Practical Algebraic Attacks on the Hitag2 Stream Cipher in RFID Transponders

Talk given at eSmart 2010. How to attack the Hitag2 cipher in RFID trannsponders

Synthesis and Reactions of Iron and Ruthenium Dinitrogen Complexes

This thesis is primarily concerned with the synthesis and reactions of iron and ruthenium dinitrogen complexes of tripodal phosphine ligands. Of particular interest is the cationic dinitrogen bridged iron complex [(FeH(PP3))2(μ-N2)]2+ 23, containing the tetradentate ligand P(CH2CH2PMe2)3, PP3 1, and its potential for facilitating the reduction of the bound dinitrogen upon treatment with acid. The synthesis of a selection of novel and known tripodal phosphine and amino phosphine ligands is described. New ligands N(CH2CH2CH2PMe2)3 N3P3 7 and P(CH2CH2CH2PiPr2)3 P3Pi3 11 were synthesised by nucleophilic displacement of bromide from the bromoalkylphosphine and bromoalkylamine precursors with the relevant phosphide. A new method for synthesis of known ligand P(CH2CH2CH2PMe2)3 P3P3 19 by the nucleophilic substitution of its chloroalkylphosphine oxide with dimethylphosphide and subsequent reduction is also reported. The reaction of [(FeH(PP3))2(μ-N2)]2+ 23 with base produced the singly deprotonated mixed valence species [(FeH(PP3))(μ-N2)(Fe(PP3))]+ 37 and subsequently the iron(0) dinuclear species (Fe(PP3))2(μ-N2) 38 and mononuclear complex Fe(N2)(PP3) 44. The 15N labelling of complexes has allowed the 15N NMR spectra of 23, 37 and 44 to be reported along with the observation of a long-range 5JP-P coupling across the bridging dinitrogen of 37. Complexes 23 and 37 were also structurally characterised by X-ray crystallography. The treatment of a variety of iron PP3 1 dinitrogen complexes, including the mononuclear species [(Fe(N2)H(PP3)]+ 22, with acid, or base then acid, did not result in the formation of ammonia from reduction of the complexed dinitrogen. The reactions of FeCl2(PP3) 24 and FeClH(PP3) 25 with ammonia and hydrazine afforded the complexes [FeCl(N2H4)(PP3)] 48, [FeH(N2H4)(PP3)] 47, [FeCl(NH3)(PP3)] 49 and [FeH(NH3)(PP3)] 46. Complexes 47 and 46 are considered potential intermediates in any reduction of the dinitrogen ligand of 23 to ammonia. Complexes 49 and 46 were also formed from the decomposition of the hydrazine complexes 48 and 47. The 15N NMR shifts, derived from both the 15N labelling of complexes and from 1H-15N 2D NMR experiments at natural abundance are reported. In addition, complex 47 was characterised by X-ray crystallography. The novel ligand P(CH2CH2PiPr2)3 PPi3 12 was used in the successful synthesis of [FeCl(PPi3)]+ 51 and [RuCl(PPi3)]+ 56. Reduction of 51 and 56 with potassium graphite under dinitrogen afforded the complexes Fe(N2)(PPi3) 52 and Ru(N2)(PPi3) 57 respectively. This is the first report of a Ru(0) dinitrogen complex. Treatment of 52 and 57 with lutidinium tetrafluoroborate resulted in protonation and oxidation of the metal centre to afford the hydrido complexes [Fe(N2)H(PPi3)]+ 53 and [Ru(N2)H(PPi3)]+ 58 respectively. 15N labelled analogues of 52, 53, 57 and 58 were achieved by exchange reactions with 15N2 gas, allowing for analysis by 15N NMR spectroscopy. Species 52, 57 and 58 have also been structurally characterised by X-ray crystallography. Treatment of 52 with excess acid in THF afforded both 53 and the dihydrogen complex [Fe(H2)H(PPi3)]+ 54. The mechanism of formation of 54 probably involves the C-H activation of the solvent THF. The complex cation [RuCl(P3Pi3)]+ 65 was synthesised using the novel ligand P3Pi3 11. A polymeric iron(II) complex, [Fe2Cl4(N3P3)2]n 66, of the tridentate ligand N3P3 7 was also synthesised. Characterisation of both 65 and 66 by X-ray crystallography is reported. (FeCl)2(μ-Cl)2(μ-Pi2)2 68, an unusual bridged dimer of the known ligand CH2(PiPr2)2 Pi2 67, and iron(II) and iron(0) tetramers of the PP3 1 ligand, namely [Fe4Cl4(PP3)5]4+ 71 and Fe4(PP3)5 72 were also characterised by X-ray crystallography

Towards Inferring Mechanical Lock Combinations using Wrist-Wearables as a Side-Channel

Wrist-wearables such as smartwatches and fitness bands are equipped with a variety of high-precision sensors that support novel contextual and activity-based applications. The presence of a diverse set of on-board sensors, however, also expose an additional attack surface which, if not adequately protected, could be potentially exploited to leak private user information. In this paper, we investigate the feasibility of a new attack that takes advantage of a wrist-wearable's motion sensors to infer input on mechanical devices typically used to secure physical access, for example, combination locks. We outline an inference framework that attempts to infer a lock's unlock combination from the wrist motion captured by a smartwatch's gyroscope sensor, and uses a probabilistic model to produce a ranked list of likely unlock combinations. We conduct a thorough empirical evaluation of the proposed framework by employing unlocking-related motion data collected from human subject participants in a variety of controlled and realistic settings. Evaluation results from these experiments demonstrate that motion data from wrist-wearables can be effectively employed as a side-channel to significantly reduce the unlock combination search-space of commonly found combination locks, thus compromising the physical security provided by these locks

Chinese remaindering based cryptosystems in the presence of faults

We present some observations on public key cryptosystems that use the Chinese remaindering algorithm. Our results imply that careless implementations of such systems could be vulnerable. Only one faulty signature, in some explained context, is enough to recover the secret ke

Can demographic histories explain long-term isolation and recent pulses of asymmetric gene flow between highly divergent grey fox lineages?

Secondary contact zones between deeply divergent, yet interfertile, lineages provide windows into the speciation process. North American grey foxes (Urocyon cinereoargenteus) are divided into western and eastern lineages that diverged approximately 1 million years ago. These ancient lineages currently hybridize in a relatively narrow zone of contact in the southern Great Plains, a pattern more commonly observed in smaller-bodied taxa, which suggests relatively recent contact after a long period of allopatry. Based on local ancestry inference with whole-genome sequencing (n = 43), we identified two distinct Holocene pulses of admixture. The older pulse (500–3500 YBP) reflected unidirectional gene flow from east to west, whereas the more recent pulse (70–200 YBP) of admixture was bi-directional. Augmented with genotyping-by-sequencing data from 216 additional foxes, demographic analyses indicated that the eastern lineage declined precipitously after divergence, remaining small throughout most of the late Pleistocene, and expanding only during the Holocene. Genetic diversity in the eastern lineage was highest in the southeast and lowest near the contact zone, consistent with a westward expansion. Concordantly, distribution modelling indicated that during their isolation, the most suitable habitat occurred far east of today\u27s contact zone or west of the Great Plains. Thus, long-term isolation was likely caused by the small, distant location of the eastern refugium, with recent contact reflecting a large increase in suitable habitat and corresponding demographic expansion from the eastern refugium. Ultimately, long-term isolation in grey foxes may reflect their specialized bio-climatic niche. This system presents an opportunity for future investigation of potential pre- and post-zygotic isolating mechanisms

Practical Electromagnetic Template Attack on HMAC

The original publication is available at www.springerlink.comInternational audienceIn this paper, we show that HMAC can be attacked using a very efficient side channel attack which reveals the Hamming distance of some registers. After a profiling phase which requires access to a similar device that can be configured by the adversary, the attack recovers the secret key on one recorded execution of HMAC-SHA-1 for example, on an embedded device. We perform experimentations using a NIOS processor executed on a Field Programmable Gate Array (FPGA) to confirm the leakage model. Besides the high efficiency of this attack, $2^32\cdot 3^k$ where $k$ is the number of 32-bit words of the key, that we tested with experimentations, our results also shed some light on the on the requirements in term of side channel attack for the future SHA-3 function. Finally, we show that our attack can also be used to break the confidentiality of network protocols usually implemented on embedded devices. We have performed experiments using a NIOS processor executed on a Field Programmable Gate Array (FPGA) to confirm the leakage model. We hope that our results shed some light on the requirements in term of side channel attack for the future SHA-3 function

Side-Channel Analysis of the TERO PUF

Physical Unclonable Functions (PUFs) have the potential to provide a higher level of security for key storage than traditional Non-Volatile Memory (NVM). However, the susceptibility of the PUF primitives to non-invasive Side-Channel Analysis (SCA) is largely unexplored. While resistance to SCA was indicated for the Transient Effect Ring Oscillator (TERO) PUF, it was not backed by an actual assessment. To investigate the physical security of the TERO PUF, we first discuss and study the conceptual behavior of the PUF primitive to identify possible weaknesses. We support our claims by conducting an EM-analysis of a TERO design on an FPGA. When measuring TERO cells with an oscilloscope in the time domain, a Short Time Fourier Transform (STFT) based approach allows to extract the relevant information in the frequency domain. By applying this method we significantly reduce the entropy of the PUF. Our analysis shows the vulnerability of not only the originally suggested TERO PUF implementation but also the impact on TERO designs in general. We discuss enhancements of the design that potentially prevent the TERO PUF from exposing the secret and point out that regarding security the TERO PUF is similar to the more area-efficient Ring Oscillator PUF