scholarly journals Information Theoretic Security for Broadcasting of Two Encrypted Sources under Side-Channel Attacks †

Entropy ◽  
2019 ◽  
Vol 21 (8) ◽  
pp. 781
Author(s):  
Bagus Santoso ◽  
Yasutada Oohama
Keyword(s):  
Secure Communication ◽  
Side Information ◽  
Physical Phenomenon ◽  
Sufficient Conditions ◽  
Information Leakage ◽  
Side Channel ◽  
Side Channel Attacks ◽  
Additional Information ◽  
Side Channels ◽  
Secret Keys

In this paper, we propose a theoretical framework to analyze the secure communication problem for broadcasting two encrypted sources in the presence of an adversary which launches side-channel attacks. The adversary is not only allowed to eavesdrop the ciphertexts in the public communication channel, but is also allowed to gather additional information on the secret keys via the side-channels, physical phenomenon leaked by the encryption devices during the encryption process, such as the fluctuations of power consumption, heat, or electromagnetic radiation generated by the encryption devices. Based on our framework, we propose a countermeasure against such adversary by using the post-encryption-compression (PEC) paradigm, in the case of one-time-pad encryption. We implement the PEC paradigm using affine encoders constructed from linear encoders and derive the explicit the sufficient conditions to attain the exponential decay of the information leakage as the block lengths of encrypted sources become large. One interesting feature of the proposed countermeasure is that its performance is independent from the type of side information leaked by the encryption devices.

Power Side-Channel Analysis of RNS GLV ECC Using Machine and Deep Learning Algorithms

2021 ◽  
Vol 21 (3) ◽  
pp. 1-20
Author(s):  
Mohamad Ali Mehrabi ◽  
Naila Mukhtar ◽  
Alireza Jolfaei
Keyword(s):  
Deep Learning ◽  
Elliptic Curve ◽  
Smart Cities ◽  
Information Leakage ◽  
Side Channel ◽  
Side Channel Attacks ◽  
Public Key Cryptosystems ◽  
Elliptic Curve Cryptosystems ◽  
Hardware Implementations ◽  
Substantial Progress

Many Internet of Things applications in smart cities use elliptic-curve cryptosystems due to their efficiency compared to other well-known public-key cryptosystems such as RSA. One of the important components of an elliptic-curve-based cryptosystem is the elliptic-curve point multiplication which has been shown to be vulnerable to various types of side-channel attacks. Recently, substantial progress has been made in applying deep learning to side-channel attacks. Conceptually, the idea is to monitor a core while it is running encryption for information leakage of a certain kind, for example, power consumption. The knowledge of the underlying encryption algorithm can be used to train a model to recognise the key used for encryption. The model is then applied to traces gathered from the crypto core in order to recover the encryption key. In this article, we propose an RNS GLV elliptic curve cryptography core which is immune to machine learning and deep learning based side-channel attacks. The experimental analysis confirms the proposed crypto core does not leak any information about the private key and therefore it is suitable for hardware implementations.

Evaluation of (power) side-channels in cryptographic implementations

2019 ◽  
Vol 61 (1) ◽  
pp. 15-28
Author(s):  
Florian Bache ◽  
Christina Plump ◽  
Jonas Wloka ◽  
Tim Güneysu ◽  
Rolf Drechsler
Keyword(s):  
Evaluation System ◽  
Evaluation Process ◽  
Physical Reality ◽  
Evaluation Framework ◽  
Side Channel ◽  
Side Channel Attacks ◽  
Side Channels ◽  
Efficient Data ◽  
Attack Surface ◽  
The Internet Of Things

Abstract Side-channel attacks enable powerful adversarial strategies against cryptographic devices and encounter an ever-growing attack surface in today’s world of digitalization and the internet of things. While the employment of provably secure side-channel countermeasures like masking have become increasingly popular in recent years, great care must be taken when implementing these in actual devices. The reasons for this are two-fold: The models on which these countermeasures rely do not fully capture the physical reality and compliance with the requirements of the countermeasures is non-trivial in complex implementations. Therefore, it is imperative to validate the SCA-security of concrete instantiations of cryptographic devices using measurements on the actual device. In this article we propose a side-channel evaluation framework that combines an efficient data acquisition process with state-of-the-art confidence interval based leakage assessment. Our approach allows a sound assessment of the potential susceptibility of cryptographic implementations to side-channel attacks and is robust against noise in the evaluation system. We illustrate the steps in the evaluation process by applying them to a protected implementation of AES.

scholarly journals Eluding Side Channel Attacks by using Masking 128Bit AES Design

2020 ◽  
Vol 9 (8) ◽  
pp. 952-955
Keyword(s):  
Data Transmission ◽  
Advanced Encryption Standard ◽  
Side Channel ◽  
Side Channel Attacks ◽  
Equal Area ◽  
Original Algorithm ◽  
Aes Algorithm ◽  
Side Channels ◽  
Standard Design ◽  
Secure Data Transmission

: Advanced encryption standard is detailing for data crypto graphing. The algorithm used universally for cryptography and secure data transmission, the algorithm puissant to intruders, who often attack via side channels. One of the observed attacks was estimate the power implanted in AES core and processed probable scrutinizing to guess the key on multiple iterations. So in order to elude side channel attacks and reduce power consumed in AES standard, design proposed with masking and pipeline scheme. This design helps in shrinking power consumption as compare to AES algorithm and upgrade to withstand from attacks. Another major improvement in the design is LUT’s used for masking and original algorithm almost equal, area phenomenon also solved out. The proposed algorithm implemented in VERTEX-7 FPGA board and simulated using Xilinx Vivado 2015.2 and Modelsim.

Design Time Engineering of Side Channel Resistant Cipher Implementations

2013 ◽  
pp. 133-157 ◽  
Author(s):  
Alessandro Barenghi ◽  
Luca Breveglieri ◽  
Fabrizio De Santis ◽  
Filippo Melzani ◽  
Andrea Palomba ◽  
...  
Keyword(s):  
Power Consumption ◽  
Information Leakage ◽  
Smart Phones ◽  
Mobile Systems ◽  
Side Channel ◽  
Security Level ◽  
Embedded Devices ◽  
Design Time ◽  
Secret Keys ◽  
Channel Information

Dependable and trustworthy security solutions have emerged as a crucial requirement in the specification of the applications and protocols employed in modern Information Systems (IS). Threats to the security of embedded devices, such as smart phones and PDAs, have been growing since several techniques exploiting side-channel information leakage have proven successful in recovering secret keys even from complex mobile systems. This chapter summarizes the side-channel techniques based on power consumption and elaborates the issue of the design time engineering of a secure system, through the employment of the current hardware design tools. The results of the analysis show how these tools can be effectively used to understand possible vulnerabilities to power consumption side-channel attacks, thus providing a sound conservative margin on the security level. The possible extension of this methodology to the case of fault attacks is also sketched.

scholarly journals Attacking and Defending Masked Polynomial Comparison for Lattice-Based Cryptography

2021 ◽  
pp. 334-359
Author(s):  
Shivam Bhasin ◽  
Jan-Pieter D’Anvers ◽  
Daniel Heinz ◽  
Thomas Pöppelmann ◽  
Michiel Van Beirendonck
Keyword(s):  
Information Leakage ◽  
Side Channel ◽  
Side Channel Attacks ◽  
First Order ◽  
Comparison Operation ◽  
Security Properties ◽  
Channel Information ◽  
Comparison Algorithms ◽  
Lattice Based Cryptography ◽  
Do So

In this work, we are concerned with the hardening of post-quantum key encapsulation mechanisms (KEM) against side-channel attacks, with a focus on the comparison operation required for the Fujisaki-Okamoto (FO) transform. We identify critical vulnerabilities in two proposals for masked comparison and successfully attack the masked comparison algorithms from TCHES 2018 and TCHES 2020. To do so, we use first-order side-channel attacks and show that the advertised security properties do not hold. Additionally, we break the higher-order secured masked comparison from TCHES 2020 using a collision attack, which does not require side-channel information. To enable implementers to spot such flaws in the implementation or underlying algorithms, we propose a framework that is designed to test the re-encryption step of the FO transform for information leakage. Our framework relies on a specifically parametrized t-test and would have identified the previously mentioned flaws in the masked comparison. Our framework can be used to test both the comparison itself and the full decapsulation implementation.

scholarly journals SpecSafe: detecting cache side channels in a speculative world

2021 ◽  
Vol 5 (OOPSLA) ◽  
pp. 1-28
Author(s):  
Robert Brotzman ◽  
Danfeng Zhang ◽  
Mahmut Taylan Kandemir ◽  
Gang Tan
Keyword(s):  
Program Transformation ◽  
Speculative Execution ◽  
Side Channel ◽  
Side Channel Attacks ◽  
False Negatives ◽  
High Profile ◽  
Side Channels ◽  
Confidential Data ◽  
Definition Of ◽  
Semantic Definition

The high-profile Spectre attack and its variants have revealed that speculative execution may leave secret-dependent footprints in the cache, allowing an attacker to learn confidential data. However, existing static side-channel detectors either ignore speculative execution, leading to false negatives, or lack a precise cache model, leading to false positives. In this paper, somewhat surprisingly, we show that it is challenging to develop a speculation-aware static analysis with precise cache models: a combination of existing works does not necessarily catch all cache side channels. Motivated by this observation, we present a new semantic definition of security against cache-based side-channel attacks, called Speculative-Aware noninterference (SANI), which is applicable to a variety of attacks and cache models. We also develop SpecSafe to detect the violations of SANI. Unlike other speculation-aware symbolic executors, SpecSafe employs a novel program transformation so that SANI can be soundly checked by speculation-unaware side-channel detectors. SpecSafe is shown to be both scalable and accurate on a set of moderately sized benchmarks, including commonly used cryptography libraries.

QuadSeal: Quadruple Balancing to Mitigate Power Analysis Attacks with Variability Effects and Electromagnetic Fault Injection Attacks

2021 ◽  
Vol 26 (5) ◽  
pp. 1-36
Author(s):  
Darshana Jayasinghe ◽  
Aleksandar Ignjatovic ◽  
Roshan Ragel ◽  
Jude Angelo Ambrose ◽  
Sri Parameswaran
Keyword(s):  
Power Analysis ◽  
Fault Injection ◽  
Side Channel ◽  
Aging Effects ◽  
Side Channel Attacks ◽  
Power Analysis Attacks ◽  
Injection Attacks ◽  
Differential Fault Analysis ◽  
Secret Keys ◽  
Fault Injection Attacks

Side channel analysis attacks employ the emanated side channel information to deduce the secret keys from cryptographic implementations by analyzing the power traces during execution or scrutinizing faulty outputs. To be effective, a countermeasure must remove or conceal as many as possible side channels. However, many of the countermeasures against side channel attacks are applied independently. In this article, the authors present a novel countermeasure (referred to as QuadSeal ) against Power Analysis Attacks and Electromagentic Fault Injection Attacks (FIAs), which is an extension of the work proposed in Reference [27]. The proposed solution relies on algorithmically balancing both Hamming distances and Hamming weights (where the bit transitions on the registers and gates are balanced, and the total number of 1s and 0s are balanced) by the use of four identical circuits with differing inputs and modified SubByte tables. By randomly rotating the four encryptions, the system is protected against variations, path imbalances, and aging effects. After generating the ciphertext, the output of each circuit is compared against each other to detect any fault injections or to correct the faulty ciphertext to gain reliability. The proposed countermeasure allows components to be switched off to save power or to run four executions in parallel for high performance when resistance against power analysis attacks is not of high priority, which is not available with the existing countermeasures (except software based where source code can be changed). The proposed countermeasure is implemented for Advanced Encryption Standard (AES) and tested against Correlation Power Analysis and Mutual Information Attacks attacks (for up to a million traces), and none of the secret keys was found even after one million power traces (the unprotected AES circuit is vulnerable for power analysis attacks within 5,000 power traces). A detection circuit (referred to as C-FIA circuit) is operated using the algorithmic redundancy presented in four circuits of QuadSeal to mitigate Electromagnetic Fault Injection Attacks. Using Synopsys PrimeTime, we measured the power dissipation of QuadSeal registers and XOR gates to test the effectiveness of Quadruple balancing methodology. We tested the QuadSeal countermeasure with C-FIA circuit against Differential Fault Analysis Attacks up to one million traces; no bytes of the secret key were found. This is the smallest known circuit that is capable of withstanding power-based side channel attacks when electromagnetic injection attack resistance, process variations, path imbalances, and aging effects are considered.

scholarly journals Open-Destination Measurement-Device-Independent Quantum Key Distribution Network

Entropy ◽  
2020 ◽  
Vol 22 (10) ◽  
pp. 1083
Author(s):  
Wen-Fei Cao ◽  
Yi-Zheng Zhen ◽  
Yu-Lin Zheng ◽  
Shuai Zhao ◽  
Feihu Xu ◽  
...  
Keyword(s):  
Quantum Key Distribution ◽  
Secure Communication ◽  
Distribution Network ◽  
Key Distribution ◽  
Side Channel ◽  
Side Channel Attacks ◽  
Measurement Device ◽  
Point To Point ◽  
Measurement Device Independent

Quantum key distribution (QKD) networks hold promise for sharing secure randomness over multi-partities. Most existing QKD network schemes and demonstrations are based on trusted relays or limited to point-to-point scenario. Here, we propose a flexible and extensible scheme named as open-destination measurement-device-independent QKD network. The scheme enjoys security against untrusted relays and all detector side-channel attacks. Particularly, any users can accomplish key distribution under assistance of others in the network. As an illustration, we show in detail a four-user network where two users establish secure communication and present realistic simulations by taking into account imperfections of both sources and detectors.

scholarly journals Provably Secure Hardware Masking in the Transition- and Glitch-Robust Probing Model: Better Safe than Sorry

2021 ◽  
pp. 136-158
Author(s):  
Gaëtan Cassiers ◽  
François-Xavier Standaert
Keyword(s):  
Sufficient Conditions ◽  
Side Channel ◽  
Side Channel Attacks ◽  
Secure Hardware ◽  
Physical Effects ◽  
Provably Secure

There exists many masking schemes to protect implementations of cryptographic operations against side-channel attacks. It is common practice to analyze the security of these schemes in the probing model, or its variant which takes into account physical effects such as glitches and transitions. Although both effects exist in practice and cause leakage, masking schemes implemented in hardware are often only analyzed for security against glitches. In this work, we fill this gap by proving sufficient conditions for the security of hardware masking schemes against transitions, leading to the design of new masking schemes and a proof of security for an existing masking scheme in presence of transitions. Furthermore, we give similar results in the stronger model where the effects of glitches and transitions are combined.

Sign in / Sign up

Export Citation Format

Share Document