Proceedings ArticleDOI
Timing attack analysis on AES on modern processors
Prakhar Kaushik,Rana Majumdar +1 more
TLDR
The authors try and implement cache timing attack on various AES implementations over modern processors and observe the results firsthand to consider the practical importance of mounting an attack over a non-idealized system.Abstract:
In recent years, academic focus on side chan-nel analysis has increased due to their effectiveness in leaking information from secure systems. Advanced Encryption Standard or Rinjdael has been the object of scrutiny ever since its inception as a federal standard. Presently, it is one of the most widely used encryption algorithms in the world and has withstood the various efforts to crypt-analyze it. With academic focus on time leaking code implementations increasing in the 90s, and successful crypt-analysis of many algorithms due to side channel data leakage and the fact that improper software implementations can leak information has brought focus on side channel analysis of AES. We shall try and implement the cache timing attack on a modern server and modern implementations and observe the results firsthand. In this paper, the authors try and implement cache timing attack on various AES implementations over modern processors. The practical importance of mounting an attack over a non-idealized system and analyzing these real world results can be considered the primary objectives of this paper.read more
Citations
More filters
Hardware security, vulnerabilities, and attacks: a comprehensive taxonomy
Paolo Prinetto,Gianluca Roascio +1 more
TL;DR: A meaningful and comprehensive taxonomy for the vulnerabilities affecting the hardware and the attacks that exploit them to compromise the system is proposed, also giving a definition of Hardware Security in order to clarify a concept often confused with other domains, even in the literature.
Proceedings ArticleDOI
A Unified Formal Model for Proving Security and Reliability Properties
TL;DR: In this paper, a unified model for reasoning about taint propagation behaviors and verifying design properties related to these behaviors is developed from the perspective of information flow and can be described using standard hardware description language (HDL), which can be used to prove both security and reliability properties in order to uncover unintended design flaw, timing channel and intentional malicious undocumented functionality.
Journal ArticleDOI
Time performance analysis of advanced encryption standard and data encryption standard in data security transaction
TL;DR: This study proposed an AES algorithm with different key size, and different file format, and it was confirmed that the AES algorithm have better performance in term of time taken as compared to DES.
Proceedings ArticleDOI
Real-Time Edge Processing Detection of Malicious Attacks Using Machine Learning and Processor Core Events
TL;DR: In this article, the authors use machine learning and processor core events to detect malicious exploits such as SPECTRE running in a process on a Linux based system, where a software agent periodically accesses the event counter register file during runtime, and a feature vector is formulated consisting of a particular subset of event counter data.
OtherDOI
Proactive Defense Against Security Threats on IoT Hardware
TL;DR: In this paper, the authors summarized three types of potential hardware security threats to IoT devices, including sidechannel analysis attacks, hardware Trojans (HTs), and untrusted software, and introduced the feasibility countermeasures, such as dynamic masking error deflection combined method, power distribution network (PDN) noise-based countermeasure, hardened network on chip (NoC) design, and FPGA-oriented moving target defense.
References
More filters
Journal ArticleDOI
Efficient Cache Attacks on AES, and Countermeasures
TL;DR: An extremely strong type of attack is demonstrated, which requires knowledge of neither the specific plaintexts nor ciphertexts and works by merely monitoring the effect of the cryptographic process on the cache.
Book ChapterDOI
An analytical model for time-driven cache attacks
TL;DR: An analytical model for time-driven cache attacks that accurately forecasts the strength of a symmetric key cryptosystem based on 3 simple parameters: the number of lookup tables, the size of the lookup tables; and the length of the microprocessor's cache line is presented.
Posted Content
Simpler and More Efficient Rank Estimation for Side-Channel Security Assessment.
TL;DR: A new tool for rank estimation that allows approximating the key rank of (128-bit, 256-bit) symmetric keys with very tight bounds (i.e. with less than one bit of error), almost instantaneously and with limited memory is proposed.
Book ChapterDOI
Multi-target DPA Attacks: Pushing DPA Beyond the Limits of a Desktop Computer
TL;DR: In this paper, the authors draw together emerging ideas from several strands of the literature (high performance computing, post-side-channel global key enumeration, and effective combination of separate information sources) by way of advancing (non-profiled) "standard DPA" towards a more realistic threat model in which trace acquisitions are scarce but adversaries are well resourced.
Posted Content
Multi-target DPA attacks: Pushing DPA beyond the limits of a desktop computer.
TL;DR: In this article, the authors draw together emerging ideas from several strands of the literature, such as high performance computing, post-side-channel global key enumeration, and effective combination of separate information sources, by way of advancing (nonprofiled) "standard DPA" towards a more realistic threat model in which trace acquisitions are scarce but adversaries are well resourced.