Improved Fault Templates of Boolean Circuits in Cryptosystems can Break Threshold Implementations

Fault Template Analysis (FTA) has been shown as a powerful tool for attacking cryptosystems and exposing vulnerabilities which were previously not reported in existing literature. Fault templates can be utilized for attacking block ciphers in middle rounds which were known prior to be resistant against fault attacks. In this paper we revisit the potent of fault templates and show a more systematic methodology to develop fault templates of Boolean circuits using a well known concept in design verification, namely positive Davio\u27s decomposition. We show that the improved FTAs, called FTA2.0, can be used to fault analyze block ciphers in the middle rounds using as few as two bit-flip faults. Further, it can be used to attack TI-implemented block ciphers by considering a Double Bit Upset (DBU) fault in a target share bit. The attack shows that varying the latency of the fault the adversary can obtain unmasked bits and can recover the secret key

An Improved DCM-based Tunable True Random Number Generator for Xilinx FPGA

True Random Number Generators (TRNGs) play a very important role in modern cryptographic systems. Field Programmable Gate Arrays (FPGAs) form an ideal platform for hardware implementations of many of these security algorithms. In this paper we present a highly efficient and tunable TRNG based on the principle of Beat Frequency Detection (BFD), specifically for Xilinx FPGA based applications. The main advantages of the proposed TRNG are its on-the-fly tunability through Dynamic Partial Reconfiguration (DPR) to improve randomness qualities. We describe the mathematical model of the TRNG operations, and experimental results for the circuit implemented on a Xilinx Virtex-V FPGA. The proposed TRNG has low hardware footprint and in-built bias elimination capabilities. The random bitstreams generated from it passes all tests in the NIST statistical testsuite

Who watches the watchmen? : Utilizing Performance Monitors for Compromising keys of RSA on Intel Platforms

Asymmetric-key cryptographic algorithms when implemented on systems with branch predictors, are subjected to side-channel attacks exploiting the deterministic branch predictor behavior due to their key-dependent input sequences. We show that branch predictors can also leak information through the hardware performance monitors which are accessible by an adversary at the user-privilege level. This paper presents an iterative attack which target the key-bits of 1024 bit RSA, where in offline phase, the system’s underlying branch predictor is approximated by a theoretical predictor in literature. Subsimulations are performed to classify the message-space into distinct partitions based on the event branch misprediction and the target key bit value. In online phase, we ascertain the secret key bit using branch mispredictions obtained from the hardware performance monitors which reflect the information of branch miss due to the underlying predictor hardware. We theoretically prove that the probability of success of the attack is equivalent to the accurate modelling of the theoretical predictor to the underlying system predictor. Experimentations reveal that the success-rate increases with message-count and reaches such a significant value so as to consider side-channel from the performance counters as a real threat to RSA-like ciphers due to the underlying branch predictors and needs to be considered for developing secured-systems

New Lower Bounds on Predicate Entropy for Function Private Public-Key Predicate Encryption

We present function private public-key predicate encryption schemes from standard cryptographic assumptions, that achieve new lower bounds on the min-entropy of underlying predicate distributions. Existing function private predicate encryption constructions in the public-key setting can be divided into two broad categories. The first category of constructions are based on standard assumptions, but impose highly stringent requirements on the min-entropy of predicate distributions, thereby limiting their applicability in the context of real-world predicates. For example, the statistically function private constructions of Boneh, Raghunathan and Segev (CRYPTO\u2713 and ASIACRYPT\u2713) are inherently restricted to predicate distributions with min-entropy roughly proportional to the security parameter $\lambda$. The second category of constructions mandate more relaxed min-entropy requirements, but are either based on non-standard assumptions (such as indistinguishability obfuscation) or are secure in the generic group model. In this paper, we affirmatively bridge the gap between these categories by presenting new public-key constructions for identity-based encryption, hidden-vector encryption, and subspace-membership encryption~(a generalization of inner-product encryption) that are both data and function private under variants of the well-known DBDH, DLIN and matrix DDH assumptions, while relaxing the min-entropy requirement on the predicate distributions to $\omega(\log\lambda)$. In summary, we establish that the minimum predicate entropy necessary for any meaningful notion of function privacy in the public-key setting, is in fact, sufficient, for a fairly rich class of predicates