Performing electromagnetic side-channel attack on a commercial AES-256 device

In this paper an electromagnetic side-channel attack on a commercial AES-256 USB-encryption module operating in ECB mode is introduced. In preparation for the attack, oscilloscope, electromagnetic probe with low-noise amplifier and isolated power supply were used together with computer to record 10000 plaintext encryptions. The attack was conducted with the collected plaintext-ciphertext pairs and EM traces corresponding to each encryption. The attack was con-ducted with Correlation Power Analysis method and Matlab software. The power consumption (and thus the EM emission) of the device was modeled using hamming distance metric. The correlation between modeled power consumption and measured traces allowed the extraction of AES round keys one byte at a time. For AES-256 last two round keys (rounds 13 and 14) were needed to complete the key schedule. Finding these two keys allowed to calculate the original secret key from which they were expanded. For successful attack several trials were required to find right measurement setup for oscilloscope and electromagnetic head position. In this attack 30 out of the 32 round key bytes were found using side-channel attack and the two remaining were found using brute force. The device was found to have some kind of backdoor mechanism

MODIFICATION OF COMMERCIAL ROCKET MOTORS FOR TACTICAL APPLICATIONS

Several design modifications to commercial off-the-shelf solid rocket motors have been evaluated in support of the Naval Postgraduate School tactical rapid-response payload delivery vehicle. The modifications include a novel head-end ignition system and a tailorable nozzle end cap designed to provide reliable at-altitude ignition by improving the transient behavior of the initial combustion chamber pressure rise. The nozzle cap also provides the additional benefit of extending the shelf life of the propellant by creating an environmental seal to prevent ambient humidity from affecting the propellant. A preliminary design of a blast tube was proposed to explore how the motor exhaust could be channeled through a smaller-diameter tube before reaching the nozzle throat, thereby accommodating the volume requirements of aft fin control servos without sacrificing the overall rocket diameter or precluding use of larger-diameter rocket motors. Implementation of a blast tube also resulted in a favorable shift of the center of gravity of the rocket, which preserved and enhanced control authority during simulated fly-outs. All of the modifications were designed to be directly interchangeable with the OEM hardware to minimize the cost of implementing the new capabilities. Both the head-end ignition and nozzle enclosure systems were successfully demonstrated during flight testing, and a design process for the future implementation of a blast tube was proposed.ONR/NPSLieutenant, United States NavyApproved for public release. Distribution is unlimited

Study on the Leakage of Private User Information Via a Range of Popular Websites

On the modern web, many sites have third party content, be it through maps, embedded objects, ads, or through other types. Users pay little attention to the source of this content since it is such a common occurrence. Unfortunately, this content can be an avenue for third parties to discover private information about the user. Previous work has found these types of leaks in social networking sites. By logging headers during the usage of 120 sites across 12 major categories, we were able to find leakage of a user’s private information occurring on many other types of popular web sites. We found leakage on 75% of the sites we looked at and at least one instance in each of the categories. Based on the leaks we found, we propose a classification of the types of leakage that can occur via the HTTP header and use this system to analyze our results

Remote surface inspection system

This paper reports on an on-going research and development effort in remote surface inspection of space platforms such as the Space Station Freedom (SSF). It describes the space environment and identifies the types of damage for which to search. This paper provides an overview of the Remote Surface Inspection System that was developed to conduct proof-of-concept demonstrations and to perform experiments in a laboratory environment. Specifically, the paper describes three technology areas: (1) manipulator control for sensor placement; (2) automated non-contact inspection to detect and classify flaws; and (3) an operator interface to command the system interactively and receive raw or processed sensor data. Initial findings for the automated and human visual inspection tests are reported

Public key certificate privacy in VoNDN: voice over named data networks

Scenarios were scripted by the C++11 library in ndnSIM 2.6. The scenario implementations and required tools can be publicly accessible at the author’s GitHub account—https://git.io/JJqEwNamed Data Network (NDN) is a network paradigm that attempts to answer today's needs for distribution. One of the NDN key features is in-network caching to increase content distribution and network efficiency. However, this feature may increase the privacy concerns, as the adversary may identify the call history, and the callee/caller location through side-channel timing responses from the cache of trusted Voice over NDN (VoNDN) application routers. The side-channel timing attack can be mitigated by countermeasures, such as additional unpredictable delay, random caching, group signatures, and no-caching configurations. However, the content distribution may be affected by pre-configured countermeasures, which may be against the original purpose of NDN. In this work, the detection and defense (DaD) approach is proposed to mitigate the attack efficiently and effectively. With the DaD usage, an attack can be detected by a multi-level detection mechanism, in order to apply the countermeasures against the adversarial faces. Also, the detections can be used to determine the severity of the attack. In order to detect the behavior of an adversary, a brute-force timing attack was implemented and simulated of the VoNDN application on NDN-testbed. A trusted application that mimics the VoNDN and identifies the cached certificate on a worldwide NDN-testbed. In simulation primary results showed that the multi-level detection based on DaD mitigated the attack about 39.1% in best-route, and 36.5% in multicast communications. Additionally, the results showed that DaD preserves privacy without compromising the efficiency benefits of in-network caching in the VoNDN application.This work was supported by the Fundacao para a Ciencia e Tecnologia (FCT) within the Research and Development Units Project Scope under Grant UIDB/00319/2020