An Adversarial Model for Fault Analysis Against Low-Cost Cryptographic Devices

2006 ◽  
pp. 131-143 ◽  
Author(s):  
Kerstin Lemke-Rust ◽  
Christof Paar
Keyword(s):  
Low Cost ◽  
Fault Analysis ◽  
Adversarial Model

scholarly journals SIFA: Exploiting Ineffective Fault Inductions on Symmetric Cryptography

2018 ◽  
pp. 547-572 ◽  
Author(s):  
Christoph Dobraunig ◽  
Maria Eichlseder ◽  
Thomas Korak ◽  
Stefan Mangard ◽  
Florian Mendel ◽  
...  
Keyword(s):  
Low Cost ◽  
Fault Analysis ◽  
Intensity Analysis ◽  
Fault Attacks ◽  
A Value ◽  
Differential Fault Analysis ◽  
Fault Sensitivity ◽  
Software Implementations ◽  
Symmetric Ciphers ◽  
Intermediate Value

Since the seminal work of Boneh et al., the threat of fault attacks has been widely known and techniques for fault attacks and countermeasures have been studied extensively. The vast majority of the literature on fault attacks focuses on the ability of fault attacks to change an intermediate value to a faulty one, such as differential fault analysis (DFA), collision fault analysis, statistical fault attack (SFA), fault sensitivity analysis, or differential fault intensity analysis (DFIA). The other aspect of faults—that faults can be induced and do not change a value—has been researched far less. In case of symmetric ciphers, ineffective fault attacks (IFA) exploit this aspect. However, IFA relies on the ability of an attacker to reliably induce reproducible deterministic faults like stuck-at faults on parts of small values (e.g., one bit or byte), which is often considered to be impracticable.As a consequence, most countermeasures against fault attacks do not focus on such attacks, but on attacks exploiting changes of intermediate values and usually try to detect such a change (detection-based), or to destroy the exploitable information if a fault happens (infective countermeasures). Such countermeasures implicitly assume that the release of “fault-free” ciphertexts in the presence of a fault-inducing attacker does not reveal any exploitable information. In this work, we show that this assumption is not valid and we present novel fault attacks that work in the presence of detection-based and infective countermeasures. The attacks exploit the fact that intermediate values leading to “fault-free” ciphertexts show a non-uniform distribution, while they should be distributed uniformly. The presented attacks are entirely practical and are demonstrated to work for software implementations of AES and for a hardware co-processor. These practical attacks rely on fault induction by means of clock glitches and hence, are achieved using only low-cost equipment. This is feasible because our attack is very robust under noisy fault induction attempts and does not require the attacker to model or profile the exact fault effect. We target two types of countermeasures as examples: simple time redundancy with comparison and several infective countermeasures. However, our attacks can be applied to a wider range of countermeasures and are not restricted to these two countermeasures.

Secure Node Localization in Clustered Sensor Networks with Effective Key Revocation

2016 ◽  
pp. 12-41
Author(s):  
Rachit Mittal ◽  
Sarita Agrawal ◽  
Manik Lal Das
Keyword(s):  
Sensor Networks ◽  
Low Cost ◽  
Impersonation Attack ◽  
Node Localization ◽  
Secure Localization ◽  
Node Location ◽  
Node Capture ◽  
Key Revocation ◽  
Encryption And Authentication ◽  
Adversarial Model

Wireless sensor networks are deployed in unattended and hostile environment for many applications such as battlefield surveillance. The WSN applications may require knowing the locations of the node in the network to assist in neighbour discovery, selective information sharing and so on. The trivial approach to node localization is to equip each node with GPS. However, the cost and size of GPS enabled nodes make it impractical for resource-constrained, low cost WSNs. GPS-free node localization has been addressed using two different approaches - Beacon Based (BB) and Without Beacon Based (WBB). In BB approach, few nodes aware of their locations serve as beacons to help other nodes in the network localize themselves. In WBB approach, nodes need to localize themselves with the help of their neighbours only. Although, knowledge of nodes' location within network is desirable, exposure of node location information to adversary may lead to undesirable consequences, such as ease of planning for node capture attack, and hence the need of secure localization. The BB approach has been studied extensively under adversarial model and many algorithms based on BB approach have been proposed in literature in order to localize nodes in a secure manner. In contrast, WBB approach for node localization under adversarial model has not received substantial attention from researchers. In this chapter, we discuss static and dynamic key settings for node localization using WBB for node localization under adversarial model. We consider the Localized Combinatorial Keying (LEAP) and Localized Encryption and Authentication Protocol (LEAP) as the building block and propose a protocol for pair-wise key establishment and key revocation to facilitate secure node localization without using beacon nodes in mobile sensor networks, aiming at providing resilience against node impersonation attack and thus minimizing the impact of node capture threats. We provide a comparison of the improved protocol with other related protocols. We show that the improved protocol provides effective node localization in a secure manner with minimal node capture threats.

Decomposition of the metastable beta titanium alloy Ti-15-3

1983 ◽  
Vol 41 ◽  
pp. 264-265
Author(s):  
Y. L. Chen ◽  
S. Fujlshiro
Keyword(s):  
Low Cost ◽  
High Strength ◽  
Alpha Phase ◽  
Thick Sheet ◽  
Omega Phase ◽  
Beta Titanium Alloy ◽  
Beta Titanium ◽  
Beta Matrix ◽  
Metastable Beta ◽  
Very High

Metastable beta titanium alloys have been known to have numerous advantages such as cold formability, high strength, good fracture resistance, deep hardenability, and cost effectiveness. Very high strength is obtainable by precipitation of the hexagonal alpha phase in a bcc beta matrix in these alloys. Precipitation hardening in the metastable beta alloys may also result from the formation of transition phases such as omega phase. Ti-15-3 (Ti-15V- 3Cr-3Al-3Sn) has been developed recently by TIMET and USAF for low cost sheet metal applications. The purpose of the present study was to examine the aging characteristics in this alloy.The composition of the as-received material is: 14.7 V, 3.14 Cr, 3.05 Al, 2.26 Sn, and 0.145 Fe. The beta transus temperature as determined by optical metallographic method was about 770°C. Specimen coupons were prepared from a mill-annealed 1.2 mm thick sheet, and solution treated at 827°C for 2 hr in argon, then water quenched. Aging was also done in argon at temperatures ranging from 316 to 616°C for various times.

Chromic Acid Etching of Polyethylene

1973 ◽  
Vol 31 ◽  
pp. 72-73
Author(s):  
J. D. Muzzy ◽  
R. D. Hester ◽  
J. L. Hubbard
Keyword(s):  
Chromic Acid ◽  
Low Cost ◽  
Acid Etching ◽  
Crystalline Morphology ◽  
Bulk Specimen ◽  
Morphological Studies ◽  
Perfect Form ◽  
Molecular Length ◽  
Lamellar Texture ◽  
Cost Studies

Polyethylene is one of the most important plastics produced today because of its good physical properties, ease of fabrication and low cost. Studies to improve the properties of polyethylene are leading to an understanding of its crystalline morphology. Polyethylene crystallized by evaporation from dilute solutions consists of thin crystals called lamellae. The polyethylene molecules are parallel to the thickness of the lamellae and are folded since the thickness of the lamellae is much less than the molecular length. This lamellar texture persists in less perfect form in polyethylene crystallized from the melt.Morphological studies of melt crystallized polyethylene have been limited due to the difficulty of isolating the microstructure from the bulk specimen without destroying or deforming it.

Glass Knife Geometry as Seen by the SEM

1971 ◽  
Vol 29 ◽  
pp. 454-455
Author(s):  
J. Temple Black
Keyword(s):  
Low Cost ◽  
Amorphous Material ◽  
Stress Concentrations ◽  
Basic Tool ◽  
Tool Materials ◽  
Optical Inspection ◽  
Surface Flaws ◽  
Slip Planes ◽  
Glass Knife ◽  
Diamond Knife

In ultramicrotomy, the two basic tool materials are glass and diamond. Glass because of its low cost and ease of manufacture of the knife itself is still widely used despite the superiority of diamond knives in many applications. Both kinds of knives produce plastic deformation in the microtomed section due to the nature of the cutting process and microscopic chips in the edge of the knife. Because glass has no well defined slip planes in its structure (it's an amorphous material), it is very strong and essentially never fails in compression. However, surface flaws produce stress concentrations which reduce the strength of glass to 10,000 to 20,000 psi from its theoretical or flaw free values of 1 to 2 million psi. While the microchips in the edge of the glass or diamond knife are generally too small to be observed in the SEM, the second common type of defect can be identified. This is the striations (also termed the check marks or feathers) which are always present over the entire edge of a glass knife regardless of whether or not they are visable under optical inspection. These steps in the cutting edge can be observed in the SEM by proper preparation of carefully broken knives and orientation of the knife, with respect to the scanning beam.

Spectraplot: A PC-based spectrum translation and display program

1988 ◽  
Vol 46 ◽  
pp. 918-919
Author(s):  
H. O. Colijn
Keyword(s):  
Low Cost ◽  
Transfer Program ◽  
File Transfer ◽  
Transfer Data ◽  
Error Checking ◽  
Data Files ◽  
The University

Many labs today wish to transfer data between their EDS systems and their existing PCs and minicomputers. Our lab has implemented SpectraPlot, a low- cost PC-based system to allow offline examination and plotting of spectra. We adopted this system in order to make more efficient use of our microscopes and EDS consoles, to provide hardcopy output for an older EDS system, and to allow students to access their data after leaving the university.As shown in Fig. 1, we have three EDS systems (one of which is located in another building) which can store data on 8 inch RT-11 floppy disks. We transfer data from these systems to a DEC MINC computer using “SneakerNet”, which consists of putting on a pair of sneakers and running down the hall. We then use the Hermit file transfer program to download the data files with error checking from the MINC to the PC.

Transmission Electron Microscopy of oriented Co84Cr14Ta2 thin films for longitudinal magnetic recording

1991 ◽  
Vol 49 ◽  
pp. 756-757
Author(s):  
T. P. Nolan
Keyword(s):  
Thin Film ◽  
Electron Microscopy ◽  
Transmission Electron Microscopy ◽  
Low Cost ◽  
Low Noise ◽  
Information Storage ◽  
High Coercivity ◽  
Magnetic Alloy ◽  
Magnetic Media ◽  
Transmission Electron

Thin film magnetic media are being used as low cost, high density forms of information storage. The development of this technology requires the study, at the sub-micron level, of morphological, crystallographic, and magnetic properties, throughout the depth of the deposited films. As the microstructure becomes increasingly fine, widi grain sizes approaching 100Å, the unique characterization capabilities of transmission electron microscopy (TEM) have become indispensable to the analysis of such thin film magnetic media.Films were deposited at 225°C, on two NiP plated Al substrates, one polished, and one circumferentially textured with a mean roughness of 55Å. Three layers, a 750Å chromium underlayer, a 600Å layer of magnetic alloy of composition Co84Cr14Ta2, and a 300Å amorphous carbon overcoat were then sputter deposited using a dc magnetron system at a power of 1kW, in a chamber evacuated below 10-6 torr and filled to 12μm Ar pressure. The textured medium is presently used in industry owing to its high coercivity, Hc, and relatively low noise. One important feature is that the coercivity in the circumferential read/write direction is significandy higher than that in the radial direction.

Influence of MBE Growth Conditions on Dislocation Densities of GaAs/Ge Epilayers Grown on Silicon Substrates

1985 ◽  
Vol 43 ◽  
pp. 364-365
Author(s):  
K.M. Hones ◽  
P. Sheldon ◽  
B.G. Yacobi ◽  
A. Mason
Keyword(s):  
High Efficiency ◽  
Lattice Mismatch ◽  
Low Cost ◽  
Growth Conditions ◽  
Nonradiative Recombination ◽  
Device Structure ◽  
Si Substrates ◽  
Transmission Electron ◽  
Dislocation Densities ◽  
Dislocation Type

There is increasing interest in growing epitaxial GaAs on Si substrates. Such a device structure would allow low-cost substrates to be used for high-efficiency cascade- junction solar cells. However, high-defect densities may result from the large lattice mismatch (∼4%) between the GaAs epilayer and the silicon substrate. These defects can act as nonradiative recombination centers that can degrade the optical and electrical properties of the epitaxially grown GaAs. For this reason, it is important to optimize epilayer growth conditions in order to minimize resulting dislocation densities. The purpose of this paper is to provide an indication of the quality of the epitaxially grown GaAs layers by using transmission electron microscopy (TEM) to examine dislocation type and density as a function of various growth conditions. In this study an intermediate Ge layer was used to avoid nucleation difficulties observed for GaAs growth directly on Si substrates. GaAs/Ge epilayers were grown by molecular beam epitaxy (MBE) on Si substrates in a manner similar to that described previously.

Sign in / Sign up

Export Citation Format

Share Document