scholarly journals Chosen Ciphertext k-Trace Attacks on Masked CCA2 Secure Kyber

2021 ◽  
pp. 88-113
Author(s):  
Mike Hamburg ◽  
Julius Hermelink ◽  
Robert Primas ◽  
Simona Samardjiska ◽  
Thomas Schamberger ◽  
...  
Keyword(s):  
Public Key ◽  
Side Channel ◽  
Use Case ◽  
Noise Tolerance ◽  
Noise Resistance ◽  
Leakage Model ◽  
Sparse Polynomials ◽  
Single Trace ◽  
Open Question

Single-trace attacks are a considerable threat to implementations of classic public-key schemes, and their implications on newer lattice-based schemes are still not well understood. Two recent works have presented successful single-trace attacks targeting the Number Theoretic Transform (NTT), which is at the heart of many lattice-based schemes. However, these attacks either require a quite powerful side-channel adversary or are restricted to specific scenarios such as the encryption of ephemeral secrets. It is still an open question if such attacks can be performed by simpler adversaries while targeting more common public-key scenarios. In this paper, we answer this question positively. First, we present a method for crafting ring/module-LWE ciphertexts that result in sparse polynomials at the input of inverse NTT computations, independent of the used private key. We then demonstrate how this sparseness can be incorporated into a side-channel attack, thereby significantly improving noise resistance of the attack compared to previous works. The effectiveness of our attack is shown on the use-case of CCA2 secure Kyber k-module-LWE, where k ∈ {2, 3, 4}. Our k-trace attack on the long-term secret can handle noise up to a σ ≤ 1.2 in the noisy Hamming weight leakage model, also for masked implementations. A 2k-trace variant for Kyber1024 even allows noise σ ≤ 2.2 also in the masked case, with more traces allowing us to recover keys up to σ ≤ 2.7. Single-trace attack variants have a noise tolerance depending on the Kyber parameter set, ranging from σ ≤ 0.5 to σ ≤ 0.7. As a comparison, similar previous attacks in the masked setting were only successful with σ ≤ 0.5.

scholarly journals Tarzan and chain: exploring the ICO jungle and evaluating design archetypes

2021 ◽  
Author(s):  
Nina M. Bachmann ◽  
Benedict Drasch ◽  
Gilbert Fridgen ◽  
Michael Miksch ◽  
Ferdinand Regner ◽  
...  
Keyword(s):  
Cluster Analysis ◽  
Market Performance ◽  
Peer To Peer ◽  
Secondary Market ◽  
Market Development ◽  
Use Case ◽  
Short Term ◽  
Funding Mechanism ◽  
Research Gap

AbstractThe phenomenon of a blockchain use case called initial coin offering (ICO) is drawing increasing attention as a novel funding mechanism. ICO is a crowdfunding type that utilizes blockchain tokens to allow for truly peer-to-peer investments. Although more than $7bn has been raised globally via ICOs as at 2018, the concept and its implications are not yet entirely understood. The research lags behind in providing in-depth analyses of ICO designs and their long-term success. We address this research gap by developing an ICO taxonomy, applying a cluster analysis to identify prevailing ICO archetypes, and providing an outlook on the token value market performance for individual archetypes. We identify five ICO design archetypes and display their secondary market development from both a short-term and a long-term perspective. We contribute to an in-depth understanding of ICOs and their implications. Further, we offer practitioners tangible design and success indications for future ICOs.

scholarly journals Online Template Attacks: Revisited

2021 ◽  
pp. 28-59
Author(s):  
Alejandro Cabrera Aldaya ◽  
Billy Bob Brumley
Keyword(s):  
Power Consumption ◽  
Elliptic Curve ◽  
Side Channel ◽  
Powerful Technique ◽  
Leakage Model ◽  
On Demand ◽  
Side Channels ◽  
Generic Framework ◽  
Template Attacks ◽  
Elliptic Curve Scalar Multiplication

An online template attack (OTA) is a powerful technique previously used to attack elliptic curve scalar multiplication algorithms. This attack has only been analyzed in the realm of power consumption and EM side channels, where the signals leak related to the value being processed. However, microarchitecture signals have no such feature, invalidating some assumptions from previous OTA works.In this paper, we revisit previous OTA descriptions, proposing a generic framework and evaluation metrics for any side-channel signal. Our analysis reveals OTA features not previously considered, increasing its application scenarios and requiring a fresh countermeasure analysis to prevent it.In this regard, we demonstrate that OTAs can work in the backward direction, allowing to mount an augmented projective coordinates attack with respect to the proposal by Naccache, Smart and Stern (Eurocrypt 2004). This demonstrates that randomizing the initial targeted algorithm state does not prevent the attack as believed in previous works.We analyze three libraries libgcrypt, mbedTLS, and wolfSSL using two microarchitecture side channels. For the libgcrypt case, we target its EdDSA implementation using Curve25519 twist curve. We obtain similar results for mbedTLS and wolfSSL with curve secp256r1. For each library, we execute extensive attack instances that are able to recover the complete scalar in all cases using a single trace.This work demonstrates that microarchitecture online template attacks are also very powerful in this scenario, recovering secret information without knowing a leakage model. This highlights the importance of developing secure-by-default implementations, instead of fix-on-demand ones.

scholarly journals If, Why, and When Subjective Well-Being Influences Health, and Future Needed Research

2017 ◽  
Author(s):  
Edward Francis Diener
Keyword(s):  
Well Being ◽  
Research Area ◽  
Cross Cultural ◽  
Subjective Well Being ◽  
Research Issues ◽  
Area Of Interest ◽  
Methodological Approaches ◽  
Open Question ◽  
Do So

We review evidence on whether subjective well-being (SWB) can influence health, why it might do so, and what we know about the conditions where this is more or less likely to occur. This review also explores how various methodological approaches inform the study of the connections between subjective well-being and health and longevity outcomes. Our review of this growing literature indicates areas where data are substantial and where much more research is needed. We conclude that SWB can sometimes influence health, and review a number of reasons why it does so. A key open question is when it does and does not do so – in terms of populations likely to be affected, types of SWB that are most influential (including which might be harmful), and types of health and illnesses that are most likely to be affected. We also describe additional types of research that are now much needed in this burgeoning area of interest, for example, cross-cultural studies, animal research, and experimental interventions designed to raise long-term SWB and assess the effects on physical health. This research area is characterized both by potentially extremely important findings, and also by pivotal research issues and questions.

scholarly journals Environmental signal shredding on sandy coastlines

2019 ◽  
Vol 7 (1) ◽  
pp. 77-86 ◽  
Author(s):  
Eli D. Lazarus ◽  
Mitchell D. Harley ◽  
Chris E. Blenkinsopp ◽  
Ian L. Turner
Keyword(s):  
Sandy Beach ◽  
Shoreline Change ◽  
Storm Events ◽  
Shoreline Position ◽  
Physical Effects ◽  
Sand And Gravel ◽  
Open Question ◽  
Observational Record ◽  
Coastal Research

Abstract. How storm events contribute to long-term shoreline change over decades to centuries remains an open question in coastal research. Sand and gravel coasts exhibit remarkable resilience to event-driven disturbances, and, in settings where sea level is rising, shorelines retain almost no detailed information about their own past positions. Here, we use a high-frequency, multi-decadal observational record of shoreline position to demonstrate quantitative indications of morphodynamic turbulence – “signal shredding” – in a sandy beach system. We find that, much as in other dynamic sedimentary systems, processes of sediment transport that affect shoreline position at relatively short timescales may obscure or erase evidence of external forcing. This suggests that the physical effects of annual (or intra-annual) forcing events, including major storms, may convey less about the dynamics of long-term shoreline change – and vice versa – than coastal researchers might wish.

An Improved Montgomery Window Algorithm on Modular Exponentiation Secure against Side Channel Attacks

2013 ◽  
Vol 392 ◽  
pp. 862-866
Author(s):  
Mu Han ◽  
Jia Zhao ◽  
Shi Dian Ma
Keyword(s):  
Public Key Cryptography ◽  
Public Key ◽  
Side Channel ◽  
Modular Exponentiation ◽  
Side Channel Attacks ◽  
The Core

As one of the core algorithms in most public key cryptography, modular exponentiation has a flaw of its efficiency, which often uses the Montgomerys algorithm to realize the fast operation. But the Montgomerys algorithm has the issue of side channel leakage from the final conditional subtraction. Aiming at this problem, this paper presents an improved fast Montgomery window algorithm. The new algorithm generates the remainder table with odd power to reduce the amount of pre-computation, and combines with the improved Montgomerys algorithm to realize modular exponentiation, which can accelerate the speed and reduce the side channel leakage. The new algorithm cant only thwart side channel attacks, but also improve the efficiency.

scholarly journals The Long Term Data Preservation (LTDP) project at INFN CNAF: CDF use case

2015 ◽  
Vol 608 ◽  
pp. 012012 ◽  
Author(s):  
S Amerio ◽  
L Chiarelli ◽  
L Dell'Agnello ◽  
D Gregori ◽  
M Pezzi ◽  
...  
Keyword(s):  
Use Case ◽  
Data Preservation ◽  
Term Data

scholarly journals Lattice-Based Linearly Homomorphic Signature Scheme over F 2

2020 ◽  
Vol 2020 ◽  
pp. 1-7
Author(s):  
Jie Cai ◽  
Han Jiang ◽  
Hao Wang ◽  
Qiuliang Xu
Keyword(s):  
Public Key ◽  
Side Channel ◽  
Signature Scheme ◽  
Side Channel Attacks ◽  
Sampling Function ◽  
Uniform Sampling ◽  
Restricted Condition ◽  
Gaussian Sampling

In this paper, we design a new lattice-based linearly homomorphic signature scheme over F 2 . The existing schemes are all constructed based on hash-and-sign lattice-based signature framework, where the implementation of preimage sampling function is Gaussian sampling, and the use of trapdoor basis needs a larger dimension m ≥ 5 n   log   q . Hence, they cannot resist potential side-channel attacks and have larger sizes of public key and signature. Under Fiat–Shamir with aborting signature framework and general SIS problem restricted condition m ≥ n   log   q , we use uniform sampling of filtering technology to design the scheme, and then, our scheme has a smaller public key size and signature size than the existing schemes and it can resist side-channel attacks.

scholarly journals Optimization of Supplier Development under Market Dynamics

2020 ◽  
Vol 2020 ◽  
pp. 1-18 ◽  
Author(s):  
Haniyeh Dastyar ◽  
Daniel Rippel ◽  
Michael Freitag
Keyword(s):  
Real World ◽  
World Market ◽  
Market Dynamics ◽  
Optimization Approach ◽  
Use Case ◽  
Supplier Development ◽  
Development Programs ◽  
Real World Data ◽  
Dynamic Markets

Over the last decades, supplier development has become an increasingly important concept to remain competitive in today’s markets. Therefore, manufacturers invest resources in their suppliers to increase their abilities and, ultimately, to reduce their product prices. Thereby, most approaches found in the literature focus on long-term supplier development programs. Nevertheless, today’s volatile and dynamic markets require flexible approaches to deal with this complexity. We apply Model Predictive Control to optimize the number of supplier development projects in order to achieve flexibility while maintaining a certain level of security for all parties. Thereby, the article focusses on a multimanufacturer scenario, where two manufacturers aim to develop the same supplier. These manufacturers can establish different levels of horizontal collaboration. While previous results already show the benefits of applying this approach to a static scenario, this article extends this formulation by introducing market dynamics in the numerical simulations as well as into the optimization approach. Thus, the article proposes to derive regression models using real-world data. The article evaluates the effects of real-world market dynamics on two use cases: an automotive use case and a use case from the mobile phone sector. The results show that assuming market dynamics during the optimization leads to increased or at least close-to-equal revenues across the involved partners. The average increase ranges from approximately 1% to 5% depending on the type and magnitude of the dynamics. Thereby, the results differ depending on the selected collaboration scheme. While a full-cooperative collaboration scheme benefits the least from regarding dynamics in the optimization, it results in the highest overall revenue across all partners.

scholarly journals A System for Distributed Minting and Management of Persistent Identifiers

2015 ◽  
Vol 10 (1) ◽  
pp. 280-286 ◽  
Author(s):  
Łukasz Bolikowski ◽  
Aleksander Nowiński ◽  
Wojtek Sylwestrzak
Keyword(s):  
Distributed System ◽  
Single Point ◽  
Public Key Cryptography ◽  
Public Key ◽  
General Architecture ◽  
Long Term Preservation

Minting persistent identifiers and managing their metadata is typically governed by a single organization. Such a single point of failure poses a risk to longevity and long-term preservation of identifiers. In this paper we address the risk by proposing a radically different approach, in which minting and management of persistent identifiers is distributed, and the integrity of the distributed system is guaranteed by public-key cryptography. We describe the general architecture of the system, analyse its robustness and discuss potential deployment scenarios.

Sign in / Sign up

Export Citation Format

Share Document