Evaluation of (power) side-channels in cryptographic implementations

Abstract Side-channel attacks enable powerful adversarial strategies against cryptographic devices and encounter an ever-growing attack surface in today’s world of digitalization and the internet of things. While the employment of provably secure side-channel countermeasures like masking have become increasingly popular in recent years, great care must be taken when implementing these in actual devices. The reasons for this are two-fold: The models on which these countermeasures rely do not fully capture the physical reality and compliance with the requirements of the countermeasures is non-trivial in complex implementations. Therefore, it is imperative to validate the SCA-security of concrete instantiations of cryptographic devices using measurements on the actual device. In this article we propose a side-channel evaluation framework that combines an efficient data acquisition process with state-of-the-art confidence interval based leakage assessment. Our approach allows a sound assessment of the potential susceptibility of cryptographic implementations to side-channel attacks and is robust against noise in the evaluation system. We illustrate the steps in the evaluation process by applying them to a protected implementation of AES.

Download Full-text

Eluding Side Channel Attacks by using Masking 128Bit AES Design

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.h6732.069820 ◽

2020 ◽

Vol 9 (8) ◽

pp. 952-955

Keyword(s):

Data Transmission ◽

Advanced Encryption Standard ◽

Side Channel ◽

Side Channel Attacks ◽

Equal Area ◽

Original Algorithm ◽

Aes Algorithm ◽

Side Channels ◽

Standard Design ◽

Secure Data Transmission

: Advanced encryption standard is detailing for data crypto graphing. The algorithm used universally for cryptography and secure data transmission, the algorithm puissant to intruders, who often attack via side channels. One of the observed attacks was estimate the power implanted in AES core and processed probable scrutinizing to guess the key on multiple iterations. So in order to elude side channel attacks and reduce power consumed in AES standard, design proposed with masking and pipeline scheme. This design helps in shrinking power consumption as compare to AES algorithm and upgrade to withstand from attacks. Another major improvement in the design is LUT’s used for masking and original algorithm almost equal, area phenomenon also solved out. The proposed algorithm implemented in VERTEX-7 FPGA board and simulated using Xilinx Vivado 2015.2 and Modelsim.

Download Full-text

Power supply noise aware evaluation framework for side channel attacks and countermeasures

2014 International Conference on Field-Programmable Technology (FPT) ◽

10.1109/fpt.2014.7082770 ◽

2014 ◽

Cited By ~ 1

Author(s):

Jianlei Yang ◽

Chenguang Wang ◽

Yici Cai ◽

Qiang Zhou

Keyword(s):

Power Supply ◽

Evaluation Framework ◽

Side Channel ◽

Power Supply Noise ◽

Side Channel Attacks ◽

Supply Noise

Download Full-text

Análise de Vazamentos Temporais Side-Channel no Contexto da Internet das Coisas

10.5753/wgrs.2019.7690 ◽

2019 ◽

Author(s):

Nelson Gonçalves Prates Junior ◽

Andressa Vergutz ◽

Ricardo Tombesi Macedo ◽

Michele Nogueira

Keyword(s):

Wireless Sensor Networks ◽

Sensor Networks ◽

Internet Of Things ◽

Wireless Sensor ◽

The Internet ◽

Side Channel ◽

Side Channel Attacks ◽

Communication Traffic ◽

Time Information ◽

The Internet Of Things

The Internet of Things (IoT) emerged because of the technologicalevolution of wireless sensor networks, which enabled these sensors to integrate with common objects. These objects are equipped with sensors and actuatorscollect data from users and the environment, process them, and transform theminto useful information. By allowing the transmission of restricted / personaldata, communication traffic between devices becomes an interesting target forattackers who either access or manipulate them. However, even with cryptographic data, side-channel attacks exploit the characteristics of devices forthe purpose of acquiring information that may compromise the security of thenetwork structure. This work presents a way of characterizing the identical IoT dispositives by only exploring the time information. It carried the activitiesout such as structuring an experimental scenario, collecting traffic, extractingstatistical characteristics and finally identifying the dispositives. The results show we can identify even identical devices with up to 100% of accuracy.

Download Full-text

SpecSafe: detecting cache side channels in a speculative world

Proceedings of the ACM on Programming Languages ◽

10.1145/3485506 ◽

2021 ◽

Vol 5 (OOPSLA) ◽

pp. 1-28

Author(s):

Robert Brotzman ◽

Danfeng Zhang ◽

Mahmut Taylan Kandemir ◽

Gang Tan

Keyword(s):

Program Transformation ◽

Speculative Execution ◽

Side Channel ◽

Side Channel Attacks ◽

False Negatives ◽

High Profile ◽

Side Channels ◽

Confidential Data ◽

Definition Of ◽

Semantic Definition

The high-profile Spectre attack and its variants have revealed that speculative execution may leave secret-dependent footprints in the cache, allowing an attacker to learn confidential data. However, existing static side-channel detectors either ignore speculative execution, leading to false negatives, or lack a precise cache model, leading to false positives. In this paper, somewhat surprisingly, we show that it is challenging to develop a speculation-aware static analysis with precise cache models: a combination of existing works does not necessarily catch all cache side channels. Motivated by this observation, we present a new semantic definition of security against cache-based side-channel attacks, called Speculative-Aware noninterference (SANI), which is applicable to a variety of attacks and cache models. We also develop SpecSafe to detect the violations of SANI. Unlike other speculation-aware symbolic executors, SpecSafe employs a novel program transformation so that SANI can be soundly checked by speculation-unaware side-channel detectors. SpecSafe is shown to be both scalable and accurate on a set of moderately sized benchmarks, including commonly used cryptography libraries.

Download Full-text

Side-Channel Attacks in the Internet of Things

Advances in Systems Analysis, Software Engineering, and High Performance Computing - Solutions for Cyber-Physical Systems Ubiquity ◽

10.4018/978-1-5225-2845-6.ch013 ◽

2018 ◽

pp. 325-357 ◽

Cited By ~ 2

Author(s):

Andreas Zankl ◽

Hermann Seuschek ◽

Gorka Irazoqui ◽

Berk Gulmezoglu

Keyword(s):

Internet Of Things ◽

Physical World ◽

The Internet ◽

Side Channel ◽

Sensitive Information ◽

Side Channel Attacks ◽

Subsequent Discussion ◽

Iot Devices ◽

The Internet Of Things ◽

Security Of Iot

The Internet of Things (IoT) rapidly closes the gap between the virtual and the physical world. As more and more information is processed through this expanding network, the security of IoT devices and backend services is increasingly important. Yet, side-channel attacks pose a significant threat to systems in practice, as the microarchitectures of processors, their power consumption, and electromagnetic emanation reveal sensitive information to adversaries. This chapter provides an extensive overview of previous attack literature. It illustrates that microarchitectural attacks can compromise the entire IoT ecosystem: from devices in the field to servers in the backend. A subsequent discussion illustrates that many of today's security mechanisms integrated in modern processors are in fact vulnerable to the previously outlined attacks. In conclusion to these observations, new countermeasures are needed that effectively defend against both microarchitectural and power/EM based side-channel attacks.

Download Full-text

Information Theoretic Security for Broadcasting of Two Encrypted Sources under Side-Channel Attacks †

Entropy ◽

10.3390/e21080781 ◽

2019 ◽

Vol 21 (8) ◽

pp. 781

Author(s):

Bagus Santoso ◽

Yasutada Oohama

Keyword(s):

Secure Communication ◽

Side Information ◽

Physical Phenomenon ◽

Sufficient Conditions ◽

Information Leakage ◽

Side Channel ◽

Side Channel Attacks ◽

Additional Information ◽

Side Channels ◽

Secret Keys

In this paper, we propose a theoretical framework to analyze the secure communication problem for broadcasting two encrypted sources in the presence of an adversary which launches side-channel attacks. The adversary is not only allowed to eavesdrop the ciphertexts in the public communication channel, but is also allowed to gather additional information on the secret keys via the side-channels, physical phenomenon leaked by the encryption devices during the encryption process, such as the fluctuations of power consumption, heat, or electromagnetic radiation generated by the encryption devices. Based on our framework, we propose a countermeasure against such adversary by using the post-encryption-compression (PEC) paradigm, in the case of one-time-pad encryption. We implement the PEC paradigm using affine encoders constructed from linear encoders and derive the explicit the sufficient conditions to attain the exponential decay of the information leakage as the block lengths of encrypted sources become large. One interesting feature of the proposed countermeasure is that its performance is independent from the type of side information leaked by the encryption devices.

Download Full-text

Survey of CPU Cache-Based Side-Channel Attacks: Systematic Analysis, Security Models, and Countermeasures

Security and Communication Networks ◽

10.1155/2021/5559552 ◽

2021 ◽

Vol 2021 ◽

pp. 1-15

Author(s):

Chao Su ◽

Qingkai Zeng

Keyword(s):

Side Channel ◽

Security Model ◽

Shared Resources ◽

Side Channel Attacks ◽

Privacy And Security ◽

Systematic Analysis ◽

Defense Strategies ◽

Elliptic Curve Cryptosystems ◽

Modern Computer ◽

Attack Surface

Privacy protection is an essential part of information security. The use of shared resources demands more privacy and security protection, especially in cloud computing environments. Side-channel attacks based on CPU cache utilize shared CPU caches within the same physical device to compromise the system’s privacy (encryption keys, program status, etc.). Information is leaked through channels that are not intended to transmit information, jeopardizing system security. These attacks have the characteristics of both high concealment and high risk. Despite the improvement in architecture, which makes it more difficult to launch system intrusion and privacy leakage through traditional methods, side-channel attacks ignore those defenses because of the shared hardware. Difficult to be detected, they are much more dangerous in modern computer systems. Although some researchers focus on the survey of side-channel attacks, their study is limited to cryptographic modules such as Elliptic Curve Cryptosystems. All the discussions are based on real-world applications (e.g., Curve25519), and there is no systematic analysis for the related attack and security model. Firstly, this paper compares different types of cache-based side-channel attacks. Based on the comparison, a security model is proposed. The model describes the attacks from four key aspects, namely, vulnerability, cache type, pattern, and range. Through reviewing the corresponding defense methods, it reveals from which perspective defense strategies are effective for side-channel attacks. Finally, the challenges and research trends of CPU cache-based side-channel attacks in both attacking and defending are explored. The systematic analysis of CPU cache-based side-channel attacks highlights the fact that these attacks are more dangerous than expected. We believe our survey would draw developers’ attention to side-channel attacks and help to reduce the attack surface in the future.

Download Full-text

Practical Techniques for Securing the Internet of Things (IoT) Against Side Channel Attacks

Studies in Big Data - Internet of Things and Big Data Analytics Toward Next-Generation Intelligence ◽

10.1007/978-3-319-60435-0_18 ◽

2017 ◽

pp. 439-481 ◽

Cited By ~ 1

Author(s):

Hippolyte Djonon Tsague ◽

Bheki Twala

Keyword(s):

Internet Of Things ◽

The Internet ◽

Side Channel ◽

Side Channel Attacks ◽

The Internet Of Things

Download Full-text

Side-Channel Attacks in the Internet of Things

Research Anthology on Artificial Intelligence Applications in Security ◽

10.4018/978-1-7998-7705-9.ch091 ◽

2021 ◽

pp. 2058-2090

Author(s):

Andreas Zankl ◽

Hermann Seuschek ◽

Gorka Irazoqui ◽

Berk Gulmezoglu

Keyword(s):

Internet Of Things ◽

Physical World ◽

The Internet ◽

Side Channel ◽

Sensitive Information ◽

Side Channel Attacks ◽

Subsequent Discussion ◽

Iot Devices ◽

The Internet Of Things ◽

Security Of Iot

Download Full-text

SIDE-CHANNEL ATTACKS ON THE MOBILE PHONES

Vestnik komp iuternykh i informatsionnykh tekhnologii ◽

10.14489/vkit.2019.12.pp.046-053 ◽

2019 ◽

pp. 46-53

Author(s):

R. A. Mostovoy ◽

A. B. Levina ◽

D. M. Sleptsova ◽

P. S. Borisenko

Keyword(s):

Mobile Phones ◽

Specific Model ◽

Individual Characteristics ◽

Easy Access ◽

Target System ◽

Side Channel ◽

Side Channel Attacks ◽

Side Channels ◽

Mobile Phone Applications ◽

The Individual

Currently, attacks on side channels are the main method of cryptanalysis, but despite this, these attacks have a very specific model of the attacker. As a result, the practical usage of side-channel attacks is sometimes disputable. The level of threat in each case should be assessed taking into account the individual characteristics of a specific target system. Client applications, such as mobile phone applications, are especially vulnerable due to easy access to the device, so it's required to pay sufficient attention to their security, since they are more accessible to the attacker and usually contain a large amount of confidential information. This study represents an assessment of the informativeness of signals from side channels received from mobile phones. The studies used not expensive equipment to minimize the requirements for the level of the attacker and, consequently, increase the applicability of the attack. This undoubtedly leads to the complication of the attacks, so the NICV algorithm was used to analyze the data obtained. The NICV (normalized interclass variance) algorithm can significantly improve the efficiency of the analysis of the traces obtained during an attack by reducing the number of points.

Download Full-text