• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 88
  • 22
  • 19
  • 7
  • 3
  • 2
  • 2
  • Tagged with
  • 191
  • 191
  • 77
  • 73
  • 59
  • 58
  • 57
  • 49
  • 45
  • 40
  • 31
  • 29
  • 27
  • 26
  • 22
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
21

Efficient Side-channel Resistant MPC-based Software Implementation of the AES

Fernandez Rubio, Abraham 27 April 2017 (has links)
Current cryptographic algorithms pose high standards of security yet they are susceptible to side-channel analysis (SCA). When it comes to implementation, the hardness of cryptography dangles on the weak link of side-channel information leakage. The widely adopted AES encryption algorithm, and others, can be easily broken when they are implemented without any resistance to SCA. This work applies state of the art techniques, namely Secret Sharing and Secure Multiparty Computation (SMC), on AES-128 encryption as a countermeasure to those attacks. This embedded C implementation explores multiple time-memory trade-offs for the design of its fundamental components, SMC and field arithmetic, to meet a variety of execution and storage demands. The performance and leakage assessment of this implementation for an ARM based micro-controller demonstrate the capabilities of masking schemes and prove their feasibility on embedded software.
22

Quantitative information flow of side-channel leakages in web applications

Huang, Xujing January 2016 (has links)
It is not a secret that communications between client sides and server sides in web applications can leak user confidential data through side-channel attacks. The lower lever traffic features, such as packet sizes, packet lengths, timings, etc., are public to attackers. Attackers can infer a user's web activities including web browsing histories and user sensitive information by analysing web traffic generated during communications, even when the traffic is encrypted. There has been an increasing public concern about the disclosure of user privacy through side-channel attacks in web applications. A large amount of work has been proposed to analyse and evaluate this kind of security threat in the real world. This dissertation addresses side-channel vulnerabilities from different perspectives. First, a new approach based on verification and quantitative information flow is proposed to perform a fully automated analysis of side-channel leakages in web applications. Core to this aim is the generation of test cases without developers' manual work. Techniques are implemented into a tool, called SideAuto, which targets at the Apache Struts web applications. Then the focus is turned to real-world web applications. A black-box methodology of automatically analysing side-channel vulnerabilities in real-world web applications is proposed. This research demonstrates that communications which are not explicitly involving user sensitive information can leak user secrets, even more seriously than a traffic explicitly transmitting user information. Moreover, this thesis also examines side-channel leakages of user identities from Google accounts. The research demonstrates that user identities can be revealed, even when communicating with external websites included in Alexa Top 150 websites, which have no relation to Google accounts.
23

Spectre: Attack and Defense

Harris, Rae 01 January 2019 (has links)
Modern processors use architecture like caches, branch predictors, and speculative execution in order to maximize computation throughput. For instance, recently accessed memory can be stored in a cache so that subsequent accesses take less time. Unfortunately microarchitecture-based side channel attacks can utilize this cache property to enable unauthorized memory accesses. The Spectre attack is a recent example of this attack. The Spectre attack is particularly dangerous because the vulnerabilities that it exploits are found in microprocessors used in billions of current systems. It involves the attacker inducing a victim’s process to speculatively execute code with a malicious input and store the recently accessed memory into the cache. This paper describes the previous microarchitecture side channel attacks. It then describes the three variants of the Spectre attack. It describes and evaluates proposed defenses against Spectre.
24

Cache-based vulnerabilities and spam analysis

Neve de Mevergnies, Michael 14 July 2006 (has links)
Two problems of computer security are investigated. On one hand, we are facing a practical problematic of actual processors: the cache, an element of the architecture that brings flexibility and allows efficient utilization of the resources, is demonstrated to open security breaches from which secret information can be extracted. This issue required a delicate study to understand the problem and the role of the incriminated elements, to discover the potential of the attacks and find effective countermeasures. Because of the intricate behavior of a processor and limited resources of the cache, it is extremely hard to write constant-time software. This is particularly true with cryptographic applications that often rely on large precomputed data and pseudo-random accesses. The principle of time-driven attacks is to analyze the overall execution time of a cryptographic process and extract timing profiles. We show that in the case of AES those profiles are dependent on the memory lookups, i.e. the addition of the plaintext and the secret key. Correlations between some profiles with known inputs and some with partially unknown ones (known plaintext but unknown secret key) lead to the recovery of the secret key. We then detail access-driven attacks: another kind of cache-based side channel. This case relies on stronger assumptions regarding the attacker's capacities: he must be able to run another process, concurrent to the security process. Even if the security policies prevent the so-called "spy" process from accessing directly the data of the "crypto" process, the cache is shared between them and its behavior can lead the spy process to deduce the secrets of the crypto process. Several ways are explored for mitigations, depending on the security level to reach and on the attacker's capabilities. The respective performances of the mitigations are given. The scope is however oriented toward software mitigations as they can be directly applied to patch programs and reduce the cache leakage. On the other hand, we tackle a situation of computer science that also concerns many people and where important economical aspects are at stake: although spam is often considered as the other side of the Internet coin, we believe that it can be defeated and avoided. A increasing number of researches for example explores the ways cryptographic techniques can prevent spams from being spread. We concentrated on studying the behavior of the spammers to understand how e-mail addresses can be prevented from being gathered. The motivation for this work was to produce and make available quantitative results to efficiently prevent spam, as well as to provide a better understanding of the behavior of spammers. Even if orthogonal, both parts tackle practical problems and their results can be directly applied.
25

Techniques of Side Channel Cryptanalysis

Muir, James January 2001 (has links)
The traditional model of cryptography examines the security of cryptographic primitives as mathematical functions. This approach does not account for the physical side effects of using these primitives in the real world. A more realistic model employs the concept of a <I>side channel</I>. A side channel is a source of information that is inherent to a physical implementation of a primitive. Research done in the last half of the 1990s has shown that the information transmitted by side channels, such as execution time, computational faults and power consumption, can be detrimental to the security of ciphers like DES and RSA. This thesis surveys the techniques of side channel cryptanalysis presented in [Kocher1996], [Boneh1997], and [Kocher1998] and shows how side channel information can be used to break implementations of DES and RSA. Some specific techniques covered include the timing attack, differential fault analysis, simple power analysis and differential power analysis. Possible defenses against each of these side channel attacks are also discussed.
26

Distributed Full-duplex via Wireless Side Channels: Bounds and Protocols

Bai, Jingwen 16 September 2013 (has links)
In this thesis, we study a three-node full-duplex network, where the infrastructure node has simultaneous up- and downlink communication in the same frequency band with two half-duplex nodes. In addition to self-interference at the full-duplex infrastructure node, the three-node network has to contend with the inter-node interference between the two half-duplex nodes. The two forms of interferences differ in one important aspect that the self-interference is known at the interfered receiver. Therefore, we propose to leverage a wireless side-channel to manage the inter-node interference. We characterize the impact of inter-node interference on the network achievable rate region with and without a side-channel between the nodes. We present four distributed full-duplex inter-node interference cancellation schemes, which leverage the device-to-device wireless side-channel for improved interference cancellation. Of the four, bin-and-cancel is asymptotically optimal in high signal-to-noise ratio limit which uses Han-Kobayashi common-private message splitting and achieves within 1 bits/s/Hz of the capacity region for all values of channel parameters. The other three schemes are simpler compared to bin-and-cancel but achieve the near-optimal performance only in certain regimes of channel values. Asymptotic multiplexing gains of all proposed schemes are derived to show analytically that leveraging the side channel can be highly beneficial in increasing the multiplexing gain of the system exactly in those regimes where inter-node interference has the highest impact.
27

Techniques of Side Channel Cryptanalysis

Muir, James January 2001 (has links)
The traditional model of cryptography examines the security of cryptographic primitives as mathematical functions. This approach does not account for the physical side effects of using these primitives in the real world. A more realistic model employs the concept of a <I>side channel</I>. A side channel is a source of information that is inherent to a physical implementation of a primitive. Research done in the last half of the 1990s has shown that the information transmitted by side channels, such as execution time, computational faults and power consumption, can be detrimental to the security of ciphers like DES and RSA. This thesis surveys the techniques of side channel cryptanalysis presented in [Kocher1996], [Boneh1997], and [Kocher1998] and shows how side channel information can be used to break implementations of DES and RSA. Some specific techniques covered include the timing attack, differential fault analysis, simple power analysis and differential power analysis. Possible defenses against each of these side channel attacks are also discussed.
28

On the Applicability of a Cache Side-Channel Attack on ECDSA Signatures : The Flush+Reload attack on the point multiplication in ECDSA signature generation process

Josyula, Sai Prashanth January 2015 (has links)
Context. Digital counterparts of handwritten signatures are known as Digital Signatures. The Elliptic Curve Digital Signature Algorithm (ECDSA) is an Elliptic Curve Cryptography (ECC) primitive, which is used for generating and verifying digital signatures. The attacks that target an implementation of a cryptosystem are known as side-channel attacks. The Flush+Reload attack is a cache side-channel attack that relies on cache hits/misses to recover secret information from the target program execution. In elliptic curve cryptosystems, side-channel attacks are particularly targeted towards the point multiplication step. The Gallant-Lambert-Vanstone (GLV) method for point multiplication is a special method that speeds up the computation for elliptic curves with certain properties. Objectives. In this study, we investigate the applicability of the Flush+Reload attack on ECDSA signatures that employ the GLV method to protect point multiplication. Methods. We demonstrate the attack through an experiment using the curve secp256k1. We perform a pair of experiments to estimate both the applicability and the detection rate of the attack in capturing side-channel information. Results. Through our attack, we capture side-channel information about the decomposed GLV scalars. Conclusions. Based on an analysis of the results, we conclude that for certain implementation choices, the Flush+Reload attack is applicable on ECDSA signature generation process that employs the GLV method. The practitioner should be aware of the implementation choices which introduce vulnerabilities, and avoid the usage of such ECDSA implementations.
29

Bitcoin Transaction Tracing and Purchasing Behavior Characterization of Online Anonymous Marketplaces Using Side Channels

Garcia, Eugene Lemuel R. 01 December 2017 (has links)
We investigate to which degree one could trace Bitcoin transactions and characterize purchasing behavior of online anonymous marketplaces by exploiting side channels. Using a list of addresses found by the FBI on Silk Road servers, and information on the marketplace's official guides, we infer the role played by each address in the list and classify them based on heuristics. We then attempt to trace Bitcoin transactions and show that the anonymity set size is greatly reduced using product review data and the address classification performed on the previous step. Finally, using clustering techniques based on transaction graph analysis, we assign addresses into user wallets, then group these wallets together based on spending patterns, to be able to characterize purchasing behavior.
30

Hardware Security and Side Channel Power Analysis for 16X16 Booth Multiplier in 65nm CMOS Technology

Vissamsetty, Kanchan 30 August 2021 (has links)
No description available.

Page generated in 0.0764 seconds