How Bad Are Bad Templates? Optimistic Design-Stage Side-Channel Security Evaluation and its Cost

Cryptographic designs are vulnerable to side-channel analysis attacks. Evaluating their security during design stages is of crucial importance. The latter is achieved by very expensive (slow) analog transient-noise simulations over advanced fabrication process technologies. The main challenge of such rigorous security-evaluation analysis lies in the fact that technologies are becoming more and more complex and the physical properties of manufactured devices vary significantly due to process variations. In turn, a detailed security evaluation process imposes exponential time complexity with the circuit-size, the number of physical implementation corners (statistical variations) and the accuracy of the circuit-simulator. Given these circumstances, what is the cost of not exhausting the entire implementation space? In terms of simulation-time complexity, the benefits would clearly be significant; however, we are interested in evaluating the security implications. This question can be formulated for many other interesting side-channel contexts such as for example, how would an attack-outcome vary when the adversary is building a leakage template over one device, i.e., one physical corner, and it performs an evaluation (attack) phase of a device drawn from a different statistical corner? Alternatively, is it safe to assume that a typical (average) corner would represent the worst case in terms of security evaluation or would it be advisable to perform a security evaluation over another specific view? Finally, how would the outcome vary concretely? We ran in-depth experiments to answer these questions in the hope of finding a nice tradeoff between simulation efforts and expertise, and security-evaluation degradation. We evaluate the results utilizing methodologies such as template-attacks with a clear distinction between profiling and attack-phase statistical views. This exemplary view of what an adversary might capture in these scenarios is followed by a more complete statistical evaluation analysis utilizing tools such as the Kullback–Leibler (KL) divergence and the Jensen-Shannon (JS) divergence to draw conclusions.

Download Full-text

How to fool a black box machine learning based side-channel security evaluation

Cryptography and Communications ◽

10.1007/s12095-021-00479-x ◽

2021 ◽

Author(s):

Charles-Henry Bertrand Van Ouytsel ◽

Olivier Bronchain ◽

Gaëtan Cassiers ◽

François-Xavier Standaert

Keyword(s):

Machine Learning ◽

Black Box ◽

Security Evaluation ◽

Side Channel

Download Full-text

Application research of automobile modeling optimization design based on virtual reality technology

Journal of Intelligent & Fuzzy Systems ◽

10.3233/jifs-189806 ◽

2021 ◽

pp. 1-13

Author(s):

Jingfeng Shao ◽

Zhigang Yang

Keyword(s):

Virtual Reality ◽

Optimization Design ◽

Evaluation Process ◽

Design Stage ◽

Virtual Reality Technology ◽

Automobile Design ◽

Field Of Vision ◽

Development Cycle ◽

Design Cycle ◽

Long Time

Automobile styling design is an important part of the design chain. In the traditional automobile modeling evaluation, the process of project evaluation is more in-depth, and designers exchange ideas. Different designers have different evaluations of automobile styling. The evaluation process lasts a long time, which leads to the design cycle being too long and the efficiency of automobile modeling evaluation is greatly reduced. The introduction of virtual reality in automobile modeling evaluation can effectively optimize the evaluation process and promote the rapid adjustment of the model on the basis of development. From the virtual reality system based on mechanical engineering, we only need the parameters of the car model to observe the actual situation through VR technology, and use the measurement tools to directly and accurately evaluate the driver’s field of vision. Through the application of virtual reality technology in the automobile design stage, the interactive and network-based remote research on automobile modeling will also make the automobile design process more convenient, easier to communicate with designers, and reduce the development cycle and cost of automobile design.

Download Full-text

On the time complexity of worst-case system identification

IEEE Transactions on Automatic Control ◽

10.1109/9.284870 ◽

1994 ◽

Vol 39 (5) ◽

pp. 944-950 ◽

Cited By ~ 77

Author(s):

K. Poolla ◽

A. Tikku

Keyword(s):

System Identification ◽

Time Complexity ◽

Worst Case ◽

Case System

Download Full-text

On the Worst-Case Side-Channel Security of ECC Point Randomization in Embedded Devices

Progress in Cryptology – INDOCRYPT 2020 - Lecture Notes in Computer Science ◽

10.1007/978-3-030-65277-7_9 ◽

2020 ◽

pp. 205-227

Author(s):

Melissa Azouaoui ◽

François Durvaux ◽

Romain Poussier ◽

François-Xavier Standaert ◽

Kostas Papagiannopoulos ◽

...

Keyword(s):

Side Channel ◽

Embedded Devices ◽

Worst Case

Download Full-text

Online Template Attacks: Revisited

IACR Transactions on Cryptographic Hardware and Embedded Systems ◽

10.46586/tches.v2021.i3.28-59 ◽

2021 ◽

pp. 28-59

Author(s):

Alejandro Cabrera Aldaya ◽

Billy Bob Brumley

Keyword(s):

Power Consumption ◽

Elliptic Curve ◽

Side Channel ◽

Powerful Technique ◽

Leakage Model ◽

On Demand ◽

Side Channels ◽

Generic Framework ◽

Template Attacks ◽

Elliptic Curve Scalar Multiplication

An online template attack (OTA) is a powerful technique previously used to attack elliptic curve scalar multiplication algorithms. This attack has only been analyzed in the realm of power consumption and EM side channels, where the signals leak related to the value being processed. However, microarchitecture signals have no such feature, invalidating some assumptions from previous OTA works.In this paper, we revisit previous OTA descriptions, proposing a generic framework and evaluation metrics for any side-channel signal. Our analysis reveals OTA features not previously considered, increasing its application scenarios and requiring a fresh countermeasure analysis to prevent it.In this regard, we demonstrate that OTAs can work in the backward direction, allowing to mount an augmented projective coordinates attack with respect to the proposal by Naccache, Smart and Stern (Eurocrypt 2004). This demonstrates that randomizing the initial targeted algorithm state does not prevent the attack as believed in previous works.We analyze three libraries libgcrypt, mbedTLS, and wolfSSL using two microarchitecture side channels. For the libgcrypt case, we target its EdDSA implementation using Curve25519 twist curve. We obtain similar results for mbedTLS and wolfSSL with curve secp256r1. For each library, we execute extensive attack instances that are able to recover the complete scalar in all cases using a single trace.This work demonstrates that microarchitecture online template attacks are also very powerful in this scenario, recovering secret information without knowing a leakage model. This highlights the importance of developing secure-by-default implementations, instead of fix-on-demand ones.

Download Full-text

Feature Recognition for Manufacturability Analysis

ASME 1994 International Computers in Engineering Conference and Exhibition ◽

10.1115/cie1994-0391 ◽

1994 ◽

Author(s):

William C. Regli ◽

Satyandra K. Gupta ◽

Dana S. Nau

Keyword(s):

Time Complexity ◽

Material Removal ◽

Feature Recognition ◽

Solid Modeling ◽

Cad Model ◽

Worst Case ◽

Machining Features ◽

Automated Recognition ◽

Wide Range ◽

Complete Set

Abstract While automated recognition of features has been attempted for a wide range of applications, no single existing approach possesses the functionality required to perform manufacturability analysis. In this paper, we present a methodology for taking a CAD model of a part and extracting a set of machinable features that contains the complete set of alternative interpretations of the part as collections of MRSEVs (Material Removal Shape Element Volumes, a STEP-based library of machining features). The approach handles a variety of features including those describing holes, pockets, slots, and chamfering and filleting operations. In addition, the approach considers accessibility constraints for these features, has an worst-case algorithmic time complexity quadratic in the number of solid modeling operations, and modifies features recognized to account for available tooling and produce more realistic volumes for manufacturability analysis.

Download Full-text

Optioneering of long viaducts via parametric design

10.2749/ghent.2021.1957 ◽

2021 ◽

Author(s):

Paul M. Sobota

Keyword(s):

Design Process ◽

Performance Indicators ◽

Parametric Design ◽

Design Stage ◽

Parametric Modelling ◽

Parametric Approach ◽

Early Design Stage ◽

Main Challenge ◽

Suitable Approximation

During the optioneering phase, engineers face the challenge of choosing between myriads of possible designs, while, simultaneously, several sorts of constraints have to be considered. We show in a case study of a 380 m long viaduct how parametric modelling can facilitate the design process. The main challenge was to satisfy the constraints imposed by several different stakeholders. In order to identify sustainable, aesthetic, economic as well as structurally efficient options, we assessed several key performance indicators in real time. By automatically estimating steel and concrete volumes, a simple, yet suitable approximation of the embodied carbon (considering 85-95%) can be obtained at a very early design stage. In summary, our parametric approach allowed us to consider a wider range of parameters and to react more flexibly to changing conditions during the project.

Download Full-text

Evaluation of (power) side-channels in cryptographic implementations

it - Information Technology ◽

10.1515/itit-2018-0028 ◽

2019 ◽

Vol 61 (1) ◽

pp. 15-28

Author(s):

Florian Bache ◽

Christina Plump ◽

Jonas Wloka ◽

Tim Güneysu ◽

Rolf Drechsler

Keyword(s):

Evaluation System ◽

Evaluation Process ◽

Physical Reality ◽

Evaluation Framework ◽

Side Channel ◽

Side Channel Attacks ◽

Side Channels ◽

Efficient Data ◽

Attack Surface ◽

The Internet Of Things

Abstract Side-channel attacks enable powerful adversarial strategies against cryptographic devices and encounter an ever-growing attack surface in today’s world of digitalization and the internet of things. While the employment of provably secure side-channel countermeasures like masking have become increasingly popular in recent years, great care must be taken when implementing these in actual devices. The reasons for this are two-fold: The models on which these countermeasures rely do not fully capture the physical reality and compliance with the requirements of the countermeasures is non-trivial in complex implementations. Therefore, it is imperative to validate the SCA-security of concrete instantiations of cryptographic devices using measurements on the actual device. In this article we propose a side-channel evaluation framework that combines an efficient data acquisition process with state-of-the-art confidence interval based leakage assessment. Our approach allows a sound assessment of the potential susceptibility of cryptographic implementations to side-channel attacks and is robust against noise in the evaluation system. We illustrate the steps in the evaluation process by applying them to a protected implementation of AES.

Download Full-text

Planning the Shortest Path in Cluttered Environments: A Review and a Planar Convex Hull-Based Approach

Journal of Computing and Information Science in Engineering ◽

10.1115/1.4043566 ◽

2019 ◽

Vol 19 (4) ◽

Cited By ~ 1

Author(s):

Nafiseh Masoudi ◽

Georges M. Fadel ◽

Margaret M. Wiecek

Keyword(s):

Path Planning ◽

Shortest Path ◽

Time Complexity ◽

Optimal Path ◽

Optimal Solution ◽

Free Graph ◽

Worst Case ◽

Cluttered Environments ◽

Planar Convex ◽

Polyhedral Obstacles

Abstract Routing or path-planning is the problem of finding a collision-free and preferably shortest path in an environment usually scattered with polygonal or polyhedral obstacles. The geometric algorithms oftentimes tackle the problem by modeling the environment as a collision-free graph. Search algorithms such as Dijkstra’s can then be applied to find an optimal path on the created graph. Previously developed methods to construct the collision-free graph, without loss of generality, explore the entire workspace of the problem. For the single-source single-destination planning problems, this results in generating some unnecessary information that has little value and could increase the time complexity of the algorithm. In this paper, first a comprehensive review of the previous studies on the path-planning subject is presented. Next, an approach to address the planar problem based on the notion of convex hulls is introduced and its efficiency is tested on sample planar problems. The proposed algorithm focuses only on a portion of the workspace interacting with the straight line connecting the start and goal points. Hence, we are able to reduce the size of the roadmap while generating the exact globally optimal solution. Considering the worst case that all the obstacles in a planar workspace are intersecting, the algorithm yields a time complexity of O(n log(n/f)), with n being the total number of vertices and f being the number of obstacles. The computational complexity of the algorithm outperforms the previous attempts in reducing the size of the graph yet generates the exact solution.

Download Full-text