1,229 research outputs found
Sequential Circuit Design for Embedded Cryptographic Applications Resilient to Adversarial Faults
In the relatively young field of fault-tolerant cryptography, the main research effort has focused exclusively on the protection of the data path of cryptographic circuits. To date, however, we have not found any work that aims at protecting the control logic of these circuits against fault attacks, which thus remains the proverbial Achilles’ heel. Motivated by a hypothetical yet realistic fault analysis attack that, in principle, could be mounted against any modular exponentiation engine, even one with appropriate data path protection, we set out to close this remaining gap. In this paper, we present guidelines for the design of multifault-resilient sequential control logic based on standard Error-Detecting Codes (EDCs) with large minimum distance. We introduce a metric that measures the effectiveness of the error detection technique in terms of the effort the attacker has to make in relation to the area overhead spent in
implementing the EDC. Our comparison shows that the proposed EDC-based technique provides superior performance when compared against regular N-modular redundancy techniques. Furthermore, our technique scales well and does not affect the critical path delay
Building Confidential and Efficient Query Services in the Cloud with RASP Data Perturbation
With the wide deployment of public cloud computing infrastructures, using
clouds to host data query services has become an appealing solution for the
advantages on scalability and cost-saving. However, some data might be
sensitive that the data owner does not want to move to the cloud unless the
data confidentiality and query privacy are guaranteed. On the other hand, a
secured query service should still provide efficient query processing and
significantly reduce the in-house workload to fully realize the benefits of
cloud computing. We propose the RASP data perturbation method to provide secure
and efficient range query and kNN query services for protected data in the
cloud. The RASP data perturbation method combines order preserving encryption,
dimensionality expansion, random noise injection, and random projection, to
provide strong resilience to attacks on the perturbed data and queries. It also
preserves multidimensional ranges, which allows existing indexing techniques to
be applied to speedup range query processing. The kNN-R algorithm is designed
to work with the RASP range query algorithm to process the kNN queries. We have
carefully analyzed the attacks on data and queries under a precisely defined
threat model and realistic security assumptions. Extensive experiments have
been conducted to show the advantages of this approach on efficiency and
security.Comment: 18 pages, to appear in IEEE TKDE, accepted in December 201
Penetrating Shields: A Systematic Analysis of Memory Corruption Mitigations in the Spectre Era
This paper provides the first systematic analysis of a synergistic threat
model encompassing memory corruption vulnerabilities and microarchitectural
side-channel vulnerabilities. We study speculative shield bypass attacks that
leverage speculative execution attacks to leak secrets that are critical to the
security of memory corruption mitigations (i.e., the shields), and then use the
leaked secrets to bypass the mitigation mechanisms and successfully conduct
memory corruption exploits, such as control-flow hijacking. We start by
systematizing a taxonomy of the state-of-the-art memory corruption mitigations
focusing on hardware-software co-design solutions. The taxonomy helps us to
identify 10 likely vulnerable defense schemes out of 20 schemes that we
analyze. Next, we develop a graph-based model to analyze the 10 likely
vulnerable defenses and reason about possible countermeasures. Finally, we
present three proof-of-concept attacks targeting an already-deployed mitigation
mechanism and two state-of-the-art academic proposals.Comment: 14 page
Advancing Hardware Security Using Polymorphic and Stochastic Spin-Hall Effect Devices
Protecting intellectual property (IP) in electronic circuits has become a
serious challenge in recent years. Logic locking/encryption and layout
camouflaging are two prominent techniques for IP protection. Most existing
approaches, however, particularly those focused on CMOS integration, incur
excessive design overheads resulting from their need for additional circuit
structures or device-level modifications. This work leverages the innate
polymorphism of an emerging spin-based device, called the giant spin-Hall
effect (GSHE) switch, to simultaneously enable locking and camouflaging within
a single instance. Using the GSHE switch, we propose a powerful primitive that
enables cloaking all the 16 Boolean functions possible for two inputs. We
conduct a comprehensive study using state-of-the-art Boolean satisfiability
(SAT) attacks to demonstrate the superior resilience of the proposed primitive
in comparison to several others in the literature. While we tailor the
primitive for deterministic computation, it can readily support stochastic
computation; we argue that stochastic behavior can break most, if not all,
existing SAT attacks. Finally, we discuss the resilience of the primitive
against various side-channel attacks as well as invasive monitoring at runtime,
which are arguably even more concerning threats than SAT attacks.Comment: Published in Proc. Design, Automation and Test in Europe (DATE) 201
The Dark Side(-Channel) of Mobile Devices: A Survey on Network Traffic Analysis
In recent years, mobile devices (e.g., smartphones and tablets) have met an
increasing commercial success and have become a fundamental element of the
everyday life for billions of people all around the world. Mobile devices are
used not only for traditional communication activities (e.g., voice calls and
messages) but also for more advanced tasks made possible by an enormous amount
of multi-purpose applications (e.g., finance, gaming, and shopping). As a
result, those devices generate a significant network traffic (a consistent part
of the overall Internet traffic). For this reason, the research community has
been investigating security and privacy issues that are related to the network
traffic generated by mobile devices, which could be analyzed to obtain
information useful for a variety of goals (ranging from device security and
network optimization, to fine-grained user profiling).
In this paper, we review the works that contributed to the state of the art
of network traffic analysis targeting mobile devices. In particular, we present
a systematic classification of the works in the literature according to three
criteria: (i) the goal of the analysis; (ii) the point where the network
traffic is captured; and (iii) the targeted mobile platforms. In this survey,
we consider points of capturing such as Wi-Fi Access Points, software
simulation, and inside real mobile devices or emulators. For the surveyed
works, we review and compare analysis techniques, validation methods, and
achieved results. We also discuss possible countermeasures, challenges and
possible directions for future research on mobile traffic analysis and other
emerging domains (e.g., Internet of Things). We believe our survey will be a
reference work for researchers and practitioners in this research field.Comment: 55 page
A Privacy-Preserving, Accountable and Spam-Resilient Geo-Marketplace
Mobile devices with rich features can record videos, traffic parameters or
air quality readings along user trajectories. Although such data may be
valuable, users are seldom rewarded for collecting them. Emerging digital
marketplaces allow owners to advertise their data to interested buyers. We
focus on geo-marketplaces, where buyers search data based on geo-tags. Such
marketplaces present significant challenges. First, if owners upload data with
revealed geo-tags, they expose themselves to serious privacy risks. Second,
owners must be accountable for advertised data, and must not be allowed to
subsequently alter geo-tags. Third, such a system may be vulnerable to
intensive spam activities, where dishonest owners flood the system with fake
advertisements. We propose a geo-marketplace that addresses all these concerns.
We employ searchable encryption, digital commitments, and blockchain to protect
the location privacy of owners while at the same time incorporating
accountability and spam-resilience mechanisms. We implement a prototype with
two alternative designs that obtain distinct trade-offs between trust
assumptions and performance. Our experiments on real location data show that
one can achieve the above design goals with practical performance and
reasonable financial overhead.Comment: SIGSPATIAL'19, 10 page
- …