Your search keyword '"Side-Channel Attacks"' showing total 12 results

1. AI-based Fingerprinting over Stream, Cache and RF Signals

Author

Li, Haipeng

Subjects

Computer Engineering, Artificial Intelligence, Side-channel Attacks, Fingerprinting, Deep Neural Networks

Abstract

Fingerprinting is a technique that identifies websites, software and devices by leveraging a group of information from users. An attacker can acquire users' secrets by only analyzing side-channel features from a system, such as network packet size and direction, power usage or CPU usage. In traditional fingerprinting attacks, a large amount of human effort is required as an attacker has to manually extract effective features for attacking purpose. This kind of attacking approach is easy to be defended as a defender can invalidate the attack by modifying the target features that are used in the attack. However, for AI-based fingerprinting, handcrafted feature is not necessary anymore. An attacker can train a machine learning classifier over raw data directly and achieve an impressive classification results. In this proposal, I propose to design effective and efficient defenses against deep neural network based fingerprinting attack.Firstly, I propose to improve the efficiency of existing defense against neural network based stream fingerprinting. Many defense algorithms have been proposed to defeat stream fingerprinting. However, most of those existing defense algorithms need extremely high bandwidth overhead in order to make the defense effective. In this dissertation, I leverage feature selection methods to analyze the feature space in stream fingerprinting. Instead of treating network packets equally when adding noises, we distinguish important packets using feature selection algorithms and add more noise to those important packets. Secondly, I propose to design an efficient defense against CPU cache based website fingerprinting. Recently, a new attack was proposed to monitor the cache occupancy of the Last Level Cache on a user’s CPU. Although a defense was proposed, it is not effective when an attacker adapts the classifier with defended data. In this dissertation, I investigate the behavior of cache occupancy channel and reveal the reason why current defense algorithm fails to protect user's privacy. Based on our observation, I propose a new defense algorithm that can defeat the cache occupancy attack even an attacker can retrain the classifier with defended dataset.Thirdly, I propose to improve the robustness of radio fingerprinting. Existing deep neural network based radio frequency (RF) fingerprinting suffers from performance reduction in a cross-day scenario where the training the test dataset are collected from different days. I investigate how pre-processing raw I/Q data can impact the performance of radio fingerprinting. Moreover, I propose to leverage transfer learning techniques to improve the robustness of deep neural network based radio fingerprinting in a cross-day scenario.At last, I investigate how to improve the portability of deep neural networks in side-channel attacks. In general, a large neural network with millions of trainable parameters is preferred in side-channel attacks. However, it can be extremely resource-consuming to train or test such large networks. In this task, I propose a novel structured pruning algorithm to reduce the size of a pre-defined CNN model. Our method can customize the pruning rate for a layer based on statistical information of weights and can generate a pruned model in one-shot.

Published

2023

2. Towards Robust Side Channel Attacks with Machine Learning

Author

Wang, Chenggang

Subjects

Computer Engineering, Side-channel attacks, Deep learning, Transfer learning, Domain adaptation, Network security

Abstract

Users' privacy and data security are under unprecedented threat because of the growing use of the Internet and digital devices, one example of such threat is side-channel attacks. The side-channel attacks are a class of cyber-attacks in which the attacker tries to exploit physical side-channel information leakage to recover critical information of a user. The research on side-channel attacks has made significant progress and remains a hot topic. Deep learning based side-channel attack methods have shown advantages in many aspects. But these methods are facing critical limitations -- insufficient labeled training data and data distribution shifts, which will cause side-channel attack failure. Our research focuses on these problems and investigates two specific side-channel attacks: 1) side-channel attack over encrypted network traffic (also called website fingerprinting); 2) side-channel attack to power consumption on micro-controllers (also called side-channel attack). My main focus and contributions are 3 fold:Firstly, we studied website fingerprinting in a more real-world scenario: the attacker and the user have different network setups and website content updates frequently, which causes the well-trained model outdated in a few days, but the collection of labeled data could take more than 2 weeks. Due to this reason, the attacker cannot obtain enough labeled training data to perform the attack. Facing this challenge, we designed a novel website fingerprinting attack method based on the adversarial domain adaption technique, which can enable the attacker to perform the attack with less than 20 traces per website and achieve over 80\% accuracy when the network setup is different.Secondly, we studied the side-channel attack when the attacker cannot obtain a sufficient number of training traces, which will cause the traditional deep learning based methods to fail to recover the key. To address this limitation, we proposed a novel side-channel attack based on the triplet network. The main idea of our method is to train a triplet network, which learns a robust distinguishable embedding for the side-channel attack with few traces. The experimental results show that our method can successfully recover the key with only 250 training traces while a CNN needs at least 4,000 training traces in profiling attacks. In addition, we extend our method to non-profiling attacks. Our method is also effective against countermeasures, such as masked AES and random delay. Finally, we studied the side-channel attack when there are software-based discrepancies between the user and attacker. In the real-world, the encryption software running on the digital device may have many variations, such as random delay, using different compiler optimization levels, applying code rewriting to the source code and etc. This will lead to a critical research question --- what is the impact when the side-channel data when they are collected with different software variations and how to mitigate such discrepancies? Such questions haven't been profoundly and thoroughly discussed in previous literature. In this project, we carefully examine 3 kinds of software-based discrepancies and proposed novel attack methods to overcome such data domain shifts. Our work is the first effort in this direction.

Published

2023

3. Applied Machine Learning for Analyzing and Defending against Side Channel Threats

Author

Wang, Han

Subjects

Electrical engineering, Applied Machine Learning, Computer Architecture, Security, Side-Channel Attacks

Abstract

The sharing of hardware components in modern processors helps to achieve high performance and meet the increasing computation demand. Though isolation has been done among users and applications at operating system level, recent research shows that attacks can leverage sophisticated approaches to observe the behaviors of the shared hardware components and infer secrets including password, secret key, etc. Such observations and corresponding attacks are called as side channels and side-channel attacks (SCAs). A number of SCAs have been discovered including Flush+Reload, Flush+Flush, Prime+Probe, Spectre, Meltdown, Fallout, RIDL, ZombieLoad. SCAs have threatened the security of billions of hardware devices, including chips manufactured by Intel, Apple, ARM, etc. Therefore, it is urgent to address the security threats caused by SCAs.This dissertation pursues the use of machine learning to design effective defense mechanisms and obtain a comprehensive understanding of the side channel threats for emerging applications. In particular, we propose to tackle from three aspects: detection, mitigation and vulnerability analysis. For detection part, we leverage the microarchitecture level information, i.e. hardware performance counters, to build machine learning-based SCAs detectors. Eventually, we propose two customized machine learning classification models to capture SCAs at real-time and detect zero-day SCAs respectively. As the increase edge devices deployed in the network, we also investigate the machine learning-based detectors against malware and SCAs on autonomous vehicles, mobiles and laptops respectively. We find that hardware performance counters can effectively capture the SCAs with machine learning techniques. A second aspect of the dissertation is exploring the existing system level and hardware level settings for designing light-weight SCAs mitigation approaches. We find that randomizing the frequency and prefetchers can obfuscate side channel traces and protect against secret leakage. Based on the effectiveness of machine learning-based SCAs detection and randomization-based mitigation, we further developed a detection-mitigation defense approach to further minimize performance overhead incurred by adjusting hardware and system level parameters. In the last part of this dissertation, we evaluated the side channel leakage in more general applications which are mostly neglected in the prior side channel research community. We find that hardware performance counters can also be used by attackers to fingerprint websites users visited. Besides, we also discover that the inputs' labels of deep learning models are susceptible to be leaked via side-channel attack, i.e. Flush+Reload. To the best of our knowledge, we are the first group to identify the correlation between label information and side channel observations, highlighting the importance of reexamining the side channel vulnerability in general applications.

Published

2022

4. Towards Comprehensive Side-channel Resistant Embedded Systems

Author

Yao, Yuan

Subjects

Side-Channel Attacks, Pre-silicon, Side-channel Leakage Source, Countermeasures, Simulation, Root Cause Analysis, Leakage Evaluation

Abstract

Embedded devices almost involve every part of our lives, such as health condition monitoring, communicating with other people, traveling, financial transactions, etc. Within the embedded devices, our private information is utilized, collected and stored. Cryptography is the security mechanism within the embedded devices for protecting this secret information. However, cryptography algorithms can still be analyzed and attacked by malicious adversaries to steal secret data. There are different categories of attacks towards embedded devices, and the side-channel attack is one of the powerful attacks. Unlike analyzing the vulnerabilities within the cryptography algorithm itself in traditional attacks, the side-channel attack observes the physical effect signals while the cryptography algorithm runs on the device. These physical effects include the power consumption of the devices, timing, electromagnetic radiations, etc., and we call these physical effects that carry secret information side-channel leakage. By statistically analyzing these side-channel leakages, an attacker can reconstruct the secret information. The manifestation of side-channel leakage happens at the hardware level. Therefore, the designer has to ensure that the hardware design of the embedded system is secure against side-channel attacks. However, it is very arduous work. An embedded systems design including a large number of electronic components makes it very difficult to comprehensively capture every side-channel vulnerability, locate the root cause of the side-channel leakage, and efficiently fix the vulnerabilities. In this dissertation, we developed methodologies that can help designers detect and fix side-channel vulnerabilities within the embedded system design at low cost and early design stage.

Published

2021

5. Information Inference based on Barometer Sensor in Android Devices

Author

Hafez, Alireza

Subjects

Android, Barometer, Side-Channel Attacks, Mobile, Security

Abstract

Abstract: Most modern smartphones are equipped with barometer sensors. Accessing barometers does not require any permission or user notification, as it is deemed to be harmless. We show, however, that by simply reading low-rate barometer's samples, any background application can detect user's finger taps on the device's touch screen, and infer information about the positions of the taps. This can reveal sensitive information to background applications that, for security reasons, do not have access to the touch screen input. In addition, we show that barometers' samples reveal information about the smartphone's speaker activity. Specifically, using simple machine learning and classification methods, we detect with high accuracy whether the speaker is silent or playing a given sound such as a ringtone.

Published

2020

6. Modeling attack resistant strong physical unclonable functions : design and applications

Author

Xi, Xiaodan

Subjects

Physical unclonable functions, Hardware security, Side-channel attacks, Machine learning

Abstract

Physical unclonable functions (PUFs) have great promise as hardware authentication primitives due to their physical unclonability, high resistance to reverse engineering, and difficulty of mathematical cloning. Strong PUFs are distinguished by an exponentially large number of challenge-response pairs (CRPs), in contrast with weak PUFs that have a smaller CRP set. Because the adversary cannot create an enumeration clone by recording all CRPs even when in physical possession of a PUF, strong PUFs enable secure direct authentication, that does not require cryptography and are thus attractive to low-energy and IoT applications. The first contribution of this dissertation is the design of a strong silicon PUF resistant to machine learning (ML) attacks. For a strong PUF to be an effective security primitive, the CRPs need to be unpredictable: given a set of known CRPs, it should be difficult to predict the unobserved CRPs. Otherwise, an adversary can succeed in an attack based on building a model of the PUF. Early strong PUFs have shown vulnerability to ML based attacks. We take advantage of the strongly nonlinear I -- V property of MOSFETs operating in subthreshold region to introduce a highly unpredictable PUF. The PUF, termed the subthreshold current array PUF (SCA-PUF), consists of a pair of two-dimensional transistor arrays, a circuit stabilizing the PUF output, and a low-offset comparator. The proposed 65-bit SCA-PUF is fabricated in a 130nm process and allows 2⁶⁵ CRPs. It consumes 68nW and 11pJ/bit while exhibiting high uniqueness, uniformity, and randomness. It achieves bit error rate (BER) of 5.8% for the temperature range of -20 to +80°C and supply voltage variation of ±10%. A calibration-based CRP selection method is developed to improve BER to 0.4% with a 42% loss of CRPs. When subjected to ML attacks, the prediction error stays over 40% on 10⁴ training points, which shows negligible loss in PUF unpredictability and about 100X higher resilience than the 65-bit arbiter PUF, 3-XOR PUF, and 3-XOR lightweight PUF. The second contribution is the application of a strong PUF in a secure key update scheme. Side-channel attacks on cryptographic implementations threaten system security via the loss of the secret key. The adversary can recover the key by analyzing side-channel analog behavior of a cryptographic device, such as power consumption. Fresh re-keying techniques aim to mitigate these attacks by regularly updating the key, so that the side-channel exposure of each key is minimized. Existing key update schemes generate fresh keys by processing a root key using arithmetic operations. Unfortunately, such techniques have been demonstrated to also be vulnerable to side-channel attacks. We propose a novel approach to fresh re-keying that replaces the arithmetic key update function with a strong PUF. We show that the security of our scheme hinges on the resilience of the PUF to a power side-channel attack and propose a realization based on the SCA-PUF. We show that the SCA-PUF is resistant to simple power analysis and a modeling attack that uses ML on the power side-channel. We target an insecure device and secure server encryption scenario for which we provide an efficient and scalable method of PUF enrollment. Finally, we develop an end-to-end encryption system with PUF-based fresh re-keying, using a reverse fuzzy extractor construction. The third contribution is the implementation of a strong PUF provably secure against ML attacks. The security is derived from cryptographic hardness of learning decryption functions of semantically secure public-key cryptosystems within the probably approximately correct framework. The proposed PUF, termed the lattice PUF, compactly realizes the decryption function of the learning-with-errors (LWE) public-key cryptosystem as the core block. The lattice PUF is lightweight and fully digital. It is constructed using a weak PUF, as a physically obfuscated key (POK), an LWE decryption function block, a pseudo-random number generator in the form of a linear-feedback shift register (LFSR), a self-incrementing counter, and a control block. The POK provides the secret key of the LWE decryption function. A fuzzy extractor is utilized to ensure stability of the POK. The proposed lattice PUF significantly improves upon a direct implementation of LWE decryption function in terms of challenge transfer cost by exploiting distributional relaxations allowed by recent work in space-efficient LWEs. Specifically, only a small challenge-seed is transmitted while the full-length challenge is re-generated by the LFSR resulting in a 100X reduction of communication cost. To prevent an active attack in which arbitrary challenges can be submitted, the value of a self-incrementing counter is embedded into the challenge seed. We construct a lattice PUF that realizes a challenge-response pair space of size 2¹³⁶, requires 1160 POK bits, and guarantees 128-bit ML resistance. Assuming a bit error rate of 5% for SRAM-based POK, 6.5K SRAM cells are needed. The PUF shows excellent uniformity, uniqueness, and reliability. We implement the PUF on a Spartan 6 FPGA. It requires only 45 slices for the lattice PUF proper and 233 slices for the fuzzy extractor

Published

2019

7. Architecture Support for Countermeasures against Side-Channel Analysis and Fault Attack

Author

Kiaei, Pantea

Subjects

Side-channel attacks, Fault attacks, Custom-instruction extensions, Bitslicing, Software countermeasures

Abstract

The cryptographic algorithms are designed to be mathematically secure; however, side-channel analysis attacks go beyond mathematics by taking measurements of the device’s electrical activity to reveal the secret data of a cipher. These attacks also go hand in hand with fault analysis techniques to disclose the secret key used in cryptographic ciphers with even fewer measurements. This is of practical concern due to the ubiquity of embedded systems that allow physical access to the adversary such as smart cards, ATMs, etc.. Researchers through the years have come up with techniques to block physical attacks to the hardware or make such attacks less likely to succeed. Most of the conducted research consider one or the other of side-channel analysis and fault injection attacks whereas, in a real setting, the adversary can simultaneously take advantage of both to retrieve the secret data with less effort. Furthermore, very little work considers a software implementation of these ciphers although, with the availability of small and affordable or free microarchitectures, and flexibility and simplicity of software implementations, it is at times more practical to have a software implementation of ciphers instead of dedicated hardware chips. In this project, we come up with a modular presentation, suitable for software implementation of ciphers, to allow having simultaneous resistance against side-channel and fault analysis attacks. We also present an extension at the microarchitecture level to make our proposed countermeasures more intact and efficient.

Published

2019

8. Investigating the viability of adaptive caches as a defense mechanism against cache side-channel attacks

Author

Bandara, Sahan Lakshitha

Subjects

Computer engineering, Defense, Reconfigurable caches, Side-channel attacks

Abstract

The ongoing miniaturization of semiconductor manufacturing technologies has enabled the integration of tens to hundreds of processing cores on a single chip. Unlike frequency-scaling where performance is increased equally across the board, core-scaling and hardware thread-scaling harness the additional processing power through the concurrent execution of multiple processes or programs. This approach of mingling or interleaving process executions has engendered a new set of security challenges that risks to undermine nearly three decades’ worth of computer architecture design efforts. The complexity of the runtime interactions and aggressive resource sharing among processes, e.g., caches or interconnect network paths, have created a fertile ground to mount attacks of ever-increasing acuteness against these computer systems. One such class of attacks is cache side-channel attacks. While caches are vital to the performance of current processors, they have also been the target of numerous side-channel attacks. As a result, a few cache architectures have been proposed to defend against these attacks. However, these designs tend to provide security at the expense of performance, area and power. Therefore, the design of secure, high-performance cache architectures is still a pressing research challenge. In this thesis, we examine the viability of self-aware adaptive caches as a defense mechanism against cache side-channel attacks. We define an adaptive cache as a caching structure with (i) run-time reconfiguration capability, and (ii) intelligent built-in logic to monitor itself and determine its parameter settings. Since the success of most cache side-channel attacks depend on the attacker’s knowledge of the key cache parameters such as associativity, set count, replacement policy, among others, an adaptive cache can provide a moving target defense approach against many of these cache side-channel attacks. Therefore, we hypothesize that the runtime changes in certain cache parameters should render some of the side-channel attacks less effective due to their dependence on knowing the exact configuration of the caches.

Published

2019

9. Enhancing and Extending Software Diversity

Author

Crane, Stephen

Subjects

Computer science, Code-reuse Attacks, Computer Security, Side-channel Attacks, Software Defenses, Software Diversity

Abstract

Software immunity through diversity is a promising research direction. Address Space Layout Randomization has been widely deployed to defend against code-reuse attacks and significantly raises the bar for attackers. However, automated software diversity is still exploitable by adroit and adaptable adversaries. Using powerful memory disclosure attacks, offensive researchers have demonstrated weaknesses in conventional randomization techniques. In addition, current defenses are largely passive and allow attackers to continuously brute-force randomized defenses with little impediment. Building on the foundation of automated software diversity, we propose novel techniques to strengthen the security and broaden the impact of code randomization. We first discuss software booby traps, a new active defense technique enabled by randomized program contents. We then propose, implement, and evaluate a comprehensive randomization-based system, Readactor++, which is resilient to all types of memory disclosure attacks. Readactor++ enforces execute-only memory protections on commodity x86 processors, thus preventing direct disclosure of randomized code. We also identify the indirect disclosure attack, a new class of code leakage via data disclosure, and mitigate this attack as well. By integrating booby traps into our system, we protect against brute-force memory disclosure attempts. In our evaluation we find that Readactor++ compares favorably to other memory-disclosure resilient code-reuse defenses and that it scales effectively to complex, real-world software. Finally, we propose a novel extension of code randomization to mitigate side-channel rather than code-reuse attacks. Using control-flow diversity, a novel control-flow transformation, we introduce dynamic behavior into program side effects with fast, static code. As an example, we apply this technique to mitigate an AES cache side-channel attack. With our techniques, software diversity can now be efficiently secured against advanced attacks, including memory disclosure and function table reuse, and is adaptable to combat new classes of threats, such as side-channel attacks.

Published

2015

10. Secure and Efficient Implementations of Cryptographic Primitives

Author

Guo, Xu

Subjects

Block Cipher, Side-Channel Attacks, SHA-3, Hash Function, System-on-Chip, Cryptographic Coprocessor, Elliptic Curve Cryptography, Fault Attacks

Abstract

Nowadays pervasive computing opens up many new challenges. Personal and sensitive data and computations are distributed over a wide range of computing devices. This presents great challenges in cryptographic system designs: how to protect privacy, authentication, and integrity in this distributed and connected computing world, and how to satisfy the requirements of different platforms, ranging from resource constrained embedded devices to high-end servers. Moreover, once mathematically strong cryptographic algorithms are implemented in either software or hardware, they are known to be vulnerable to various implementation attacks. Although many countermeasures have been proposed, selecting and integrating a set of countermeasures thwarting multiple attacks into a single design is far from trivial. Security, performance and cost need to be considered together. The research presented in this dissertation deals with the secure and efficient implementation of cryptographic primitives. We focus on how to integrate cryptographic coprocessors in an efficient and secure way. The outcome of this research leads to four contributions to hardware security research. First, we propose a programmable and parallel Elliptic Curve Cryptography (ECC) coprocessor architecture. We use a systematic way of analyzing the impact of System-on-Chip (SoC) integration to the cryptographic coprocessor performance and optimize the hardware/software codesign of cryptographic coprocessors. Second, we provide a hardware evaluation methodology to the NIST SHA-3 standardization process. Our research efforts cover both of the SHA-3 fourteen Second Round candidates and five Third Round finalists. We design the first SHA-3 benchmark chip and discuss the technology impact to the SHA-3 hardware evaluation process. Third, we discuss two technology dependent issues in the fair comparison of cryptographic hardware. We provide a systematic approach to do a cross-platform comparison between SHA-3 FPGA and ASIC benchmarking results and propose a methodology for lightweight hash designs. Finally, we provide guidelines to select implementation attack countermeasures in ECC cryptosystem designs. We discuss how to integrate a set of countermeasures to resist a collection of side-channel analysis (SCA) attacks and fault attacks. The first part of the dissertation discusses how system integration can affect the efficiency of the cryptographic primitives. We focus on the SoC integration of cryptographic coprocessors and analyze the system profile in a co-simulation environment and then on an actual FPGA-based SoC platform. We use this system-level design flow to analyze the SoC integration issues of two block ciphers: the existing Advanced Encryption Standard (AES) and a newly proposed lightweight cipher PRESENT. Next, we use hardware/software codesign techniques to design a programmable ECC coprocessor architecture which is highly flexible and scalable for system integration into a SoC architecture. The second part of the dissertation describes our efforts in designing a hardware evaluation methodology applied to the NIST SHA-3 standardization process. Our Application Specific Integrated Circuit (ASIC) implementation results of five SHA-3 finalists are the first ASIC real measurement results reported in the literature. As a contribution to the NIST SHA-3 competition, we provide timely ASIC implementation cost and performance results of the five SHA-3 finalists in the SHA-3 standard final round evaluation process. We define a consistent and comprehensive hardware evaluation methodology to the NIST SHA-3 standardization process from Field Programmable Gate Array (FPGA) prototyping to ASIC implementation. The third part of the dissertation extends the discussion on hardware benchmarking of NIST SHA-3 candidates by analyzing the impact of technology to the fair comparison of cryptographic hardware. First, a cross-platform comparison between the FPGA and ASIC results of SHA-3 designs demonstrates the gap between two sets of benchmarking results. We describe a systematic approach to analyze a SHA-3 hardware benchmark process for both FPGAs and ASICs. Next, by observing the interaction of hash algorithm design, architecture design, and technology mapping, we propose a methodology for lightweight hash implementation and apply it to CubeHash optimizations. Our ultra-lightweight design of the CubeHash algorithm represents the smallest ASIC implementation of this algorithm reported in the literature. Then, we introduced a cost model for analyzing the hardware cost of lightweight hash implementations. The fourth part of the dissertation discusses SCA attacks and fault attacks resistant cryptosystem designs. We complete a comprehensive survey of state-of-the-art of secure ECC implementations and propose a methodology on selecting countermeasures to thwart multiple side-channel attacks and fault attacks. We focus on a systematic way of organizing and understanding known attacks and countermeasures.

Published

2012

11. TOWARDS SECURING VIRTUALIZATION USING A RECONFIGURABLE PLATFORM

Author

Janefalkar, Tushar

Subjects

FPGA, Hardware security, Side-channel attacks, Virtualization, Computer Engineering

Abstract

Virtualization is no longer limited to main stream processors and servers. Virtualization software for General Purpose Processors (GPP) that allow one Operating System (OS) to run as an application in another OS have become commonplace. To exploit the full potential of the available hardware, virtualization is now prevalent across all systems big and small. Besides GPPs, state-of-the-art embedded processors are now capable of running rich operating systems and their virtualization is now a hot topic of research. However, this technological progress also opens doors for attackers to snoop on data that is not only confined to storage servers but also transferred to and used in important transactions on mobile platforms. This work focuses on side channel attacks that arise due to hardware resource sharing between two concurrently running processes. These attacks can be in the form of monitoring cache accesses of a process or monitoring the power consumption of the system to determine the operation being performed. These attacks are seemingly harmless as the attacking process does not perform any illegal operations to snoop on the information available through side channels. Side channel attacks have been used to easily decipher encryption keys for AES and RSA algorithms that are the two most commonly used encryption techniques. Software based solutions against these side channel attacks have been documented but do not guarantee a complete solution as they are either too specific to one aspect of an attack or demand changes to the Instruction Set Architecture (ISA) or static hardware designs. Implementation of such solutions is not always feasible. In this project, we explore the virtualization of a PowerPC processor embedded on a Field Programmable Gate Array (FPGA) using the Kernel-based Virtual Machine (KVM). Then, we propose solutions that make use of the surrounding FPGA fabric to implement security measures that would make execution of side channel attacks difficult. Lastly, this work provides detailed discussion on how to setup a development platform for FPGA-enabled hardware security, which involves cross compilation.

Published

2011

12. REDUCED COMPLEMENTARY DYNAMIC AND DIFFERENTIAL CMOS LOGIC: A DESIGN METHODOLOGY FOR DPA RESISTANT CRYPTOGRAPHIC CIRCUITS

Author

RAMMOHAN, SRIVIDHYA

Subjects

Differential Power Analysis (DPA) Attacks, Secret Key, Dynamic Differential Logic, Side-Channel Attacks

Abstract

In recent times, many embedded applications such as mobile phones, smart-cards, etc. use cryptographic devices that use a secret key to encrypt sensitive data to secure it. Encryption algorithms are often challenged during physical implementation (ICs), providing key information to the attackers. Differential Power Analysis (DPA) is a power attack technique uses the difference in power consumed by each input data in conjunction with statistical analysis to extract statistical information that correlates power consumption to the secret key. Our goal is to present a Dynamic Differential Logic style whose power consumption is input independent and which reuses part of circuit to generate differential output. The logic style proposed by us, Reduced Complementary Dynamic and Differential logic (RCDDL) style helps achieve increased DPA resistance with 31.66% improvement in security strength, 14% reduction in power and 7.75% reduction in area on an average when compared to other existing logic styles.

Published

2007