292 research outputs found
On the security of a new image encryption scheme based on chaotic map lattices
This paper reports a detailed cryptanalysis of a recently proposed encryption
scheme based on the logistic map. Some problems are emphasized concerning the
key space definition and the implementation of the cryptosystem using
floating-point operations. It is also shown how it is possible to reduce
considerably the key space through a ciphertext-only attack. Moreover, a timing
attack allows the estimation of part of the key due to the existent
relationship between this part of the key and the encryption/decryption time.
As a result, the main features of the cryptosystem do not satisfy the demands
of secure communications. Some hints are offered to improve the cryptosystem
under study according to those requirements.Comment: 8 pages, 8 Figure
HardIDX: Practical and Secure Index with SGX
Software-based approaches for search over encrypted data are still either
challenged by lack of proper, low-leakage encryption or slow performance.
Existing hardware-based approaches do not scale well due to hardware
limitations and software designs that are not specifically tailored to the
hardware architecture, and are rarely well analyzed for their security (e.g.,
the impact of side channels). Additionally, existing hardware-based solutions
often have a large code footprint in the trusted environment susceptible to
software compromises. In this paper we present HardIDX: a hardware-based
approach, leveraging Intel's SGX, for search over encrypted data. It implements
only the security critical core, i.e., the search functionality, in the trusted
environment and resorts to untrusted software for the remainder. HardIDX is
deployable as a highly performant encrypted database index: it is logarithmic
in the size of the index and searches are performed within a few milliseconds
rather than seconds. We formally model and prove the security of our scheme
showing that its leakage is equivalent to the best known searchable encryption
schemes. Our implementation has a very small code and memory footprint yet
still scales to virtually unlimited search index sizes, i.e., size is limited
only by the general - non-secure - hardware resources
CacheZoom: How SGX Amplifies The Power of Cache Attacks
In modern computing environments, hardware resources are commonly shared, and
parallel computation is widely used. Parallel tasks can cause privacy and
security problems if proper isolation is not enforced. Intel proposed SGX to
create a trusted execution environment within the processor. SGX relies on the
hardware, and claims runtime protection even if the OS and other software
components are malicious. However, SGX disregards side-channel attacks. We
introduce a powerful cache side-channel attack that provides system adversaries
a high resolution channel. Our attack tool named CacheZoom is able to virtually
track all memory accesses of SGX enclaves with high spatial and temporal
precision. As proof of concept, we demonstrate AES key recovery attacks on
commonly used implementations including those that were believed to be
resistant in previous scenarios. Our results show that SGX cannot protect
critical data sensitive computations, and efficient AES key recovery is
possible in a practical environment. In contrast to previous works which
require hundreds of measurements, this is the first cache side-channel attack
on a real system that can recover AES keys with a minimal number of
measurements. We can successfully recover AES keys from T-Table based
implementations with as few as ten measurements.Comment: Accepted at Conference on Cryptographic Hardware and Embedded Systems
(CHES '17
A rapid non-destructive DNA extraction method for insects and other arthropods
Preparation of arthropods for morphological identification often damages or destroys DNA within the specimen. Conversely, DNA extraction methods often destroy the external physical characteristics essential for morphological identification. We have developed a rapid, simple and non-destructive DNA extraction technique for arthropod specimens. This technique was tested on four arthropod orders, using specimens that were fresh, preserved by air drying, stored in ethanol, or collected with sticky or propylene glycol traps. The technique could be completed in twenty minutes for Coleoptera, Diptera and Hemiptera, and two minutes for the subclass Acarina, without significant distortion, discolouration, or other damage to the specimens
Output-sensitive Information flow analysis
Part 1: Full PapersInternational audienceConstant-time programming is a countermeasure to prevent cache based attacks where programs should not perform memory accesses that depend on secrets. In some cases this policy can be safely relaxed if one can prove that the program does not leak more information than the public outputs of the computation. We propose a novel approach for verifying constant-time programming based on a new information flow property, called output-sensitive non-interference. Noninterference states that a public observer cannot learn anything about the private data. Since real systems need to intentionally declassify some information, this property is too strong in practice. In order to take into account public outputs we proceed as follows: instead of using complex explicit declassification policies, we partition variables in three sets: input, output and leakage variables. Then, we propose a typing system to statically check that leakage variables do not leak more information about the secret inputs than the public normal output. The novelty of our approach is that we track the dependence of leakage variables with respect not only to the initial values of input variables (as in classical approaches for noninterference), but taking also into account the final values of output variables. We adapted this approach to LLVM IR and we developed a prototype to verify LLVM implementations
Inter- and intralimb adaptations to a sensory perturbation during activation of the serotonin system after a low spinal cord transection in neonatal rats
Activation of the serotonin system has been shown to induce locomotor activity following a spinal cord transection. This study examines how the isolated spinal cord adapts to a sensory perturbation during activation of the serotonergic system. Real-time and persistent effects of a perturbation were examined in intact and spinal transected newborn rats. Rats received a spinal surgery (sham or low thoracic transection) on postnatal day 1 and were tested 9 days later. At test, subjects were treated with the serotonergic receptor agonist quipazine (3.0 mg/kg) to induce stepping behavior. Half of the subjects experienced range of motion (ROM) restriction during stepping, while the other half did not. Differences in stepping behavior (interlimb coordination) and limb trajectories (intralimb coordination) were found to occur in both intact and spinal subjects. Adaptations were seen in the forelimbs and hindlimbs. Also, real-time and persistent effects of ROM restriction (following removal of the perturbation) were seen in ROM-restricted subjects. This study demonstrates the sensitivity of the isolated spinal cord to sensory feedback in conjunction with serotonin modulation
Inter- and intralimb adaptations to a sensory perturbation during activation of the serotonin system after a low spinal cord transection in neonatal rats
Activation of the serotonin system has been shown to induce locomotor activity following a spinal cord transection. This study examines how the isolated spinal cord adapts to a sensory perturbation during activation of the serotonergic system. Real-time and persistent effects of a perturbation were examined in intact and spinal transected newborn rats. Rats received a spinal surgery (sham or low thoracic transection) on postnatal day 1 and were tested 9 days later. At test, subjects were treated with the serotonergic receptor agonist quipazine (3.0 mg/kg) to induce stepping behavior. Half of the subjects experienced range of motion (ROM) restriction during stepping, while the other half did not. Differences in stepping behavior (interlimb coordination) and limb trajectories (intralimb coordination) were found to occur in both intact and spinal subjects. Adaptations were seen in the forelimbs and hindlimbs. Also, real-time and persistent effects of ROM restriction (following removal of the perturbation) were seen in ROM-restricted subjects. This study demonstrates the sensitivity of the isolated spinal cord to sensory feedback in conjunction with serotonin modulation
- …