The adoption of deep learning-based side-channel analysis(DL-SCA)is crucial for leak detection in secure products.Many previous studies have applied this method to break targets protected with countermeasures.Despite ...The adoption of deep learning-based side-channel analysis(DL-SCA)is crucial for leak detection in secure products.Many previous studies have applied this method to break targets protected with countermeasures.Despite the increasing number of studies,the problem of model overfitting.Recent research mainly focuses on exploring hyperparameters and network architectures,while offering limited insights into the effects of external factors on side-channel attacks,such as the number and type of models.This paper proposes a Side-channel Analysis method based on a Stacking ensemble,called Stacking-SCA.In our method,multiple models are deeply integrated.Through the extended application of base models and the meta-model,Stacking-SCA effectively improves the output class probabilities of the model,leading to better generalization.Furthermore,this method shows that the attack performance is sensitive to changes in the number of models.Next,five independent subsets are extracted from the original ASCAD database as multi-segment datasets,which are mutually independent.This method shows how these subsets are used as inputs for Stacking-SCA to enhance its attack convergence.The experimental results show that Stacking-SCA outperforms the current state-of-the-art results on several considered datasets,significantly reducing the number of attack traces required to achieve a guessing entropy of 1.Additionally,different hyperparameter sizes are adjusted to further validate the robustness of the method.展开更多
Side-channel analysis(SCA)has emerged as a research hotspot in the field of cryptanalysis.Among various approaches,unsupervised deep learning-based methods demonstrate powerful information extraction capabilities with...Side-channel analysis(SCA)has emerged as a research hotspot in the field of cryptanalysis.Among various approaches,unsupervised deep learning-based methods demonstrate powerful information extraction capabilities without requiring labeled data.However,existing unsupervised methods,particularly those represented by differential deep learning analysis(DDLA)and its improved variants,while overcoming the dependency on labeled data inherent in template analysis,still suffer from high time complexity and training costs when handling key byte difference comparisons.To address this issue,this paper introduces invariant information clustering(IIC)into SCA for the first time,and thus proposes a novel unsupervised learning-based SCA method,named IIC-SCA.By leveraging mutual information maximization techniques for automatic feature extraction of power leakage data,our approach achieves key recovery through a single training session,eliminating the prohibitive computational overhead of traditional methods that require separate training for all possible key bytes.Experimental results on the ASCAD dataset demonstrate successful key extraction using only 50000 training traces and 2000 attack traces.Furthermore,compared with DDLA,the proposed method reduces training time by approximately 93.40%and memory consumption by about 6.15%,significantly decreasing the temporal and resource costs of unsupervised SCA.This breakthrough provides new insights for developing low-cost,high-efficiency cryptographic attack methodologies.展开更多
Quantum digital signature(QDS)can guarantee the information-theoretical security of a signature with the fundamental laws of quantum physics.However,most current QDS protocols do not take source security into account,...Quantum digital signature(QDS)can guarantee the information-theoretical security of a signature with the fundamental laws of quantum physics.However,most current QDS protocols do not take source security into account,leading to an overestimation of the signature rate.In this paper,we propose to utilize Hong–Ou–Mandel interference to characterize the upper bound of the source imperfections,and further to quantify information leakage from potential side-channels.Additionally,we combine decoy-state methods and finite-size analysis in analyzing the signature rate.Simulation results demonstrate the performance and feasibility of our approach.Our current work can improve the practical security of QDS systems,thereby promoting their further networked applications.展开更多
Co-residency of virtual machines(VMs) of different tenants on the same physical platform would possibly lead to cross-VM side-channel attacks in the cloud. While most of current countermeasures fail for real or immedi...Co-residency of virtual machines(VMs) of different tenants on the same physical platform would possibly lead to cross-VM side-channel attacks in the cloud. While most of current countermeasures fail for real or immediate deployment due to their requirement for modification of virtualization structure, we adopt dynamic migration, an inherent mechanism of the cloud platform, as a general defense against this kind of threats. To this end, we first set up a unified practical information leakage model which shows the factors affecting side channels and describes the way they influence the damage due to side-channel attacks. Since migration is adopted to limit the time duration of co-residency, we envision this defense as an optimization problem by setting up an Integer Linear Programming(ILP) to calculate optimal migration strategy, which is intractable due to high computational complexity. Therefore, we approximate the ILP with a baseline genetic algorithm, which is further improved for its optimality and scalability. Experimental results show that our migration-based defense can not only provide excellent security guarantees and affordable performance cost in both theoretical simulation and practical cloud environment, but also achieve better optimality and scalability than previous countermeasures.展开更多
Recently,several PC oracle based side-channel attacks have been proposed against Kyber.However,most of them focus on unprotected implementations and masking is considered as a counter-measure.In this study,we extend P...Recently,several PC oracle based side-channel attacks have been proposed against Kyber.However,most of them focus on unprotected implementations and masking is considered as a counter-measure.In this study,we extend PC oracle based side-channel attacks to the second-order scenario and successfully conduct key-recovery attacks on the first-order masked Kyber.Firstly,we analyze the potential joint information leakage.Inspired by the binary PC oracle based attack proposed by Qin et al.at Asiacrypt 2021,we identify the 1-bit leakage scenario in the masked Keccak implementation.Moreover,we modify the ciphertexts construction described by Tanaka et al.at CHES 2023,extending the leakage scenario from 1-bit to 32-bit.With the assistance of TVLA,we validate these leakages through experiments.Secondly,for these two scenarios,we construct a binary PC oracle based on t-test and a multiple-valued PC oracle based on neural networks.Furthermore,we conduct practical side-channel attacks on masked Kyber by utilizing our oracles,with the implementation running on an ARM Cortex-M4 microcontroller.The demonstrated attacks require a minimum of 15788 and 648 traces to fully recover the key of Kyber768 in the 1-bit leakage scenario and the 32-bit leakage scenario,respectively.Our analysis may also be extended to attack other post-quantum schemes that use the same masked hash function.Finally,we apply the shuffling strategy to the first-order masked imple-mentation of the Kyber and perform leakage tests.Experimental results show that the combination strategy of shuffling and masking can effectively resist our proposed attacks.展开更多
Protocol tunneling is widely used to add security and/or privacy to Internet applications. Recent research has exposed side channel vulnerabilities that leak information about tunneled protocols. We first discuss the ...Protocol tunneling is widely used to add security and/or privacy to Internet applications. Recent research has exposed side channel vulnerabilities that leak information about tunneled protocols. We first discuss the timing side channels that have been found in protocol tunneling tools. We then show how to infer Hidden Markov models (HMMs) of network protocols from timing data and use the HMMs to detect when protocols are active. Unlike previous work, the HMM approach we present requires no a priori knowledge of the protocol. To illustrate the utility of this approach, we detect the use of English or Italian in interactive SSH sessions. For this example application, keystroke-timing data associates inter-packet delays with keystrokes. We first use clustering to extract discrete information from continuous timing data. We use discrete symbols to infer a HMM model, and finally use statistical tests to determine if the observed timing is consistent with the language typing statistics. In our tests, if the correct window size is used, fewer than 2% of data windows are incorrectly identified. Experimental verification shows that on-line detection of language use in interactive encrypted protocol tunnels is reliable. We compare maximum likelihood and statistical hypothesis testing for detecting protocol tunneling. We also discuss how this approach is useful in monitoring mix networks like The Onion Router (Tor).展开更多
For a compact quantum key distribution (QKD) sender for the polarization encoding BB84 protocol, an eavesdropper could take a side-channel attack by measuring the spatial information of photons to infer their polariza...For a compact quantum key distribution (QKD) sender for the polarization encoding BB84 protocol, an eavesdropper could take a side-channel attack by measuring the spatial information of photons to infer their polarizations. The possibility of this attack can be reduced by introducing an aperture in the QKD sender, however, the effect of the aperture on the QKD security lacks of quantitative analysis. In this paper, we analyze the mutual information between the actual keys encoded at this QKD sender and the inferred keys at the eavesdropper (Eve), demonstrating the effect of the aperture to eliminate the spatial side-channel information quantitatively. It shows that Eve’s potential on eavesdropping spatial side-channel information is totally dependent on the optical design of the QKD sender, including the source arrangement and the aperture. The height of compact QKD senders with integrated light-emitting diode (LED) arrays could be controlled under several millimeters, showing great potential on applications in portable equipment.展开更多
Simple power analysis is the most devastating attack on the security of elliptic curve scalar multiplication and can probably retrieve the secret key. In this paper,we analyze the formulas of point doubling and additi...Simple power analysis is the most devastating attack on the security of elliptic curve scalar multiplication and can probably retrieve the secret key. In this paper,we analyze the formulas of point doubling and addition on Jacobi-quartic Curve in projective coordination. In addition,a fast and secure side-channel atomic scalar multiplication algorithm is proposed using the side-channel atomic block. Compared with the previous methods,the new algorithm is more efficient. For 192 bits scalar using NAF recoding,the efficiency of the new algorithm is increased by about 6.7%~23% if S/M=0.8 or 12.7%~33.2% if S/M=0.6.展开更多
A side-channel attack(SCA)-resistant AES S-box implementation is proposed,which is an improvement from the power-aware hiding(PAH)S-box but with higher security and a smaller area.We use the composite field approach a...A side-channel attack(SCA)-resistant AES S-box implementation is proposed,which is an improvement from the power-aware hiding(PAH)S-box but with higher security and a smaller area.We use the composite field approach and apply the PAH method to the inversion in the nonlinear kernel and a masking method to the other parts.In addition,a delaymatched enable control technique is used to suppress glitches in the masked parts.The evaluation results show that its area is contracted to 63.3%of the full PAH S-box,and its power-delay product is much lower than that of the masking implementation.The leakage assessment using simulation power traces concludes that it has no detectable leakage under t-test and that it at least can thwart the moment-correlation analysis using 665000 noiseless traces.展开更多
Side-channel attacks (SCA) may exploit leakage information to break cryptosystems. In this paper we present a new SCA resistant Elliptic Curve scalar multiplication algorithm. The proposed algorithm, builds a sequen...Side-channel attacks (SCA) may exploit leakage information to break cryptosystems. In this paper we present a new SCA resistant Elliptic Curve scalar multiplication algorithm. The proposed algorithm, builds a sequence of bit-strings representing the scalar k, characterized by the fact that all bit-strings are different from zero; this property will ensure a uniform computation behavior for the algorithm, and thus will make it secure against simple power analysis attacks (SPA). With other randomization techniques, the proposed countermeasures do not penalize the computation time. The proposed scheme is more efficient than MOEller's one, its cost being about 5% to 10% smaller than MOEller's one.展开更多
The Inner Product Masking(IPM)scheme has been shown to provide higher theoretical security guarantees than the BooleanMasking(BM).This scheme aims to increase the algebraic complexity of the coding to achieve a higher...The Inner Product Masking(IPM)scheme has been shown to provide higher theoretical security guarantees than the BooleanMasking(BM).This scheme aims to increase the algebraic complexity of the coding to achieve a higher level of security.Some previous work unfolds when certain(adversarial and implementation)conditions are met,and we seek to complement these investigations by understanding what happens when these conditions deviate from their expected behaviour.In this paper,we investigate the security characteristics of IPM under different conditions.In adversarial condition,the security properties of first-order IPMs obtained through parametric characterization are preserved in the face of univariate and bivariate attacks.In implementation condition,we construct two new polynomial leakage functions to observe the nonlinear leakage of the IPM and connect the security order amplification to the nonlinear function.We observe that the security of IPMis affected by the degree and the linear component in the leakage function.In addition,the comparison experiments from the coefficients,signal-to-noise ratio(SNR)and the public parameter show that the security properties of the IPM are highly implementation-dependent.展开更多
Side-channel attacks based on supervised learning require that the attacker have complete control over the cryptographic device and obtain a large number of labeled power traces.However,in real life,this requirement i...Side-channel attacks based on supervised learning require that the attacker have complete control over the cryptographic device and obtain a large number of labeled power traces.However,in real life,this requirement is usually not met.In this paper,an attack algorithm based on collaborative learning is proposed.The algorithm only needs to use a small number of labeled power traces to cooperate with the unlabeled power trace to realize the attack to cryptographic device.By experimenting with the DPA contest V4 dataset,the results show that the algorithm can improve the accuracy by about 20%compared with the pure supervised learning in the case of using only 10 labeled power traces.展开更多
An embedded cryptosystem needs higher reconfiguration capability and security. After analyzing the newly emerging side-channel attacks on elliptic curve cryptosystem (ECC), an efficient fractional width-w NAF (FWNA...An embedded cryptosystem needs higher reconfiguration capability and security. After analyzing the newly emerging side-channel attacks on elliptic curve cryptosystem (ECC), an efficient fractional width-w NAF (FWNAF) algorithm is proposed to secure ECC scalar multiplication from these attacks. This algorithm adopts the fractional window method and probabilistic SPA scheme to reconfigure the pre-computed table, and it allows designers to make a dynamic configuration on pre-computed table. And then, it is enhanced to resist SPA, DPA, RPA and ZPA attacks by using the random masking method. Compared with the WBRIP and EBRIP methods, our proposals has the lowest total computation cost and reduce the shake phenomenon due to sharp fluctuation on computation performance.展开更多
The number and creativity of side channel attacks have increased dramatically in recent years. Of particular interest are attacks leveraging power line communication to 1) gather information on power consumption from ...The number and creativity of side channel attacks have increased dramatically in recent years. Of particular interest are attacks leveraging power line communication to 1) gather information on power consumption from the victim and 2) exfiltrate data from compromised machines. Attack strategies of this nature on the greater power grid and building infrastructure levels have been shown to be a serious threat. This project further explores this concept of a novel attack vector by creating a new type of penetration testing tool: an USB power adapter capable of remote monitoring of device power consumption and communicating through powerline communications.展开更多
Mobile devices within Fifth Generation(5G)networks,typically equipped with Android systems,serve as a bridge to connect digital gadgets such as global positioning system,mobile devices,and wireless routers,which are v...Mobile devices within Fifth Generation(5G)networks,typically equipped with Android systems,serve as a bridge to connect digital gadgets such as global positioning system,mobile devices,and wireless routers,which are vital in facilitating end-user communication requirements.However,the security of Android systems has been challenged by the sensitive data involved,leading to vulnerabilities in mobile devices used in 5G networks.These vulnerabilities expose mobile devices to cyber-attacks,primarily resulting from security gaps.Zero-permission apps in Android can exploit these channels to access sensitive information,including user identities,login credentials,and geolocation data.One such attack leverages“zero-permission”sensors like accelerometers and gyroscopes,enabling attackers to gather information about the smartphone’s user.This underscores the importance of fortifying mobile devices against potential future attacks.Our research focuses on a new recurrent neural network prediction model,which has proved highly effective for detecting sidechannel attacks in mobile devices in 5G networks.We conducted state-of-the-art comparative studies to validate our experimental approach.The results demonstrate that even a small amount of training data can accurately recognize 37.5%of previously unseen user-typed words.Moreover,our tap detection mechanism achieves a 92%accuracy rate,a crucial factor for text inference.These findings have significant practical implications,as they reinforce mobile device security in 5G networks,enhancing user privacy,and data protection.展开更多
In cloud storage,client-side deduplication is widely used to reduce storage and communication costs.In client-side deduplication,if the cloud server detects that the user’s outsourced data have been stored,then clien...In cloud storage,client-side deduplication is widely used to reduce storage and communication costs.In client-side deduplication,if the cloud server detects that the user’s outsourced data have been stored,then clients will not need to reupload the data.However,the information on whether data need to be uploaded can be used as a side-channel,which can consequently be exploited by adversaries to compromise data privacy.In this paper,we propose a new threat model against side-channel attacks.Different from existing schemes,the adversary could learn the approximate ratio of stored chunks to unstored chunks in outsourced files,and this ratio will affect the probability that the adversary compromises the data privacy through side-channel attacks.Under this threat model,we design two defense schemes to minimize privacy leakage,both of which design interaction protocols between clients and the server during deduplication checks to reduce the probability that the adversary compromises data privacy.We analyze the security of our schemes,and evaluate their performances based on a real-world dataset.Compared with existing schemes,our schemes can better mitigate data privacy leakage and have a slightly lower communication cost.展开更多
Time-division multiple access (TDMA) and code-division multiple access (CDMA) are two technologies used in digital cellular networks. The authentication protocols of TDMA networks have been proven to be vulnerable to ...Time-division multiple access (TDMA) and code-division multiple access (CDMA) are two technologies used in digital cellular networks. The authentication protocols of TDMA networks have been proven to be vulnerable to side-channel analysis (SCA), giving rise to a series of powerful SCA-based attacks against unprotected subscriber identity module (SIM) cards. CDMA networks have two authentication protocols, cellular authentication and voice encryption (CAVE) based authentication protocol and authentication and key agreement (AKA) based authentication protocol, which are used in different phases of the networks. However, there has been no SCA attack for these two protocols so far. In this paper, in order to figure out if the authentication protocols of CDMA networks are sufficiently secure against SCA, we investigate the two existing protocols and their cryptographic algorithms. We find the side-channel weaknesses of the two protocols when they are implemented on embedded systems. Based on these weaknesses, we propose specific attack strategies to recover their authentication keys for the two protocols, respectively. We verify our strategies on an 8-bit microcontroller and a real-world SIM card, showing that the authentication keys can be fully recovered within a few minutes with a limited number of power measurements. The successful experiments demonstrate the correctness and the effectiveness of our proposed strategies and prove that the unprotected implementations of the authentication protocols of CDMA networks cannot resist SCA.展开更多
There has been a growing interest in the sidechannel analysis(SCA)field based on deep learning(DL)technology.Various DL network or model has been developed to improve the efficiency of SCA.However,few studies have inv...There has been a growing interest in the sidechannel analysis(SCA)field based on deep learning(DL)technology.Various DL network or model has been developed to improve the efficiency of SCA.However,few studies have investigated the impact of the different models on attack results and the exact relationship between power consumption traces and intermediate values.Based on the convolutional neural network and the autoencoder,this paper proposes a Template Analysis Pre-trained DL Classification model named TAPDC which contains three sub-networks.The TAPDC model detects the periodicity of power trace,relating power to the intermediate values and mining the deeper features by the multi-layer convolutional net.We implement the TAPDC model and compare it with two classical models in a fair experiment.The evaluative results show that the TAPDC model with autoencoder and deep convolution feature extraction structure in SCA can more effectively extract information from power consumption trace.Also,Using the classifier layer,this model links power information to the probability of intermediate value.It completes the conversion from power trace to intermediate values and greatly improves the efficiency of the power attack.展开更多
Existing Side-Channel Attacks (SCAs) have several limitations and, rather than to be real attack methods, can only be considered to be security evaluation methods. Their limitations are mainly related to the samplin...Existing Side-Channel Attacks (SCAs) have several limitations and, rather than to be real attack methods, can only be considered to be security evaluation methods. Their limitations are mainly related to the sampling conditions, such as the trigger signal embedded in the source code of the encryption device, and the acquisition device that serves as the encryption-device controller. Apart from it being very difficult for an attacker to add a trigger into the original design before making an attack or to control the encryption device, there is a big gap in the capacity of existing SCAs to pose real threats to cipher devices. In this paper, we propose a new method, the sliding window SCA (SW-SCA), which can be applied in scenarios in which the acquisition device is independent of the encryption device and for which the encryption source code requires no trigger signal or modification. First, we describe the main issues in existing SCAs, then we theoretically analyze the effectiveness and complexity of our proposed SW-SCA --a method that can incorporate a sliding-window mechanism into almost all of the existing non-profiled SCAs. The experimental results for both simulated and physical traces verify the effectiveness of the SW-SCA and the appropriateness of its theoretical complexity.展开更多
Co-residency of different tenants’ virtual machines(VMs) in cloud provides a good chance for side-channel attacks, which results in information leakage. However, most of current defense suffers from the generality or...Co-residency of different tenants’ virtual machines(VMs) in cloud provides a good chance for side-channel attacks, which results in information leakage. However, most of current defense suffers from the generality or compatibility problem, thus failing in immediate real-world deployment. VM migration, an inherit mechanism of cloud systems, envisions a promising countermeasure, which limits co-residency by moving VMs between servers. Therefore, we first set up a unified practical adversary model, where the attacker focuses on effective side channels. Then we propose Driftor, a new cloud system that contains VMs of a multi-executor structure where only one executor is active to provide service through a proxy, thus reducing possible information leakage. Active state is periodically switched between executors to simulate defensive effect of VM migration. To enhance the defense, real VM migration is enabled at the same time. Instead of solving the migration satisfiability problem with intractable CIRCUIT-SAT, a greedy-like heuristic algorithm is proposed to search for a viable solution by gradually expanding an initial has-to-migrate set of VMs. Experimental results show that Driftor can not only defend against practical fast side-channel attack, but also bring about reasonable impacts on real-world cloud applications.展开更多
基金supported by the Hunan Provincial Natural Science Foundation of China(2022JJ30103)“the 14th Five-Year Plan”Key Disciplines and Application-Oriented Special Disciplines of Hunan Province(Xiangjiaotong[2022]351)the Science and Technology Innovation Program of Hunan Province(2016TP1020).
文摘The adoption of deep learning-based side-channel analysis(DL-SCA)is crucial for leak detection in secure products.Many previous studies have applied this method to break targets protected with countermeasures.Despite the increasing number of studies,the problem of model overfitting.Recent research mainly focuses on exploring hyperparameters and network architectures,while offering limited insights into the effects of external factors on side-channel attacks,such as the number and type of models.This paper proposes a Side-channel Analysis method based on a Stacking ensemble,called Stacking-SCA.In our method,multiple models are deeply integrated.Through the extended application of base models and the meta-model,Stacking-SCA effectively improves the output class probabilities of the model,leading to better generalization.Furthermore,this method shows that the attack performance is sensitive to changes in the number of models.Next,five independent subsets are extracted from the original ASCAD database as multi-segment datasets,which are mutually independent.This method shows how these subsets are used as inputs for Stacking-SCA to enhance its attack convergence.The experimental results show that Stacking-SCA outperforms the current state-of-the-art results on several considered datasets,significantly reducing the number of attack traces required to achieve a guessing entropy of 1.Additionally,different hyperparameter sizes are adjusted to further validate the robustness of the method.
文摘Side-channel analysis(SCA)has emerged as a research hotspot in the field of cryptanalysis.Among various approaches,unsupervised deep learning-based methods demonstrate powerful information extraction capabilities without requiring labeled data.However,existing unsupervised methods,particularly those represented by differential deep learning analysis(DDLA)and its improved variants,while overcoming the dependency on labeled data inherent in template analysis,still suffer from high time complexity and training costs when handling key byte difference comparisons.To address this issue,this paper introduces invariant information clustering(IIC)into SCA for the first time,and thus proposes a novel unsupervised learning-based SCA method,named IIC-SCA.By leveraging mutual information maximization techniques for automatic feature extraction of power leakage data,our approach achieves key recovery through a single training session,eliminating the prohibitive computational overhead of traditional methods that require separate training for all possible key bytes.Experimental results on the ASCAD dataset demonstrate successful key extraction using only 50000 training traces and 2000 attack traces.Furthermore,compared with DDLA,the proposed method reduces training time by approximately 93.40%and memory consumption by about 6.15%,significantly decreasing the temporal and resource costs of unsupervised SCA.This breakthrough provides new insights for developing low-cost,high-efficiency cryptographic attack methodologies.
基金the financial support from the Natural Science Foundation of Jiangsu Province(Grant Nos.BE2022071 and BK20192001)the National Natural Science Foundation of China(Grant Nos.12074194,62471248,12104240,and 62101285)the Postgraduate Research&Practice Innovation Program of Jiangsu Province(Grant No.KYCX220954)。
文摘Quantum digital signature(QDS)can guarantee the information-theoretical security of a signature with the fundamental laws of quantum physics.However,most current QDS protocols do not take source security into account,leading to an overestimation of the signature rate.In this paper,we propose to utilize Hong–Ou–Mandel interference to characterize the upper bound of the source imperfections,and further to quantify information leakage from potential side-channels.Additionally,we combine decoy-state methods and finite-size analysis in analyzing the signature rate.Simulation results demonstrate the performance and feasibility of our approach.Our current work can improve the practical security of QDS systems,thereby promoting their further networked applications.
基金supported by the National Key Research and Development Program of China (2018YFB0804004)the Foundation of the National Natural Science Foundation of China (61602509)+1 种基金the Foundation for Innovative Research Groups of the National Natural Science Foundation of China (61521003)the Key Technologies Research and Development Program of Henan Province of China (172102210615)
文摘Co-residency of virtual machines(VMs) of different tenants on the same physical platform would possibly lead to cross-VM side-channel attacks in the cloud. While most of current countermeasures fail for real or immediate deployment due to their requirement for modification of virtualization structure, we adopt dynamic migration, an inherent mechanism of the cloud platform, as a general defense against this kind of threats. To this end, we first set up a unified practical information leakage model which shows the factors affecting side channels and describes the way they influence the damage due to side-channel attacks. Since migration is adopted to limit the time duration of co-residency, we envision this defense as an optimization problem by setting up an Integer Linear Programming(ILP) to calculate optimal migration strategy, which is intractable due to high computational complexity. Therefore, we approximate the ILP with a baseline genetic algorithm, which is further improved for its optimality and scalability. Experimental results show that our migration-based defense can not only provide excellent security guarantees and affordable performance cost in both theoretical simulation and practical cloud environment, but also achieve better optimality and scalability than previous countermeasures.
基金National Natural Science Foundation of China(62472397)Innovation Program for Quantum Science and Technology(2021ZD0302902)。
文摘Recently,several PC oracle based side-channel attacks have been proposed against Kyber.However,most of them focus on unprotected implementations and masking is considered as a counter-measure.In this study,we extend PC oracle based side-channel attacks to the second-order scenario and successfully conduct key-recovery attacks on the first-order masked Kyber.Firstly,we analyze the potential joint information leakage.Inspired by the binary PC oracle based attack proposed by Qin et al.at Asiacrypt 2021,we identify the 1-bit leakage scenario in the masked Keccak implementation.Moreover,we modify the ciphertexts construction described by Tanaka et al.at CHES 2023,extending the leakage scenario from 1-bit to 32-bit.With the assistance of TVLA,we validate these leakages through experiments.Secondly,for these two scenarios,we construct a binary PC oracle based on t-test and a multiple-valued PC oracle based on neural networks.Furthermore,we conduct practical side-channel attacks on masked Kyber by utilizing our oracles,with the implementation running on an ARM Cortex-M4 microcontroller.The demonstrated attacks require a minimum of 15788 and 648 traces to fully recover the key of Kyber768 in the 1-bit leakage scenario and the 32-bit leakage scenario,respectively.Our analysis may also be extended to attack other post-quantum schemes that use the same masked hash function.Finally,we apply the shuffling strategy to the first-order masked imple-mentation of the Kyber and perform leakage tests.Experimental results show that the combination strategy of shuffling and masking can effectively resist our proposed attacks.
文摘Protocol tunneling is widely used to add security and/or privacy to Internet applications. Recent research has exposed side channel vulnerabilities that leak information about tunneled protocols. We first discuss the timing side channels that have been found in protocol tunneling tools. We then show how to infer Hidden Markov models (HMMs) of network protocols from timing data and use the HMMs to detect when protocols are active. Unlike previous work, the HMM approach we present requires no a priori knowledge of the protocol. To illustrate the utility of this approach, we detect the use of English or Italian in interactive SSH sessions. For this example application, keystroke-timing data associates inter-packet delays with keystrokes. We first use clustering to extract discrete information from continuous timing data. We use discrete symbols to infer a HMM model, and finally use statistical tests to determine if the observed timing is consistent with the language typing statistics. In our tests, if the correct window size is used, fewer than 2% of data windows are incorrectly identified. Experimental verification shows that on-line detection of language use in interactive encrypted protocol tunnels is reliable. We compare maximum likelihood and statistical hypothesis testing for detecting protocol tunneling. We also discuss how this approach is useful in monitoring mix networks like The Onion Router (Tor).
基金supported by the National Key Research and Development Program of China under Grant No.2017YFA0303704National Natural Science Foundation of China under Grants No.61575102,No.61671438,No.61875101,and No.61621064+1 种基金Beijing Natural Science Foundation under Grant No.Z180012Beijing Academy of Quantum Information Sciences under Grant No.Y18G26
文摘For a compact quantum key distribution (QKD) sender for the polarization encoding BB84 protocol, an eavesdropper could take a side-channel attack by measuring the spatial information of photons to infer their polarizations. The possibility of this attack can be reduced by introducing an aperture in the QKD sender, however, the effect of the aperture on the QKD security lacks of quantitative analysis. In this paper, we analyze the mutual information between the actual keys encoded at this QKD sender and the inferred keys at the eavesdropper (Eve), demonstrating the effect of the aperture to eliminate the spatial side-channel information quantitatively. It shows that Eve’s potential on eavesdropping spatial side-channel information is totally dependent on the optical design of the QKD sender, including the source arrangement and the aperture. The height of compact QKD senders with integrated light-emitting diode (LED) arrays could be controlled under several millimeters, showing great potential on applications in portable equipment.
基金sponsored and financial supported by National Natural Science Foundation of China (NSFC), grant No.61003121Sichuan Province High Technology Program under No.2009CD00014
文摘Simple power analysis is the most devastating attack on the security of elliptic curve scalar multiplication and can probably retrieve the secret key. In this paper,we analyze the formulas of point doubling and addition on Jacobi-quartic Curve in projective coordination. In addition,a fast and secure side-channel atomic scalar multiplication algorithm is proposed using the side-channel atomic block. Compared with the previous methods,the new algorithm is more efficient. For 192 bits scalar using NAF recoding,the efficiency of the new algorithm is increased by about 6.7%~23% if S/M=0.8 or 12.7%~33.2% if S/M=0.6.
基金This work was supported by the National Science and Technology Major Project of China(2017ZX01030301).
文摘A side-channel attack(SCA)-resistant AES S-box implementation is proposed,which is an improvement from the power-aware hiding(PAH)S-box but with higher security and a smaller area.We use the composite field approach and apply the PAH method to the inversion in the nonlinear kernel and a masking method to the other parts.In addition,a delaymatched enable control technique is used to suppress glitches in the masked parts.The evaluation results show that its area is contracted to 63.3%of the full PAH S-box,and its power-delay product is much lower than that of the masking implementation.The leakage assessment using simulation power traces concludes that it has no detectable leakage under t-test and that it at least can thwart the moment-correlation analysis using 665000 noiseless traces.
基金Supported by the National Natural ScienceFoundation of China (60473029)
文摘Side-channel attacks (SCA) may exploit leakage information to break cryptosystems. In this paper we present a new SCA resistant Elliptic Curve scalar multiplication algorithm. The proposed algorithm, builds a sequence of bit-strings representing the scalar k, characterized by the fact that all bit-strings are different from zero; this property will ensure a uniform computation behavior for the algorithm, and thus will make it secure against simple power analysis attacks (SPA). With other randomization techniques, the proposed countermeasures do not penalize the computation time. The proposed scheme is more efficient than MOEller's one, its cost being about 5% to 10% smaller than MOEller's one.
基金the Hunan Provincial Natrual Science Foundation of China(2022JJ30103)“the 14th Five-Year”Key Disciplines and Application Oriented Special Disciplines of Hunan Province(Xiangjiaotong[2022]351)the Science and Technology Innovation Program of Hunan Province(2016TP1020).
文摘The Inner Product Masking(IPM)scheme has been shown to provide higher theoretical security guarantees than the BooleanMasking(BM).This scheme aims to increase the algebraic complexity of the coding to achieve a higher level of security.Some previous work unfolds when certain(adversarial and implementation)conditions are met,and we seek to complement these investigations by understanding what happens when these conditions deviate from their expected behaviour.In this paper,we investigate the security characteristics of IPM under different conditions.In adversarial condition,the security properties of first-order IPMs obtained through parametric characterization are preserved in the face of univariate and bivariate attacks.In implementation condition,we construct two new polynomial leakage functions to observe the nonlinear leakage of the IPM and connect the security order amplification to the nonlinear function.We observe that the security of IPMis affected by the degree and the linear component in the leakage function.In addition,the comparison experiments from the coefficients,signal-to-noise ratio(SNR)and the public parameter show that the security properties of the IPM are highly implementation-dependent.
文摘Side-channel attacks based on supervised learning require that the attacker have complete control over the cryptographic device and obtain a large number of labeled power traces.However,in real life,this requirement is usually not met.In this paper,an attack algorithm based on collaborative learning is proposed.The algorithm only needs to use a small number of labeled power traces to cooperate with the unlabeled power trace to realize the attack to cryptographic device.By experimenting with the DPA contest V4 dataset,the results show that the algorithm can improve the accuracy by about 20%compared with the pure supervised learning in the case of using only 10 labeled power traces.
基金supported by the National Natural Science Foundation of China(60373109)Ministry of Science and Technologyof China and the National Commercial Cryptography Application Technology Architecture and Application DemonstrationProject(2008BAA22B02).
文摘An embedded cryptosystem needs higher reconfiguration capability and security. After analyzing the newly emerging side-channel attacks on elliptic curve cryptosystem (ECC), an efficient fractional width-w NAF (FWNAF) algorithm is proposed to secure ECC scalar multiplication from these attacks. This algorithm adopts the fractional window method and probabilistic SPA scheme to reconfigure the pre-computed table, and it allows designers to make a dynamic configuration on pre-computed table. And then, it is enhanced to resist SPA, DPA, RPA and ZPA attacks by using the random masking method. Compared with the WBRIP and EBRIP methods, our proposals has the lowest total computation cost and reduce the shake phenomenon due to sharp fluctuation on computation performance.
文摘The number and creativity of side channel attacks have increased dramatically in recent years. Of particular interest are attacks leveraging power line communication to 1) gather information on power consumption from the victim and 2) exfiltrate data from compromised machines. Attack strategies of this nature on the greater power grid and building infrastructure levels have been shown to be a serious threat. This project further explores this concept of a novel attack vector by creating a new type of penetration testing tool: an USB power adapter capable of remote monitoring of device power consumption and communicating through powerline communications.
基金supported by Universiti Kebangsaan Malaysia(No.GUP 2023-010).
文摘Mobile devices within Fifth Generation(5G)networks,typically equipped with Android systems,serve as a bridge to connect digital gadgets such as global positioning system,mobile devices,and wireless routers,which are vital in facilitating end-user communication requirements.However,the security of Android systems has been challenged by the sensitive data involved,leading to vulnerabilities in mobile devices used in 5G networks.These vulnerabilities expose mobile devices to cyber-attacks,primarily resulting from security gaps.Zero-permission apps in Android can exploit these channels to access sensitive information,including user identities,login credentials,and geolocation data.One such attack leverages“zero-permission”sensors like accelerometers and gyroscopes,enabling attackers to gather information about the smartphone’s user.This underscores the importance of fortifying mobile devices against potential future attacks.Our research focuses on a new recurrent neural network prediction model,which has proved highly effective for detecting sidechannel attacks in mobile devices in 5G networks.We conducted state-of-the-art comparative studies to validate our experimental approach.The results demonstrate that even a small amount of training data can accurately recognize 37.5%of previously unseen user-typed words.Moreover,our tap detection mechanism achieves a 92%accuracy rate,a crucial factor for text inference.These findings have significant practical implications,as they reinforce mobile device security in 5G networks,enhancing user privacy,and data protection.
基金supported by the National Key R&D Program of China (No.2018YFA0704703)National Natural Science Foundation of China (Nos.61972215,61972073,and 62172238)Natural Science Foundation of Tianjin (No.20JCZDJC00640).
文摘In cloud storage,client-side deduplication is widely used to reduce storage and communication costs.In client-side deduplication,if the cloud server detects that the user’s outsourced data have been stored,then clients will not need to reupload the data.However,the information on whether data need to be uploaded can be used as a side-channel,which can consequently be exploited by adversaries to compromise data privacy.In this paper,we propose a new threat model against side-channel attacks.Different from existing schemes,the adversary could learn the approximate ratio of stored chunks to unstored chunks in outsourced files,and this ratio will affect the probability that the adversary compromises the data privacy through side-channel attacks.Under this threat model,we design two defense schemes to minimize privacy leakage,both of which design interaction protocols between clients and the server during deduplication checks to reduce the probability that the adversary compromises data privacy.We analyze the security of our schemes,and evaluate their performances based on a real-world dataset.Compared with existing schemes,our schemes can better mitigate data privacy leakage and have a slightly lower communication cost.
文摘Time-division multiple access (TDMA) and code-division multiple access (CDMA) are two technologies used in digital cellular networks. The authentication protocols of TDMA networks have been proven to be vulnerable to side-channel analysis (SCA), giving rise to a series of powerful SCA-based attacks against unprotected subscriber identity module (SIM) cards. CDMA networks have two authentication protocols, cellular authentication and voice encryption (CAVE) based authentication protocol and authentication and key agreement (AKA) based authentication protocol, which are used in different phases of the networks. However, there has been no SCA attack for these two protocols so far. In this paper, in order to figure out if the authentication protocols of CDMA networks are sufficiently secure against SCA, we investigate the two existing protocols and their cryptographic algorithms. We find the side-channel weaknesses of the two protocols when they are implemented on embedded systems. Based on these weaknesses, we propose specific attack strategies to recover their authentication keys for the two protocols, respectively. We verify our strategies on an 8-bit microcontroller and a real-world SIM card, showing that the authentication keys can be fully recovered within a few minutes with a limited number of power measurements. The successful experiments demonstrate the correctness and the effectiveness of our proposed strategies and prove that the unprotected implementations of the authentication protocols of CDMA networks cannot resist SCA.
基金This research was supported by the National Natural Science Foundation of China(Grant No.61572174)Hunan Province Special Funds of Central Government for Guiding Local Science and Technology Development(2018CT5001)+4 种基金Hunan Provincial Natural Science Foundation of China(2019JJ60004)the Scientific Research Fund of Hunan Provincial Education Department with(19A072)Subject group construction project of Hengyang Normal University(18XKQ02)Application-oriented Special Disciplines,Double First-Class University Project of Hunan Province(Xiangjiaotong[2018]469)the Science and Technology Plan Project of Hunan Province(2016TP1020).
文摘There has been a growing interest in the sidechannel analysis(SCA)field based on deep learning(DL)technology.Various DL network or model has been developed to improve the efficiency of SCA.However,few studies have investigated the impact of the different models on attack results and the exact relationship between power consumption traces and intermediate values.Based on the convolutional neural network and the autoencoder,this paper proposes a Template Analysis Pre-trained DL Classification model named TAPDC which contains three sub-networks.The TAPDC model detects the periodicity of power trace,relating power to the intermediate values and mining the deeper features by the multi-layer convolutional net.We implement the TAPDC model and compare it with two classical models in a fair experiment.The evaluative results show that the TAPDC model with autoencoder and deep convolution feature extraction structure in SCA can more effectively extract information from power consumption trace.Also,Using the classifier layer,this model links power information to the probability of intermediate value.It completes the conversion from power trace to intermediate values and greatly improves the efficiency of the power attack.
基金upported by the National Natural Science Foundation of China (No. 61472292)the Technological Innovation of Hubei Province (No. 2018AAA046)the Key Technology Research of New-Generation HighSpeed and High-Level Security Chip for Smart Grid (No. 526816160015)
文摘Existing Side-Channel Attacks (SCAs) have several limitations and, rather than to be real attack methods, can only be considered to be security evaluation methods. Their limitations are mainly related to the sampling conditions, such as the trigger signal embedded in the source code of the encryption device, and the acquisition device that serves as the encryption-device controller. Apart from it being very difficult for an attacker to add a trigger into the original design before making an attack or to control the encryption device, there is a big gap in the capacity of existing SCAs to pose real threats to cipher devices. In this paper, we propose a new method, the sliding window SCA (SW-SCA), which can be applied in scenarios in which the acquisition device is independent of the encryption device and for which the encryption source code requires no trigger signal or modification. First, we describe the main issues in existing SCAs, then we theoretically analyze the effectiveness and complexity of our proposed SW-SCA --a method that can incorporate a sliding-window mechanism into almost all of the existing non-profiled SCAs. The experimental results for both simulated and physical traces verify the effectiveness of the SW-SCA and the appropriateness of its theoretical complexity.
基金the National Natural Science Foundation of China (Nos. 61521003 and 61602509)the National Key Research and Development Program of China (Nos. 2016YFB0800100 and 2016YFB0800101)the Key Technologies Research and Development Program of Henan Province of China (No. 172102210615).
文摘Co-residency of different tenants’ virtual machines(VMs) in cloud provides a good chance for side-channel attacks, which results in information leakage. However, most of current defense suffers from the generality or compatibility problem, thus failing in immediate real-world deployment. VM migration, an inherit mechanism of cloud systems, envisions a promising countermeasure, which limits co-residency by moving VMs between servers. Therefore, we first set up a unified practical adversary model, where the attacker focuses on effective side channels. Then we propose Driftor, a new cloud system that contains VMs of a multi-executor structure where only one executor is active to provide service through a proxy, thus reducing possible information leakage. Active state is periodically switched between executors to simulate defensive effect of VM migration. To enhance the defense, real VM migration is enabled at the same time. Instead of solving the migration satisfiability problem with intractable CIRCUIT-SAT, a greedy-like heuristic algorithm is proposed to search for a viable solution by gradually expanding an initial has-to-migrate set of VMs. Experimental results show that Driftor can not only defend against practical fast side-channel attack, but also bring about reasonable impacts on real-world cloud applications.
