Mg2Ni0.7M0.3(M=Al,Mn and Ti)alloys were prepared by solid phase sintering process.The phases and microstructure of the alloys were systematically characterized by XRD,SEM and STEM.It was found that Mg3MNi2intermetalli...Mg2Ni0.7M0.3(M=Al,Mn and Ti)alloys were prepared by solid phase sintering process.The phases and microstructure of the alloys were systematically characterized by XRD,SEM and STEM.It was found that Mg3MNi2intermetallic compounds formed in Mg2Ni0.7M0.3alloys and coexisted with Mg and Mg2Ni,and that radius of M atoms closer to that of Mg atom was more beneficial to the formation of Mg3MNi2.The hydrogen storage properties and corrosion resistance of Mg2Ni0.7M0.3alloys were investigated through Sievert and Tafel methods.Mg2Ni0.7M0.3alloys exhibited remarkably improved hydrogen absorption and desorption properties.Significantly reduced apparent dehydriding activation energy values of-46.12,-59.16and-73.15kJ/mol were achieved for Mg2Ni0.7Al0.3,Mg2Ni0.7Mn0.3and Mg2Ni0.7Ti0.3alloys,respectively.The corrosion potential of Mg2Ni0.7M0.3alloys shifted to the positive position compared with Mg2Ni alloy,e.g.there was a corrosion potential difference of0.110V between Mg2Ni0.7Al0.3alloy(-0.529V)and Mg2Ni(-0.639V),showing improved anti-corrosion properties by the addition of Al,Mn and Ti.展开更多
Time-division multiple access (TDMA) and code-division multiple access (CDMA) are two technologies used in digital cellular networks. The authentication protocols of TDMA networks have been proven to be vulnerable to ...Time-division multiple access (TDMA) and code-division multiple access (CDMA) are two technologies used in digital cellular networks. The authentication protocols of TDMA networks have been proven to be vulnerable to side-channel analysis (SCA), giving rise to a series of powerful SCA-based attacks against unprotected subscriber identity module (SIM) cards. CDMA networks have two authentication protocols, cellular authentication and voice encryption (CAVE) based authentication protocol and authentication and key agreement (AKA) based authentication protocol, which are used in different phases of the networks. However, there has been no SCA attack for these two protocols so far. In this paper, in order to figure out if the authentication protocols of CDMA networks are sufficiently secure against SCA, we investigate the two existing protocols and their cryptographic algorithms. We find the side-channel weaknesses of the two protocols when they are implemented on embedded systems. Based on these weaknesses, we propose specific attack strategies to recover their authentication keys for the two protocols, respectively. We verify our strategies on an 8-bit microcontroller and a real-world SIM card, showing that the authentication keys can be fully recovered within a few minutes with a limited number of power measurements. The successful experiments demonstrate the correctness and the effectiveness of our proposed strategies and prove that the unprotected implementations of the authentication protocols of CDMA networks cannot resist SCA.展开更多
Side-channel attacks(SCAs)play an important role in the security evaluation of cryptographic devices.As a form of SCAs,profiled differential power analysis(DPA)is among the most powerful and efficient by taking advant...Side-channel attacks(SCAs)play an important role in the security evaluation of cryptographic devices.As a form of SCAs,profiled differential power analysis(DPA)is among the most powerful and efficient by taking advantage of a profiling phase that learns features from a controlled device.Linear regression(LR)based profiling,a special profiling method proposed by Schindler et al.,could be extended to generic-emulating DPA(differential power analysis)by on-the-fly profiling.The formal extension was proposed by Whitnall et al.named SLR-based method.Later,to improve SLR-based method,Wang et al.introduced a method based on ridge regression.However,the constant format of L-2 penalty still limits the performance of profiling.In this paper,we generalize the ridge-based method and propose a new strategy of using variable regularization.We then analyze from a theoretical point of view why we should not use constant penalty format for all cases.Roughly speaking,our work reveals the underlying mechanism of how different formats affect the profiling process in the context of side channel.Therefore,by selecting a proper regularization,we could push the limits of LR-based profiling.Finally,we conduct simulation-based and practical experiments to confirm our analysis.Specifically,the results of our practical experiments show that the proper formats of regularization are different among real devices.展开更多
In the era of the Internet of Things,Bluetooth low energy(BLE/BTLE)plays an important role as a wellknown wireless communication technology.While the security and privacy of BLE have been analyzed and fixed several ti...In the era of the Internet of Things,Bluetooth low energy(BLE/BTLE)plays an important role as a wellknown wireless communication technology.While the security and privacy of BLE have been analyzed and fixed several times,the threat of side-channel attacks to BLE devices is still not well understood.In this work,we highlight a side-channel threat to the re-keying protocol of BLE.This protocol uses a fixed long term key for generating session keys,and the leakage of the long term key could render the encryption of all the following(and previous)connections useless.Our attack exploits the side-channel leakage of the re-keying protocol when it is implemented on embedded devices.In particular,we present successful correlation electromagnetic analysis and deep learning based profiled analysis that recover long term keys of BLE devices.We evaluate our attack on an ARM Cortex-M4 processor(Nordic Semiconductor nRF52840)running Nimble,a popular open-source BLE stack.Our results demonstrate that the long term key can be recovered within only a small amount of electromagnetic traces.Further,we summarize the features and limitations of our attack,and suggest a range of countermeasures to prevent it.展开更多
基金Project (2016J01266) supported by the Natural Science Foundation of Fujian Province,ChinaProject (JZ160474) supported by the Science and Technology Project of Education Department of Fujian Province,China
文摘Mg2Ni0.7M0.3(M=Al,Mn and Ti)alloys were prepared by solid phase sintering process.The phases and microstructure of the alloys were systematically characterized by XRD,SEM and STEM.It was found that Mg3MNi2intermetallic compounds formed in Mg2Ni0.7M0.3alloys and coexisted with Mg and Mg2Ni,and that radius of M atoms closer to that of Mg atom was more beneficial to the formation of Mg3MNi2.The hydrogen storage properties and corrosion resistance of Mg2Ni0.7M0.3alloys were investigated through Sievert and Tafel methods.Mg2Ni0.7M0.3alloys exhibited remarkably improved hydrogen absorption and desorption properties.Significantly reduced apparent dehydriding activation energy values of-46.12,-59.16and-73.15kJ/mol were achieved for Mg2Ni0.7Al0.3,Mg2Ni0.7Mn0.3and Mg2Ni0.7Ti0.3alloys,respectively.The corrosion potential of Mg2Ni0.7M0.3alloys shifted to the positive position compared with Mg2Ni alloy,e.g.there was a corrosion potential difference of0.110V between Mg2Ni0.7Al0.3alloy(-0.529V)and Mg2Ni(-0.639V),showing improved anti-corrosion properties by the addition of Al,Mn and Ti.
文摘Time-division multiple access (TDMA) and code-division multiple access (CDMA) are two technologies used in digital cellular networks. The authentication protocols of TDMA networks have been proven to be vulnerable to side-channel analysis (SCA), giving rise to a series of powerful SCA-based attacks against unprotected subscriber identity module (SIM) cards. CDMA networks have two authentication protocols, cellular authentication and voice encryption (CAVE) based authentication protocol and authentication and key agreement (AKA) based authentication protocol, which are used in different phases of the networks. However, there has been no SCA attack for these two protocols so far. In this paper, in order to figure out if the authentication protocols of CDMA networks are sufficiently secure against SCA, we investigate the two existing protocols and their cryptographic algorithms. We find the side-channel weaknesses of the two protocols when they are implemented on embedded systems. Based on these weaknesses, we propose specific attack strategies to recover their authentication keys for the two protocols, respectively. We verify our strategies on an 8-bit microcontroller and a real-world SIM card, showing that the authentication keys can be fully recovered within a few minutes with a limited number of power measurements. The successful experiments demonstrate the correctness and the effectiveness of our proposed strategies and prove that the unprotected implementations of the authentication protocols of CDMA networks cannot resist SCA.
基金supported by the State Grid Science and Technology Project of China under Grant No.546816190003.
文摘Side-channel attacks(SCAs)play an important role in the security evaluation of cryptographic devices.As a form of SCAs,profiled differential power analysis(DPA)is among the most powerful and efficient by taking advantage of a profiling phase that learns features from a controlled device.Linear regression(LR)based profiling,a special profiling method proposed by Schindler et al.,could be extended to generic-emulating DPA(differential power analysis)by on-the-fly profiling.The formal extension was proposed by Whitnall et al.named SLR-based method.Later,to improve SLR-based method,Wang et al.introduced a method based on ridge regression.However,the constant format of L-2 penalty still limits the performance of profiling.In this paper,we generalize the ridge-based method and propose a new strategy of using variable regularization.We then analyze from a theoretical point of view why we should not use constant penalty format for all cases.Roughly speaking,our work reveals the underlying mechanism of how different formats affect the profiling process in the context of side channel.Therefore,by selecting a proper regularization,we could push the limits of LR-based profiling.Finally,we conduct simulation-based and practical experiments to confirm our analysis.Specifically,the results of our practical experiments show that the proper formats of regularization are different among real devices.
基金supported by the National Natural Science Foundation of China under Grant No.62072307。
文摘In the era of the Internet of Things,Bluetooth low energy(BLE/BTLE)plays an important role as a wellknown wireless communication technology.While the security and privacy of BLE have been analyzed and fixed several times,the threat of side-channel attacks to BLE devices is still not well understood.In this work,we highlight a side-channel threat to the re-keying protocol of BLE.This protocol uses a fixed long term key for generating session keys,and the leakage of the long term key could render the encryption of all the following(and previous)connections useless.Our attack exploits the side-channel leakage of the re-keying protocol when it is implemented on embedded devices.In particular,we present successful correlation electromagnetic analysis and deep learning based profiled analysis that recover long term keys of BLE devices.We evaluate our attack on an ARM Cortex-M4 processor(Nordic Semiconductor nRF52840)running Nimble,a popular open-source BLE stack.Our results demonstrate that the long term key can be recovered within only a small amount of electromagnetic traces.Further,we summarize the features and limitations of our attack,and suggest a range of countermeasures to prevent it.
