Cloud environments are essential for modern computing,but are increasingly vulnerable to Side-Channel Attacks(SCAs),which exploit indirect information to compromise sensitive data.To address this critical challenge,we...Cloud environments are essential for modern computing,but are increasingly vulnerable to Side-Channel Attacks(SCAs),which exploit indirect information to compromise sensitive data.To address this critical challenge,we propose SecureCons Framework(SCF),a novel consensus-based cryptographic framework designed to enhance resilience against SCAs in cloud environments.SCF integrates a dual-layer approach combining lightweight cryptographic algorithms with a blockchain-inspired consensus mechanism to secure data exchanges and thwart potential side-channel exploits.The framework includes adaptive anomaly detection models,cryptographic obfuscation techniques,and real-time monitoring to identify and mitigate vulnerabilities proactively.Experimental evaluations demonstrate the framework's robustness,achieving over 95%resilience against advanced SCAs with minimal computational overhead.SCF provides a scalable,secure,and efficient solution,setting a new benchmark for side-channel attack mitigation in cloud ecosystems.展开更多
An embedded cryptosystem needs higher reconfiguration capability and security. After analyzing the newly emerging side-channel attacks on elliptic curve cryptosystem (ECC), an efficient fractional width-w NAF (FWNA...An embedded cryptosystem needs higher reconfiguration capability and security. After analyzing the newly emerging side-channel attacks on elliptic curve cryptosystem (ECC), an efficient fractional width-w NAF (FWNAF) algorithm is proposed to secure ECC scalar multiplication from these attacks. This algorithm adopts the fractional window method and probabilistic SPA scheme to reconfigure the pre-computed table, and it allows designers to make a dynamic configuration on pre-computed table. And then, it is enhanced to resist SPA, DPA, RPA and ZPA attacks by using the random masking method. Compared with the WBRIP and EBRIP methods, our proposals has the lowest total computation cost and reduce the shake phenomenon due to sharp fluctuation on computation performance.展开更多
The number and creativity of side channel attacks have increased dramatically in recent years. Of particular interest are attacks leveraging power line communication to 1) gather information on power consumption from ...The number and creativity of side channel attacks have increased dramatically in recent years. Of particular interest are attacks leveraging power line communication to 1) gather information on power consumption from the victim and 2) exfiltrate data from compromised machines. Attack strategies of this nature on the greater power grid and building infrastructure levels have been shown to be a serious threat. This project further explores this concept of a novel attack vector by creating a new type of penetration testing tool: an USB power adapter capable of remote monitoring of device power consumption and communicating through powerline communications.展开更多
Based on the structure of the side channel attacks (SCAs) to RSA cryptosystem can resist the fault attack and combine with the randomization method for the message and secret exponent, a new implementation scheme of...Based on the structure of the side channel attacks (SCAs) to RSA cryptosystem can resist the fault attack and combine with the randomization method for the message and secret exponent, a new implementation scheme of CRT-based (the Chinese remained theorem) RSA is proposed. The proposed scheme can prevent simple power analysis (SPA), differential power analysis (DPA) and time attack, and is compatible with the existing RSA-CRT cryptosystem as well. In addition, an improvement for resisting fault attack is proposed, which can reduce extra computation time.展开更多
The security of Internet of Things(IoT)is a challenging task for researchers due to plethora of IoT networks.Side Channel Attacks(SCA)are one of the major concerns.The prime objective of SCA is to acquire the informat...The security of Internet of Things(IoT)is a challenging task for researchers due to plethora of IoT networks.Side Channel Attacks(SCA)are one of the major concerns.The prime objective of SCA is to acquire the information by observing the power consumption,electromagnetic(EM)field,timing analysis,and acoustics of the device.Later,the attackers perform statistical functions to recover the key.Advanced Encryption Standard(AES)algorithm has proved to be a good security solution for constrained IoT devices.This paper implements a simulation model which is used to modify theAES algorithm using logicalmasking properties.This invariant of the AES algorithm hides the array of bits during substitution byte transformation of AES.This model is used against SCAand particularly Power Analysis Attacks(PAAs).Simulation model is designed on MATLAB simulator.Results will give better solution by hiding power profiles of the IoT devices against PAAs.In future,the lightweight AES algorithm with false key mechanisms and power reduction techniques such as wave dynamic differential logic(WDDL)will be used to safeguard IoT devices against side channel attacks by using Arduino and field programmable gate array(FPGA).展开更多
To resist the side chaimel attacks of elliptic curve cryptography, a new fast and secure point multiplication algorithm is proposed. The algorithm is based on a particular kind of addition chains involving only additi...To resist the side chaimel attacks of elliptic curve cryptography, a new fast and secure point multiplication algorithm is proposed. The algorithm is based on a particular kind of addition chains involving only additions, providing a natural protection against side channel attacks. Moreover, the new addition formulae that take into account the specific structure of those chains making point multiplication very efficient are proposed. The point multiplication algorithm only needs 1 719 multiplications for the SAC260 of 160-bit integers. For chains of length from 280 to 260, the proposed method outperforms all the previous methods with a gain of 26% to 31% over double-and add, 16% to22% over NAF, 7% to 13% over4-NAF and 1% to 8% over the present best algorithm--double-base chain.展开更多
FLUSH+RELOAD attack is recently proposed as a new type of Cache timing attacks.There are three essential factors in this attack,which are monitored instructions.threshold and waiting interval.However,existing literatu...FLUSH+RELOAD attack is recently proposed as a new type of Cache timing attacks.There are three essential factors in this attack,which are monitored instructions.threshold and waiting interval.However,existing literature seldom exploit how and why they could affect the system.This paper aims to study the impacts of these three parameters,and the method of how to choose optimal values.The complete rules for choosing the monitored instructions based on necessary and sufficient condition are proposed.How to select the optimal threshold based on Bayesian binary signal detection principal is also proposed.Meanwhile,the time sequence model of monitoring is constructed and the calculation of the optimal waiting interval is specified.Extensive experiments are conducted on RSA implemented with binary square-and-multiply algorithm.The results show that the average success rate of full RSA key recovery is89.67%.展开更多
The message blinding method is the most efficient and secure countermeasure against first-order differential power analysis(DPA).Although cross correlation attacks(CCAs) were given for defeating message blinding metho...The message blinding method is the most efficient and secure countermeasure against first-order differential power analysis(DPA).Although cross correlation attacks(CCAs) were given for defeating message blinding methods,however searching for correlation points is difficult for noise,misalignment in practical environment.In this paper,we propose an optimized cross correlation power attack for message blinding exponentiation algorithms.The attack method can select the more correlative power points of share one operation in the modular multiplication by comparing variances between correlation coefficients.Further we demonstrate that the attack method is more efficient in experiments with hardware implementation of RSA on a crypto chip card.In addition to the proposed CCA method can recovery all 1024 bits secret key and recognition rate increases to 100%even when the recorded signals are noisy.展开更多
Chosen-message pair Simple Power Analysis (SPA) attacks were proposed by Boer, Yen and Homma, and are attack methods based on searches for collisions of modular multiplication. However, searching for collisions is dif...Chosen-message pair Simple Power Analysis (SPA) attacks were proposed by Boer, Yen and Homma, and are attack methods based on searches for collisions of modular multiplication. However, searching for collisions is difficult in real environments. To circumvent this problem, we propose the Simple Power Clustering Attack (SPCA), which can automatically identify the modular multiplication collision. The insignificant effects of collision attacks were validated in an Application Specific Integrated Circuit (ASIC) environment. After treatment with SPCA, the automatic secret key recognition rate increased to 99%.展开更多
Power analysis is a non-invaslve attack against cryptographic hardware, which effectively exploits runtime power consumption characteristics of circuits. This paper proposes a new power model which combines Hamming Di...Power analysis is a non-invaslve attack against cryptographic hardware, which effectively exploits runtime power consumption characteristics of circuits. This paper proposes a new power model which combines Hamming Distance model and the model based on the template value of power consumption in combinational logic circuit. The new model can describe the power consumption characteristics of sequential logic circuits and those of combinational logic as well. The new model can be used to improve the existing power analysis methods and detect the information leakage of power consumption. Experimental results show that, compared to CPA(Correlation Power Analysis) method, our proposed attack which adopt the combinational model is more efficient in terms of the number of required power traces.展开更多
Cloud computing supports multitenancy to satisfy the users’demands for accessing resources and simultaneously it increases revenue for cloud providers.Cloud providers adapt multitenancy by virtualizing the resources,...Cloud computing supports multitenancy to satisfy the users’demands for accessing resources and simultaneously it increases revenue for cloud providers.Cloud providers adapt multitenancy by virtualizing the resources,like CPU,network interfaces,peripherals,hard drives and memory using hypervisor to fulfill the demand.In a virtualized environment,many virtual machines(VMs)can run on the same core with the help of the hypervisor by sharing the resources.The VMs running on the same core are the target for the malicious or abnormal attacks like side channel attacks.Among various side channel attacks in cloud computing,cache-based side channel attack is one that leaks private information of the users based on the shared resources.Here,as the shared resource is the cache,a process can utilize the cache usage of another by cache contention.Cache sharing provides a way for the attackers to gain considerable information so that the key used for encryption can be inferred.Discovering this side channel attack is a challenging task.This requires identification of a feature that influences the attack.Even though there are various techniques available in the literature to mitigate such attacks,an effective solution to reduce the cache-based side channel attack is still an issue.Therefore,a novel fuzzy rule-based mechanism is integrated to detect the cache side channel attackers by monitoring the cache data access(CDA).The factor that determines the attack is CDA in a log file created by the framework during authorization.The proposed framework also utilizes certain security properties including ECC and hashing for the privacy preservation and the decision is made with the aid of a fuzzy logic system.展开更多
As a large amount of data needs to be processed and speed needs to be improved,edge computing with ultra-low latency and ultra-connectivity is emerging as a new paradigm.These changes can lead to new cyber risks,and s...As a large amount of data needs to be processed and speed needs to be improved,edge computing with ultra-low latency and ultra-connectivity is emerging as a new paradigm.These changes can lead to new cyber risks,and should therefore be considered for a security threat model.To this end,we constructed an edge system to study security in two directions,hardware and software.First,on the hardware side,we want to autonomically defend against hardware attacks such as side channel attacks by configuring field programmable gate array(FPGA)which is suitable for edge computing and identifying communication status to control the communication method according to priority.In addition,on the software side,data collected on the server performs end-to-end encryption via symmetric encryption keys.Also,we modeled autonomous defense systems on the server by using machine learning which targets to incoming and outgoing logs.Server log utilizes existing intrusion detection datasets that should be used in real-world environments.Server log was used to detect intrusion early by modeling an intrusion prevention system to identify behaviors that violate security policy,and to utilize the existing intrusion detection data set that should be used in a real environment.Through this,we designed an efficient autonomous defense system that can provide a stable system by detecting abnormal signals from the device and converting them to an effective method to control edge computing,and to detect and control abnormal intrusions on the server side.展开更多
Side channel attack may result in user key leakage as scan test techniques are applied for crypto-graphic chips. Many secure scan designs have been proposed to protect the user key. This paper meticulously selects thr...Side channel attack may result in user key leakage as scan test techniques are applied for crypto-graphic chips. Many secure scan designs have been proposed to protect the user key. This paper meticulously selects three current scan test techniques, analyses their advantages and disadvantages and also compares them in security and area overhead. Users can choose one of them according to the requirements and further combination can be implemented to achieve better performance.展开更多
Power analysis has been a powerful and thoroughly studied threat for implementations of block ciphers and public key algorithms but not yet for stream ciphers. Based on the consumed power differences between two neigh...Power analysis has been a powerful and thoroughly studied threat for implementations of block ciphers and public key algorithms but not yet for stream ciphers. Based on the consumed power differences between two neighboring clock cycles, this paper presents a correlation power analysis (CPA) attack on the synchronous stream cipher DECIM^v2 (the tweaked version of the original submission DECIM). This attack resynchronizes the cryptographic device ceaselessly with many different initialization values (IVs) to obtain enough power traces. Then by modeling the statistical properties of the differential power traces with the correlation coefficients, the proposed attack algorithm can completely reveal the secret key of DECIM^v2. Furthermore, a simulation attack is mounted to confirm the validity of the algorithm. The results show that the entire secret key of DECIM^v2 can be restored within several minutes by performing 12 CPA attacks. It seems that there are still some defects in the design of DECIM^v2 and thus some further improvements should be made to resist the proposed attack.展开更多
Speculative execution attacks can leak arbitrary program data under malicious speculation,presenting a severe security threat.Based on two key observations,this paper presents a software-transparent defense mechanism ...Speculative execution attacks can leak arbitrary program data under malicious speculation,presenting a severe security threat.Based on two key observations,this paper presents a software-transparent defense mechanism called speculative secret flow tracking(SSFT),which is capable of defending against all cache-based speculative execution attacks with a low performance overhead.First,we observe that the attacker must use array or pointer variables in the victim code to access arbitrary memory data.Therefore,we propose a strict definition of secret data to reduce the amount of data to be protected.Second,if the load is not data-dependent and control-dependent on secrets,its speculative execution will not leak any secrets.Thus,this paper introduces the concept of speculative secret flow to analyze how secret data are obtained and propagated during speculative execution.By tracking speculative secret flow in hardware,SSFT can identify all unsafe speculative loads(USLs)that are dependent on secrets.Moreover,SSFT exploits three different methods to constrain USLs’speculative execution and prevent them from leaking secrets into the cache and translation lookaside buffer(TLB)states.This paper evaluates the performance of SSFT on the SPEC CPU 2006 workloads,and the results show that SSFT is effective and its performance overhead is very low.To defend against all speculative execution attack variants,SSFT only incurs an average slowdown of 4.5%(Delay USL-L1Miss)or 3.8%(Invisible USLs)compared to a non-secure processor.Our analysis also shows that SSFT maintains a low hardware overhead.展开更多
Feather weight(FeW)cipher is a lightweight block cipher proposed by Kumar et al.in 2019,which takes 64 bits plaintext as input and produces 64 bits ciphertext.As Kumar et al.said,FeW is a software oriented design with...Feather weight(FeW)cipher is a lightweight block cipher proposed by Kumar et al.in 2019,which takes 64 bits plaintext as input and produces 64 bits ciphertext.As Kumar et al.said,FeW is a software oriented design with the aim of achieving high efficiency in software based environments.It seems that FeW is immune to many cryptographic attacks,like linear,impossible differential,differential and zero correlation attacks.However,in recent work,Xie et al.reassessed the security of FeW.More precisely,they proved that under the differential fault analysis(DFA)on the encryption states,an attacker can completely recover the master secret key.In this paper,we revisit the block cipher FeW and consider the DFA on its key schedule algorithm,which is rather popular cryptanalysis for kinds of block ciphers.In particular,by respectively injected faults into the 30th and 29th round subkeys,one can recover about 55/80~69%bits of master key.Then the brute force searching remaining bits,one can obtain the full master secret key.The simulations and experiment results show that our analysis is practical.展开更多
In the past few years,graphics processing units(GPUs)have become an indispensable part of modern computer systems,not only for graphics rendering but also for intensive parallel computing.Given that many tasks running...In the past few years,graphics processing units(GPUs)have become an indispensable part of modern computer systems,not only for graphics rendering but also for intensive parallel computing.Given that many tasks running on GPUs contain sensitive information,security concerns have been raised,especially about potential GPU information leakage.Previous works have shown such concerns by showing that attackers can use GPU memory allocations or performance counters to measure victim side effects.However,such an attack has a critical drawback that it requires a victim to install desktop applications or mobile apps yielding it uneasy to be deployed in the real world.In this paper,we solve this drawback by proposing a novel GPU-based side-channel Geo-Privacy inference attack on the WebGL framework,namely,GLINT(stands for Geo-Location Inference Attack).GLINT merely utilizes a lightweight browser extension to measure the time elapsed to render a sequence of frames on wellknown map websites,e.g.,Google Maps,or Baidu Maps.The measured stream of time series is then employed to infer geologically privacy-sensitive information,such as a search on a specific location.Upon retrieving the stream,we propose a novel online segmentation algorithm for streaming data to determine the start and end points of privacy-sensitive time series.We then combine the DTW algorithm and KNN algorithm on these series to conclude the final inference on a user’s geo-location privacy.We conducted real-world experiments to testify our attack.The experiments show that GeoInfer can correctly infer more than 83%of user searches regardless of the locations and map websites,meaning that our Geo-Privacy inference attack is accurate,practical,and robust.To counter this attack,we implemented a defense strategy based on Differential Privacy to hinder obtaining accurate rendering data.We found that this defense mechanism managed to reduce the average accuracy of the attack model by more than 70%,indicating that the attack was no longer effective.We have fully implemented GLINT and open-sourced it for future follow-up research.展开更多
文摘Cloud environments are essential for modern computing,but are increasingly vulnerable to Side-Channel Attacks(SCAs),which exploit indirect information to compromise sensitive data.To address this critical challenge,we propose SecureCons Framework(SCF),a novel consensus-based cryptographic framework designed to enhance resilience against SCAs in cloud environments.SCF integrates a dual-layer approach combining lightweight cryptographic algorithms with a blockchain-inspired consensus mechanism to secure data exchanges and thwart potential side-channel exploits.The framework includes adaptive anomaly detection models,cryptographic obfuscation techniques,and real-time monitoring to identify and mitigate vulnerabilities proactively.Experimental evaluations demonstrate the framework's robustness,achieving over 95%resilience against advanced SCAs with minimal computational overhead.SCF provides a scalable,secure,and efficient solution,setting a new benchmark for side-channel attack mitigation in cloud ecosystems.
基金supported by the National Natural Science Foundation of China(60373109)Ministry of Science and Technologyof China and the National Commercial Cryptography Application Technology Architecture and Application DemonstrationProject(2008BAA22B02).
文摘An embedded cryptosystem needs higher reconfiguration capability and security. After analyzing the newly emerging side-channel attacks on elliptic curve cryptosystem (ECC), an efficient fractional width-w NAF (FWNAF) algorithm is proposed to secure ECC scalar multiplication from these attacks. This algorithm adopts the fractional window method and probabilistic SPA scheme to reconfigure the pre-computed table, and it allows designers to make a dynamic configuration on pre-computed table. And then, it is enhanced to resist SPA, DPA, RPA and ZPA attacks by using the random masking method. Compared with the WBRIP and EBRIP methods, our proposals has the lowest total computation cost and reduce the shake phenomenon due to sharp fluctuation on computation performance.
文摘The number and creativity of side channel attacks have increased dramatically in recent years. Of particular interest are attacks leveraging power line communication to 1) gather information on power consumption from the victim and 2) exfiltrate data from compromised machines. Attack strategies of this nature on the greater power grid and building infrastructure levels have been shown to be a serious threat. This project further explores this concept of a novel attack vector by creating a new type of penetration testing tool: an USB power adapter capable of remote monitoring of device power consumption and communicating through powerline communications.
基金Project supported by the National Natural Science Foundation of China (Grant No.60573031)the Foundation of the National Laboratory for Modern Communications (Grant No.51436060205JW0305)
文摘Based on the structure of the side channel attacks (SCAs) to RSA cryptosystem can resist the fault attack and combine with the randomization method for the message and secret exponent, a new implementation scheme of CRT-based (the Chinese remained theorem) RSA is proposed. The proposed scheme can prevent simple power analysis (SPA), differential power analysis (DPA) and time attack, and is compatible with the existing RSA-CRT cryptosystem as well. In addition, an improvement for resisting fault attack is proposed, which can reduce extra computation time.
文摘The security of Internet of Things(IoT)is a challenging task for researchers due to plethora of IoT networks.Side Channel Attacks(SCA)are one of the major concerns.The prime objective of SCA is to acquire the information by observing the power consumption,electromagnetic(EM)field,timing analysis,and acoustics of the device.Later,the attackers perform statistical functions to recover the key.Advanced Encryption Standard(AES)algorithm has proved to be a good security solution for constrained IoT devices.This paper implements a simulation model which is used to modify theAES algorithm using logicalmasking properties.This invariant of the AES algorithm hides the array of bits during substitution byte transformation of AES.This model is used against SCAand particularly Power Analysis Attacks(PAAs).Simulation model is designed on MATLAB simulator.Results will give better solution by hiding power profiles of the IoT devices against PAAs.In future,the lightweight AES algorithm with false key mechanisms and power reduction techniques such as wave dynamic differential logic(WDDL)will be used to safeguard IoT devices against side channel attacks by using Arduino and field programmable gate array(FPGA).
基金The National Natural Science Foundation of China (No.60473029,60673072).
文摘To resist the side chaimel attacks of elliptic curve cryptography, a new fast and secure point multiplication algorithm is proposed. The algorithm is based on a particular kind of addition chains involving only additions, providing a natural protection against side channel attacks. Moreover, the new addition formulae that take into account the specific structure of those chains making point multiplication very efficient are proposed. The point multiplication algorithm only needs 1 719 multiplications for the SAC260 of 160-bit integers. For chains of length from 280 to 260, the proposed method outperforms all the previous methods with a gain of 26% to 31% over double-and add, 16% to22% over NAF, 7% to 13% over4-NAF and 1% to 8% over the present best algorithm--double-base chain.
基金supported by National Natural Science Foundation of China (No.61472357,No.61309021,No.61272491, No.61173191)the Major State Basic Research Development Program(973 Plan) of China under the grant 2013CB338004
文摘FLUSH+RELOAD attack is recently proposed as a new type of Cache timing attacks.There are three essential factors in this attack,which are monitored instructions.threshold and waiting interval.However,existing literature seldom exploit how and why they could affect the system.This paper aims to study the impacts of these three parameters,and the method of how to choose optimal values.The complete rules for choosing the monitored instructions based on necessary and sufficient condition are proposed.How to select the optimal threshold based on Bayesian binary signal detection principal is also proposed.Meanwhile,the time sequence model of monitoring is constructed and the calculation of the optimal waiting interval is specified.Extensive experiments are conducted on RSA implemented with binary square-and-multiply algorithm.The results show that the average success rate of full RSA key recovery is89.67%.
基金supported in part by National Natural Science Foundation of China Project(Grant No.60873216) Scientific and Technological Research Priority Projects of Sichuan Province(Grant No. 2012GZ0017)
文摘The message blinding method is the most efficient and secure countermeasure against first-order differential power analysis(DPA).Although cross correlation attacks(CCAs) were given for defeating message blinding methods,however searching for correlation points is difficult for noise,misalignment in practical environment.In this paper,we propose an optimized cross correlation power attack for message blinding exponentiation algorithms.The attack method can select the more correlative power points of share one operation in the modular multiplication by comparing variances between correlation coefficients.Further we demonstrate that the attack method is more efficient in experiments with hardware implementation of RSA on a crypto chip card.In addition to the proposed CCA method can recovery all 1024 bits secret key and recognition rate increases to 100%even when the recorded signals are noisy.
基金supported in part by the National Natural Science Foundation of China under Grant No. 60873216Scientific and Technological Research Priority Projects of Sichuan Province under Grant No. 2012GZ0017Basic Research of Application Fund Project of Sichuan Province under Grant No. 2011JY0100
文摘Chosen-message pair Simple Power Analysis (SPA) attacks were proposed by Boer, Yen and Homma, and are attack methods based on searches for collisions of modular multiplication. However, searching for collisions is difficult in real environments. To circumvent this problem, we propose the Simple Power Clustering Attack (SPCA), which can automatically identify the modular multiplication collision. The insignificant effects of collision attacks were validated in an Application Specific Integrated Circuit (ASIC) environment. After treatment with SPCA, the automatic secret key recognition rate increased to 99%.
基金supported by Major State Basic Research Development Program(No. 2013CB338004)National Natural Science Foundation of China(No.61402286, 61202372,61202371,61309021)National Science and Technology Major Project of the Ministry of Science and Technology of China (No.2014ZX01032401-001)
文摘Power analysis is a non-invaslve attack against cryptographic hardware, which effectively exploits runtime power consumption characteristics of circuits. This paper proposes a new power model which combines Hamming Distance model and the model based on the template value of power consumption in combinational logic circuit. The new model can describe the power consumption characteristics of sequential logic circuits and those of combinational logic as well. The new model can be used to improve the existing power analysis methods and detect the information leakage of power consumption. Experimental results show that, compared to CPA(Correlation Power Analysis) method, our proposed attack which adopt the combinational model is more efficient in terms of the number of required power traces.
文摘Cloud computing supports multitenancy to satisfy the users’demands for accessing resources and simultaneously it increases revenue for cloud providers.Cloud providers adapt multitenancy by virtualizing the resources,like CPU,network interfaces,peripherals,hard drives and memory using hypervisor to fulfill the demand.In a virtualized environment,many virtual machines(VMs)can run on the same core with the help of the hypervisor by sharing the resources.The VMs running on the same core are the target for the malicious or abnormal attacks like side channel attacks.Among various side channel attacks in cloud computing,cache-based side channel attack is one that leaks private information of the users based on the shared resources.Here,as the shared resource is the cache,a process can utilize the cache usage of another by cache contention.Cache sharing provides a way for the attackers to gain considerable information so that the key used for encryption can be inferred.Discovering this side channel attack is a challenging task.This requires identification of a feature that influences the attack.Even though there are various techniques available in the literature to mitigate such attacks,an effective solution to reduce the cache-based side channel attack is still an issue.Therefore,a novel fuzzy rule-based mechanism is integrated to detect the cache side channel attackers by monitoring the cache data access(CDA).The factor that determines the attack is CDA in a log file created by the framework during authorization.The proposed framework also utilizes certain security properties including ECC and hashing for the privacy preservation and the decision is made with the aid of a fuzzy logic system.
基金This research was funded by Korea Environmental Industry&Technology Institute(KEITI),Grant Number RE202101551and The APC was funded by Ministry of Environment(ME).
文摘As a large amount of data needs to be processed and speed needs to be improved,edge computing with ultra-low latency and ultra-connectivity is emerging as a new paradigm.These changes can lead to new cyber risks,and should therefore be considered for a security threat model.To this end,we constructed an edge system to study security in two directions,hardware and software.First,on the hardware side,we want to autonomically defend against hardware attacks such as side channel attacks by configuring field programmable gate array(FPGA)which is suitable for edge computing and identifying communication status to control the communication method according to priority.In addition,on the software side,data collected on the server performs end-to-end encryption via symmetric encryption keys.Also,we modeled autonomous defense systems on the server by using machine learning which targets to incoming and outgoing logs.Server log utilizes existing intrusion detection datasets that should be used in real-world environments.Server log was used to detect intrusion early by modeling an intrusion prevention system to identify behaviors that violate security policy,and to utilize the existing intrusion detection data set that should be used in a real environment.Through this,we designed an efficient autonomous defense system that can provide a stable system by detecting abnormal signals from the device and converting them to an effective method to control edge computing,and to detect and control abnormal intrusions on the server side.
文摘Side channel attack may result in user key leakage as scan test techniques are applied for crypto-graphic chips. Many secure scan designs have been proposed to protect the user key. This paper meticulously selects three current scan test techniques, analyses their advantages and disadvantages and also compares them in security and area overhead. Users can choose one of them according to the requirements and further combination can be implemented to achieve better performance.
基金supported by the National Basic Research Program of China (2007CB311201)the National Natural Science Foundation of China (60833008, 60803149)
文摘Power analysis has been a powerful and thoroughly studied threat for implementations of block ciphers and public key algorithms but not yet for stream ciphers. Based on the consumed power differences between two neighboring clock cycles, this paper presents a correlation power analysis (CPA) attack on the synchronous stream cipher DECIM^v2 (the tweaked version of the original submission DECIM). This attack resynchronizes the cryptographic device ceaselessly with many different initialization values (IVs) to obtain enough power traces. Then by modeling the statistical properties of the differential power traces with the correlation coefficients, the proposed attack algorithm can completely reveal the secret key of DECIM^v2. Furthermore, a simulation attack is mounted to confirm the validity of the algorithm. The results show that the entire secret key of DECIM^v2 can be restored within several minutes by performing 12 CPA attacks. It seems that there are still some defects in the design of DECIM^v2 and thus some further improvements should be made to resist the proposed attack.
基金supported by the Key-Area Research and Development Program of Guangdong Province of China under Grant No.2018B010115002.
文摘Speculative execution attacks can leak arbitrary program data under malicious speculation,presenting a severe security threat.Based on two key observations,this paper presents a software-transparent defense mechanism called speculative secret flow tracking(SSFT),which is capable of defending against all cache-based speculative execution attacks with a low performance overhead.First,we observe that the attacker must use array or pointer variables in the victim code to access arbitrary memory data.Therefore,we propose a strict definition of secret data to reduce the amount of data to be protected.Second,if the load is not data-dependent and control-dependent on secrets,its speculative execution will not leak any secrets.Thus,this paper introduces the concept of speculative secret flow to analyze how secret data are obtained and propagated during speculative execution.By tracking speculative secret flow in hardware,SSFT can identify all unsafe speculative loads(USLs)that are dependent on secrets.Moreover,SSFT exploits three different methods to constrain USLs’speculative execution and prevent them from leaking secrets into the cache and translation lookaside buffer(TLB)states.This paper evaluates the performance of SSFT on the SPEC CPU 2006 workloads,and the results show that SSFT is effective and its performance overhead is very low.To defend against all speculative execution attack variants,SSFT only incurs an average slowdown of 4.5%(Delay USL-L1Miss)or 3.8%(Invisible USLs)compared to a non-secure processor.Our analysis also shows that SSFT maintains a low hardware overhead.
基金supported in part by the Foundation of State Key Laboratory of Information Security under Grant 2021-MS-04in part by the Natural Science Foundation of Shaanxi Province under grant 2022-JM-365.
文摘Feather weight(FeW)cipher is a lightweight block cipher proposed by Kumar et al.in 2019,which takes 64 bits plaintext as input and produces 64 bits ciphertext.As Kumar et al.said,FeW is a software oriented design with the aim of achieving high efficiency in software based environments.It seems that FeW is immune to many cryptographic attacks,like linear,impossible differential,differential and zero correlation attacks.However,in recent work,Xie et al.reassessed the security of FeW.More precisely,they proved that under the differential fault analysis(DFA)on the encryption states,an attacker can completely recover the master secret key.In this paper,we revisit the block cipher FeW and consider the DFA on its key schedule algorithm,which is rather popular cryptanalysis for kinds of block ciphers.In particular,by respectively injected faults into the 30th and 29th round subkeys,one can recover about 55/80~69%bits of master key.Then the brute force searching remaining bits,one can obtain the full master secret key.The simulations and experiment results show that our analysis is practical.
基金supported by the National Natural Science Foundation of China(62002067)the Guangzhou Youth Talent of Science(QT20220101174).
文摘In the past few years,graphics processing units(GPUs)have become an indispensable part of modern computer systems,not only for graphics rendering but also for intensive parallel computing.Given that many tasks running on GPUs contain sensitive information,security concerns have been raised,especially about potential GPU information leakage.Previous works have shown such concerns by showing that attackers can use GPU memory allocations or performance counters to measure victim side effects.However,such an attack has a critical drawback that it requires a victim to install desktop applications or mobile apps yielding it uneasy to be deployed in the real world.In this paper,we solve this drawback by proposing a novel GPU-based side-channel Geo-Privacy inference attack on the WebGL framework,namely,GLINT(stands for Geo-Location Inference Attack).GLINT merely utilizes a lightweight browser extension to measure the time elapsed to render a sequence of frames on wellknown map websites,e.g.,Google Maps,or Baidu Maps.The measured stream of time series is then employed to infer geologically privacy-sensitive information,such as a search on a specific location.Upon retrieving the stream,we propose a novel online segmentation algorithm for streaming data to determine the start and end points of privacy-sensitive time series.We then combine the DTW algorithm and KNN algorithm on these series to conclude the final inference on a user’s geo-location privacy.We conducted real-world experiments to testify our attack.The experiments show that GeoInfer can correctly infer more than 83%of user searches regardless of the locations and map websites,meaning that our Geo-Privacy inference attack is accurate,practical,and robust.To counter this attack,we implemented a defense strategy based on Differential Privacy to hinder obtaining accurate rendering data.We found that this defense mechanism managed to reduce the average accuracy of the attack model by more than 70%,indicating that the attack was no longer effective.We have fully implemented GLINT and open-sourced it for future follow-up research.
