The adoption of deep learning-based side-channel analysis(DL-SCA)is crucial for leak detection in secure products.Many previous studies have applied this method to break targets protected with countermeasures.Despite ...The adoption of deep learning-based side-channel analysis(DL-SCA)is crucial for leak detection in secure products.Many previous studies have applied this method to break targets protected with countermeasures.Despite the increasing number of studies,the problem of model overfitting.Recent research mainly focuses on exploring hyperparameters and network architectures,while offering limited insights into the effects of external factors on side-channel attacks,such as the number and type of models.This paper proposes a Side-channel Analysis method based on a Stacking ensemble,called Stacking-SCA.In our method,multiple models are deeply integrated.Through the extended application of base models and the meta-model,Stacking-SCA effectively improves the output class probabilities of the model,leading to better generalization.Furthermore,this method shows that the attack performance is sensitive to changes in the number of models.Next,five independent subsets are extracted from the original ASCAD database as multi-segment datasets,which are mutually independent.This method shows how these subsets are used as inputs for Stacking-SCA to enhance its attack convergence.The experimental results show that Stacking-SCA outperforms the current state-of-the-art results on several considered datasets,significantly reducing the number of attack traces required to achieve a guessing entropy of 1.Additionally,different hyperparameter sizes are adjusted to further validate the robustness of the method.展开更多
Quantum digital signature(QDS)can guarantee the information-theoretical security of a signature with the fundamental laws of quantum physics.However,most current QDS protocols do not take source security into account,...Quantum digital signature(QDS)can guarantee the information-theoretical security of a signature with the fundamental laws of quantum physics.However,most current QDS protocols do not take source security into account,leading to an overestimation of the signature rate.In this paper,we propose to utilize Hong–Ou–Mandel interference to characterize the upper bound of the source imperfections,and further to quantify information leakage from potential side-channels.Additionally,we combine decoy-state methods and finite-size analysis in analyzing the signature rate.Simulation results demonstrate the performance and feasibility of our approach.Our current work can improve the practical security of QDS systems,thereby promoting their further networked applications.展开更多
Recently,several PC oracle based side-channel attacks have been proposed against Kyber.However,most of them focus on unprotected implementations and masking is considered as a counter-measure.In this study,we extend P...Recently,several PC oracle based side-channel attacks have been proposed against Kyber.However,most of them focus on unprotected implementations and masking is considered as a counter-measure.In this study,we extend PC oracle based side-channel attacks to the second-order scenario and successfully conduct key-recovery attacks on the first-order masked Kyber.Firstly,we analyze the potential joint information leakage.Inspired by the binary PC oracle based attack proposed by Qin et al.at Asiacrypt 2021,we identify the 1-bit leakage scenario in the masked Keccak implementation.Moreover,we modify the ciphertexts construction described by Tanaka et al.at CHES 2023,extending the leakage scenario from 1-bit to 32-bit.With the assistance of TVLA,we validate these leakages through experiments.Secondly,for these two scenarios,we construct a binary PC oracle based on t-test and a multiple-valued PC oracle based on neural networks.Furthermore,we conduct practical side-channel attacks on masked Kyber by utilizing our oracles,with the implementation running on an ARM Cortex-M4 microcontroller.The demonstrated attacks require a minimum of 15788 and 648 traces to fully recover the key of Kyber768 in the 1-bit leakage scenario and the 32-bit leakage scenario,respectively.Our analysis may also be extended to attack other post-quantum schemes that use the same masked hash function.Finally,we apply the shuffling strategy to the first-order masked imple-mentation of the Kyber and perform leakage tests.Experimental results show that the combination strategy of shuffling and masking can effectively resist our proposed attacks.展开更多
The Inner Product Masking(IPM)scheme has been shown to provide higher theoretical security guarantees than the BooleanMasking(BM).This scheme aims to increase the algebraic complexity of the coding to achieve a higher...The Inner Product Masking(IPM)scheme has been shown to provide higher theoretical security guarantees than the BooleanMasking(BM).This scheme aims to increase the algebraic complexity of the coding to achieve a higher level of security.Some previous work unfolds when certain(adversarial and implementation)conditions are met,and we seek to complement these investigations by understanding what happens when these conditions deviate from their expected behaviour.In this paper,we investigate the security characteristics of IPM under different conditions.In adversarial condition,the security properties of first-order IPMs obtained through parametric characterization are preserved in the face of univariate and bivariate attacks.In implementation condition,we construct two new polynomial leakage functions to observe the nonlinear leakage of the IPM and connect the security order amplification to the nonlinear function.We observe that the security of IPMis affected by the degree and the linear component in the leakage function.In addition,the comparison experiments from the coefficients,signal-to-noise ratio(SNR)and the public parameter show that the security properties of the IPM are highly implementation-dependent.展开更多
The number and creativity of side channel attacks have increased dramatically in recent years. Of particular interest are attacks leveraging power line communication to 1) gather information on power consumption from ...The number and creativity of side channel attacks have increased dramatically in recent years. Of particular interest are attacks leveraging power line communication to 1) gather information on power consumption from the victim and 2) exfiltrate data from compromised machines. Attack strategies of this nature on the greater power grid and building infrastructure levels have been shown to be a serious threat. This project further explores this concept of a novel attack vector by creating a new type of penetration testing tool: an USB power adapter capable of remote monitoring of device power consumption and communicating through powerline communications.展开更多
Co-residency of virtual machines(VMs) of different tenants on the same physical platform would possibly lead to cross-VM side-channel attacks in the cloud. While most of current countermeasures fail for real or immedi...Co-residency of virtual machines(VMs) of different tenants on the same physical platform would possibly lead to cross-VM side-channel attacks in the cloud. While most of current countermeasures fail for real or immediate deployment due to their requirement for modification of virtualization structure, we adopt dynamic migration, an inherent mechanism of the cloud platform, as a general defense against this kind of threats. To this end, we first set up a unified practical information leakage model which shows the factors affecting side channels and describes the way they influence the damage due to side-channel attacks. Since migration is adopted to limit the time duration of co-residency, we envision this defense as an optimization problem by setting up an Integer Linear Programming(ILP) to calculate optimal migration strategy, which is intractable due to high computational complexity. Therefore, we approximate the ILP with a baseline genetic algorithm, which is further improved for its optimality and scalability. Experimental results show that our migration-based defense can not only provide excellent security guarantees and affordable performance cost in both theoretical simulation and practical cloud environment, but also achieve better optimality and scalability than previous countermeasures.展开更多
Protocol tunneling is widely used to add security and/or privacy to Internet applications. Recent research has exposed side channel vulnerabilities that leak information about tunneled protocols. We first discuss the ...Protocol tunneling is widely used to add security and/or privacy to Internet applications. Recent research has exposed side channel vulnerabilities that leak information about tunneled protocols. We first discuss the timing side channels that have been found in protocol tunneling tools. We then show how to infer Hidden Markov models (HMMs) of network protocols from timing data and use the HMMs to detect when protocols are active. Unlike previous work, the HMM approach we present requires no a priori knowledge of the protocol. To illustrate the utility of this approach, we detect the use of English or Italian in interactive SSH sessions. For this example application, keystroke-timing data associates inter-packet delays with keystrokes. We first use clustering to extract discrete information from continuous timing data. We use discrete symbols to infer a HMM model, and finally use statistical tests to determine if the observed timing is consistent with the language typing statistics. In our tests, if the correct window size is used, fewer than 2% of data windows are incorrectly identified. Experimental verification shows that on-line detection of language use in interactive encrypted protocol tunnels is reliable. We compare maximum likelihood and statistical hypothesis testing for detecting protocol tunneling. We also discuss how this approach is useful in monitoring mix networks like The Onion Router (Tor).展开更多
For a compact quantum key distribution (QKD) sender for the polarization encoding BB84 protocol, an eavesdropper could take a side-channel attack by measuring the spatial information of photons to infer their polariza...For a compact quantum key distribution (QKD) sender for the polarization encoding BB84 protocol, an eavesdropper could take a side-channel attack by measuring the spatial information of photons to infer their polarizations. The possibility of this attack can be reduced by introducing an aperture in the QKD sender, however, the effect of the aperture on the QKD security lacks of quantitative analysis. In this paper, we analyze the mutual information between the actual keys encoded at this QKD sender and the inferred keys at the eavesdropper (Eve), demonstrating the effect of the aperture to eliminate the spatial side-channel information quantitatively. It shows that Eve’s potential on eavesdropping spatial side-channel information is totally dependent on the optical design of the QKD sender, including the source arrangement and the aperture. The height of compact QKD senders with integrated light-emitting diode (LED) arrays could be controlled under several millimeters, showing great potential on applications in portable equipment.展开更多
Simple power analysis is the most devastating attack on the security of elliptic curve scalar multiplication and can probably retrieve the secret key. In this paper,we analyze the formulas of point doubling and additi...Simple power analysis is the most devastating attack on the security of elliptic curve scalar multiplication and can probably retrieve the secret key. In this paper,we analyze the formulas of point doubling and addition on Jacobi-quartic Curve in projective coordination. In addition,a fast and secure side-channel atomic scalar multiplication algorithm is proposed using the side-channel atomic block. Compared with the previous methods,the new algorithm is more efficient. For 192 bits scalar using NAF recoding,the efficiency of the new algorithm is increased by about 6.7%~23% if S/M=0.8 or 12.7%~33.2% if S/M=0.6.展开更多
A side-channel attack(SCA)-resistant AES S-box implementation is proposed,which is an improvement from the power-aware hiding(PAH)S-box but with higher security and a smaller area.We use the composite field approach a...A side-channel attack(SCA)-resistant AES S-box implementation is proposed,which is an improvement from the power-aware hiding(PAH)S-box but with higher security and a smaller area.We use the composite field approach and apply the PAH method to the inversion in the nonlinear kernel and a masking method to the other parts.In addition,a delaymatched enable control technique is used to suppress glitches in the masked parts.The evaluation results show that its area is contracted to 63.3%of the full PAH S-box,and its power-delay product is much lower than that of the masking implementation.The leakage assessment using simulation power traces concludes that it has no detectable leakage under t-test and that it at least can thwart the moment-correlation analysis using 665000 noiseless traces.展开更多
Side-channel attacks (SCA) may exploit leakage information to break cryptosystems. In this paper we present a new SCA resistant Elliptic Curve scalar multiplication algorithm. The proposed algorithm, builds a sequen...Side-channel attacks (SCA) may exploit leakage information to break cryptosystems. In this paper we present a new SCA resistant Elliptic Curve scalar multiplication algorithm. The proposed algorithm, builds a sequence of bit-strings representing the scalar k, characterized by the fact that all bit-strings are different from zero; this property will ensure a uniform computation behavior for the algorithm, and thus will make it secure against simple power analysis attacks (SPA). With other randomization techniques, the proposed countermeasures do not penalize the computation time. The proposed scheme is more efficient than MOEller's one, its cost being about 5% to 10% smaller than MOEller's one.展开更多
Side-channel attacks based on supervised learning require that the attacker have complete control over the cryptographic device and obtain a large number of labeled power traces.However,in real life,this requirement i...Side-channel attacks based on supervised learning require that the attacker have complete control over the cryptographic device and obtain a large number of labeled power traces.However,in real life,this requirement is usually not met.In this paper,an attack algorithm based on collaborative learning is proposed.The algorithm only needs to use a small number of labeled power traces to cooperate with the unlabeled power trace to realize the attack to cryptographic device.By experimenting with the DPA contest V4 dataset,the results show that the algorithm can improve the accuracy by about 20%compared with the pure supervised learning in the case of using only 10 labeled power traces.展开更多
An embedded cryptosystem needs higher reconfiguration capability and security. After analyzing the newly emerging side-channel attacks on elliptic curve cryptosystem (ECC), an efficient fractional width-w NAF (FWNA...An embedded cryptosystem needs higher reconfiguration capability and security. After analyzing the newly emerging side-channel attacks on elliptic curve cryptosystem (ECC), an efficient fractional width-w NAF (FWNAF) algorithm is proposed to secure ECC scalar multiplication from these attacks. This algorithm adopts the fractional window method and probabilistic SPA scheme to reconfigure the pre-computed table, and it allows designers to make a dynamic configuration on pre-computed table. And then, it is enhanced to resist SPA, DPA, RPA and ZPA attacks by using the random masking method. Compared with the WBRIP and EBRIP methods, our proposals has the lowest total computation cost and reduce the shake phenomenon due to sharp fluctuation on computation performance.展开更多
Mobile devices within Fifth Generation(5G)networks,typically equipped with Android systems,serve as a bridge to connect digital gadgets such as global positioning system,mobile devices,and wireless routers,which are v...Mobile devices within Fifth Generation(5G)networks,typically equipped with Android systems,serve as a bridge to connect digital gadgets such as global positioning system,mobile devices,and wireless routers,which are vital in facilitating end-user communication requirements.However,the security of Android systems has been challenged by the sensitive data involved,leading to vulnerabilities in mobile devices used in 5G networks.These vulnerabilities expose mobile devices to cyber-attacks,primarily resulting from security gaps.Zero-permission apps in Android can exploit these channels to access sensitive information,including user identities,login credentials,and geolocation data.One such attack leverages“zero-permission”sensors like accelerometers and gyroscopes,enabling attackers to gather information about the smartphone’s user.This underscores the importance of fortifying mobile devices against potential future attacks.Our research focuses on a new recurrent neural network prediction model,which has proved highly effective for detecting sidechannel attacks in mobile devices in 5G networks.We conducted state-of-the-art comparative studies to validate our experimental approach.The results demonstrate that even a small amount of training data can accurately recognize 37.5%of previously unseen user-typed words.Moreover,our tap detection mechanism achieves a 92%accuracy rate,a crucial factor for text inference.These findings have significant practical implications,as they reinforce mobile device security in 5G networks,enhancing user privacy,and data protection.展开更多
Side-channel analysis(SCA)has emerged as a research hotspot in the field of cryptanalysis.Among various approaches,unsupervised deep learning-based methods demonstrate powerful information extraction capabilities with...Side-channel analysis(SCA)has emerged as a research hotspot in the field of cryptanalysis.Among various approaches,unsupervised deep learning-based methods demonstrate powerful information extraction capabilities without requiring labeled data.However,existing unsupervised methods,particularly those represented by differential deep learning analysis(DDLA)and its improved variants,while overcoming the dependency on labeled data inherent in template analysis,still suffer from high time complexity and training costs when handling key byte difference comparisons.To address this issue,this paper introduces invariant information clustering(IIC)into SCA for the first time,and thus proposes a novel unsupervised learning-based SCA method,named IIC-SCA.By leveraging mutual information maximization techniques for automatic feature extraction of power leakage data,our approach achieves key recovery through a single training session,eliminating the prohibitive computational overhead of traditional methods that require separate training for all possible key bytes.Experimental results on the ASCAD dataset demonstrate successful key extraction using only 50000 training traces and 2000 attack traces.Furthermore,compared with DDLA,the proposed method reduces training time by approximately 93.40%and memory consumption by about 6.15%,significantly decreasing the temporal and resource costs of unsupervised SCA.This breakthrough provides new insights for developing low-cost,high-efficiency cryptographic attack methodologies.展开更多
功耗攻击是一种通过统计电路的功耗信息得到敏感数据信息的攻击手段。作为电路的重要组成单元,触发器的抗功耗攻击水平与电路的安全性能息息相关,为此提出一种抗功耗攻击型触发器。通过引入“预充电-求值-放电”三阶段逻辑,提出了改进...功耗攻击是一种通过统计电路的功耗信息得到敏感数据信息的攻击手段。作为电路的重要组成单元,触发器的抗功耗攻击水平与电路的安全性能息息相关,为此提出一种抗功耗攻击型触发器。通过引入“预充电-求值-放电”三阶段逻辑,提出了改进型的三阶段动态电流模式逻辑D触发器(improved three-phase dynamic current mode logic-based D flip-flop,TDyCML_FF),避免了因负载电容不均衡引起的电路功耗不恒定等安全问题。同时对三阶段逻辑结构进行了改进,由电路内部节点信号生成放电信号,从而避免通过减缓时钟频率或消除放电信号对其进行攻击,提高了电路的抗功耗攻击性能。通过Hspice仿真实验,并引入归一化能量偏差(NED)和归一化标准偏差(NSD)2个量化参数,将TDyCML_FF感应放大逻辑触发器(SABL_FF)、三阶段双轨预充电逻辑触发器(TDPL_FF)等抗功耗攻击型触发器进行了对比,证明TDyCML_FF具有较高的抗功耗攻击性能。展开更多
基金supported by the Hunan Provincial Natural Science Foundation of China(2022JJ30103)“the 14th Five-Year Plan”Key Disciplines and Application-Oriented Special Disciplines of Hunan Province(Xiangjiaotong[2022]351)the Science and Technology Innovation Program of Hunan Province(2016TP1020).
文摘The adoption of deep learning-based side-channel analysis(DL-SCA)is crucial for leak detection in secure products.Many previous studies have applied this method to break targets protected with countermeasures.Despite the increasing number of studies,the problem of model overfitting.Recent research mainly focuses on exploring hyperparameters and network architectures,while offering limited insights into the effects of external factors on side-channel attacks,such as the number and type of models.This paper proposes a Side-channel Analysis method based on a Stacking ensemble,called Stacking-SCA.In our method,multiple models are deeply integrated.Through the extended application of base models and the meta-model,Stacking-SCA effectively improves the output class probabilities of the model,leading to better generalization.Furthermore,this method shows that the attack performance is sensitive to changes in the number of models.Next,five independent subsets are extracted from the original ASCAD database as multi-segment datasets,which are mutually independent.This method shows how these subsets are used as inputs for Stacking-SCA to enhance its attack convergence.The experimental results show that Stacking-SCA outperforms the current state-of-the-art results on several considered datasets,significantly reducing the number of attack traces required to achieve a guessing entropy of 1.Additionally,different hyperparameter sizes are adjusted to further validate the robustness of the method.
基金the financial support from the Natural Science Foundation of Jiangsu Province(Grant Nos.BE2022071 and BK20192001)the National Natural Science Foundation of China(Grant Nos.12074194,62471248,12104240,and 62101285)the Postgraduate Research&Practice Innovation Program of Jiangsu Province(Grant No.KYCX220954)。
文摘Quantum digital signature(QDS)can guarantee the information-theoretical security of a signature with the fundamental laws of quantum physics.However,most current QDS protocols do not take source security into account,leading to an overestimation of the signature rate.In this paper,we propose to utilize Hong–Ou–Mandel interference to characterize the upper bound of the source imperfections,and further to quantify information leakage from potential side-channels.Additionally,we combine decoy-state methods and finite-size analysis in analyzing the signature rate.Simulation results demonstrate the performance and feasibility of our approach.Our current work can improve the practical security of QDS systems,thereby promoting their further networked applications.
基金National Natural Science Foundation of China(62472397)Innovation Program for Quantum Science and Technology(2021ZD0302902)。
文摘Recently,several PC oracle based side-channel attacks have been proposed against Kyber.However,most of them focus on unprotected implementations and masking is considered as a counter-measure.In this study,we extend PC oracle based side-channel attacks to the second-order scenario and successfully conduct key-recovery attacks on the first-order masked Kyber.Firstly,we analyze the potential joint information leakage.Inspired by the binary PC oracle based attack proposed by Qin et al.at Asiacrypt 2021,we identify the 1-bit leakage scenario in the masked Keccak implementation.Moreover,we modify the ciphertexts construction described by Tanaka et al.at CHES 2023,extending the leakage scenario from 1-bit to 32-bit.With the assistance of TVLA,we validate these leakages through experiments.Secondly,for these two scenarios,we construct a binary PC oracle based on t-test and a multiple-valued PC oracle based on neural networks.Furthermore,we conduct practical side-channel attacks on masked Kyber by utilizing our oracles,with the implementation running on an ARM Cortex-M4 microcontroller.The demonstrated attacks require a minimum of 15788 and 648 traces to fully recover the key of Kyber768 in the 1-bit leakage scenario and the 32-bit leakage scenario,respectively.Our analysis may also be extended to attack other post-quantum schemes that use the same masked hash function.Finally,we apply the shuffling strategy to the first-order masked imple-mentation of the Kyber and perform leakage tests.Experimental results show that the combination strategy of shuffling and masking can effectively resist our proposed attacks.
基金the Hunan Provincial Natrual Science Foundation of China(2022JJ30103)“the 14th Five-Year”Key Disciplines and Application Oriented Special Disciplines of Hunan Province(Xiangjiaotong[2022]351)the Science and Technology Innovation Program of Hunan Province(2016TP1020).
文摘The Inner Product Masking(IPM)scheme has been shown to provide higher theoretical security guarantees than the BooleanMasking(BM).This scheme aims to increase the algebraic complexity of the coding to achieve a higher level of security.Some previous work unfolds when certain(adversarial and implementation)conditions are met,and we seek to complement these investigations by understanding what happens when these conditions deviate from their expected behaviour.In this paper,we investigate the security characteristics of IPM under different conditions.In adversarial condition,the security properties of first-order IPMs obtained through parametric characterization are preserved in the face of univariate and bivariate attacks.In implementation condition,we construct two new polynomial leakage functions to observe the nonlinear leakage of the IPM and connect the security order amplification to the nonlinear function.We observe that the security of IPMis affected by the degree and the linear component in the leakage function.In addition,the comparison experiments from the coefficients,signal-to-noise ratio(SNR)and the public parameter show that the security properties of the IPM are highly implementation-dependent.
文摘The number and creativity of side channel attacks have increased dramatically in recent years. Of particular interest are attacks leveraging power line communication to 1) gather information on power consumption from the victim and 2) exfiltrate data from compromised machines. Attack strategies of this nature on the greater power grid and building infrastructure levels have been shown to be a serious threat. This project further explores this concept of a novel attack vector by creating a new type of penetration testing tool: an USB power adapter capable of remote monitoring of device power consumption and communicating through powerline communications.
基金supported by the National Key Research and Development Program of China (2018YFB0804004)the Foundation of the National Natural Science Foundation of China (61602509)+1 种基金the Foundation for Innovative Research Groups of the National Natural Science Foundation of China (61521003)the Key Technologies Research and Development Program of Henan Province of China (172102210615)
文摘Co-residency of virtual machines(VMs) of different tenants on the same physical platform would possibly lead to cross-VM side-channel attacks in the cloud. While most of current countermeasures fail for real or immediate deployment due to their requirement for modification of virtualization structure, we adopt dynamic migration, an inherent mechanism of the cloud platform, as a general defense against this kind of threats. To this end, we first set up a unified practical information leakage model which shows the factors affecting side channels and describes the way they influence the damage due to side-channel attacks. Since migration is adopted to limit the time duration of co-residency, we envision this defense as an optimization problem by setting up an Integer Linear Programming(ILP) to calculate optimal migration strategy, which is intractable due to high computational complexity. Therefore, we approximate the ILP with a baseline genetic algorithm, which is further improved for its optimality and scalability. Experimental results show that our migration-based defense can not only provide excellent security guarantees and affordable performance cost in both theoretical simulation and practical cloud environment, but also achieve better optimality and scalability than previous countermeasures.
文摘Protocol tunneling is widely used to add security and/or privacy to Internet applications. Recent research has exposed side channel vulnerabilities that leak information about tunneled protocols. We first discuss the timing side channels that have been found in protocol tunneling tools. We then show how to infer Hidden Markov models (HMMs) of network protocols from timing data and use the HMMs to detect when protocols are active. Unlike previous work, the HMM approach we present requires no a priori knowledge of the protocol. To illustrate the utility of this approach, we detect the use of English or Italian in interactive SSH sessions. For this example application, keystroke-timing data associates inter-packet delays with keystrokes. We first use clustering to extract discrete information from continuous timing data. We use discrete symbols to infer a HMM model, and finally use statistical tests to determine if the observed timing is consistent with the language typing statistics. In our tests, if the correct window size is used, fewer than 2% of data windows are incorrectly identified. Experimental verification shows that on-line detection of language use in interactive encrypted protocol tunnels is reliable. We compare maximum likelihood and statistical hypothesis testing for detecting protocol tunneling. We also discuss how this approach is useful in monitoring mix networks like The Onion Router (Tor).
基金supported by the National Key Research and Development Program of China under Grant No.2017YFA0303704National Natural Science Foundation of China under Grants No.61575102,No.61671438,No.61875101,and No.61621064+1 种基金Beijing Natural Science Foundation under Grant No.Z180012Beijing Academy of Quantum Information Sciences under Grant No.Y18G26
文摘For a compact quantum key distribution (QKD) sender for the polarization encoding BB84 protocol, an eavesdropper could take a side-channel attack by measuring the spatial information of photons to infer their polarizations. The possibility of this attack can be reduced by introducing an aperture in the QKD sender, however, the effect of the aperture on the QKD security lacks of quantitative analysis. In this paper, we analyze the mutual information between the actual keys encoded at this QKD sender and the inferred keys at the eavesdropper (Eve), demonstrating the effect of the aperture to eliminate the spatial side-channel information quantitatively. It shows that Eve’s potential on eavesdropping spatial side-channel information is totally dependent on the optical design of the QKD sender, including the source arrangement and the aperture. The height of compact QKD senders with integrated light-emitting diode (LED) arrays could be controlled under several millimeters, showing great potential on applications in portable equipment.
基金sponsored and financial supported by National Natural Science Foundation of China (NSFC), grant No.61003121Sichuan Province High Technology Program under No.2009CD00014
文摘Simple power analysis is the most devastating attack on the security of elliptic curve scalar multiplication and can probably retrieve the secret key. In this paper,we analyze the formulas of point doubling and addition on Jacobi-quartic Curve in projective coordination. In addition,a fast and secure side-channel atomic scalar multiplication algorithm is proposed using the side-channel atomic block. Compared with the previous methods,the new algorithm is more efficient. For 192 bits scalar using NAF recoding,the efficiency of the new algorithm is increased by about 6.7%~23% if S/M=0.8 or 12.7%~33.2% if S/M=0.6.
基金This work was supported by the National Science and Technology Major Project of China(2017ZX01030301).
文摘A side-channel attack(SCA)-resistant AES S-box implementation is proposed,which is an improvement from the power-aware hiding(PAH)S-box but with higher security and a smaller area.We use the composite field approach and apply the PAH method to the inversion in the nonlinear kernel and a masking method to the other parts.In addition,a delaymatched enable control technique is used to suppress glitches in the masked parts.The evaluation results show that its area is contracted to 63.3%of the full PAH S-box,and its power-delay product is much lower than that of the masking implementation.The leakage assessment using simulation power traces concludes that it has no detectable leakage under t-test and that it at least can thwart the moment-correlation analysis using 665000 noiseless traces.
基金Supported by the National Natural ScienceFoundation of China (60473029)
文摘Side-channel attacks (SCA) may exploit leakage information to break cryptosystems. In this paper we present a new SCA resistant Elliptic Curve scalar multiplication algorithm. The proposed algorithm, builds a sequence of bit-strings representing the scalar k, characterized by the fact that all bit-strings are different from zero; this property will ensure a uniform computation behavior for the algorithm, and thus will make it secure against simple power analysis attacks (SPA). With other randomization techniques, the proposed countermeasures do not penalize the computation time. The proposed scheme is more efficient than MOEller's one, its cost being about 5% to 10% smaller than MOEller's one.
文摘Side-channel attacks based on supervised learning require that the attacker have complete control over the cryptographic device and obtain a large number of labeled power traces.However,in real life,this requirement is usually not met.In this paper,an attack algorithm based on collaborative learning is proposed.The algorithm only needs to use a small number of labeled power traces to cooperate with the unlabeled power trace to realize the attack to cryptographic device.By experimenting with the DPA contest V4 dataset,the results show that the algorithm can improve the accuracy by about 20%compared with the pure supervised learning in the case of using only 10 labeled power traces.
基金supported by the National Natural Science Foundation of China(60373109)Ministry of Science and Technologyof China and the National Commercial Cryptography Application Technology Architecture and Application DemonstrationProject(2008BAA22B02).
文摘An embedded cryptosystem needs higher reconfiguration capability and security. After analyzing the newly emerging side-channel attacks on elliptic curve cryptosystem (ECC), an efficient fractional width-w NAF (FWNAF) algorithm is proposed to secure ECC scalar multiplication from these attacks. This algorithm adopts the fractional window method and probabilistic SPA scheme to reconfigure the pre-computed table, and it allows designers to make a dynamic configuration on pre-computed table. And then, it is enhanced to resist SPA, DPA, RPA and ZPA attacks by using the random masking method. Compared with the WBRIP and EBRIP methods, our proposals has the lowest total computation cost and reduce the shake phenomenon due to sharp fluctuation on computation performance.
基金supported by Universiti Kebangsaan Malaysia(No.GUP 2023-010).
文摘Mobile devices within Fifth Generation(5G)networks,typically equipped with Android systems,serve as a bridge to connect digital gadgets such as global positioning system,mobile devices,and wireless routers,which are vital in facilitating end-user communication requirements.However,the security of Android systems has been challenged by the sensitive data involved,leading to vulnerabilities in mobile devices used in 5G networks.These vulnerabilities expose mobile devices to cyber-attacks,primarily resulting from security gaps.Zero-permission apps in Android can exploit these channels to access sensitive information,including user identities,login credentials,and geolocation data.One such attack leverages“zero-permission”sensors like accelerometers and gyroscopes,enabling attackers to gather information about the smartphone’s user.This underscores the importance of fortifying mobile devices against potential future attacks.Our research focuses on a new recurrent neural network prediction model,which has proved highly effective for detecting sidechannel attacks in mobile devices in 5G networks.We conducted state-of-the-art comparative studies to validate our experimental approach.The results demonstrate that even a small amount of training data can accurately recognize 37.5%of previously unseen user-typed words.Moreover,our tap detection mechanism achieves a 92%accuracy rate,a crucial factor for text inference.These findings have significant practical implications,as they reinforce mobile device security in 5G networks,enhancing user privacy,and data protection.
文摘Side-channel analysis(SCA)has emerged as a research hotspot in the field of cryptanalysis.Among various approaches,unsupervised deep learning-based methods demonstrate powerful information extraction capabilities without requiring labeled data.However,existing unsupervised methods,particularly those represented by differential deep learning analysis(DDLA)and its improved variants,while overcoming the dependency on labeled data inherent in template analysis,still suffer from high time complexity and training costs when handling key byte difference comparisons.To address this issue,this paper introduces invariant information clustering(IIC)into SCA for the first time,and thus proposes a novel unsupervised learning-based SCA method,named IIC-SCA.By leveraging mutual information maximization techniques for automatic feature extraction of power leakage data,our approach achieves key recovery through a single training session,eliminating the prohibitive computational overhead of traditional methods that require separate training for all possible key bytes.Experimental results on the ASCAD dataset demonstrate successful key extraction using only 50000 training traces and 2000 attack traces.Furthermore,compared with DDLA,the proposed method reduces training time by approximately 93.40%and memory consumption by about 6.15%,significantly decreasing the temporal and resource costs of unsupervised SCA.This breakthrough provides new insights for developing low-cost,high-efficiency cryptographic attack methodologies.
文摘功耗攻击是一种通过统计电路的功耗信息得到敏感数据信息的攻击手段。作为电路的重要组成单元,触发器的抗功耗攻击水平与电路的安全性能息息相关,为此提出一种抗功耗攻击型触发器。通过引入“预充电-求值-放电”三阶段逻辑,提出了改进型的三阶段动态电流模式逻辑D触发器(improved three-phase dynamic current mode logic-based D flip-flop,TDyCML_FF),避免了因负载电容不均衡引起的电路功耗不恒定等安全问题。同时对三阶段逻辑结构进行了改进,由电路内部节点信号生成放电信号,从而避免通过减缓时钟频率或消除放电信号对其进行攻击,提高了电路的抗功耗攻击性能。通过Hspice仿真实验,并引入归一化能量偏差(NED)和归一化标准偏差(NSD)2个量化参数,将TDyCML_FF感应放大逻辑触发器(SABL_FF)、三阶段双轨预充电逻辑触发器(TDPL_FF)等抗功耗攻击型触发器进行了对比,证明TDyCML_FF具有较高的抗功耗攻击性能。
