D. Jayasinghe,R. G. Ragel,D. Elkaduwe

DOI: https://doi.org/10.48550/arXiv.1403.7293

2014-03-28

Cryptography and Security

Abstract:Rijndael was standardized in 2001 by National Institute of Standard and Technology as the Advanced Encryption Standard (AES). AES is still being used to encrypt financial, military and even government confidential data. In 2005, Bernstein illustrated a remote cache timing attack on AES using the client-server architecture and therefore proved a side channel in its software implementation. Over the years, a number of countermeasures have been proposed against cache timing attacks both using hardware and software. Although the software based countermeasures are flexible and easy to deploy, most of such countermeasures are vulnerable to statistical analysis. In this paper, we propose a novel software based countermeasure against cache timing attacks, known as constant time encryption, which we believe is secure against statistical analysis. The countermeasure we proposed performs rescheduling of instructions such that the encryption rounds will consume constant time independent of the cache hits and misses. Through experiments, we prove that our countermeasure is secure against Bernstein's cache timing attack.

U. Herath,J. Alawatugoda,R.G. Ragel

DOI: https://doi.org/10.1109/ICIInfS.2013.6731958

2014-03-06

Abstract:Advanced Encryption Standard (AES) is a symmetric key encryption algorithm which is extensively used in secure electronic data transmission. When introduced, although it was tested and declared as secure, in 2005, a researcher named Bernstein claimed that it is vulnerable to side channel attacks. The cache-based timing attack is the type of side channel attack demonstrated by Bernstein, which uses the timing variation in cache hits and misses. This kind of attacks can be prevented by masking the actual timing information from the attacker. Such masking can be performed by altering the original AES software implementation while preserving its semantics. This paper presents possible software implementation level countermeasures against Bernstein's cache timing attack. Two simple software based countermeasures based on the concept of "constant-encryption-time" were demonstrated against the remote cache timing attack with positive outcomes, in which we establish a secured environment for the AES encryption.

Cryptography and Security

Xinjie Zhao,Shize Guo,Fan Zhang,Tao Wang,Zhijie Shi,Zhe Liu,Jean-Francois Gallais

DOI: https://doi.org/10.1016/j.cose.2013.07.002

IF: 5.105

2013-01-01

Computers & Security

Abstract:Existing trace driven cache attacks (TDCAs) can only analyze the cache events in the first two rounds or the last round of AES, which limits the efficiency of the attacks. Recently, Zhao et al. proposed the multiple deductions-based algebraic side-channel attack (MDASCA) to cope with the errors in leakage measurements and to exploit new leakage models. Their preliminary results showed that MDASCA can improve TDCAs and attack the AES implemented with a compact lookup table of 256 bytes. This paper performs a comprehensive study of MDASCA-based TDCAs (MDATDCA) on most of the AES implementations that are widely used. First, the key recovery in TDCA is depicted by an abstract model regardless of the specific attack techniques. Then, the previous work of TDCAs on AES is classified into three types and its limitations are analyzed. How to utilize the cache events with MDATDCA is presented and the overhead is also calculated. To evaluate MDATDCA on AES, this paper constructs a mathematical model to estimate the maximal number of leakage rounds that can be utilized and the minimal number of cache traces required for a successful MDATDCA. Extensive experiments are conducted under different implementations, attack scenarios and key lengths of AES. The experimental results are consistent with the theoretical analysis. Many improvements are achieved. For the first time, we show that TDCAs on AES-192 and AES-256 become possible with the MDATDCA technique. Our work attests that combining TDCAs with algebraic techniques is a very efficient way to improve cache attacks.

zhou ping,wang tao,li guang,zhang fan,zhao xinjie

DOI: https://doi.org/10.1109/CC.2015.7122479

2015-01-01

Abstract:FLUSH+RELOAD attack is recently proposed as a new type of Cache timing attacks. There are three essential factors in this attack, which are monitored instructions, threshold and waiting interval. However, existing literature seldom exploit how and why they could affect the system. This paper aims to study the impacts of these three parameters, and the method of how to choose optimal values. The complete rules for choosing the monitored instructions based on necessary and sufficient condition are proposed. How to select the optimal threshold based on Bayesian binary signal detection principal is also proposed. Meanwhile, the time sequence model of monitoring is constructed and the calculation of the optimal waiting interval is specified. Extensive experiments are conducted on RSA implemented with binary square-and-multiply algorithm. The results show that the average success rate of full RSA key recovery is 89.67%.

Samira Briongos,Ida Bruhns,Pedro Malagón,Thomas Eisenbarth,José M. Moya

DOI: https://doi.org/10.48550/arXiv.2008.12188

2020-08-27

Cryptography and Security

Abstract:Microarchitectural side channel attacks have been very prominent in security research over the last few years. Caches have been an outstanding covert channel, as they provide high resolution and generic cross-core leakage even with simple user-mode code execution privileges. To prevent these generic cross-core attacks, all major cryptographic libraries now provide countermeasures to hinder key extraction via cross-core cache attacks, for instance avoiding secret dependent access patterns and prefetching data. In this paper, we show that implementations protected by 'good-enough' countermeasures aimed at preventing simple cache attacks are still vulnerable. We present a novel attack that uses a special timing technique to determine when an encryption has started and then evict the data precisely at the desired instant. This new attack does not require special privileges nor explicit synchronization between the attacker and the victim. One key improvement of our attack is a method to evict data from the cache with a single memory access and in absence of shared memory by leveraging the transient capabilities of TSX and relying on the recently reverse-engineered L3 replacement policy. We demonstrate the efficiency by performing an asynchronous last level cache attack to extract an RSA key from the latest wolfSSL library, which has been especially adapted to avoid leaky access patterns, and by extracting an AES key from the S-Box implementation included in OpenSSL bypassing the per round prefetch intended as a protection against cache attacks.

Zehong (Zephyr) Qiu,Fan Zhang

DOI: https://doi.org/10.46586/tches.v2023.i3.570-596

2023-01-01

Abstract:Algebraic Fault Analysis (AFA) is a cryptanalysis for block ciphers proposed by Courtois et al., which incorporates algebraic cryptanalysis to overcome the complexity of manual analysis within the context of Differential Fault Analysis (DFA). The effectiveness of AFA on lightweight block ciphers has been demonstrated. However, the complexity of the algebraic systems prevents it from attacking heavyweight block ciphers efficiently. In this paper, we propose a novel cryptanalysis called Redundancies-assisted Algebraic Fault Analysis (RAFA) to facilitate the solution of algebraic systems in the setting of heavyweight block ciphers. The core idea of RAFA is to expedite SAT solvers by modifying the algebraic systems, which is accomplished via two methods. The first method introduces redundant constraints, which is proposed for the first time in the context of algebraic cryptanalysis. The second one is a sophisticated linearization of the nonlinear Algebraic Normal Form (ANF). It takes RAFA for about 9.68 hours to attack AES-128. To the best of our knowledge, this is the first work that uses a general SAT solver to attack AES with only a single injection of byte-fault. Moreover, RAFA can attack AES-128 in 50.92 and 27.54 minutes for nibble- and bit-based fault model, respectively. In comparison, the traditional DFA algorithm implemented by pure C takes 4 ~ 5 hours under all three fault models investigated in this work. Moreover, in order to show the generality of RAFA, we also apply it to other heavyweight block ciphers. The best results show that RAFA could recover the key of Serpent-256 and SPEEDY-r-192 in 20.7 and 1.5 hours using only three faults, respectively. In comparison, AFA could not break these two ciphers even when 30 bits and 50 bits of their keys are known, respectively. Furthermore, no DFA work on Serpent or SPEEDY is known using comparable fault models.

Fan Zhang,Xinjie Zhao,Wei He,Shivam Bhasin,Shize Guo

DOI: https://doi.org/10.1007/s11432-016-0233-0

2017-01-01

Science China Information Sciences

Abstract:>Fault analysis is a very powerful technique to break cryptographic implementations.In particular,bitlevel fault analysis(BLFA),where faults are injected by flipping one or a few isolated bits,are among the most efficient of the lot.BLFA requires both precise fault injection capabilities and sophisticated key extraction skills.Algebraic fault analysis(AFA)[1]is a good analysis technique for BLFA.Compared with differential fault analysis(DFA),AFA relies on the automation from machine solvers.Since it fully utilizes the leakages

Dag Arne Osvik,Adi Shamir,Eran Tromer

DOI: https://doi.org/10.1007/11605805_1

2006-01-01

Abstract:We describe several software side-channel attacks based on inter-process leakage through the state of the CPU’s memory cache. This leakage reveals memory access patterns, which can be used for cryptanalysis of cryptographic primitives that employ data-dependent table lookups. The attacks allow an unprivileged process to attack other processes running in parallel on the same processor, despite partitioning methods such as memory protection, sandboxing and virtualization. Some of our methods require only the ability to trigger services that perform encryption or MAC using the unknown key, such as encrypted disk partitions or secure network links. Moreover, we demonstrate an extremely strong type of attack, which requires knowledge of neither the specific plaintexts nor ciphertexts, and works by merely monitoring the effect of the cryptographic process on the cache. We discuss in detail several such attacks on AES, and experimentally demonstrate their applicability to real systems, such as OpenSSL and Linux’s dm-crypt encrypted partitions (in the latter case, the full key can be recovered after just 800 writes to the partition, taking 65 milliseconds). Finally, we describe several countermeasures for mitigating such attacks.

Shivam Bhasin,Jingyu Pan,Fan Zhang

2018-01-01

Abstract:This works gives an overview of persistent fault attacks on block ciphers, a recently introduced fault analysis technique based on persistent faults. The fault typically targets stored constant of cryptographic algorithms over several encryption calls with a single injection. The underlying analysis technique statistically recovers the secret key and is capable of defeating several popular countermeasures by design.

Shize Guo,Xinjie Zhao,Fan Zhang,Tao Wang,Zhijie Jerry Shi,Francois-Xavier Standaert,Chujiao Ma

DOI: https://doi.org/10.1109/tifs.2014.2315534

IF: 7.231

2014-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Algebraic side-channel attack (ASCA) is a typical technique that relies on a general solver to solve the equations of a cipher and its side-channel leaks. It falls under analytical side-channel attack and can recover the entire key at once. Many ASCAs are proposed against the AES, and they utilize the Grobner basis-based, SAT-based, or optimizer-based solver. The advantage of the general solver approach is its generic feature, which can be easily applied to different cryptographic algorithms. The disadvantage is that it is difficult to take into account the specialized properties of the targeted cryptographic algorithms. The results vary depending on what type of solver is used, and the time complexity is quite high when considering the error-tolerant attack scenarios. Thus, we were motivated to find a new approach that would lessen the influence of the general solver and reduce the time complexity of ASCA. This paper proposes a new analytical side-channel attack on AES by exploiting the incomplete diffusion feature in one AES round. We named our technique incomplete diffusion analytical side-channel analysis (IDASCA). Different from previous ASCAs, IDASCA adopts a specialized approach to recover the secret key of AES instead of the general solver. Extensive attacks are performed against the software implementation of AES on an 8-bit microcontroller. Experimental results show that: 1) IDASCA can exploit the side-channel leaks in all AES rounds using a single power trace; 2) it has less time complexity and more robustness than previous ASCAs, especially when considering the error-tolerant attack scenarios; and 3) it can calculate the reduced key search space of AES for the given amount of side-channel leaks. IDASCA can also interpret the mechanism behind previous ASCAs on AES from a quantitative perspective, such as why ASCA can work under unknown plaintext/ciphertext scenarios and what are the extreme cases in ASCAs.

Deepraj Chowdhury,Ajoy Dey,Ritam Garai,Subhrangshu Adhikary,Ashutosh Dhar Dwivedi,Uttam Ghosh,Waleed S. Alnumay

DOI: https://doi.org/10.1007/s12652-022-04379-7

IF: 3.662

2022-09-23

Journal of Ambient Intelligence and Humanized Computing

Abstract:Triple Data Encryption Standard (also known as 3DES) is a symmetric encryption algorithm. European Traffic Management System popularly uses 3DES for authentication and encryption. However, as per a draft published by NIST in 2018, 3DES is officially being retired and not suggested to use for new applications. Several attacks were imposed on 3DES, and the biggest threat to 3DES is meet in the middle attack. Therefore for long term security, it is essential to enhance the security of such algorithms. This paper proposed a new cipher DeCrypt inspired by 3DES, an improved version of the 3DES algorithm, and secured against meet in the middle attack. As per the experiment performed, DeCrypt cipher is 61 per cent faster than 3DES, providing long-term and better security against sweet-32 attacks than other symmetric algorithms. The proposed algorithm is also faster than 3DES due to reduced encryption and decryption time.

computer science, information systems,telecommunications, artificial intelligence

Ping Zhou,Tao Wang,Xiaoxuan Lou,Xinjie Zhao,Fan Zhang,Shize Guo

DOI: https://doi.org/10.1007/s11432-017-9108-3

2017-01-01

Science China Information Sciences

Abstract:Dear editor, Cache timing attack is a very powerful side channel attack technique to break cryptographic implementations.Recently,Flush-Reload,a new type of cache attacks,was proposed to attack cryptographic implementations on multi-core platforms.It utilizes a spy processes S to monitor the victim process V which shares the same memory pages.S flushes the specific memory lines of V,evicts data from all levels of caches,and then reloads these memory lines into cache.The corresponding loading time can be measured,therefore the victim's accesses to the specific instructions can be monitored.

Nan Liao,Xiaoxin Cui,Tian Wang,Kai Liao,Dunshan Yu,Xiaole Cui

DOI: https://doi.org/10.1109/cstic.2016.7464078

2016-01-01

Abstract:Random fault attacks against Advanced Encryption Standard (AES) hardware implementation are widely researched. In the previous fault analysis, 6 rounds of attacks are required to recover the correct round-key, which is not efficient enough for extensive analysis. In this paper, a more efficient fault model is proposed. Based on the analysis of theoretical key candidate number, the proposed attack method can complete the analysis as few as 3 rounds. Experiment results shows that nearly 90% of the attacks recover the correct round-key with 3 rounds and in average only 3.125 rounds are required with our proposed attack method.

An Wang,Man Chen,Zongyue Wang,Xiaoyun Wang

DOI: https://doi.org/10.1109/TCSII.2013.2268379

2013-01-01

Abstract:In 2011, Li presented clockwise collision analysis on nonprotected Advanced Encryption Standard (AES) hardware implementation. In this brief, we first propose a new clockwise collision attack, called fault rate analysis (FRA), on masked AES. Then, we analyze the critical and noncritical paths of the S-box and find that, for its three input bytes, namely, the input value, the input mask, and the output mask, the path relating to the output mask is much shorter than those relating to the other two inputs. Therefore, some sophisticated glitch cycles can be chosen such that the values in the critical path of the whole S-box are destroyed but this short path is not affected. As a result, the output mask does not offer protection to the S-box, which leads to a more efficient attack. Compared with three attacks on masking countermeasures at the Workshop on Cryptographic Hardware and Embedded Systems 2010 and 2011, our method only costs about 8% of their time and 4% of their storage space.

Ping Zhou,Tao Wang,Fan Zhang,Xinjie Zhao

DOI: https://doi.org/10.13245/j.hust.180305

2018-01-01

Abstract:Previous flush-reload cache attacks cannot be directly adopted to SM2 digital signature algorithm.In this paper,an improved method for selecting the monitored address in flush-reload cache attacks on SM2 was proposed.By taking advantage of multiple cache accesses caused by function callings, the cache lines which contain call instructions were selected to be the monitored addresses in order to increase the accuracy.The experimental results show that the proposed method makes the flush-reload attack on SM2 feasible and effective.The 256 bit scalark can be recovered with a bit errors rate as only 1.09％ by the side channel information of a single signing.The full private key can be recovered with a success rate as 59％ through 64 times exhaustive research.

Iván Prada,Francisco D. Igual,Katzalin Olcoz

DOI: https://doi.org/10.48550/arXiv.1904.11268

2019-04-25

Abstract:Cache timing attacks use shared caches in multi-core processors as side channels to extract information from victim processes. These attacks are particularly dangerous in cloud infrastructures, in which the deployed countermeasures cause collateral effects in terms of performance loss and increase in energy consumption. We propose to monitor the victim process using an independent monitoring (detector) process, that continuously measures selected Performance Monitoring Counters (PMC) to detect the presence of an attack. Ad-hoc countermeasures can be applied only when such a risky situation arises. In our case, the victim process is the AES encryption algorithm and the attack is performed by means of random encryption requests. We demonstrate that PMCs are a feasible tool to detect the attack and that sampling PMCs at high frequencies is worse than sampling at lower frequencies in terms of detection capabilities, particularly when the attack is fragmented in time to try to be hidden from detection.

Cryptography and Security

Fan Zhang,Zhijie Jerry Shi

DOI: https://doi.org/10.1109/ITNG.2008.183

2008-01-01

Abstract:Elliptic curve cryptography (ECC) has been adopted in many systems because it requires shorter keys than traditional public-key algorithms in primary fields. However, power analysis attacks can exploit the power consumption of ECC devices to retrieve secret keys. In this paper, we propose an efficient window-based countermeasure that is secure against existing power analysis attacks. Compared to previous counter- measures, our method has low memory overhead, requiring only a table of w+1 entries when the window size is w bits. It also has better performance than many algorithms that perform one point addition or subtraction for every bit in the scalar.

Zhijie Jerry Shi,Fan Zhang

2006-01-01

Abstract:Elliptic curve cryptography (ECC) has attracted a lot of attention because it can provide similar levels of security with much shorter keys than the arithmetic of multiple-precision integers in finite fields, which has been widely used in many public-key and key-exchange algorithms. Small key sizes are especially important to resource constrained devices as shorter keys require less storage space and consume less power to transmit and compute. However, ECC algorithms are vulnerable to power analysis attacks, which exploit the instantaneous power consumptions of computing devices to retrieve secret data. Many countermeasures have been proposed to make ECC implementations secure against power analysis. One of the approaches is randomized algorithms that generate different power traces even if the input of the algorithm is the same. For example, the randomized scalar point multiplication algorithm proposed by Oswald et al. combines two algorithms and uses random variables to decide which algorithm to follow at different stages of the execution. The randomized algorithm can thwart traditional power analysis attacks. However, in this paper, we propose an effective attack on the randomized algorithms. Our attack does not require a large number of power traces and has a very high success rate.

Jan Philipp Thoma,Christian Niesler,Dominic Funke,Gregor Leander,Pierre Mayr,Nils Pohl,Lucas Davi,Tim Güneysu

DOI: https://doi.org/10.48550/arXiv.2104.11469

2022-08-18

Abstract:In the recent past, we have witnessed the shift towards attacks on the microarchitectural CPU level. In particular, cache side-channels play a predominant role as they allow an attacker to exfiltrate secret information by exploiting the CPU microarchitecture. These subtle attacks exploit the architectural visibility of conflicting cache addresses. In this paper, we present ClepsydraCache, which mitigates state-of-the-art cache attacks using a novel combination of cache decay and index randomization. Each cache entry is linked with a Time-To-Live (TTL) value. We propose a new dynamic scheduling mechanism of the TTL which plays a fundamental role in preventing those attacks while maintaining performance. ClepsydraCache efficiently protects against the latest cache attacks such as Prime+(Prune+)Probe. We present a full prototype in gem5 and lay out a proof-of-concept hardware design of the TTL mechanism, which demonstrates the feasibility of deploying ClepsydraCache in real-world systems.

Cryptography and Security,Hardware Architecture

Li Xiangyu,Sun Yihe

DOI: https://doi.org/10.1109/asscc.2006.357892

2006-01-01

Abstract:THDFAES04 is a data flow random execution Rijndael encryption ASIC, which can resist against side-channel attacks and is low power. It is based on dynamic data-flow architecture. It performs token matching and random service jointly by the token Hold-Match-Fetch components. In experiments, it could resist 15000 less samples correlation power analysis attack. The fabricated chip's average energy of one 128 bits key AES encryption is 0.053 muJ. Its die size is 2.21 mm2. Its throughput distributes between 59 Mbps and 63 Mbps.