GE vs GM: Efficient side-channel security evaluations on full cryptographic keys

Security evaluations for full cryptographic keys is a very important research topic since the past decade. An efficient rank estimation algorithm was proposed at FSE 2015 to approximate the empirical guessing entropy remaining after a side-channel attack on a full AES key, by combining information from attacks on each byte of he key independently. However, these could not easily scale to very large keys over 1024 bits. Hence, at CHES 2017, it was proposed a new approach for scalable security evaluations based on Massey’s guessing entropy, which was shown tight and scalable to very large keys, even beyond 8192 bits. Then, at CHES 2020, it was proposed a new method for estimating the empirical guessing entropy for the case of full-key evaluations, showing also important divergences between the empirical guessing entropy and Massey’s guessing entropy. However, there has been some confusion in recent publications of side-channel evaluation methods relying on these two variants of the guessing entropy. Furthermore, it remained an open problem to decide which of these methods should be used and in which context, particularly given the wide acceptance of the empirical guessing entropy in the side-channel community and the relatively little use of the other. In this paper, we tackle this open problem through several contributions. First of all, we provide an unitary presentation of both versions of the guessing entropy, allowing an easy comparison of the two metrics. Secondly, we compare the two metrics using a set of common and relevant indicators, as well as three different datasets for side-channel evaluations (simulated, AVR XMEGA 8-bit microcontroller and a 32-bit device). We used these indicators and datasets also to compare the three full-key evaluation methods from FSE 2015, CHES 2017 and CHES 2020, allowing us to provide a clear overview of the usefulness and limitations of each method. Furthermore, our analysis has enabled us to find a new method for verifying the soundness of a leakage model, by comparing both versions of the guessing entropy. This method can be easily extended to full-key evaluations, hence leading to a new useful method for side-channel evaluations

On the asymptotic behaviour of solutions to the fractional porous medium equation with variable density

We are concerned with the long time behaviour of solutions to the fractional porous medium equation with a variable spatial density. We prove that if the density decays slowly at infinity, then the solution approaches the Barenblatt-type solution of a proper singular fractional problem. If, on the contrary, the density decays rapidly at infinity, we show that the minimal solution multiplied by a suitable power of the time variable converges to the minimal solution of a certain fractional sublinear elliptic equation.Comment: To appear in DCDS-

Perturbed nonlocal fourth order equations of Kirchhoff type with Navier boundary conditions

Abstract We investigate the existence of multiple solutions for perturbed nonlocal fourth-order equations of Kirchhoff type under Navier boundary conditions. We give some new criteria for guaranteeing that the perturbed fourth-order equations of Kirchhoff type have at least three weak solutions by using a variational method and some critical point theorems due to Ricceri. We extend and improve some recent results. Finally, by presenting two examples, we ensure the applicability of our results

Multiple solutions for a class of perturbed second-order differential equations with impulses

n/

Noble gas and carbon isotope systematics at the seemingly inactive Ciomadul volcano (Eastern‐Central Europe, Romania): evidence for volcanic degassing

Ciomadul is the youngest volcano in the Carpathian-Pannonian Region, Eastern-Central Europe, which last erupted 30 ka. This volcano is considered to be inactive, however, combined evidence from petrologic and magnetotelluric data, as well as seismic tomography studies suggest the existence of a subvolcanic crystal mush with variable melt content. The volcanic area is characterized by high CO2 gas output rate, with a minimum of 8.7 × 103 t yr-1. We investigated 31 gas emissions at Ciomadul to constrain the origin of the volatiles. The δ13C-CO2 and 3He/4He compositions suggest the outgassing of a significant component of mantle-derived fluids. The He isotope signature in the outgassing fluids (up to 3.10 Ra) is lower than the values in the peridotite xenoliths of the nearby alkaline basalt volcanic field (R/Ra 5.95Ra±0.01) which are representative of a continental lithospheric mantle and significantly lower than MORB values. Considering the chemical characteristics of the Ciomadul dacite, including trace element and Sr- Nd and O isotope compositions, an upper crustal contamination is less probable, whereas the primary magmas could have been derived from an enriched mantle source. The low He isotopic ratios could indicate a strongly metasomatized mantle lithosphere. This could be due to infiltration of subduction-related fluids and postmetasomatic ingrowth of radiogenic He. The metasomatic fluids are inferred to have contained subducted carbonate material resulting in a heavier carbon isotope composition (13C is in the range of -1.4 to -4.6 ‰) and an increase of CO2/3He ratio. Our study shows the magmatic contribution to the emitted gases

The Γ-equivariant form of the Berezin quantization of the upper half plane

Let Γ be a fuchsian subgroup of PSL(2, R). In this paper we consider the Γ-equivariant form of the Berezin’s quantization of the upper half plane which will correspond to a deformation quantization of the (singular) space H/Γ. Our mai

The Remote Monitoring of Earth’s Atmosphere Based on Operative Processing GNSS Data in the UA-EUPOS/ZAKPOS Network of Active Reference Stations

The system of remote monitoring of atmosphere is designed to obtain information about the state of atmosphere. The principle of the remote monitoring of atmosphere is based on registering and processing GLONASS/GPS radio signals. Modern networks of active reference stations allow us to solve both practical problems of geodesy, navigation, and purely scientific problems that are important in all geosciences. The paper investigates a spatiotemporal instability in the atmosphere, based on 845 temporal measurements of tropospheric delay over the territory covered by 20 active reference stations of the UA-EUPOS/ZAKPOS network. The method elaborated by the authors for the determination of tropospheric delay in the UA-EUPOS/ZAKPOS network in real time takes relief of the region into account. The results are very good, since mapping tropospheric delay can be made with an average RMSE of 1.5 mm. The method developed in this research can be used to improve the quality of weather forecasts and the prevention of natural disasters

GE vs GM: Efficient side-channel security evaluations on full cryptographic keys

Security evaluations for full cryptographic keys is a very important research topic since the past decade. An efficient rank estimation algorithm was proposed at FSE 2015 to approximate the empirical guessing entropy remaining after a side-channel attack on a full AES key, by combining information from attacks on each byte of he key independently. However, these could not easily scale to very large keys over 1024 bits. Hence, at CHES 2017, it was proposed a new approach for scalable security evaluations based on Massey’s guessing entropy, which was shown tight and scalable to very large keys, even beyond 8192 bits. Then, at CHES 2020, it was proposed a new method for estimating the empirical guessing entropy for the case of full-key evaluations, showing also important divergences between the empirical guessing entropy and Massey’s guessing entropy. However, there has been some confusion in recent publications of side-channel evaluation methods relying on these two variants of the guessing entropy. Furthermore, it remained an open problem to decide which of these methods should be used and in which context, particularly given the wide acceptance of the empirical guessing entropy in the side-channel community and the relatively little use of the other.In this paper, we tackle this open problem through several contributions. First of all, we provide an unitary presentation of both versions of the guessing entropy, allowing an easy comparison of the two metrics. Secondly, we compare the two metrics using a set of common and relevant indicators, as well as three different datasets for side-channel evaluations (simulated, AVR XMEGA 8-bit microcontroller and a 32-bit device). We used these indicators and datasets also to compare the three full-key evaluation methods from FSE 2015, CHES 2017 and CHES 2020, allowing us to provide a clear overview of the usefulness and limitations of each method. Furthermore, our analysis has enabled us to find a new method for verifying the soundness of a leakage model, by comparing both versions of the guessing entropy. This method can be easily extended to full-key evaluations, hence leading to a new useful method for side-channel evaluations