Quantifying Side-Channel Information Leakage from Web Applications

Recent research has shown that many popular web applications are vulnerable to side-channel attacks on encrypted streams of network data produced by the interaction of a user with an application. As a result, private user data is susceptible to being recovered by a side-channel adversary. A recent focus has been on the development of tools for the detection and quantification of side-channel information leaks from such web applications. In this work we describe a model for these web applications, analyse the effectiveness of previous approaches for the quantification of information leaks, and describe a robust, effective and generically applicable metric based on a statistical estimation of the mutual information between the user inputs made in the application and subsequent observable side-channel information. We use our proposed metric to construct a test capable of analysing sampled traces of packets to detect information leaks, and demonstrate the application of our test on a real-world web application

Multi-target DPA attacks: Pushing DPA beyond the limits of a desktop computer

Following the pioneering CRYPTO \u2799 paper by Kocher et al., differential power analysis (DPA) was initially geared around low-cost computations performed using standard desktop equipment with minimal reliance on device-specific assumptions. In subsequent years, the scope was broadened by, e.g., making explicit use of (approximate) power models. An important practical incentive of so-doing is to reduce the data complexity of attacks, usually at the cost of increased computational complexity. It is this trade-off which we seek to explore in this paper. We draw together emerging ideas from several strands of the literature---high performance computing, post-side-channel global key enumeration, and effective combination of separate information sources---by way of advancing (non-profiled) `standard DPA\u27 towards a more realistic threat model in which trace acquisitions are scarce but adversaries are well resourced. Using our specially designed computing platform (including our parallel and scalable DPA implementation, which allows us to work efficiently with as many as 2^{32} key hypotheses), we demonstrate some dramatic improvements that are possible for `standard DPA\u27 when combining DPA outcomes for several intermediate targets. Unlike most previous `information combining\u27 attempts, we are able to evidence the fact that the improvements apply even when the exact trace locations of the relevant information (i.e. the `interesting points\u27) are not known a priori but must be searched simultaneously with the correct subkey

Comparing Key Rank Estimation Methods

Recent works on key rank estimation methods claim that algorithmic key rank estimation is too slow, and suggest two new ideas: replacing repeat attacks with simulated attacks (PS-TH-GE rank estimation), and a shortcut rank estimation method that works directly on distinguishing vector distributions (GEEA). We take these ideas and provide a comprehensive comparison between them and a performant implementation of a classical, algorithmic ranking approach, as well as some earlier work on estimating distinguisher distributions. Our results show, in contrast to the recent work, that the algorithmic ranking approach outperforms GEEA, and that simulation based ranks are unreliable

How low can you go? Using side-channel data to enhance brute-force key recovery

Side-channel analysis techniques can be used to construct key recovery attacks by observing a side-channel medium such as the power consumption or electromagnetic radiation of a device while is it performing cryptographic operations. These attack results can be used as auxiliary information in an enhanced brute-force key recovery attack, enabling the adversary to \emph{enumerate} the most likely keys first. We use algorithmic and implementation techniques to implement a time- and memory-efficient key \emph{enumeration} algorithm, and in tandem identify how to optimise throughput when bulk-verifying quantities of candidate AES-128 keys. We then explore how to best distribute the workload so that it can be deployed across a significant number of CPU cores and executed in parallel, giving an adversary the capability to enumerate a very large number of candidate keys. We introduce the tool \textsc{labynkyr}, developed in C++11, that can be deployed across any number of CPUs and workstations to enumerate keys in parallel. We conclude by demonstrating the effectiveness of our tool by successfully enumerating $2^{48}$ AES-128 keys in approximately 30 hours using a modest number of CPU cores, at an expected cost of only 700 USD using a popular cloud provider

Blood pressure vs altitude in hypertensive and non-hypertensive himalayan trekkers

Introduction: Determine blood pressure (BP) response to changes in altitude in Himalayan trekkers with and without hypertension (HTN). Methods: BP was measured in Lukla (2800m), Namche (3400m), and either Pheriche or Dingboche (4400m) on ascent and descent. Hypertensive subjects were defined by self-reported diagnosis of HTN. Results: Trekkers had HTN (H, n=60) or no HTN (NH, n=604). Of those with HTN, 50 (83%) took one or more BP medications including ACEIs/ARBs (n=35, 48%), Ca++ channel blockers (n=15, 22%), beta-blockers (n=9, 13%), thiazide diuretics (n=7, 10%), and others (n=5, 7%). At 2800m, systolic BP (SBP) and diastolic BP (DBP) were greater in the H group than in the NH group [mean SBP= 151mmHg (95% CI 145.4-155.7) vs 127mmHg (95% CI 125.5 128.0); mean DBP=88mmHg (95% CI 85.1-91.7) vs 80mmHg (95% CI 79.3-80.8)] and remained higher at both 3400m [mean SBP=150mmHg (95% CI 143.7-156.9) vs 127mmHg (95% CI 125.8-128.5); mean DBP=88mmHg (95% CI 84.3-90.8) vs 82mmHg (95% CI 80.7-82.5)] and 4400m [mean SBP=144mmHg (95% CI 136.7-151.7) vs 128mmHg (95% CI 126.4-129.5); mean DBP=87mmHg (95% CI 83.2-91.7) vs 82mmHg (95% CI 81.3-83.2)]. Between 2800m and 3400m, BP increased in 37% of trekkers, decreased in 25%, and did not change in 38%; from 3400m to 4400m, BP increased in 35% of trekkers, decreased in 26%, and did not change in 40%. Prevalence of severe hypertension (BP\u3e180/120mmHg) was similar across altitudes but higher in the H group (9%; 10%; 8% vs 0.7%; 0.6%, 0.3%) at 2800m, 3400m, and 4400m, respectively. No subjects reported symptoms of hypertensive emergency (chest pain, stroke, etc.). Conclusion: Blood pressure response to altitude is variable. High prevalence of severe hypertension in hypertensive trekkers warrants further study regarding BP control at high altitude

Magneto-acoustic waves in a gravitationally stratified magnetized plasma: eigen-solutions and their applications to the solar atmosphere

Magneto-acoustic gravity (MAG) waves have been studied intensively in the context of astrophysical plasmas. There are three popular choices of analytic modeling using a Cartesian coordinate system: a magnetic field parallel, perpendicular, or at an angle to the gravitational field. Here, we study a gravitationally stratified plasma embedded in a parallel, so called vertical, magnetic field. We find a governing equation for the auxiliary quantity Θ = p 1/ρ 0, and find solutions in terms of hypergeometric functions. With the convenient relationship between Θ and the vertical velocity component, v z , we derive the solution for v z . We show that the four linearly independent functions for v z can also be cast as single hypergeometric functions, rather than the Frobenius series derived by Leroy & Schwartz. We are then able to analyze a case of approximation for a one-layer solution, taking the small wavelength limit. Motivated by solar atmospheric applications, we finally commence study of the eigenmodes of perturbations for a two-layer model using our solutions, solving the dispersion relation numerically. We show that, for a transition between a photospheric and chromospheric plasma embedded in a vertical magnetic field, modes exist that are between the observationally widely investigated three and five minute oscillation periods, interpreted as solar global oscillations in the lower solar atmosphere. It is also shown that, when the density contrast between the layers is large (e.g., applied to photosphere/chromosphere-corona), the global eigenmodes are practically a superposition of the same as in each of the separate one-layer systems

Obstacles to public health that even pandemics cannot overcome : the politics of Covid-19 on the island of Ireland

The relationship between politics and public health is increasingly evident as governments throughout the world vary in their acceptance and implementation of technical guidance in the response to the SARS-CoV-2 pandemic. This paper reports a qualitative study of public health policies for Covid-19 in Northern Ireland (NI) and the Republic of Ireland (RoI) across a timeline emphasising the first wave of the pandemic (February to June 2020). Inter-jurisdictional commitments for health as contained in the Good Friday Agreement provide a framework for cooperation and coordination of population health on the island of Ireland. This study of north-south cooperation in the response to Covid-19 applies ten indicators from the Oxford Covid-19 Government Response Tracker (OxCGRT) codebook to establish if cooperation and policy alignment of key public health measures are evident in the Northern Ireland Assembly and Government of Ireland responses. The study concludes that notwithstanding the historical and constitutional obstacles to an all-island response to Covid-19, there is evidence of significant public health policy alignment brought about through ongoing dialogue and cooperation between the health administrations in each jurisdiction over the course of the first wave of the pandemic

CoronaHiT: high-throughput sequencing of SARS-CoV-2 genomes.

We present CoronaHiT, a platform and throughput flexible method for sequencing SARS-CoV-2 genomes (≤ 96 on MinION or > 96 on Illumina NextSeq) depending on changing requirements experienced during the pandemic. CoronaHiT uses transposase-based library preparation of ARTIC PCR products. Method performance was demonstrated by sequencing 2 plates containing 95 and 59 SARS-CoV-2 genomes on nanopore and Illumina platforms and comparing to the ARTIC LoCost nanopore method. Of the 154 samples sequenced using all 3 methods, ≥ 90% genome coverage was obtained for 64.3% using ARTIC LoCost, 71.4% using CoronaHiT-ONT and 76.6% using CoronaHiT-Illumina, with almost identical clustering on a maximum likelihood tree. This protocol will aid the rapid expansion of SARS-CoV-2 genome sequencing globally.The sequencing costs were funded by the COVID-19 Genomics UK (COG-UK) Consortium which is supported by funding from the Medical Research Council (MRC) part of UK Research & Innovation (UKRI), the National Institute of Health Research (NIHR) and Genome Research Limited, operating as the Wellcome Sanger Institute

Large-scale sequencing of SARS-CoV-2 genomes from one region allows detailed epidemiology and enables local outbreak management.

The COVID-19 pandemic has spread rapidly throughout the world. In the UK, the initial peak was in April 2020; in the county of Norfolk (UK) and surrounding areas, which has a stable, low-density population, over 3200 cases were reported between March and August 2020. As part of the activities of the national COVID-19 Genomics Consortium (COG-UK) we undertook whole genome sequencing of the SARS-CoV-2 genomes present in positive clinical samples from the Norfolk region. These samples were collected by four major hospitals, multiple minor hospitals, care facilities and community organizations within Norfolk and surrounding areas. We combined clinical metadata with the sequencing data from regional SARS-CoV-2 genomes to understand the origins, genetic variation, transmission and expansion (spread) of the virus within the region and provide context nationally. Data were fed back into the national effort for pandemic management, whilst simultaneously being used to assist local outbreak analyses. Overall, 1565 positive samples (172 per 100 000 population) from 1376 cases were evaluated; for 140 cases between two and six samples were available providing longitudinal data. This represented 42.6 % of all positive samples identified by hospital testing in the region and encompassed those with clinical need, and health and care workers and their families. In total, 1035 cases had genome sequences of sufficient quality to provide phylogenetic lineages. These genomes belonged to 26 distinct global lineages, indicating that there were multiple separate introductions into the region. Furthermore, 100 genetically distinct UK lineages were detected demonstrating local evolution, at a rate of ~2 SNPs per month, and multiple co-occurring lineages as the pandemic progressed. Our analysis: identified a discrete sublineage associated with six care facilities; found no evidence of reinfection in longitudinal samples; ruled out a nosocomial outbreak; identified 16 lineages in key workers which were not in patients, indicating infection control measures were effective; and found the D614G spike protein mutation which is linked to increased transmissibility dominates the samples and rapidly confirmed relatedness of cases in an outbreak at a food processing facility. The large-scale genome sequencing of SARS-CoV-2-positive samples has provided valuable additional data for public health epidemiology in the Norfolk region, and will continue to help identify and untangle hidden transmission chains as the pandemic evolves.The sequencing costs were funded by the COVID-19 Genomics UK (COG-UK) Consortium which is supported by funding from the Medical Research Council (MRC) part of UK Research and Innovation (UKRI), the National Institute of Health Research (NIHR) and Genome Research Limited, operating as the Wellcome Sanger Institute