Spelling suggestions: "subject:"[een] COUNTERMEASURE"" "subject:"[enn] COUNTERMEASURE""
1 |
Estimating Effectiveness of Countermeasures Based on Multiple Sources: Application to Highway-Railway Grade CrossingsPark, Peter Young-Jin 15 January 2007 (has links)
To provide an adequate level of safety at grade crossings, Transport Canada has allocated several millions annually to prevent collisions at grade crossings through the implementation of countermeasures, such as train-actuated warning devices and track devices. Railway companies and provincial agencies have also provided additional support to improve safety at highway-railway grade crossings.
One of technical challenges in estimating safety effect of countermeasures at highway-railway grade crossing is an extremely rare occurrence of collisions. Given that the collision process is random with significant variation over time and space, it is hard to judge whether a specific crossing is safe or safer than other crossings solely based on the number of collisions in a given year. Decision makers are also required to make difficult decisions on safety investment accounting for uncertainty in effectiveness of countermeasures. The level of uncertainty is even higher when there is lack of observed collision data before and after the implementation of specific countermeasures.
This study proposes a Bayesian data fusion method which overcomes these limitations. In this method, we used previous research findings on the effect of a given countermeasure, which could vary by jurisdictions and operating conditions, to obtain a priori inference on its expected effects. We then used locally calibrated models, which are valid for a specific jurisdiction, to provide better estimates of the countermeasure effects. Within a Bayesian framework, these two sources were integrated to obtain the posterior distribution of the countermeasure effect. The outputs provided not only the expected collision response to a specific countermeasure, but also its variance and corresponding probability distribution for a range of likely values. Some numerical examples using Canadian highway-railway grade crossing data illustrate how the proposed method can be used to predict the effects of prior knowledge and data likelihood on the estimates of countermeasure effects.
|
2 |
Side Channel Information Leakage: Design and Implementation of Hardware CountermeasureKhatib Zadeh, Amirali 06 November 2014 (has links)
Deployment of Dynamic Differential Logics (DDL) appears to be a promising choice for providing resistance against leakage of side channel information. However, the resistance provided by these logics is too costly for widespread area-constrained applications. Implementation of a secure DDL-based countermeasure also requires a complex layout methodology for balancing the load at the differential outputs.
This thesis, unlike previous logic level approaches, presents a novel exploitation of static and single-ended logic for designing the side channel countermeasure. The proposed technique is used in the implementation of a protected crypto core consisting of the AES ???AddRoundKey??? and ???SubByte??? transformation. The test chip including the protected and unprotected crypto cores is fabricated in 180nm CMOS technology. A correlation analysis on the unprotected core results in revealing the key at the output of the combinational networks and the registers. The quality of the measurements is further improved by introducing an enhanced data capturing method that inserts a minimum power consuming input as a reference vector. In comparison, no key-related information is leaked from the protected core even with an order of magnitude increase in the number of averaged traces. For the first time, fabricated chip results are used to validate a new logic level side channel countermeasure that offers lower area and reduced circuit design complexity compared to the DDL-based countermeasures.
This thesis also provides insight into the side channel vulnerability of cryptosystems in sub-90nm CMOS technology nodes. In particular, data dependency of leakage power is analyzed. The number of traces to disclose the key is seen to decrease by 35% from 90nm to 45nm CMOS technology nodes. Analysis shows that the temperature dependency of the subthreshold leakage has an important role in increasing the ability to attack future nanoscale crypto cores. For the first time, the effectiveness of a circuit-based leakage reduction technique is examined for side channel security. This investigation demonstrates that high threshold voltage transistor assignment improves resistance against information leakage. The analysis initiated in this thesis is crucial for rolling out the guidelines of side channel security for the next generation of Cryptosystem.
|
3 |
Understanding and Countermeasures against IoT Physical Side Channel LeakageMoukarzel, Michael Antoine 24 April 2019 (has links)
With the proliferation of cheap bulk SSD storage and better batteries in the last few years we are experiencing an explosion in the number of Internet of Things (IoT) devices flooding the market, smartphone connected point-of-sale devices (e.g. Square), home monitoring devices (e.g. NEST), fitness monitoring devices (e.g. Fitbit), and smart-watches. With new IoT devices come new security threats that have yet to be adequately evaluated. We propose uLeech, a new embedded trusted platform module for next-generation power scavenging devices. Such power scavenging devices are already widely deployed. For instance, the Square point-of-sale reader uses the microphone/speaker interface of a smartphone for communications and as a power supply. Such devices are being used as trusted devices in security-critical applications, without having been adequately evaluated. uLeech can securely store keys and provide cryptographic services to any connected smartphone. Our design also facilitates physical side-channel security analysis by providing interfaces to facilitate the acquisition of power traces and clock manipulation attacks. Thus uLeech empowers security researchers to analyze leakage in next- generation embedded and IoT devices and to evaluate countermeasures before deployment. Even the most secure systems reveal their secrets through secret-dependent computation. Secret- dependent computation is detectable by monitoring a system’s time, power, or outputs. Common defenses to side-channel emanations include adding noise to the channel or making algorithmic changes to mitigate specific side-channels. Unfortunately, existing solutions are not automatic, not comprehensive, or not practical. We propose an isolation-based approach for eliminating power and timing side-channels that is automatic, comprehensive, and practical. Our approach eliminates side-channels by leveraging integrated decoupling capacitors to electrically isolate trusted computation from the adversary. Software has the ability to request a fixed- power/time quantum of isolated computation. By discretizing power and time, our approach controls the granularity of side-channel leakage; the only burden on programmers is to ensure that all secret-dependent execution differences converge within a power/time quantum. We design and implement three approaches to power/time-based quantization and isolation: a wholly-digital version, a hybrid version that uses capacitors for time tracking, and a full- custom version. We evaluate the overheads of our proposed controllers with respect to software implementations of AES and RSA running on an ARM- based microcontroller and hardware implementations AES and RSA using a 22nm process technology. We also validate the effectiveness and real-world efficiency of our approach by building a prototype consisting of an ARM microcontroller, an FPGA, and discrete circuit components. Lastly, we examine the root cause of Electromagnetic (EM) side-channel attacks on Integrated Circuits (ICs) to augment the Quantized Computing design to mitigate EM leakage. By leveraging the isolation nature of our Quantized Computing design, we can effectively reduce the length and power of the unintended EM antennas created by the wire layers in an IC.
|
4 |
Thwarting Electromagnetic Fault Injection Attack Utilizing Timing Attack CountermeasureGhodrati, Marjan 23 January 2018 (has links)
The extent of embedded systems' role in modern life has continuously increased over the years. Moreover, embedded systems are assuming highly critical functions with security requirements more than ever before. Electromagnetic fault injection (EMFI) is an efficient class of physical attacks that can compromise the immunity of secure cryptographic algorithms. Despite successful EMFI attacks, the effects of electromagnetic injection on a processor are not well understood. This includes lack of solid knowledge about how EMFI affects the circuit and deviates it from proper functionality. Also, effects of EM glitches on the global networks of a chip such as power, clock and reset network are not known. We believe to properly model EMFI and develop effective countermeasures, a deeper understanding of the EM effect on a chip is needed. In this thesis, we present a bottom-up analysis of EMFI effects on a RISC microprocessor. We study these effects at three levels: at the wire-level, at the chip-network level, and at the gate-level considering parameters such as EM-injection location and timing. We conclude that EMFI induces local timing errors implying current timing attack detection and prevention techniques can be adapted to overcome EMFI. To further validate our hypothesis, we integrate a configurable timing sensor into our microprocessor to evaluate its effectiveness against EMFI. / Master of Science / In the current technology era, embedded systems play a critical role in every human’s life. They are collecting very precise and private information of the users. So, they can become a potential target for the attackers to steal this valuable information. As a result, the security of these devices becomes a serious issue in this era.
Electromagnetic fault injection (EMFI) is an efficient class of physical attacks that can inject faults to the state of the processor and deviate it from its proper functionality. Despite its growing popularity among the attackers, limitations and capabilities of this attack are not very well understood. Several detection techniques have been proposed so far, but most of them are either very expensive to implement or not very effective. We believe to properly model EMFI and develop effective countermeasures, a deeper understanding of the EM effect on a chip is needed. In this research work, we try to perform a bottom-up analysis of EM fault injection on a RISC microprocessor and do a comprehensive study at all wire-level, chip-network level, and gate-level and finally propose a solution for it.
|
5 |
Estimating Effectiveness of Countermeasures Based on Multiple Sources: Application to Highway-Railway Grade CrossingsPark, Peter Young-Jin 15 January 2007 (has links)
To provide an adequate level of safety at grade crossings, Transport Canada has allocated several millions annually to prevent collisions at grade crossings through the implementation of countermeasures, such as train-actuated warning devices and track devices. Railway companies and provincial agencies have also provided additional support to improve safety at highway-railway grade crossings.
One of technical challenges in estimating safety effect of countermeasures at highway-railway grade crossing is an extremely rare occurrence of collisions. Given that the collision process is random with significant variation over time and space, it is hard to judge whether a specific crossing is safe or safer than other crossings solely based on the number of collisions in a given year. Decision makers are also required to make difficult decisions on safety investment accounting for uncertainty in effectiveness of countermeasures. The level of uncertainty is even higher when there is lack of observed collision data before and after the implementation of specific countermeasures.
This study proposes a Bayesian data fusion method which overcomes these limitations. In this method, we used previous research findings on the effect of a given countermeasure, which could vary by jurisdictions and operating conditions, to obtain a priori inference on its expected effects. We then used locally calibrated models, which are valid for a specific jurisdiction, to provide better estimates of the countermeasure effects. Within a Bayesian framework, these two sources were integrated to obtain the posterior distribution of the countermeasure effect. The outputs provided not only the expected collision response to a specific countermeasure, but also its variance and corresponding probability distribution for a range of likely values. Some numerical examples using Canadian highway-railway grade crossing data illustrate how the proposed method can be used to predict the effects of prior knowledge and data likelihood on the estimates of countermeasure effects.
|
6 |
What are the extent of Small and Medium-sized Enterprises Financing Problems in China and Its Countermeasures : Based on SME financing system and cases of TianjinHuang, Sisi January 2011 (has links)
Small and medium sized enterprises have become significant component of Chinese economy. At present, the financing difficulties of SMEs have become a biggest hurdle in sustainable Development of the "bottleneck." This paper analyzes the current condition of financing of SMEs in China specifically in Tianjin and existing problems and address these issues and put forward innovative financial schemes, develop the financial system, expand financing channels, to optimize the financial environment is difficult to solve the problem of SME financing priority. It needs to find more resources for better system. Three tested and tried approaches that have worked are; First, SMEs need backing from the government and its institutions. Then, the government needs to relax loans on the SME sector. Last and third, government needs to make use of other funds such as bonds, growth financing and other ways to push for SME financing, in a quicker approach.
|
7 |
The Proactive Strategy of Taiwan Tobacco Industry After Entering WTO--A Case Study of TTWBSung, Song-Kang 23 July 2002 (has links)
Taiwan obtained her membership to WTO on January 1st, 2002. Becoming the organization¡¦s 144th member, some promises have to be made according to the organization¡¦s spirit. Among those promises are divided into tariff reduction, most favored nation treatment to WTO members, and trade liberalization. Meanwhile, Taiwan has to get rid of any trade barrier, tariff related or no tariff related, in order to guarantee fair and free competition in trading. However, impacts are coming to some industries, especially on agriculture and industries they were protected by government and special laws in past time.
In Taiwan tobacco industry has being protected by such laws, since Japan¡¦s rule. ROC government has been practicing monopolization on the industry for more 100 years. From tobacco planting, processing, cigarette making, distribution and retailing, all are under such protection by government. Monopoly laws. The purpose of this research aims at understanding the degree of impact on this long protected monopolistic industry under global and liberal competition after Taiwan became a member of WTO. Hopefully, Taiwan tobacco industry can figure out the strategy to deal with severe international competition.
This research first makes a discussion about WTO treaty and monopolistic system. After the discussion, information about current tobacco industry in Taiwan and global trend of the industry is used to analyze the overall situation of the industry on the basis of construction competition theory and related research documents. A case study is made on Taiwan Tobacco & Wind Monopoly Bureau. With the view of resource base theory, this research discusses the built resource base during monopolization, and estimates its advantages and disadvantages, and its opportunities and threats under global competition. Then a responsive strategy can be accordingly made.
Monopolistic system is to be abolished after the entrance to WTO. Thereafter, Taiwan Tobacco & Wind Monopoly Bureau is going to be reshuffled in July 2002 on its way to privatization. This research can be made a reference to the ongoing strategy and the successors interested in this topic.
|
8 |
Reduction of Bridge Pier Scour Through the Use of a Novel Collar DesignValela, Christopher 03 June 2021 (has links)
Bridge piers within moving water are exposed to an additional failure mechanism known as scour. Upon the scour depth reaching the foundation of the pier, the structural integrity of the pier, and consequently the bridge, can be jeopardized. Bridge pier scour is the result of a three-dimensional flow separation consisting primarily of the horseshoe vortex, flow acceleration along the sides of the pier, and wake vortices. There are numerous factors that can affect bridge pier scour, of which many of them have been studied extensively. However, there are still some factors where the knowledge base is limited: one example is the presence of an ice cover around bridge piers. In order to reduce the risk of failure induced by scour, regardless of the cause, a preferred option is to use scour countermeasures. However, an ideal countermeasure does not exist. Therefore, the purpose of this research is to design and test an improved bridge pier scour countermeasure, while also better understanding the effects an ice cover has on scour.
Achieving a new countermeasure design consisted of a hybrid approach that combined both numerical and experimental modelling. The numerical model was used in an iterative manner to expedite the design process, as well as to reduce experimental costs. Upon testing and improving the initial collar design numerically, physical models were constructed for the purpose of testing experimentally. Experimental tests were performed at a 1:30 scale in the presence of a sand bed. The same experimental setup was used to investigate bridge pier scour under an ice cover, except a rigid structure was constructed to replicate an ice cover. The artificial ice cover possessed either a smooth or a rough underside and was installed in such a way to replicate a floating or fixed (pressurized) ice cover.
The purpose of the new countermeasure design was to improve on the flat plate collar by guiding the horseshoe vortex in a novel manner. By doing so, the quantity of erosive forces contacting the bed was greatly reduced. In order to reach a final design, a series of prototype designs were tested, and are outlined in this thesis, as they provide valuable insight into the scour problem. The final countermeasure design resembles a contoured collar but is made of riprap, where it was found to reduce the scour depth and volume by 81.0% and 92.3%, respectively, while using 18% less riprap than the conventional flat riprap countermeasure. Upon investigating scour in the presence of an ice cover, it was found that the quantity of scour increases as the ice cover becomes rougher and as the flow becomes more pressurized beneath. Specifically, the scour depth under the rough ice cover and the most pressurized condition increased by 412%.
It was demonstrated that implementing any device which increases the width of the pier has inherent limitations for reducing scour. Instead, having a depression around the pier, especially made of riprap, such that it is flush with the bed and can help guide the horseshoe vortex, was found to greatly reduce scouring. Furthermore, it was observed that the presence of any ice cover on the surface of the water generates greater pier scour, therefore necessitating that ice cover always be taken into consideration when designing bridges in cold climates.
|
9 |
Software Protection Against Fault and Side Channel AttacksPatrick, Conor Persson 09 August 2017 (has links)
Embedded systems are increasingly ubiquitous. Many of them have security requirements such as smart cards, mobile phones, and internet connected appliances. It can be a challenge to fulfill security requirements due to the constrained nature of embedded devices. This security challenge is worsened by the possibility of implementation attacks. Despite well formulated cryptosystems being used, the underlying hardware can often undermine any security proven on paper. If a secret key is at play, an adversary has a chance of revealing it by simply looking at the power variation. Additionally, an adversary can tamper with an embedded system's environment to get it to skip a security check or generate side channel information.
Any adversary with physical access to an embedded system can conduct such implementation attacks. It is the focus of this work to explore different countermeasures against both side channel and fault attacks. A new countermeasure call Intra-instruction Redundancy, based on bit-slicing, or N-bit SIMD processing, is proposed. Another challenge with implementing countermeasures against implementation attacks, is that they need to be able to be combined. Most proposed side channel countermeasures do not prevent fault injection and vice versa. Combining them is non-trivial as demonstrated with a combined implementation attack. / Master of Science / Consider a mechanical dial lock that must be opened without knowing the correct combination. One technique is to use a stethoscope to closely listen to the internal mechanical sounds and try to pick out any biases in order to figure out the correct combination without having to go through an exhaustive search. This is what a side channel is.
Embedded systems do not have mechanical sound side channels like mechanical locks but they do leak information through power consumption. This is the basis for power analysis attacks on embedded systems. By observing power, secret information from an embedded system can be revealed despite any cryptographic protections implemented. Another side channel is the behavior of the processor when it is physically tampered with, specifically known as a fault attack. It is important that embedded systems are able to detect when they are tampered with and respond accordingly to protect sensitive information.
Side channel and fault attack countermeasures are methods for embedded systems to prevent such attacks. This work presents a new state of the art fault attack countermeasure and a framework for combining the countermeasure with existing side channel countermeasures. It is nontrivial to combine countermeasures as there is a potential for combined attacks which this work shows as well.
|
10 |
Threshold Implementations of the Present CipherFarmani, Mohammad 06 September 2017 (has links)
"The process of securing data has always been a challenge since it is related to the safety of people and society. Nowadays, there are many cryptographic algorithms developed to solve security problems. However, some applications have constraints which make it difficult to achieve high levels of security. Light weight cryptography aims to address this issue while trying to maintain low costs. Side-channel attacks have changed the way of cryptography significantly. In this kind of attacks, the attacker has physical access to the crypto-system and can extract the sensitive data by monitoring and measuring the side-channels such as power consumption, electromagnetic emanation, timing information, sound, etc. These attacks are based on the relationship between side-channels and secret data. Therefore, there need to be countermeasures to eliminate or reduce side channel leaks or to break the relationship between side-channels and secret data to protect the crypto systems against side-channel attacks. In this work, we explore the practicality of Threshold Implementation (TI) with only two shares for a smaller design that needs less randomness but is still leakage resistant. We demonstrate the first two-share Threshold Implementations of light-weight block cipher Present. Based on implementation results, two-share TI has a lower area overhead and better throughput when compared with a first-order resistant three-share scheme. Leakage analysis of the developed implementations reveals that two-share TI can retain perfect first-order resistance. However, the analysis also exposes a strong second-order leakage. "
|
Page generated in 0.0564 seconds