Global ETD Search

21	Identificação das teclas digitadas a partir da vibração mecânica. / Identification of pressed keys from mechanical vibrations. Gerson de Souza Faria 28 November 2012 (has links) Este trabalho descreve um ataque que detecta as teclas pressionadas em teclados mecânicos pela análise das vibrações geradas quando as mesmas são pressionadas. Dois equipamentos foram experimentados no ataque: um teclado genérico de automação comercial e um terminal de ponto de venda (POS / PIN-pad). Acelerômetros são utilizados como sensores de vibração. Propositalmente, o equipamento necessário para a execução do ataque é de baixíssimo custo, de modo a ressaltar o risco das vulnerabilidades encontradas. Obtivemos taxas de sucesso médio de 69% no reconhecimento das teclas pressionadas para o terminal PIN-pad em repouso e 75% para o mesmo sendo segurado na mão. No caso de teclado de automação comercial, as taxas médias de acerto ficaram em torno de 99%. / This work describes an attack that identifies the sequence of keystrokes analyzing mechanical vibrations generated by the act of pressing keys. We use accelerometers as vibration sensors. The apparatus necessary for this attack is inexpensive and can be unobtrusively embedded within the target equipment. We tested the proposed attack on an ATM keypad and a PIN-pad. We achieved the key recognition rates of 99% in ATM keypad, 69% in PIN-pad resting on a hard surface and 75% in PIN-pad hold in hand. Acelerômetros Arduino Ataque a canais secundários ATM PIN-pad Processamento de sinais Segurança da informação Teclados Tempest Accelerometers Arduino ATM Information security Keyboards PIN-pad Side channel attack Signal processing Tempest
22	Arithmetic recodings for ECC cryptoprocessors with protections against side-channel attacks Chabrier, Thomas 18 June 2013 (has links) (PDF) This PhD thesis focuses on the study, the hardware design, the theoretical and practical validation, and eventually the comparison of different arithmetic operators for cryptosystems based on elliptic curves (ECC). Provided solutions must be robust against some side-channel attacks, and efficient at a hardware level (execution speed and area). In the case of ECC, we want to protect the secret key, a large integer, used in the scalar multiplication. Our protection methods use representations of numbers, and behaviour of algorithms to make more difficult some attacks. For instance, we randomly change some representations of manipulated numbers while ensuring that computed values are correct. Redundant representations like signed-digit representation, the double- (DBNS) and multi-base number system (MBNS) have been studied. A proposed method provides an on-the-fly MBNS recoding which operates in parallel to curve-level operations and at very high speed. All recoding techniques have been theoretically validated, simulated extensively in software, and finally implemented in hardware (FPGA and ASIC). A side-channel attack called template attack is also carried out to evaluate the robustness of a cryptosystem using a redundant number representation. Eventually, a study is conducted at the hardware level to provide an ECC cryptosystem with a regular behaviour of computed operations during the scalar multiplication so as to protect against some side-channel attacks. [INFO:INFO_OH] Computer Science/Other [INFO:INFO_OH] Informatique/Autre Elliptic curve Cryptography Attack by observation Side channel attack Arithmetic recoding Protection Counter measure Fpga Asic Hardware implementation
23	Increasing the Robustness of Point Operations in Co-Z Arithmetic against Side-Channel Attacks Almohaimeed, Ziyad Mohammed 08 August 2013 (has links) Elliptic curve cryptography (ECC) has played a signiﬁcant role on secure devices since it was introduced by Koblitz and Miller more than three decades ago. The great demand for ECC is created by its shorter key length while it provides an equivalent security level in comparison to previously introduced public-key cryptosystems (e.g.RSA). From an implementation point of view a shorter key length means a higher processing speed, smaller power consumption, and silicon area requirement. Scalar multiplication is the main operation in Elliptic Curve Diﬃe-Hellman (ECDH), which is a key-agreement protocol using ECC. As shown in the prior literature, this operation is both vulnerable to Power Analysis attack and requires a large amount of time. Therefore, a lot of research has focused on enhancing the performance and security of scalar multiplication. In this work, we describe three schemes to counter power analysis cryptographic attacks. The ﬁrst scheme provides improved security at the expense of a very small cost of additional hardware overhead; its basic idea is to randomize independent ﬁeld operations in order to have multiple power consumption traces for each point operation. In the second scheme, we introduce an atomic block that consists of addition, multiplication and addition [A-M-A]. This technique provides a very good scalar multiplication protection but with increased computation cost. The third scheme provides both security and speed by adopting the second tech- nique and enhancing the instruction-level parallelism at the atomic level. As a result, the last scheme also provides a reduction in computing time. With these schemes the users can optimize the trade-oﬀ between speed, cost, and security level according to their needs and resources. / Graduate / 0544 / 0984 / z.mohaimeed@gmail.com elliptic curve cryptography power analysis Elliptic curve Diffie-Hellman ECDH ECC atomic block Side-Channel Attack Aware Implementation
24	Etudes cryptographiques et statistiques de signaux compromettants / Cryptographic and statistical side channel analysis Linge, Yanis 22 November 2013 (has links) Cette thèse porte sur les attaques par observations. Ces attaques étudient les variations d'émanation d'un composant pour retrouver une clé secrète. Ces émanations peuvent être multiples, par exemple, la consommation de courant électrique, le rayonnement électromagnétique, etc. Généralement, ces attaques font appel à des méthodes statistiques pour examiner la relation entre les émanations du composant et des modèles de consommation imaginés par l'attaquant. Trois axes sont développés dans cette thèse. Dans un premier temps, nous avons implémenté différentes attaques par observations sur des cartes graphiques en utilisant l'API OpenCL. Ces implémentations sont plus performantes que les implémentations classiques, ce qui permet à un attaquant de pouvoir traiter plus de données. Dans un second temps, nous avons proposé l'utilisation du MIC dans le cadre des attaques par observations. L'avantage du MIC, par rapport à l'information mutuelle, est sa facilité de calcul, ne dépendant pas de choix de noyau ou de taille de fenêtre. Son utilisation dans une attaque par observations est donc aisée, même si, la complexité des calculs à effectuer est souvent très importante. Enfin, nous avons introduit une nouvelle attaque, basée sur la distribution jointe de l'entrée et de la sortie de fonction cryptographique. Si cette distribution varie en fonction de la valeur de la clé impliquée par la fonction, on est capable de retrouver la clé secrète utilisée par le composant. Cette nouvelle attaque a la particularité de ne nécessiter ni la connaissance du texte clair, ni la connaissance du texte chiffré, ce qui lui permet d'être efficace même en présence de certaines contre-mesures. / The main subject of this manuscript is the Side Channel Attacks. These attacks investigate the variation of device emanations to retrieve a secret key. These emanations can be the power consumption, the electromagnetic radiation, etc. Most of the time, those attacks use statistical methods to examine the relationship between the emanations and some leakage models supposed by the attacker. Three main axis are developed here. First, we have implemented many side channel attacks on GPGPU using the API OpenCL. These implementations are more effective than the classical ones, so an attacker can exploit more data. Then, in order to provide a new side channel attack, we have suggested the use of a new dependency measurement proposed by Reshef et al., the MIC. The MIC is more advantageous than the mutual information, because its computation does not depend of a kernel choice nor a windows size. So, its use in side channel analysis is simple, even if the time complexity is large. Finally, we have introduced a new attack based on the join distribution of the input and the output of a cryptographic sub-function. If the distribution depends on the key used in the function, we can retrieve the secret key. This attack can be efficient even in presence of some countermeasures because it does not required the knowledge of both plain text or cipher text. Cryptographie Carte à puce Attaques par canaux cachés Cryptanalyse Statistique Cryptography Smart card Compromising signals Side channel attack Cryptanalysis Statistical 004
25	Contribution à la sécurite physique des cryptosystèmes embarqués / On the physical security of embedded cryptosystems Venelli, Alexandre 31 January 2011 (has links) Ces travaux de thèse se concentrent sur l'étude des attaques par canaux cachés et les implications sur les mesures à prendre pour un concepteur de circuits sécurisés. Nous nous intéressons d'abord aux différentes attaques par canaux cachés en proposant une amélioration pour un type d'attaque générique particulièrement intéressante : l'attaque par analyse d'information mutuelle. Nous étudions l'effet des différentes techniques d'estimation d'entropie sur les résultats de l'attaque. Nous proposons l'utilisation de fonctions B-splines comme estimateurs étant donné qu'elles sont bien adaptées à notre scénario d'attaques par canaux cachés. Nous étudions aussi l'impact que peut avoir ce type d'attaques sur un cryptosystème symétrique connu, l'Advanced Encryption Standard (AES), en proposant une contre-mesure basée sur la structure algébrique de l'AES. L'opération principale de la majorité des systèmes ECC est la multiplication scalaire qui consiste à additionner un certain nombre de fois un point de courbe elliptique avec lui-même. Dans une deuxième partie, nous nous intéressons à la sécurisation de cette opération. Nous proposons un algorithme de multiplication scalaire à la fois efficace et résistant face aux principales attaques par canaux cachés. Nous étudions enfin les couplages, une construction mathématique basée sur les courbes elliptiques, qui possède des propriétés intéressantes pour la création de nouveaux protocoles cryptographiques. Nous évaluons finalement la résistance aux attaques par canaux cachés de ces constructions. / This thesis focuses on the study of side-channel attacks as well as their consequences on the secure implementation of cryptographic algorithms. We first analyze different side-channel attacks and we propose an improvement of a particularly interesting generic attack: the mutual information analysis. We study the effect of state of the art entropy estimation techniques on the results of the attack. We propose the use of B-spline funtions as estimators as they are well suited to the side-channel attack scenario. We also investigate the consequences of this kind of attack on a well known symmetric cryptosystem, the Advanced Encryption Standard (AES), and we propose a countermeasure based on the algebraic structure of AES. The main operation of ECC is the scalar multiplication that consists of adding an elliptic curve point to itself a certain number of times. In the second part, we investigate how to secure this operation. We propose a scalar multiplication algorithm that is both efficient and secure against main side-channel attacks. We then study pairings, a mathematical construction based on elliptic curves. Pairings have many interesting properties that allow the creation of new cryptographic protocols. We finally evaluate the side-channel resistance of pairings. Carte à puce Environnement embarqué Cryptographie Attaque par canaux cachés Aes Courbe elliptique Couplage Smart card Embedded environment Cryptography Side-channel attack Aes Elliptic curve Pairing
26	Advanced Side-Channel Analysis of USIMs, Bluetooth SoCs and MCUs Brisfors, Martin January 2021 (has links) The use of deep learning for side channel analysis has shown a lot of success in recent years. Impressive results have been presented by many researchers. However, critics of this approach have voiced concerns about the ad hoc methodologies and bespoke neural network designs used in many presented approaches. This thesis first analyzes a possibility of generalizing the selection of neural network architecture for side channel analysis. Then, it presents a simple model for a multilayer perceptron network that does not need to be altered for different targets. Experiments are conducted on three different data sets; power consumption measurements of USIMs, far-field electromagnetic measurements of a Bluetooth device, and power consumption measurements of dedicated XMega victim boards. For each of these sets a model is presented with equivalent or better than state-of-the art results for secret key recovery. Training and testing are done on separate devices in each case. One of the models achieves a classification accuracy of 94.5% from a single measurement. Furthermore, the target and the training device do not even share the same printed circuit board layout. Another model achieves a 47.4% classification accuracy from measurements captured in a manner that is possible in a real-world attack. The thesis also investigates if three different numerical ways of determining the leakage point in unprotected implementations of AES agree. The tests are applied to all three data sets. Finally the thesis evaluates whether the popular transformer architecture is beneficial for side channel analysis. / Användande av djupinlärning för sidokanalsanalys har haft stora framgångar de senaste åren. Imponerande resultat har presenterats av många forskare. Men kritiker av detta tillvägagångssätt har uttryckt oro över att metoderna är ad hoc, och att specialanpassade neuronnätverksdesigner används i många presenterade rapporter. Detta examensarbete undersöker först möjligheten att generalisera valet av neuronnätverksarkitekturer för sidokanalsanalys. Sedan presenterar jag en enkel modell för ett multilayer perceptron-nätverk som inte behöver anpassas för olika enheter. Experiment genomförs på tre olika dataset; strömförbrukningsmätningar av USIMs, elektromagnetiska mätningar i fjärrfält av en Bluetooth-enhet, och strömförbrukningsmätningar av dedikerade XMega sidokanalsanalys-enheter. För var och en av dessa enheter presenteras en modell med likvärdiga eller bättre resultat som tidigare publicerad forskning. Träning och testning görs på separata enheter i varje fall. En av modellerna uppnår en klassificeringsprecision på 94,5% från en enda mätning. Dessutom delar attackenheten och träningsenheten inte ens samma kretskortslayout. En annan modell uppnår en klassificeringsprecision på 47,4% från mätningar som gjorts på ett sätt som ar realistiskt i en verklig attack. Examensarbetet undersöker också om tre olika numeriska sätt att bestämma läckagepunkten i oskyddade implementeringar av AES överensstämmer. Testerna tillämpas på alla tre dataset. Slutligen utvärderar examensarbetet om den populära transformer-arkitekturen ar passande för sidokanalsanalys. Side Channel Attack Deep Learning AES USIM Milenage Screaming Channels Transformer Security Sidokanalsattack Djupinlärning AES USIM Milenage Screaming Channels Transformer Säkerhet Computer and Information Sciences Data- och informationsvetenskap
27	Odolnost AES proti časovací analýze / AES Tolerance to Timing Analysis Ondruš, Juraj Unknown Date (has links) This thesis deals with timing analysis of the AES (Advanced Encryption Standard). The design of {\em Rijndael\/}, which is the AES algorithm, is described here. For the side channel attacks is necessary to know the principles of the cache memory in CPU and its architecture. In this thesis are involved major security problems of AES which can be used for successful attacks. Several different implementations of AES are discussed too. Several types of timing attaks are also described. According to the experimentations these attacks should be efficient to the most presently used AES implementations. Finally, the results of this work are described, possible countermeasures against this attack and motions for the next research.
28	A Side Channel Attack on a Higher-Order Masked Software Implementation of Saber / En Sidokanalsattack på en Högre-Ordnings Maskad Mjukvaruimplementation av Saber Paulsrud, Nils January 2022 (has links) One of the key security aspects which must be evaluated for cryptosystems is their resistance against side-channel attacks. Masking is a commonly used countermeasure against side-channel attacks, in which the secret to be protected is partitioned into multiple shares using random “masks”. A k-order masked implementation uses k+1 shares. Masked implementations are available for the key encapsulation mechanism of Saber, a finalist in the NIST post-quantum cryptography standardization project. Though Saber has not been selected for standardization, it is similar to the selected CRYSTALS-Kyber, and may therefore have similar leakage. In this thesis, a side-channel attack against a higher-order masked implementation of Saber is attempted. A previous attack on first-order masked Saber using a deep learning-based approach is used as a starting point, though differences in the implementations make the attack not directly applicable to the higher-order case. A byte-wise leakage is found in the higher-order masked implementation, and two different attacks on this leakage point are considered. The first uses the Hamming weights of bytes and is able to recover Hamming weights of individual shares but not the complete message or secret keys from 2nd-order masked Saber. The other uses a method from a different previous side-channel attack in which message bytes are recovered using biased deep learning models. This method successfully recovers all message bytes from 1st-order masked Saber and is shown to successfully recover byte values from 2nd-order masked Saber by training multiple biased models and selecting the best performing models from these, though this also requires a much larger amount of attack data than the 1st-order masking case. This shows that a bytewise leakage in higher-order masked Saber can be exploited using a power analysis side-channel attack, though recovering the complete message and secret keys remains as future work. / En av de främsta säkerhetsaspekterna som måste utvärderas för krypteringsalgoritmer är resistens mot sidokanalsattacker. Maskning är en av de vanligaste åtgärderna för att skydda mot sidokanalsattacker, där känslig information partitioneras i flera delar med hjälp av slumpmässiga värden. En maskning av ordning k använder k+1 delar. Maskade implementationer finns tillgängliga för Saber, en av finalisterna NISTs postkvantkryptografiska standardiseringsprojekt. Saber har inte valts som standard, men har många likheter med den valda standarden CRYSTALS-Kyber och kan därför ha liknande sårbarheter. I detta examensarbete utförs en sidokanalsattack på en högre ordnings maskad implementation av Saber. En tidigare attack på första ordningens maskad Saber används som utgångspunkt, men skillnader i implementationen gör att denna attack inte kan användas direkt. Ett läckage på byte-nivå hittads i den högre ordnings maskade implementationen, och två olika attacker utförs. Den första, som använder Hammingvikten av en byte i meddelandet, kunde erhålla Hammingvikterna för individuella delar av det maskade meddelandet, men inte det ursprungliga meddelandet. Den andra attacken använder en metod från en tidigare sidokanalsattack där meddelanden kunde erhållas med hjälp av partiska djupinlärningsmodeller. Den här metoded kunde användas för att erhålla alla bytevärden från meddelandet med fösta ordningens maskning. Med betydligt mer data och genom att träna ett flertal djupinlärningsmodeller och sedan välja de bästa från bland dessa kunda även vissa bytevärden erhållas från andra ordningens maskning. Detta visar att denna svaghet på byte-nivå kan användas vid en attack på högre ordnings maskad Saber, men det återstår att extrahera hela meddelandet och hemliga nycklar. Post-quantum cryptography Saber KEM Side-channel attack Power analysis Higher-order masking Postkvantkryptografi Saber KEM Sidokanalsattack Effektanalys Högre ordnings maskning Computer and Information Sciences Data- och informationsvetenskap
29	Arithmetic recodings for ECC cryptoprocessors with protections against side-channel attacks / Unités arithmétiques reconfigurables pour cryptoprocesseurs robustes aux attaques Chabrier, Thomas 18 June 2013 (has links) Cette thèse porte sur l'étude, la conception matérielle, la validation théorique et pratique, et enfin la comparaison de différents opérateurs arithmétiques pour des cryptosystèmes basés sur les courbes elliptiques (ECC). Les solutions proposées doivent être robustes contre certaines attaques par canaux cachés tout en étant performantes en matériel, tant au niveau de la vitesse d'exécution que de la surface utilisée. Dans ECC, nous cherchons à protéger la clé secrète, un grand entier, utilisé lors de la multiplication scalaire. Pour nous protéger contre des attaques par observation, nous avons utilisé certaines représentations des nombres et des algorithmes de calcul pour rendre difficiles certaines attaques ; comme par exemple rendre aléatoires certaines représentations des nombres manipulés, en recodant certaines valeurs internes, tout en garantissant que les valeurs calculées soient correctes. Ainsi, l'utilisation de la représentation en chiffres signés, du système de base double (DBNS) et multiple (MBNS) ont été étudiés. Toutes les techniques de recodage ont été validées théoriquement, simulées intensivement en logiciel, et enfin implantées en matériel (FPGA et ASIC). Une attaque par canaux cachés de type template a de plus été réalisée pour évaluer la robustesse d'un cryptosystème utilisant certaines de nos solutions. Enfin, une étude au niveau matériel a été menée dans le but de fournir à un cryptosystème ECC un comportement régulier des opérations effectuées lors de la multiplication scalaire afin de se protéger contre certaines attaques par observation. / This PhD thesis focuses on the study, the hardware design, the theoretical and practical validation, and eventually the comparison of different arithmetic operators for cryptosystems based on elliptic curves (ECC). Provided solutions must be robust against some side-channel attacks, and efficient at a hardware level (execution speed and area). In the case of ECC, we want to protect the secret key, a large integer, used in the scalar multiplication. Our protection methods use representations of numbers, and behaviour of algorithms to make more difficult some attacks. For instance, we randomly change some representations of manipulated numbers while ensuring that computed values are correct. Redundant representations like signed-digit representation, the double- (DBNS) and multi-base number system (MBNS) have been studied. A proposed method provides an on-the-fly MBNS recoding which operates in parallel to curve-level operations and at very high speed. All recoding techniques have been theoretically validated, simulated extensively in software, and finally implemented in hardware (FPGA and ASIC). A side-channel attack called template attack is also carried out to evaluate the robustness of a cryptosystem using a redundant number representation. Eventually, a study is conducted at the hardware level to provide an ECC cryptosystem with a regular behaviour of computed operations during the scalar multiplication so as to protect against some side-channel attacks. Courbe elliptique Cryptographie Attaque par observation Protection Contre mesure Canaux caché Canaux auxiliaire Recodage arithmétique Fpga Asic Implémentation matérielle. Elliptic curve Cryptography Attack by observation Side channel attack Arithmetic recoding Protection Counter measure Fpga Asic Hardware implementation.
30	Synchronisation et systèmes dynamiques : application à la cryptographie / Synchronization and dynamical systems : application to cryptography Dravie, Brandon 06 July 2017 (has links) Nous présentons dans le cadre de cette thèse une construction effective de chiffreurs par flot auto-synchronisants centrée autour de la classe particulière des systèmes dynamiques Linear Parameter Varying (LPV). Il s'agit de systèmes dont la représentation d'état admet une écriture affine par rapport à l'état et l'entrée mais dont les matrices de la représentation dépendent de paramètres variants dans le temps. Cette dépendance peut se traduire par des fonctions non linéaires de la variable de sortie. La dynamique résultante est donc non linéaire. Nous montrons que la propriété d'auto-synchronisation est liée à une propriété structurelle du système dynamique à savoir la platitude. La platitude est une propriété algébrique qui permet d'exprimer lorsque cela est possible les paramètres d'entrée et sortie d'un système dynamique en fonction de sa sortie qui est appelée dans ce cas une sortie plate. Une caractérisation de la platitude est exprimée en termes des matrices d'état du système dynamique. Une caractérisation complémentaire est proposée en termes de propriétés d'un graphe d'adjacence associé. L'utilisation conjointe de la caractérisation algébrique et graphique donne lieu à une construction systématique d'une nouvelle classe de chiffreurs auto-synchonisants. Dans la deuxième partie de la thèse, nous nous intéressons à la sécurité de chiffreurs auto-synchronisants. Nous proposons dans un premier temps une approche spectrale pour réaliser une attaque par canaux cachés. Cette approche offre une complexité réduite par rapport aux approches classiques utilisées pour les attaques par canaux cachés. Nous donnons ensuite une preuve de sécurité de la forme canonique d'un chiffreur auto-synchronisant basée sur la notion d'indistinguabilité. Une condition nécessaire et suffisante pour caractériser l'indistinguabilité des chiffreurs auto-synchronisants est proposée. Finalement, nous avons établi des résultats sur les propriétés de fonctions vectorielles booléennes qui permettent de caractériser d'une façon générale les chiffreurs auto-synchronisants / In this thesis, we present an effective construction of self-synchronizing stream ciphers based on the class of Linear Parameter-Varying (LPV) dynamical systems. For such systems, the state-space representation admits an affine expression regarding the input and the state but the state matrices depend on time varying parameters. This dependence can be expressed using nonlinear functions of the output variable. Hence, the resulting dynamics of the system are nonlinear. We show that the self-synchronization property is related to a structural property of the dynamical system known as flatness. Flatness is an algebraic property that allows, when possible, the expression of the input and state parameters of a dynamical system as functions of its outputs which is then called flat output. A characterization of the flatness is expressed in terms of state matrices of the dynamical matrix. A complementary characterization is given in terms of properties of the related adjacency graph. The combination of the algebraic and graph theory characterization gives a systematic construction of a new class of self-synchronizing stream ciphers. In the second part of the thesis, we tackle security aspects of self-synchronizing stream ciphers. We propose a spectral approach to performing side channel attacks. This approach offers reduced complexity when compared with standard approaches used for side channel attacks. We also give a security proof, based on the notion of indistinguishability, for the canonical form of self-synchronizing stream ciphers. A neccessary and sufficient condition is proposed in order to characterize the indistinguishability. Finally, we establish some results on vectorial boolean functions and properties they can be achieved when trying to design Self-Synchronizing Stream Ciphers Systèmes LPV Platitude Chiffreur par flot auto-synchronisant Preuve de sécurité Attaque par canaux cachés LPV systems Flatness Self-synchronizing stream cipher Proof of security Side channel attack 629.831 2 005.82

Search results