SNR-Centric Power Trace Extractors for Side-Channel Attacks

The existing power trace extractors consider the case that the number of power traces owned by the attacker is sufficient to guarantee his successful attacks, and the goal of power trace extraction is to lower the complexity rather than increase the success rates. Although having strict theoretical proofs, they are too simple and leakage characteristics of POIs have not been thoroughly analyzed. They only maximize the variance of data-dependent power consumption component and ignore the noise component, which results in very limited SNR to improve and seriously affects the performance of extractors. In this paper, we provide a rigorous theoretical analysis of SNR of power traces, and propose a novel SNR-centric extractor, named Shortest Distance First (SDF), to extract power traces with smallest the estimated noise by taking advantage of known plaintexts. In addition, to maximize the variance of the exploitable component while minimizing the noise, we refer to the SNR estimation model and propose another novel extractor named Maximizing Estimated SNR First (MESF). Finally, we further propose an advanced extractor called Mean optimized MESF (MMESF) that exploits the mean power consumption of each plaintext byte value to more accurately and reasonably estimate the data-dependent power consumption of the corresponding samples. Experiments on both simulated power traces and measurements from an ATmega328p micro-controller demonstrate the superiority of our new extractors

A Probe Placement Method for Efficient Electromagnetic Attacks

Electromagnetic (EM) emissions have been explored as an effective means for non-invasive side-channel attacks. The leaked EM field from the memory bus when the data is loaded from the on-chip memory has received considerable attention in literature. Meanwhile, off-chip memory buses gradually become the new attack target due to the relative ease of access in the modern system in package technologies, such as 2.5-D integration where processing and memory chips are integrated, for example, on a silicon interposer. This paper, therefore, investigates EM snooping attacks on interposer-based off-chip memory buses. A gradient-search algorithm is proposed to locate fast (i.e. O(N)) the most efficient attack point. The effectiveness of the search algorithm and attack efficiency is evaluated on a 64-bit bus. It is demonstrated that at the optimal attack point, EM attacks can succeed with more than 10x fewer traces, compared to placing the probe to sub-optimal locations

Security and Privacy for Modern Wireless Communication Systems

The aim of this reprint focuses on the latest protocol research, software/hardware development and implementation, and system architecture design in addressing emerging security and privacy issues for modern wireless communication networks. Relevant topics include, but are not limited to, the following: deep-learning-based security and privacy design; covert communications; information-theoretical foundations for advanced security and privacy techniques; lightweight cryptography for power constrained networks; physical layer key generation; prototypes and testbeds for security and privacy solutions; encryption and decryption algorithm for low-latency constrained networks; security protocols for modern wireless communication networks; network intrusion detection; physical layer design with security consideration; anonymity in data transmission; vulnerabilities in security and privacy in modern wireless communication networks; challenges of security and privacy in node–edge–cloud computation; security and privacy design for low-power wide-area IoT networks; security and privacy design for vehicle networks; security and privacy design for underwater communications networks

Journal of Telecommunications and Information Technology

kwartalni