Global ETD Search

21	Sécurisation des algorithmes de couplages contre les attaques physiques / Security of pairing algorithms against physical attacks Jauvart, Damien 20 September 2017 (has links) Cette thèse est consacrée à l’étude de la sécurité physique des algorithmesde couplage. Les algorithmes de couplage sont depuis une quinzaine d’années utilisésà des fins cryptographiques. D’une part, les systèmes d’information évoluent, et denouveaux besoins de sécurité apparaissent. Les couplages permettent des protocolesinnovants, tels que le chiffrement basé sur l’identité, les attributs et l’échange tripartien un tour. D’autre part, l’implémentation des algorithmes de couplages est devenueefficace, elle permet ainsi d’intégrer des solutions cryptographiques à base de couplagedans les systèmes embarqués.La problématique de l’implémentation sécurisée des couplages dans les systèmesembarqués va être étudiée ici. En effet, l’implémentation d’algorithmes dédiés à lacryptographie sur les systèmes embarqués soulève une problématique : la sécurité del’implémentation des couplages face aux attaques physiques. Les attaques par canauxauxiliaires, dites passives, contre les algorithmes de couplages sont connues depuisbientôt une dizaine d’années. Nous proposons des études pour valider l’efficacité desattaques en pratique et avec des atouts théoriques. De notre connaissance, il y a uneseule attaque pratique dans la littérature, nous l’optimisons d’un facteur dix en termesde nombres de traces. Nous proposons aussi une attaque horizontale, qui nous permetd’attaquer le couplage twisted Ate en une seule trace.Par ailleurs, les contre-mesures n’ont été que peu étudiées. Nous complétons cettepartie manquante de la littérature. Nous proposons de nouveaux modèles d’attaquessur la contre-mesure de randomisation des coordonnées. L’attaque en collision proposéepermet ainsi de donner une réévaluation de la contre-mesure ciblée. Ainsi nousproposons la combinaison de contre-mesures qui, à moindres coûts, protégerait de cesattaques. / This thesis focuses on the resistance of Pairing implementations againstside channel attacks. Pairings have been studied as a cryptographic tool for the pastfifteen years and have been of a growing interest lately. On one hand, Pairings allowthe implementation of innovative protocols such as identity based encryption, attributebased encryption or one round tripartite exchange to address the evolving needs ofinformation systems. On the other hand, the implementation of the pairings algorithmshave become more efficient, allowing their integration into embedded systems.Like for most cryptographic algorithms, side channel attack schemes have beenproposed against Pairing implementations. However most of the schemes describedin the literature so far have had very little validation in practice. In this thesis, westudy the practical feasibility of such attacks by proposing a technique for optimizingcorrelation power analysis on long precision numbers. We hence improve by a factorof 10 the number of side-channel leakage traces needed to recover a 256-bit secret keycompared to what is, to our best knowledge, one of the rare practical implementationsof side channel attacks published. We also propose a horizontal attack, which allow usto attack the twisted Ate pairing using a single trace.In the same way, countermeasures have been proposed to thwart side channel attacks,without any theoretical or practical validation of the efficiency of such countermeasures.We here focus on one of those countermeasures based on coordinatesrandomization and show how a collision attack can be implemented against this countermeasure.As a result, we describe how this countermeasure would have to be implementedto efficiently protect Pairing implementations against side channel attacks.The latter studies raise serious questions about the validation of countermeasures whenintegrated into complex cryptographic schemes like Pairings Cryptographie Couplages Attaques par canaux auxiliaires Contre-Mesures Cryptography Pairings Side-Channel attacks Countermeasures
22	Towards Robust Side Channel Attacks with Machine Learning Wang, Chenggang 06 June 2023 (has links) No description available. Computer Engineering Side-channel attacks Deep learning Transfer learning Domain adaptation Network security
23	Deep Learning Based Side-Channel Analysis of AES Based on Far Field Electromagnetic Radiation Wang, Ruize January 2020 (has links) Advanced Encryption Standard (AES) is a widely accepted encryption algorithm used in Internet-of-Things (IoT) devices such as Bluetooth devices. Although the implementation of AES is complicated enough, attackers can still acquire the cryptographic information generated from the AES execution to perform Side-Channel Attack (SCA). There are two commonly used types of SCA, which are power based attack and Electromagnetic (EM) based attack. However, the acquisition of both power traces and EM near-field traces require close physical contact to the victim devices, which is difficult to attack a well-protected system. In this thesis, we exploit the far-field EM propagation property and train several Deep Learning (DL) models to attack tinyAES algorithm implemented on the victim Bluetooth chip nRF52832 mounted on Nordic nRF52 DK at the distance up to 50cm. To simulate the real attacking scenario, we train our DL models on one nRF52 DK at 30cm and attack another same board at the distance 5cm, 15cm, 30cm and 50cm respectively in an office environment. We restrict the number of attacking traces to 7000. The key byte of all of cases can be recovered successfully by Convolution Neuron Network (CNN) and the best test only need 1848 traces. Our contributions are: (1).We prove it is feasible to attack Bluetooth chip running AES at variation distance by DL; (2).We compare our DL model performance with the classical correlation analysis and find correlation analysis takes far more traces than DL; (3).We propose several countermeasures to protect against the far-field EM SCA. / Advanced Encryption Standard (AES) är en allmänt accepterad krypteringsalgoritm som används i Internet-of-Things (IoT) -enheter som Bluetooth-enheter. Även om implementeringen av AES är tillräckligt komplicerad kan angriparna fortfarande förvärva den kryptografiska informationen som genererats från AES-utförandet för att utföra Side-Channel Attack (SCA). Det finns två vanligt förekommande typer av SCA, som är kraftbaserad attack och elektro-magnetisk (EM) baserad attack. Emellertid kräver förvärv av både strömspår och EM-fältspår nära fysisk kontakt med offeranordningarna, vilket är omöjligt att attackera ett välskyddat system. I den här avhandlingen utnyttjar vi EM-förökningsegenskapen för fjärrfältet och utbildar flera Deep Learning (DL) -modeller för att attackera litenAES- algoritm implementerad på offret Bluetooth-chip nRF52832 monterat på Nordic nRF52 DK på avståndet upp till 50 cm. För att simulera det verkliga angreppsscenariot utbildar vi våra DL-modeller på en nRF52 DK vid 30 cm och attackerar en annan samma skiva på avståndet 5 cm, 15 cm, 30 cm respektive 50 cm i en kontorsmiljö. Vi begränsar antalet attackerande spår till 7000. Nyckelbyte i alla fall kan framgångsrikt återvinnas av Convolution Neuron Network (CNN) och det bästa testet behöver endast 1848 spår. Våra bidrag är: (1). Vi bevisar att det är möjligt att attackera Bluetooth-chip som kör AES på variation avstånd av DL; (2). Vi jämför våra DL-modellprestanda med den klassiska korrelationsanalysen och finner korrelationsanalys tar mycket fler spår än DL;(3). Vi tillhandahåller flera motåtgärder mot EM-SCA. Side-Channel Attacks EM Far-Field Deep Learning Computer and Information Sciences Data- och informationsvetenskap
24	REDUCED COMPLEMENTARY DYNAMIC AND DIFFERENTIAL CMOS LOGIC: A DESIGN METHODOLOGY FOR DPA RESISTANT CRYPTOGRAPHIC CIRCUITS RAMMOHAN, SRIVIDHYA 03 July 2007 (has links) No description available. Secret Key Dynamic Differential Logic Side-Channel Attacks
25	Design Methodology for Differential Power Analysis Resistant Circuits Manchanda, Antarpreet Singh 21 October 2013 (has links) No description available. Computer Engineering DPA Differential Power Analysis SDMLp Side Channel Attacks Cryptographic circuits Design flow
26	Architecture Support for Countermeasures against Side-Channel Analysis and Fault Attack Kiaei, Pantea January 2019 (has links) The cryptographic algorithms are designed to be mathematically secure; however, side-channel analysis attacks go beyond mathematics by taking measurements of the device’s electrical activity to reveal the secret data of a cipher. These attacks also go hand in hand with fault analysis techniques to disclose the secret key used in cryptographic ciphers with even fewer measurements. This is of practical concern due to the ubiquity of embedded systems that allow physical access to the adversary such as smart cards, ATMs, etc.. Researchers through the years have come up with techniques to block physical attacks to the hardware or make such attacks less likely to succeed. Most of the conducted research consider one or the other of side-channel analysis and fault injection attacks whereas, in a real setting, the adversary can simultaneously take advantage of both to retrieve the secret data with less effort. Furthermore, very little work considers a software implementation of these ciphers although, with the availability of small and affordable or free microarchitectures, and flexibility and simplicity of software implementations, it is at times more practical to have a software implementation of ciphers instead of dedicated hardware chips. In this project, we come up with a modular presentation, suitable for software implementation of ciphers, to allow having simultaneous resistance against side-channel and fault analysis attacks. We also present an extension at the microarchitecture level to make our proposed countermeasures more intact and efficient. / M.S. / Ciphers are algorithms designed by mathematicians. They protect data by encrypting them. In one of the main categories of these ciphers, called symmetric-key ciphers, a secret key is used to both encrypt and decrypt the data. Once the secret key of a cipher is retrieved, anyone can find the decoded data and thereby access the original data. Cryptographers traditionally sought to design ciphers in such a way that no adversary could reveal the secret key by finding holes in the algorithm. However, this has been shown insufficient for a specific implementation of a cryptographic algorithm to be considered as “unbreakable” since the physical properties of the implementation, can help an adversary find the secret key and break the encryption. Analyzing these physical properties can be either active; by making controlled changes in the normal progress of its execution, or passive; by merely measuring the physical properties during normal execution. Designers try to take these analyses into account when implementing a cryptographic function and so, in this project, we aim to present architectural support for a combination of some of the countermeasures. Side-channel attacks Fault attacks Custom-instruction extensions Bitslicing Software countermeasures
27	Design Techniques for Side-channel Resistant Embedded Software Sinha, Ambuj Sudhir 25 August 2011 (has links) Side Channel Attacks (SCA) are a class of passive attacks on cryptosystems that exploit implementation characteristics of the system. Currently, a lot of research is focussed towards developing countermeasures to side channel attacks. In this thesis, we address two challenges that are an inherent part of the efficient implementation of SCA countermeasures. While designing a system, design choices made for enhancing the efficiency or performance of the system can also affect the side channel security of the system. The first challenge is that the effect of different design choices on the side channel resistance of a system is currently not well understood. It is important to understand these effects in order to develop systems that are both secure and efficient. A second problem with incorporating SCA countermeasures is the increased design complexity. It is often difficult and time consuming to integrate an SCA countermeasure in a larger system. In this thesis, we explore that above mentioned problems from the point of view of developing embedded software that is resistant to power based side channel attacks. Our first work is an evaluation of different software AES implementations, from the perspective of side channel resistance, that shows the effect of design choices on the security and performance of the implementation. Next we present work that identifies the problems that arise while designing software for a particular type of SCA resistant architecture - the Virtual Secure Circuit. We provide a solution in terms of a methodology that can be used for developing software for such a system - and also demonstrate that this methodology can be conveniently automated - leading to swifter and easier software development for side channel resistant designs. / Master of Science Bitslice Cryptography Side Channel Attacks Virtual Secure Circuit Secure Embedded Systems Side-channel Countermeasures
28	Towards Comprehensive Side-channel Resistant Embedded Systems Yao, Yuan 17 August 2021 (has links) Embedded devices almost involve every part of our lives, such as health condition monitoring, communicating with other people, traveling, financial transactions, etc. Within the embedded devices, our private information is utilized, collected and stored. Cryptography is the security mechanism within the embedded devices for protecting this secret information. However, cryptography algorithms can still be analyzed and attacked by malicious adversaries to steal secret data. There are different categories of attacks towards embedded devices, and the side-channel attack is one of the powerful attacks. Unlike analyzing the vulnerabilities within the cryptography algorithm itself in traditional attacks, the side-channel attack observes the physical effect signals while the cryptography algorithm runs on the device. These physical effects include the power consumption of the devices, timing, electromagnetic radiations, etc., and we call these physical effects that carry secret information side-channel leakage. By statistically analyzing these side-channel leakages, an attacker can reconstruct the secret information. The manifestation of side-channel leakage happens at the hardware level. Therefore, the designer has to ensure that the hardware design of the embedded system is secure against side-channel attacks. However, it is very arduous work. An embedded systems design including a large number of electronic components makes it very difficult to comprehensively capture every side-channel vulnerability, locate the root cause of the side-channel leakage, and efficiently fix the vulnerabilities. In this dissertation, we developed methodologies that can help designers detect and fix side-channel vulnerabilities within the embedded system design at low cost and early design stage. / Doctor of Philosophy / Side-channel leakage, which reveals the secret information from the physical effects of computing secret variables, has become a serious vulnerability in secure hardware and software implementations. In side-channel attacks, adversaries passively exploit variations such as power consumption, timing, and electromagnetic emission during the computation with secret variables to retrieve sensitive information. The side-channel attack poses a practical threat to embedded devices, an embedded device's cryptosystem without adequate protection against side-channel leakage can be easily broken by the side-channel attack. In this dissertation, we investigate methodologies to build up comprehensive side-channel resistant embedded systems. However, this is challenging because of the complexity of the embedded system. First, an embedded system integrates a large number of components. Even if the designer can make sure that each component is protected within the system, the integration of the components will possibly introduce new vulnerabilities. Second, the existing side-channel leakage evaluation of embedded system design happens post-silicon and utilizes the measurement on the prototype of the taped-out chip. This is too late for mitigating the vulnerability in the design. Third, due to the complexity of the embedded system, even though the side-channel leakage is detected, it is very hard to precisely locate the root cause within the design. Existing side-channel attack countermeasures are very costly in terms of design overhead. Without a method that can precisely identify the side-channel leakage source within the design, huge overhead will be introduced by blindly add the side-channel countermeasure to the whole design. To make the challenge even harder, the Power Distribution Network (PDN) where the hardware design locates is also vulnerable to side-channel attacks. It has been continuously demonstrated by researchers that attackers can place malicious circuits on a shared PDN with victim design and open the opportunities for the attackers to inject faults or monitoring power changes of the victim circuit. In this dissertation, we address the challenges mentioned above in designing a side-channel-resistant embedded system. We categorize our contributions into three major aspects—first, we investigating the effects of integration of security components and developing corresponding countermeasures. We analyze the vulnerability in a widely used countermeasure - masking, and identify that the random number transfer procedure is a weak link in the integration which can be bypassed by the attacker. We further propose a lightweight protection scheme to protect function calls from instruction skip fault attacks. Second, we developed a novel analysis methodology for pre-silicon side-channel leakage evaluation and root cause analysis. The methodology we developed enables the designer to detect the side-channel leakage at the early pre-silicon design stage, locate the leakage source in the design precisely to the individual gate and apply highly targeted countermeasure with low overhead. Third, we developed a multipurpose on-chip side-channel and fault monitoring extension - Programmable Ring Oscillator (PRO), to further guarantee the security of PDN. PRO can provide on-chip side-channel resistance, power monitoring, and fault detection capabilities to the secure design. We show that PRO as application-independent integrated primitives can provide side-channel and fault countermeasure to the design at a low cost. Side-Channel Attacks Pre-silicon Side-channel Leakage Source Countermeasures Simulation Root Cause Analysis Leakage Evaluation
29	Constraint Based Program Synthesis for Embedded Software Eldib, Hassan Shoukry 30 July 2015 (has links) In the world that we live in today, we greatly rely on software in nearly every aspect of our lives. In many critical applications, such as in transportation and medical systems, catastrophic consequences could occur in case of buggy software. As the computational power and storage capacity of computer hardware keep increasing, so are the size and complexity of the software. This makes testing and verification increasingly challenging in practice, and consequentially creates a chance for software with critical bugs to find their way into the consumer market. In this dissertation, I present a set of innovative new methods for automatically verifying, as well as synthesizing, critical software and hardware in embedded computing applications. Based on a set of rigorous formal analysis techniques, my methods can guarantee that the resulting software are efficient and secure as well as provably correct. / Ph. D. Program Synthesis Formal Verification Embedded Software Security Cryptography Side-Channel Attacks and Countermeasures
30	Side-Channel Attacks on Encrypted 5G/4G Voice Calls Shaan Shekhar (18463575) 01 May 2024 (has links) <p dir="ltr">5G/4G voice calls are encrypted for the purpose of confidentiality, secrecy and privacy. Although protected by well-examined security measures we unveil several vulnerabilities previously unreported in the 5G/4G voice calls that unintentionally leak 5G/4G call state information despite encryption protection and device proof of concept attacks in this thesis. Unlike existing attacks, these new attacks are significantly more threatening because they are completely contactless without requiring any malware, access or compromise on the victim's phones, the 5G/4G network and the other call party. Instead, the attacker only needs to deploy a radio sniffer to eavesdrop on 5G/4G communication and infer confidential call information.</p><p dir="ltr">Interestingly, such confidentiality breaches are technically feasible due to recent 5G/4G call enhancement technologies standardized in the 3GPP specifications and adopted by mobile network operators. While effective in enhancing 5G/4G call quality and efficiency, they, unfortunately, expose extra call information, which can be exploited to infer call states and launch side-channel attacks precisely. Another major contributor to this attack is the IVR technology, which uses a computer-operated telephone system to help companies answer customer calls. In this thesis, we focus on snooping Pay-over-the-Phone transactions done over IVR calls and optionally inferring the company involved in the transaction. The attacks exploit technologies designed to enhance the call quality and efficiency and develop several attack modules to (1) detect voice calls over encrypted 5G/4G traffic, (2) infer the use of IVR over limited call information leaked in the air, and (3) spy on sensitive payment transactions in real-time. We have implemented this proof-of-concept attack using an SDR-based sniffer only. We have validated its effectiveness and assessed damages in various experiments with 5G operators in the US. Lastly, we have discussed the lessons learned from the attacks and the future work that can be done to improve the efficiency of the attacks and make them more threatening.</p> System and network security Voice Call Security Phone Call Security Side Channel Attacks Inference Attacks

Search results