Innovative Method of the Power Analysis

This paper describes an innovative method of the power analysis which presents the typical example of successful attacks against trusted cryptographic devices such as RFID (Radio-Frequency IDentifications) and contact smart cards. The proposed method analyzes power consumption of the AES (Advanced Encryption Standard) algorithm with neural network, which successively classifies the first byte of the secret key. This way of the power analysis is an entirely new approach and it is designed to combine the advantages of simple and differential power analysis. In the extreme case, this feature allows to determine the whole secret key of a cryptographic module only from one measured power trace. This attribute makes the proposed method very attractive for potential attackers. Besides theoretical design of the method, we also provide the first implementation results. We assume that the method will be certainly optimized to obtain more accurate classification results in the future

Using quantum key distribution for cryptographic purposes: a survey

The appealing feature of quantum key distribution (QKD), from a cryptographic viewpoint, is the ability to prove the information-theoretic security (ITS) of the established keys. As a key establishment primitive, QKD however does not provide a standalone security service in its own: the secret keys established by QKD are in general then used by a subsequent cryptographic applications for which the requirements, the context of use and the security properties can vary. It is therefore important, in the perspective of integrating QKD in security infrastructures, to analyze how QKD can be combined with other cryptographic primitives. The purpose of this survey article, which is mostly centered on European research results, is to contribute to such an analysis. We first review and compare the properties of the existing key establishment techniques, QKD being one of them. We then study more specifically two generic scenarios related to the practical use of QKD in cryptographic infrastructures: 1) using QKD as a key renewal technique for a symmetric cipher over a point-to-point link; 2) using QKD in a network containing many users with the objective of offering any-to-any key establishment service. We discuss the constraints as well as the potential interest of using QKD in these contexts. We finally give an overview of challenges relative to the development of QKD technology that also constitute potential avenues for cryptographic research.Comment: Revised version of the SECOQC White Paper. Published in the special issue on QKD of TCS, Theoretical Computer Science (2014), pp. 62-8

UKERC Review of evidence for the rebound effect: Technical report 3: Elasticity of substitution studies

This Working Paper forms part of the TPA’s assessment of evidence for a rebound effect from improved energy efficiency. Technical Report 3 focuses upon empirical estimates of the elasticity of substitution between energy and capital. This parameter has been identified as a key determinant of the likely magnitude of the rebound effect in different sectors. The report clarifies the meaning and importance of this parameter, summarises and compares empirical estimates of this parameter, evaluates the reasons that have been proposed for the differing results, discusses whether a consensus has been reached to whether energy and capital can be considered as ‘substitutes’ or ‘complements’ and draws some implications for the rebound effect

CSI Neural Network: Using Side-channels to Recover Your Artificial Neural Network Information

Machine learning has become mainstream across industries. Numerous examples proved the validity of it for security applications. In this work, we investigate how to reverse engineer a neural network by using only power side-channel information. To this end, we consider a multilayer perceptron as the machine learning architecture of choice and assume a non-invasive and eavesdropping attacker capable of measuring only passive side-channel leakages like power consumption, electromagnetic radiation, and reaction time. We conduct all experiments on real data and common neural net architectures in order to properly assess the applicability and extendability of those attacks. Practical results are shown on an ARM CORTEX-M3 microcontroller. Our experiments show that the side-channel attacker is capable of obtaining the following information: the activation functions used in the architecture, the number of layers and neurons in the layers, the number of output classes, and weights in the neural network. Thus, the attacker can effectively reverse engineer the network using side-channel information. Next, we show that once the attacker has the knowledge about the neural network architecture, he/she could also recover the inputs to the network with only a single-shot measurement. Finally, we discuss several mitigations one could use to thwart such attacks.Comment: 15 pages, 16 figure

The Bubble of 1929: Evidence from Closed-End Funds

Closed-end mutual funds provide one of the few cases in which economists can observe "fundamental" values directly, and compare them to market values: the fundamental value of a closed-end fund is simply the net asset value of its portfolio. We use the difference between prices and asset values of closed-end funds at the end of the 1920s as a measure of investment sentiment. In the late l920s closed-end funds sold at large premia: at the peak, they appear willing to pay 60 percent more for closed-end funds than the post-WWII norm. Such substantial overpricing of closed-end funds -- where fundamentals are known and observed -- suggests that other assets were selling at prices above fundamentals as well. The association between movements in the medium closed-end fund discount and movements in broad stock price indices leads us to conclude that the stocks making up the S & P composite were priced at least 30 percent above fundamentals in the summer of 1929.

Fate of the Josephson effect in thin-film superconductors

The dc Josephson effect refers to the dissipationless electrical current -- the supercurrent -- that can be sustained across a weak link connecting two bulk superconductors. This effect is a probe of the fundamental nature of the superconducting state. Here, we analyze the case of two superconducting thin films connected by a point contact. Remarkably, the Josephson effect is absent at nonzero temperature, and the resistance across the contact is nonzero. Moreover, the point contact resistance is found to vary with temperature in a nearly activated fashion, with a UNIVERSAL energy barrier determined only by the superfluid stiffness characterizing the films, an angle characterizing the geometry, and whether or not the Coulomb interaction between Cooper pairs is screened. This behavior reflects the subtle nature of the superconductivity in two-dimensional thin films, and should be testable in detail by future experiments.Comment: 16 + 8 pages. 1 figure, 1 tabl

High Efficiency Power Side-Channel Attack Immunity using Noise Injection in Attenuated Signature Domain

With the advancement of technology in the last few decades, leading to the widespread availability of miniaturized sensors and internet-connected things (IoT), security of electronic devices has become a top priority. Side-channel attack (SCA) is one of the prominent methods to break the security of an encryption system by exploiting the information leaked from the physical devices. Correlational power attack (CPA) is an efficient power side-channel attack technique, which analyses the correlation between the estimated and measured supply current traces to extract the secret key. The existing countermeasures to the power attacks are mainly based on reducing the SNR of the leaked data, or introducing large overhead using techniques like power balancing. This paper presents an attenuated signature AES (AS-AES), which resists SCA with minimal noise current overhead. AS-AES uses a shunt low-drop-out (LDO) regulator to suppress the AES current signature by 400x in the supply current traces. The shunt LDO has been fabricated and validated in 130 nm CMOS technology. System-level implementation of the AS-AES along with noise injection, shows that the system remains secure even after 50K encryptions, with 10x reduction in power overhead compared to that of noise addition alone.Comment: IEEE International Symposium on Hardware Oriented Security and Trust (HOST) 201

Circuit-Variant Moving Target Defense for Side-Channel Attacks on Reconfigurable Hardware

With the emergence of side-channel analysis (SCA) attacks, bits of a secret key may be derived by correlating key values with physical properties of cryptographic process execution. Power and Electromagnetic (EM) analysis attacks are based on the principle that current flow within a cryptographic device is key-dependent and therefore, the resulting power consumption and EM emanations during encryption and/or decryption can be correlated to secret key values. These side-channel attacks require several measurements of the target process in order to amplify the signal of interest, filter out noise, and derive the secret key through statistical analysis methods. Differential power and EM analysis attacks rely on correlating actual side-channel measurements to hypothetical models. This research proposes increasing resistance to differential power and EM analysis attacks through structural and spatial randomization of an implementation. By introducing randomly located circuit variants of encryption components, the proposed moving target defense aims to disrupt side-channel collection and correlation needed to successfully implement an attac

Growth modes of Fe(110) revisited: a contribution of self-assembly to magnetic materials

We have revisited the epitaxial growth modes of Fe on W(110) and Mo(110), and propose an overview or our contribution to the field. We show that the Stranski-Krastanov growth mode, recognized for a long time in these systems, is in fact characterized by a bimodal distribution of islands for growth temperature in the range 250-700°C. We observe firstly compact islands whose shape is determined by Wulff-Kaischev's theorem, secondly thin and flat islands that display a preferred height, ie independant from nominal thickness and deposition procedure (1.4nm for Mo, and 5.5nm for W on the average). We used this effect to fabricate self-organized arrays of nanometers-thick stripes by step decoration. Self-assembled nano-ties are also obtained for nucleation of the flat islands on Mo at fairly high temperature, ie 800°C. Finally, using interfacial layers and solid solutions we separate two effects on the preferred height, first that of the interfacial energy, second that of the continuously-varying lattice parameter of the growth surface.Comment: 49 pages. Invited topical review for J. Phys.: Condens. Matte

Energy Efficient Security Framework for Wireless Local Area Networks

Wireless networks are susceptible to network attacks due to their inherentvulnerabilities. The radio signal used in wireless transmission canarbitrarily propagate through walls and windows; thus a wireless networkperimeter is not exactly known. This leads them to be more vulnerable toattacks such as eavesdropping, message interception and modifications comparedto wired-line networks. Security services have been used as countermeasures toprevent such attacks, but they are used at the expense of resources that arescarce especially, where wireless devices have a very limited power budget.Hence, there is a need to provide security services that are energy efficient.In this dissertation, we propose an energy efficient security framework. Theframework aims at providing security services that take into account energyconsumption. We suggest three approaches to reduce the energy consumption ofsecurity protocols: replacement of standard security protocol primitives thatconsume high energy while maintaining the same security level, modification ofstandard security protocols appropriately, and a totally new design ofsecurity protocol where energy efficiency is the main focus. From ourobservation and study, we hypothesize that a higher level of energy savings isachievable if security services are provided in an adjustable manner. Wepropose an example tunable security or TuneSec system, which allows areasonably fine-grained security tuning to provide security services at thewireless link level in an adjustable manner.We apply the framework to several standard security protocols in wirelesslocal area networks and also evaluate their energy consumption performance.The first and second methods show improvements of up to 70% and 57% inenergy consumption compared to plain standard security protocols,respectively. The standard protocols can only offer fixed-level securityservices, and the methods applied do not change the security level. The thirdmethod shows further improvement compared to fixed-level security by reducing(about 6% to 40%) the energy consumed. This amount of energy saving can bevaried depending on the configuration and security requirements