance of the chip. Our attack relies on the fact that the
temporarily stored contents in registers alter the physical characteristics of
the circuit, which results in changes in the die's impedance. To sense such
impedance variations, we deploy a well-known RF/microwave method called
scattering parameter analysis, in which we inject sine wave signals with high
frequencies into the system's power distribution network (PDN) and measure the
echo of the signals. We demonstrate that according to the content bits and
physical location of a register, the reflected signal is modulated differently
at various frequency points enabling the simultaneous and independent probing
of individual registers. Such side-channel leakage challenges the -probing
security model assumption used in masking, which is a prominent side-channel
countermeasure. To validate our claims, we mount non-profiled and profiled
impedance analysis attacks on hardware implementations of unprotected and
high-order masked AES. We show that in the case of the profiled attack, only a
single trace is required to recover the secret key. Finally, we discuss how a
specific class of hiding countermeasures might be effective against impedance
leakage
Single-Trace Side-Channel Attacks on the Toom-Cook: The Case Study of Saber
The Toom-Cook method is a well-known strategy for building algorithms to multiply polynomials efficiently. Along with NTT-based polynomial multiplication, Toom-Cook-based or Karatsuba-based polynomial multiplication algorithms still have regained attention since the start of the NIST’s post-quantum standardization procedure. Compared to the comprehensive analysis done for NTT, the leakage characteristics of Toom-Cook have not been discussed. We analyze the vulnerabilities of Toom-Cook in the reference implementation of Saber, a third round finalist of NIST’s post-quantum standardization process. In this work, we present the first single-trace attack based on the soft-analytical side-channel attack (SASCA) targeting the Toom-Cook. The deep learning-based power analysis is combined with SASCA to decrease the number of templates since there are a large number of similar operations in the Toom-Cook. Moreover, we describe the optimized factor graph and improved belief propagation to make the attack more practical. The feasibility of the attack is verified by evaluation experiments. We also discuss the possible countermeasures to prevent the attack
Q-Class Authentication System for Double Arbiter PUF
Physically Unclonable Function (PUF) is a cryptographic primitive that is based on physical property of each entity or Integrated Circuit (IC) chip. It is expected that PUF be used in security applications such as ID generation and authentication. Some responses from PUF are unreliable, and they are usually discarded. In this paper, we propose a new PUF-based authentication system that exploits information of unreliable responses. In the proposed method, each response is categorized into multiple classes by its unreliability evaluated by feeding the same challenges several times. This authentication system is named Q-class authentication, where Q is the number of classes. We perform experiments assuming a challenge-response authentication system with a certain threshold of errors. Considering 4-class separation for 4-1 Double Arbiter PUF, it is figured out that the advantage of a legitimate prover against a clone is improved form 24% to 36% in terms of success rate. In other words, it is possible to improve the tolerance of machine-learning attack by using unreliable information that was previously regarded disadvantageous to authentication systems
Proof-of-Prestige: A Useful Work Reward System for Unverifiable Tasks
As cryptographic tokens and altcoins are increasingly being built to serve as
utility tokens, the notion of useful work consensus protocols, as opposed to
number-crunching PoW consensus, is becoming ever more important. In such
contexts, users get rewards from the network after they have carried out some
specific task useful for the network. While in some cases the proof of some
utility or service can be proved, the majority of tasks are impossible to
verify. In order to deal with such cases, we design Proof-of-Prestige (PoP) - a
reward system that can run on top of Proof-of-Stake blockchains. PoP introduces
prestige which is a volatile resource and, in contrast to coins, regenerates
over time. Prestige can be gained by performing useful work, spent when
benefiting from services and directly translates to users minting power. PoP is
resistant against Sybil and Collude attacks and can be used to reward workers
for completing unverifiable tasks, while keeping the system free for the
end-users. We use two exemplar use-cases to showcase the usefulness of PoP and
we build a simulator to assess the cryptoeconomic behaviour of the system in
terms of prestige transfer between nodes.Comment: 2019 IEEE International Conference on Blockchain and Cryptocurrency
(ICBC 2019
Security of Ubiquitous Computing Systems
The chapters in this open access book arise out of the EU Cost Action project Cryptacus, the objective of which was to improve and adapt existent cryptanalysis methodologies and tools to the ubiquitous computing framework. The cryptanalysis implemented lies along four axes: cryptographic models, cryptanalysis of building blocks, hardware and software security engineering, and security assessment of real-world systems. The authors are top-class researchers in security and cryptography, and the contributions are of value to researchers and practitioners in these domains. This book is open access under a CC BY license
- …