Efficient, portable template attacks

Template attacks recover data values processed by tamper-resistant devices from side-channel waveforms, such as supply-current fluctuations (power analysis) or electromagnetic emissions. They first profile a device to generate multivariate statistics of the waveforms emitted for each of a set of known processed values, which then identify maximum-likelihood candidates of unknown processed values during an attack. We identify several practical obstacles arising in the implementation of template attacks, ranging from numerical errors to the incompatibility of templates across different devices, and propose and compare several solutions. We identify pooled covariance matrices and prior dimensionality reduction through Fisher's Linear Discriminant Analysis as particularly efficient and effective, especially where many attack traces can be acquired. We evaluate alternative algorithms not only for the task of recovering key bytes from a hardware implementation of the Advanced Encryption Standard; we even reconstruct the value transferred by an individual byte-load instruction, with success rates reaching 85% (or a guessing entropy of less than a quarter bit remaining) after 1000 attack traces, thereby demonstrating direct eavesdropping of 8-bit parallel data lines. Using different devices during the profiling and attack phase can substantially reduce the effectiveness of template attacks. We demonstrate that the same problem can also occur across different measurement campaigns with the same device and that DC offsets (e.g. due to temperature drift) are a significant cause. We improve the portability of template parameters across devices by manipulating the DC content of the eigenvectors that form the projection matrix used for dimensionality reduction of the waveforms

Template attacks on different devices

Template attacks remain a most powerful side-channel technique to eavesdrop on tamper-resistant hardware. They use a profiling step to compute the parameters of a multivariate normal distribution from a training device and an attack step in which the parameters obtained during profiling are used to infer some secret value (e.g. cryptographic key) on a target device. Evaluations using the same device for both profiling and attack can miss practical problems that appear when using different devices. Recent studies showed that variability caused by the use of either different devices or different acquisition campaigns on the same device can have a strong impact on the performance of template attacks. In this paper, we explore further the effects that lead to this decrease of performance, using four different Atmel XMEGA 256 A3U 8-bit devices. We show that a main difference between devices is a DC offset and we show that this appears even if we use the same device in different acquisition campaigns. We then explore several variants of the template attack to compensate for these differences. Our results show that a careful choice of compression method and parameters is the key to improving the performance of these attacks across different devices. In particular we show how to maximise the performance of template attacks when using Fisher's Linear Discriminant Analysis or Principal Component Analysis. Overall, we can reduce the entropy of an unknown 8-bit value below 1.5 bits even when using different devices.Omar Choudary is a recipient of the Google Europe Fellowship in Mobile Security, and this research is supported in part by this Google Fellowship. The opinions expressed in this paper do not represent the views of Google unless otherwise explicitly stated.This is the author accepted manuscript. The final version is available from Springer at http://link.springer.com/chapter/10.1007%2F978-3-319-10175-0_13

Efficient Stochastic Methods: Profiled Attacks Beyond 8 Bits

Template attacks and stochastic models are among the most powerful side-channel attacks. However, they can be computationally expensive when processing a large number of samples. Various compression techniques have been used very successfully to reduce the data dimensionality prior to applying template attacks, most notably Principal Component Analysis (PCA) and Fisher’s Linear Discriminant Analysis (LDA). These make the attacks more efficient computationally and help the profiling phase to converge faster. We show how these ideas can also be applied to implement stochastic models more efficiently, and we also show that they can be applied and evaluated even for more than eight unknown data bits at once.This is the author accepted manuscript. The final version is available from Springer via http://dx.doi.org/10.1007/978-3-319-16763-3_

Evaluating the successful implementation of evidence into practice using the PARiHS framework : theoretical and practical challenges

Background The PARiHS framework (Promoting Action on Research Implementation in Health Services) has proved to be a useful practical and conceptual heuristic for many researchers and practitioners in framing their research or knowledge translation endeavours. However, as a conceptual framework it still remains untested and therefore its contribution to the overall development and testing of theory in the field of implementation science is largely unquantified. Discussion This being the case, the paper provides an integrated summary of our conceptual and theoretical thinking so far and introduces a typology (derived from social policy analysis) used to distinguish between the terms conceptual framework, theory and model – important definitional and conceptual issues in trying to refine theoretical and methodological approaches to knowledge translation. Secondly, the paper describes the next phase of our work, in particular concentrating on the conceptual thinking and mapping that has led to the generation of the hypothesis that the PARiHS framework is best utilised as a two-stage process: as a preliminary (diagnostic and evaluative) measure of the elements and sub-elements of evidence (E) and context (C), and then using the aggregated data from these measures to determine the most appropriate facilitation method. The exact nature of the intervention is thus determined by the specific actors in the specific context at a specific time and place. In the process of refining this next phase of our work, we have had to consider the wider issues around the use of theories to inform and shape our research activity; the ongoing challenges of developing robust and sensitive measures; facilitation as an intervention for getting research into practice; and finally to note how the current debates around evidence into practice are adopting wider notions that fit innovations more generally. Summary The paper concludes by suggesting that the future direction of the work on the PARiHS framework is to develop a two-stage diagnostic and evaluative approach, where the intervention is shaped and moulded by the information gathered about the specific situation and from participating stakeholders. In order to expedite the generation of new evidence and testing of emerging theories, we suggest the formation of an international research implementation science collaborative that can systematically collect and analyse experiences of using and testing the PARiHS framework and similar conceptual and theoretical approaches. We also recommend further refinement of the definitions around conceptual framework, theory, and model, suggesting a wider discussion that embraces multiple epistemological and ontological perspectives

Drug-Induced Regulation of Target Expression

Drug perturbations of human cells lead to complex responses upon target binding. One of the known mechanisms is a (positive or negative) feedback loop that adjusts the expression level of the respective target protein. To quantify this mechanism systems-wide in an unbiased way, drug-induced differential expression of drug target mRNA was examined in three cell lines using the Connectivity Map. To overcome various biases in this valuable resource, we have developed a computational normalization and scoring procedure that is applicable to gene expression recording upon heterogeneous drug treatments. In 1290 drug-target relations, corresponding to 466 drugs acting on 167 drug targets studied, 8% of the targets are subject to regulation at the mRNA level. We confirmed systematically that in particular G-protein coupled receptors, when serving as known targets, are regulated upon drug treatment. We further newly identified drug-induced differential regulation of Lanosterol 14-alpha demethylase, Endoplasmin, DNA topoisomerase 2-alpha and Calmodulin 1. The feedback regulation in these and other targets is likely to be relevant for the success or failure of the molecular intervention

Accuracy of cardiovascular magnetic resonance in myocarditis: comparison of MR and histological findings in an animal model

Background: Because Endomyocardial Biopsy has low sensitivity of about 20%, it can be performed near to myocardium that presented as Late Gadolinium Enhancement (LGE) in cardiovascular magnetic resonance (CMR). However the important issue of comparing topography of CMR and histological findings has not yet been investigated. Thus the current study was performed using an animal model of myocarditis. Results: In 10 male Lewis rats Experimental Autoimmune myocarditis was induced, 10 rats served as control. On day 21 animals were examined by CMR to compare topographic distribution of LGE to histological inflammation. Sensitivity, specificity, positive and negative predictive values for LGE in diagnosing myocarditis were determined for each segment of myocardium. Latter diagnostic values varied widely depending on topographic distribution of LGE and inflammation as well as on the used CMR sequence. Sensitivity of LGE was up to 76% (left lateral myocardium) and positive predictive values were up to 85% (left lateral myocardium), whereas sensitivity and positive predictive value dropped to 0 - 33% (left inferior myocardium). Conclusions: Topographic distribution of LGE and histological inflammation seem to influence sensitivity, specifity, positive and negative predictive values. Nevertheless, positive predictive value for LGE of up to 85% indicates that Endomyocardial Biopsy should be performed "MR-guided". LGE seems to have greater sensitivity than Endomyocardial Biopsy for the diagnosis of myocarditis

Considering Intra-individual Genetic Heterogeneity to Understand Biodiversity

In this chapter, I am concerned with the concept of Intra-individual Genetic Hetereogeneity (IGH) and its potential influence on biodiversity estimates. Definitions of biological individuality are often indirectly dependent on genetic sampling -and vice versa. Genetic sampling typically focuses on a particular locus or set of loci, found in the the mitochondrial, chloroplast or nuclear genome. If ecological function or evolutionary individuality can be defined on the level of multiple divergent genomes, as I shall argue is the case in IGH, our current genetic sampling strategies and analytic approaches may miss out on relevant biodiversity. Now that more and more examples of IGH are available, it is becoming possible to investigate the positive and negative effects of IGH on the functioning and evolution of multicellular individuals more systematically. I consider some examples and argue that studying diversity through the lens of IGH facilitates thinking not in terms of units, but in terms of interactions between biological entities. This, in turn, enables a fresh take on the ecological and evolutionary significance of biological diversity

The developmental trajectory of attentional orienting to socio-biological cues.

It has been proposed that the orienting of attention in the same direction as another’s point of gaze relies on innate brain mechanisms which are present from birth, but direct evidence relating to the influence of eye gaze cues on attentional orienting in young children is limited. In two experiments, 137 children aged 3–10 years old performed an adapted pro-saccade task with centrally presented uninformative eye gaze, finger pointing and arrow pre-cues which were either congruent or incongruent with the direction of target presentations. When the central cue overlapped with presentation of the peripheral target (Experiment 1), children up to 5 years old had difficulty disengaging fixation from central fixation in order to saccade to the target. This effect was found to be particularly marked for eye gaze cues. When central cues were extinguished simultaneously with peripheral target onset (Experiment 2), this effect was greatly reduced. In both experiments finger pointing cues (image of pointing index finger presented at fixation) exerted a strong influence on saccade reaction time to the peripheral stimulus for the youngest group of children (<5 years). Overall the results suggest that although young children are strongly engaged by centrally presented eye gaze cues, the directional influence of such cues on overt attentional orienting is only present in older children, meaning that the effect is unlikely to be dependent upon an innate brain module. Instead, the results are consistent with the existence of stimulus–response associations which develop with age and environmental experience

Observation of a J^PC = 1-+ exotic resonance in diffractive dissociation of 190 GeV/c pi- into pi- pi- pi+

The COMPASS experiment at the CERN SPS has studied the diffractive dissociation of negative pions into the pi- pi- pi+ final state using a 190 GeV/c pion beam hitting a lead target. A partial wave analysis has been performed on a sample of 420000 events taken at values of the squared 4-momentum transfer t' between 0.1 and 1 GeV^2/c^2. The well-known resonances a1(1260), a2(1320), and pi2(1670) are clearly observed. In addition, the data show a significant natural parity exchange production of a resonance with spin-exotic quantum numbers J^PC = 1-+ at 1.66 GeV/c^2 decaying to rho pi. The resonant nature of this wave is evident from the mass-dependent phase differences to the J^PC = 2-+ and 1++ waves. From a mass-dependent fit a resonance mass of 1660 +- 10+0-64 MeV/c^2 and a width of 269+-21+42-64 MeV/c^2 is deduced.Comment: 7 page, 3 figures; version 2 gives some more details, data unchanged; version 3 updated authors, text shortened, data unchange

The Spin Structure of the Nucleon

We present an overview of recent experimental and theoretical advances in our understanding of the spin structure of protons and neutrons.Comment: 84 pages, 29 figure