Exploiting Collisions in Addition Chain-based Exponentiation Algorithms Using a Single Trace

Public key cryptographic algorithms are typically based on group exponentiation algorithms, and many algorithms have been proposed in the literature based on addition chains. We describe attacks based on collisions of variables manipulated in group operations extending attacks described in the literature. These collisions are visible where one is able to acquire information through some suitable side channel that provides a trace during the computation of a group exponentiation algorithm. For example, through measuring the instantaneous power consumption or the electromagnetic emanations of a microprocessor. The advantage of our attacks over previous work is that the attacks can be applied to a single trace and do not require any knowledge of the input to the exponentiation algorithm. Moreover, we prove that our attacks are applicable to all addition chain-based exponentiation algorithms. This means that a side channel resistant implementation of a group exponentiation will require countermeasures that introduce enough noise that an attack is not practical

Using Templates to Distinguish Multiplications from Squaring Operations

Since side channel analysis was introduced as a method to recover secret information from an otherwise secure cryptosystem, many countermeasures have been proposed to prevent leakage from secure devices. Among these countermeasures is side channel atomicity that makes operations indistinguishable using side channel analysis. In this paper we present practical results of an attack on RSA signature generation, protected in this manner, based on the expected difference in Hamming weight between the result of a multiplication and a squaring operation. This work presents the first attack that we are aware of where template analysis can be used without requiring an open device to characterize an implementation of a given cryptographic algorithm. Moreover, an attacker does not need to know the plaintexts being operated on and, therefore, blinding and padding countermeasures applied to the plaintext do not hinder the attack in any way

Empirical evaluation of multi-device profiling side-channel attacks

n/

Late Holocene paleoseismology of Shuyak Island, Alaska

We report stratigraphic evidence of land-level changes along the eastern portion of the Alaska-Aleutian megathrust. Four marshes on Shuyak Island record variable amounts of coseismic deformation during four pre-20th century earthquakes. We combine these data with paleoseismic evidence from across the Kodiak, Kenai and Prince William Sound segments of the megathrust. These indicate that in the last 2000 years, AD 1964 was the only one to rupture all three segments simultaneously and generate a Mw 9.2 earthquake. The Kodiak segment ruptured independently on four further occasions with magnitudes > Mw 8.0; in AD 1788 and c.400 (440–320) BP, and independently but around the times of great earthquakes in the Prince William Sound segment c.850 and c.1500 BP

The control of earthquake sequences on hillslope stability

Earthquakes trigger landslides in mountainous regions. Recent research suggests that the stability of hillslopes during and after a large earthquake is influenced by legacy effects of previous seismic activity. However, the mechanisms that control hillslope stability in response to ground shaking are poorly constrained in ductile hillslope materials, inhibiting our ability to fully explain the nature of earthquake-triggered landslides. We used geotechnical laboratory testing to simulate earthquake loading of hillslopes and to assess how different sequences of ground shaking influence hillslope stability prior to, during and following an earthquake ‘mainshock’. Ground-shaking events prior to a mainshock that do not result in high landslide strain accumulation can increase bulk density and interparticle friction. This strengthens a hillslope, reducing landslide displacement during subsequent seismicity. By implication, landscapes in different tectonic settings will likely demonstrate different short- and long-term responses to single earthquakes due to differences in the magnitude, frequency and sequencing of earthquakes