The security of Internet of Things(IoT)is a challenging task for researchers due to plethora of IoT networks.Side Channel Attacks(SCA)are one of the major concerns.The prime objective of SCA is to acquire the informat...The security of Internet of Things(IoT)is a challenging task for researchers due to plethora of IoT networks.Side Channel Attacks(SCA)are one of the major concerns.The prime objective of SCA is to acquire the information by observing the power consumption,electromagnetic(EM)field,timing analysis,and acoustics of the device.Later,the attackers perform statistical functions to recover the key.Advanced Encryption Standard(AES)algorithm has proved to be a good security solution for constrained IoT devices.This paper implements a simulation model which is used to modify theAES algorithm using logicalmasking properties.This invariant of the AES algorithm hides the array of bits during substitution byte transformation of AES.This model is used against SCAand particularly Power Analysis Attacks(PAAs).Simulation model is designed on MATLAB simulator.Results will give better solution by hiding power profiles of the IoT devices against PAAs.In future,the lightweight AES algorithm with false key mechanisms and power reduction techniques such as wave dynamic differential logic(WDDL)will be used to safeguard IoT devices against side channel attacks by using Arduino and field programmable gate array(FPGA).展开更多
An embedded cryptosystem needs higher reconfiguration capability and security. After analyzing the newly emerging side-channel attacks on elliptic curve cryptosystem (ECC), an efficient fractional width-w NAF (FWNA...An embedded cryptosystem needs higher reconfiguration capability and security. After analyzing the newly emerging side-channel attacks on elliptic curve cryptosystem (ECC), an efficient fractional width-w NAF (FWNAF) algorithm is proposed to secure ECC scalar multiplication from these attacks. This algorithm adopts the fractional window method and probabilistic SPA scheme to reconfigure the pre-computed table, and it allows designers to make a dynamic configuration on pre-computed table. And then, it is enhanced to resist SPA, DPA, RPA and ZPA attacks by using the random masking method. Compared with the WBRIP and EBRIP methods, our proposals has the lowest total computation cost and reduce the shake phenomenon due to sharp fluctuation on computation performance.展开更多
In this paper,we propose two new attack algorithms on RSA implementations with CRT(Chinese remainder theorem).To improve the attack efficiency considerably,a clustering collision power attack on RSA with CRT is introd...In this paper,we propose two new attack algorithms on RSA implementations with CRT(Chinese remainder theorem).To improve the attack efficiency considerably,a clustering collision power attack on RSA with CRT is introduced via chosen-message pairs.This attack method is that the key parameters dp and dq are segmented by byte,and the modular multiplication collisions are identified by k-means clustering.The exponents dp and dq were recovered by 12 power traces of six groups of the specific message pairs,and the exponent d was obtained.We also propose a second order clustering collision power analysis attack against RSA implementation with CRT,which applies double blinding exponentiation.To reduce noise and artificial participation,we analyze the power points of interest by preprocessing and k-means clustering with horizontal correlation collisions.Thus,we recovered approximately 91%of the secret exponents manipulated with a single power curve on RSA-CRT with countermeasures of double blinding methods.展开更多
While all-optical networks become more and more popular as the basis of the next generation Internet(NGI)infrastructure,such networks raise many critical security issues.High power inter-channel crosstalk attack is on...While all-optical networks become more and more popular as the basis of the next generation Internet(NGI)infrastructure,such networks raise many critical security issues.High power inter-channel crosstalk attack is one of the security issues which have negative effect on information security in optical networks.Optical fiber in optical networks has some nonlinear characteristics,such as self phase modulation(SPM),cross phase modulation(XPM),four-wave mixing(FWM)and stimulated Raman scattering(SRS).They can be used to implement high power inter-channel crosstalk attack by malicious attackers.The mechanism of high power inter-channel crosstalk attack is analyzed.When an attack occurs,attack signal power and fiber nonlinear refractive index are the main factors which affect quality of legitimate signals.The effect of high power inter-channel crosstalk attack on quality of legitimate signals is investigated by building simulation system in VPI software.The results show that interchannel crosstalk caused by high power attack signal leads to quality deterioration of legitimate signals propagated in the same fiber.The higher the power of attack signal is,the greater the fiber nonlinear refractive index is.The closer the channel spacing away from the attack signal is,the more seriously the legitimate signals are affected by attack.We also find that when attack position and power of attack signal are constant,attack signal cannot infinitely spread,while its attack ability shows a fading trend with the extension of propagation distance.展开更多
This paper presents an improved simple power attack against the key schedule of Camellia. While the original attack required an exact determination of the Hamming weight of intermediate data values based on power meas...This paper presents an improved simple power attack against the key schedule of Camellia. While the original attack required an exact determination of the Hamming weight of intermediate data values based on power measurements, in this paper, two types of the simple power attack are presented and shown to be tolerant of errors that might occur in the Hamming weight determinations. In practical applications of the attack, such errors are likely to occur due to noise and distortion in the power measurements and their mapping to the Hamming weights of the data. To resist these attacks, the required design rationale of key schedules and several practical countermeasures are suggested.展开更多
Retraction: LIU Shuanggen, NI Haiying, HU Yupu, LIAO Yunyan. An Improved Simple Power Attack against Camellia's Key Schedule. Wuhan University Journal of Natural Sciences, 2008, 13(5): 591-594. DOI: 10.1007/s 11...Retraction: LIU Shuanggen, NI Haiying, HU Yupu, LIAO Yunyan. An Improved Simple Power Attack against Camellia's Key Schedule. Wuhan University Journal of Natural Sciences, 2008, 13(5): 591-594. DOI: 10.1007/s 11859-008-0516-3展开更多
Wi-Fi devices have limited battery life because of which conserving battery life is imperative. The 802.11 Wi-Fi standard provides power management feature that allows stations(STAs) to enter into sleep state to prese...Wi-Fi devices have limited battery life because of which conserving battery life is imperative. The 802.11 Wi-Fi standard provides power management feature that allows stations(STAs) to enter into sleep state to preserve energy without any frame losses. After the STA wakes up, it sends a null data or PS-Poll frame to retrieve frame(s) buffered by the access point(AP), if any during its sleep period. An attacker can launch a power save denial of service(PS-DoS) attack on the sleeping STA(s) by transmitting a spoofed null data or PS-Poll frame(s) to retrieve the buffered frame(s) of the sleeping STA(s) from the AP causing frame losses for the targeted STA(s). Current approaches to prevent or detect the PS-DoS attack require encryption,change in protocol or installation of proprietary hardware. These solutions suffer from expensive setup, maintenance, scalability and deployment issues. The PS-DoS attack does not differ in semantics or statistics under normal and attack circumstances.So signature and anomaly based intrusion detection system(IDS) are unfit to detect the PS-DoS attack. In this paper we propose a timed IDS based on real time discrete event system(RTDES) for detecting PS-DoS attack. The proposed DES based IDS overcomes the drawbacks of existing systems and detects the PS-DoS attack with high accuracy and detection rate. The correctness of the RTDES based IDS is proved by experimenting all possible attack scenarios.展开更多
Hash-based message authentication code(HMAC)is widely used in authentication and message integrity.As a Chinese hash algorithm,the SM3 algorithm is gradually winning domestic market value in China.The side channel sec...Hash-based message authentication code(HMAC)is widely used in authentication and message integrity.As a Chinese hash algorithm,the SM3 algorithm is gradually winning domestic market value in China.The side channel security of HMAC based on SM3(HMAC-SM3)is still to be evaluated,especially in hardware implementation,where only intermediate values stored in registers have apparent Hamming distance leakage.In addition,the algorithm structure of SM3 determines the difficulty in HMAC-SM3 side channel analysis.In this paper,a skillful bit-wise chosen-plaintext correlation power attack procedure is proposed for HMAC-SM3 hardware implementation.Real attack experiments on a field programmable gate array(FPGA)board have been performed.Experimental results show that we can recover the key from the hypothesis space of 2256 based on the proposed procedure.展开更多
文摘The security of Internet of Things(IoT)is a challenging task for researchers due to plethora of IoT networks.Side Channel Attacks(SCA)are one of the major concerns.The prime objective of SCA is to acquire the information by observing the power consumption,electromagnetic(EM)field,timing analysis,and acoustics of the device.Later,the attackers perform statistical functions to recover the key.Advanced Encryption Standard(AES)algorithm has proved to be a good security solution for constrained IoT devices.This paper implements a simulation model which is used to modify theAES algorithm using logicalmasking properties.This invariant of the AES algorithm hides the array of bits during substitution byte transformation of AES.This model is used against SCAand particularly Power Analysis Attacks(PAAs).Simulation model is designed on MATLAB simulator.Results will give better solution by hiding power profiles of the IoT devices against PAAs.In future,the lightweight AES algorithm with false key mechanisms and power reduction techniques such as wave dynamic differential logic(WDDL)will be used to safeguard IoT devices against side channel attacks by using Arduino and field programmable gate array(FPGA).
基金supported by the National Natural Science Foundation of China(60373109)Ministry of Science and Technologyof China and the National Commercial Cryptography Application Technology Architecture and Application DemonstrationProject(2008BAA22B02).
文摘An embedded cryptosystem needs higher reconfiguration capability and security. After analyzing the newly emerging side-channel attacks on elliptic curve cryptosystem (ECC), an efficient fractional width-w NAF (FWNAF) algorithm is proposed to secure ECC scalar multiplication from these attacks. This algorithm adopts the fractional window method and probabilistic SPA scheme to reconfigure the pre-computed table, and it allows designers to make a dynamic configuration on pre-computed table. And then, it is enhanced to resist SPA, DPA, RPA and ZPA attacks by using the random masking method. Compared with the WBRIP and EBRIP methods, our proposals has the lowest total computation cost and reduce the shake phenomenon due to sharp fluctuation on computation performance.
基金supported by the National Key R&D Program of China(No.2017YFB0802300)the Key Research and Development Project of Sichuan Province(No.2020YFG0307,No.2018TJPT0012)the Key Research and Development Project of Chengdu(No.2019-YF05-02028-GX).
文摘In this paper,we propose two new attack algorithms on RSA implementations with CRT(Chinese remainder theorem).To improve the attack efficiency considerably,a clustering collision power attack on RSA with CRT is introduced via chosen-message pairs.This attack method is that the key parameters dp and dq are segmented by byte,and the modular multiplication collisions are identified by k-means clustering.The exponents dp and dq were recovered by 12 power traces of six groups of the specific message pairs,and the exponent d was obtained.We also propose a second order clustering collision power analysis attack against RSA implementation with CRT,which applies double blinding exponentiation.To reduce noise and artificial participation,we analyze the power points of interest by preprocessing and k-means clustering with horizontal correlation collisions.Thus,we recovered approximately 91%of the secret exponents manipulated with a single power curve on RSA-CRT with countermeasures of double blinding methods.
基金the National Natural Science Foundation of China(No.61179002)the National Defence Foundation of China(No.2012JY002-260)
文摘While all-optical networks become more and more popular as the basis of the next generation Internet(NGI)infrastructure,such networks raise many critical security issues.High power inter-channel crosstalk attack is one of the security issues which have negative effect on information security in optical networks.Optical fiber in optical networks has some nonlinear characteristics,such as self phase modulation(SPM),cross phase modulation(XPM),four-wave mixing(FWM)and stimulated Raman scattering(SRS).They can be used to implement high power inter-channel crosstalk attack by malicious attackers.The mechanism of high power inter-channel crosstalk attack is analyzed.When an attack occurs,attack signal power and fiber nonlinear refractive index are the main factors which affect quality of legitimate signals.The effect of high power inter-channel crosstalk attack on quality of legitimate signals is investigated by building simulation system in VPI software.The results show that interchannel crosstalk caused by high power attack signal leads to quality deterioration of legitimate signals propagated in the same fiber.The higher the power of attack signal is,the greater the fiber nonlinear refractive index is.The closer the channel spacing away from the attack signal is,the more seriously the legitimate signals are affected by attack.We also find that when attack position and power of attack signal are constant,attack signal cannot infinitely spread,while its attack ability shows a fading trend with the extension of propagation distance.
基金the National Natural Science Foundation of China (60673072)the Natural Basic Research Program of China (2007CB311201)
文摘This paper presents an improved simple power attack against the key schedule of Camellia. While the original attack required an exact determination of the Hamming weight of intermediate data values based on power measurements, in this paper, two types of the simple power attack are presented and shown to be tolerant of errors that might occur in the Hamming weight determinations. In practical applications of the attack, such errors are likely to occur due to noise and distortion in the power measurements and their mapping to the Hamming weights of the data. To resist these attacks, the required design rationale of key schedules and several practical countermeasures are suggested.
文摘Retraction: LIU Shuanggen, NI Haiying, HU Yupu, LIAO Yunyan. An Improved Simple Power Attack against Camellia's Key Schedule. Wuhan University Journal of Natural Sciences, 2008, 13(5): 591-594. DOI: 10.1007/s 11859-008-0516-3
基金supported by TATA Consultancy Servies(TCS)Research Fellowship Program,India
文摘Wi-Fi devices have limited battery life because of which conserving battery life is imperative. The 802.11 Wi-Fi standard provides power management feature that allows stations(STAs) to enter into sleep state to preserve energy without any frame losses. After the STA wakes up, it sends a null data or PS-Poll frame to retrieve frame(s) buffered by the access point(AP), if any during its sleep period. An attacker can launch a power save denial of service(PS-DoS) attack on the sleeping STA(s) by transmitting a spoofed null data or PS-Poll frame(s) to retrieve the buffered frame(s) of the sleeping STA(s) from the AP causing frame losses for the targeted STA(s). Current approaches to prevent or detect the PS-DoS attack require encryption,change in protocol or installation of proprietary hardware. These solutions suffer from expensive setup, maintenance, scalability and deployment issues. The PS-DoS attack does not differ in semantics or statistics under normal and attack circumstances.So signature and anomaly based intrusion detection system(IDS) are unfit to detect the PS-DoS attack. In this paper we propose a timed IDS based on real time discrete event system(RTDES) for detecting PS-DoS attack. The proposed DES based IDS overcomes the drawbacks of existing systems and detects the PS-DoS attack with high accuracy and detection rate. The correctness of the RTDES based IDS is proved by experimenting all possible attack scenarios.
基金Project supported by the Major Program of the Ministry of Industry and Information Technology of China(No.2017ZX01030301)the Beijing Natural Science Foundation of China(No.4162053)
文摘Hash-based message authentication code(HMAC)is widely used in authentication and message integrity.As a Chinese hash algorithm,the SM3 algorithm is gradually winning domestic market value in China.The side channel security of HMAC based on SM3(HMAC-SM3)is still to be evaluated,especially in hardware implementation,where only intermediate values stored in registers have apparent Hamming distance leakage.In addition,the algorithm structure of SM3 determines the difficulty in HMAC-SM3 side channel analysis.In this paper,a skillful bit-wise chosen-plaintext correlation power attack procedure is proposed for HMAC-SM3 hardware implementation.Real attack experiments on a field programmable gate array(FPGA)board have been performed.Experimental results show that we can recover the key from the hypothesis space of 2256 based on the proposed procedure.
