Key Recovery in Public Clouds: A Survey on Cross-VM Side Channel Attacks

2016 ◽  
pp. 456-467
Author(s):  
Stelvio Cimato ◽  
Ernesto Damiani ◽  
Silvia Mella ◽  
Ching-Nung Yang
Keyword(s):  
Side Channel ◽  
Side Channel Attacks ◽  
Key Recovery

scholarly journals Generic Side-channel attacks on CCA-secure lattice-based PKE and KEMs

2020 ◽  
pp. 307-335 ◽  
Author(s):  
Prasanna Ravi ◽  
Sujoy Sinha Roy ◽  
Anupam Chattopadhyay ◽  
Shivam Bhasin
Keyword(s):  
Experimental Validation ◽  
Error Correcting Codes ◽  
Public Key ◽  
Side Channel ◽  
Public Key Encryption ◽  
Side Channel Attacks ◽  
Key Recovery ◽  
Binary Information ◽  
Channel Information ◽  
Standardization Process

In this work, we demonstrate generic and practical EM side-channel assisted chosen ciphertext attacks over multiple LWE/LWR-based Public Key Encryption (PKE) and Key Encapsulation Mechanisms (KEM) secure in the chosen ciphertext model (IND-CCA security). We show that the EM side-channel information can be efficiently utilized to instantiate a plaintext checking oracle, which provides binary information about the output of decryption, typically concealed within IND-CCA secure PKE/KEMs, thereby enabling our attacks. Firstly, we identified EM-based side-channel vulnerabilities in the error correcting codes (ECC) enabling us to distinguish based on the value/validity of decrypted codewords. We also identified similar vulnerabilities in the Fujisaki-Okamoto transform which leaks information about decrypted messages applicable to schemes that do not use ECC. We subsequently exploit these vulnerabilities to demonstrate practical attacks applicable to six CCA-secure lattice-based PKE/KEMs competing in the second round of the NIST standardization process. We perform experimental validation of our attacks on implementations taken from the open-source pqm4 library, running on the ARM Cortex-M4 microcontroller. Our attacks lead to complete key-recovery in a matter of minutes on all the targeted schemes, thus showing the effectiveness of our attack.

scholarly journals Speed Optimizations in Bitcoin Key Recovery Attacks

2016 ◽  
Vol 67 (1) ◽  
pp. 55-68 ◽  
Author(s):  
Nicolas Courtois ◽  
Guangyan Song ◽  
Ryan Castellucci
Keyword(s):  
Elliptic Curve ◽  
State Of The Art ◽  
The State ◽  
Side Channel ◽  
Side Channel Attacks ◽  
Key Recovery ◽  
Weak Keys ◽  
Key Recovery Attacks

Abstract In this paper, we study and give the first detailed benchmarks on existing implementations of the secp256k1 elliptic curve used by at least hundreds of thousands of users in Bitcoin and other cryptocurrencies. Our implementation improves the state of the art by a factor of 2.5 with a focus on the cases, where side channel attacks are not a concern and a large quantity of RAM is available. As a result, we are able to scan the Bitcoin blockchain for weak keys faster than any previous implementation. We also give some examples of passwords which we have cracked, showing that brain wallets are not secure in practice even for quite complex passwords.

scholarly journals Tightness of the Suffix Keyed Sponge Bound

2020 ◽  
pp. 195-212
Author(s):  
Christoph Dobraunig ◽  
Bart Mennink
Keyword(s):  
Side Channel ◽  
Encryption Scheme ◽  
Authenticated Encryption ◽  
Side Channel Attacks ◽  
Key Recovery ◽  
Security Proofs ◽  
Generic Attacks ◽  
Key Recovery Attacks ◽  
Security Bound

Generic attacks are a vital ingredient in the evaluation of the tightness of security proofs. In this paper, we evaluate the tightness of the suffix keyed sponge (SuKS) bound. As its name suggests, SuKS is a sponge-based construction that absorbs the key after absorbing the data, but before producing an output. This absorption of the key can be done via an easy to invert operation, like an XOR, or a hard to invert operation, like a PRF. Using SuKS with a hard to invert absorption provides benefits with respect to its resistance against side-channel attacks, and such a construction is used as part of the authenticated encryption scheme Isap. We derive two key recovery attacks against SuKS with easy to invert key absorption, and a forgery in case of hard to invert key absorption. The attacks closely match the terms in the PRF security bound of SuKS by Dobraunig and Mennink, ToSC 2019(4), and therewith show that these terms are justified, even if the function used to absorb the key is a PRF, and regardless of whether SuKS is used as a PRF or a MAC.

scholarly journals Fast and Memory-Efficient Key Recovery in Side-Channel Attacks

2016 ◽  
pp. 310-327 ◽  
Author(s):  
Andrey Bogdanov ◽  
Ilya Kizhvatov ◽  
Kamran Manzoor ◽  
Elmar Tischhauser ◽  
Marc Witteman
Keyword(s):  
Side Channel ◽  
Side Channel Attacks ◽  
Key Recovery ◽  
Memory Efficient

scholarly journals SC-DDPL as a Countermeasure against Static Power Side-Channel Attacks

Cryptography ◽  
2021 ◽  
Vol 5 (3) ◽  
pp. 16
Author(s):  
Davide Bellizia ◽  
Riccardo Della Sala ◽  
Giuseppe Scotti
Keyword(s):  
Integrated Circuits ◽  
Cmos Technology ◽  
Side Channel ◽  
Side Channel Attacks ◽  
Key Recovery ◽  
Security Metrics ◽  
Nanometer Cmos ◽  
Secret Keys ◽  
Static Power ◽  
Cmos Implementation

With the continuous scaling of CMOS technology, which has now reached the 3 nm node at production level, static power begins to dominate the power consumption of nanometer CMOS integrated circuits. A novel class of security attacks to cryptographic circuits which exploit the correlation between the static power and the secret keys was introduced more than ten years ago, and, since then, several successful key recovery experiments have been reported. These results clearly demonstrate that attacks exploiting static power (AESP) represent a serious threat for cryptographic systems implemented in nanometer CMOS technologies. In this work, we analyze the effectiveness of the Standard Cell Delay-based Precharge Logic (SC-DDPL) style in counteracting static power side-channel attacks. Experimental results on an FPGA implementation of a compact PRESENT crypto-core show that the SC-DDPL implementation allows a great improvement of all the security metrics with respect to the standard CMOS implementation and other state-of-the-art countermeasures such as WDDL and MDPL.

Countermeasure for Cryptographic Chips to Resist Side-Channel Attacks

2009 ◽  
Vol 19 (11) ◽  
pp. 2990-2998 ◽  
Author(s):  
Tao ZHANG ◽  
Ming-Yu FAN
Keyword(s):  
Side Channel ◽  
Side Channel Attacks

scholarly journals ThermalAttackNet: Are CNNs Making It Easy to Perform Temperature Side-Channel Attack in Mobile Edge Devices?

2021 ◽  
Vol 13 (6) ◽  
pp. 146
Author(s):  
Somdip Dey ◽  
Amit Kumar Singh ◽  
Klaus McDonald-Maier
Keyword(s):  
Information Flow ◽  
Heat Dissipation ◽  
Side Channel ◽  
Side Channel Attack ◽  
Side Channel Attacks ◽  
Information Flow Control ◽  
On Chip ◽  
Temperature Side ◽  
Over Time ◽  
Memory Efficient

Side-channel attacks remain a challenge to information flow control and security in mobile edge devices till this date. One such important security flaw could be exploited through temperature side-channel attacks, where heat dissipation and propagation from the processing cores are observed over time in order to deduce security flaws. In this paper, we study how computer vision-based convolutional neural networks (CNNs) could be used to exploit temperature (thermal) side-channel attack on different Linux governors in mobile edge device utilizing multi-processor system-on-chip (MPSoC). We also designed a power- and memory-efficient CNN model that is capable of performing thermal side-channel attack on the MPSoC and can be used by industry practitioners and academics as a benchmark to design methodologies to secure against such an attack in MPSoC.

Sign in / Sign up

Export Citation Format

Share Document