Top PDF Mitigating Differential Power Analysis Attacks on AES using NeuroMemristive Hardware

Mitigating Differential Power Analysis Attacks on AES using NeuroMemristive Hardware

Mitigating Differential Power Analysis Attacks on AES using NeuroMemristive Hardware

The exact definition of memristors is hotly debated, but a common feature is their pinched hysteresis curve. Chua succinctly stated ”If it’s pinched it’s a memristor” [8]. The resis- tance level of a memristor can be changed by applying a write voltage to its terminals. Depending on the type of the memristor this resistance behaves in different ways. By the pure definition of a memristor the resistance should always be changing whenever the ap- plied voltage changes. In fabricated devices it takes a sustained voltage above some write threshold to change the resistance of the device [44]. The behavior of fabricated devices is quite useful since the memristors are non-volatile and keep their state when the system using them is powered down. Their resistances can also be read without actually changing the resistance at the same time by applying a read voltage below the write threshold. This means a memristor can be used as a memory device or even as a synapse. The pinched hysteresis curve of a titanium dioxide memristor is shown in Fig. 2.8. This memristor was simulated in SPICE using a model published by Yakopcic et al. [50].
Show more

72 Read more

Methodologies for power analysis attacks on hardware implementations of AES

Methodologies for power analysis attacks on hardware implementations of AES

decision. The timing of the power measurements is based on signal activity events. Signal activity depends on the data values being computed. Therefore, a specific power sample event will only occur in some of the traces and not in others. If a data bit is evaluated to zero in one trace and one in another trace, the event and power sample will be recorded in one trace and not another. It also may be possible but less likely that the timing of an event can change. This means that the event occurs in both traces but at different times. This can occur if the bit being considered is determined based on more than one other signal which are evaluated at different times. If the bit is activated in two traces based on two different logical paths with different delays, the resulting event can occur at two different times. This is a problem since when the differential traces are calculated, the power consumption of the activated bits would not be added at the same point in time in the resulting aggregate waveform. They would be spread across two or more points in time which would decrease the amplitude of the power consumption and associated differential spike.
Show more

110 Read more

Hardening FPGA based AES implementations against side channel attacks based on power analysis

Hardening FPGA based AES implementations against side channel attacks based on power analysis

In a modern world with many privacy-sensitive data being send around the internet, data encryption is essential. A widely used encryption algorithm is AES (Advanced Encryption Standard). This algorithm has applications ranging from bank card security to hard disk encryption [14]. DPA (Differential Power Analysis) resilience is a topic of interest as in theory AES is a secure algorithm, but physical implementations make it vulnurable to attackers. It is therefore important to find out how to securely but efficiently implement the encryption algorithm on hardware like FPGAs. FPGAs are getting more and more popular as technology progresses. This is because on the one hand, bringing a custom ASIC to market is getting progressively costlier as production processes get more expensive the smaller the feature size becomes, making low volume chips uneconomic. On the other hand, those improved processes make ever more com- plicated FPGAs possible, enabling more complex and faster circuits to be implemented. Combining this with the fact that modern FPGAs, in particular MPSoCs that com- bine an FPGA with an SoC, open up opportunities previously not possible. That makes them very attractive options for a lot of projects and thus also cryptography applications. Examples of these opportunities include the option to update and patch hardware by reprogramming FPGAs, or even reprogramming them continuously. This last technique, called dynamic (partial) reconfiguration, enables techniques like storing many different circuits in the SoC part of an MPSoC and only implementing the circuit needed at the time, decreasing FPGA resource usage and static device power consumption. Another possible application is storing many variants of the same netlist. If a different circuit is used every time the AES algorithm is run, the power profile will be slightly different every run, which makes DPA harder.
Show more

36 Read more

Mitigating Different Attacks in OLSR Protocol –A Survey

Mitigating Different Attacks in OLSR Protocol –A Survey

Wormhole attack is the most common of attacks. It records traffic from one network region and replays it in another region. It is launched by an intruder node ‘X’ being within transmission range of legitimate nodes “Node A” and ‘Node B’, where ‘Node A’ and ‘Node B’ are not within transmission range of each other. The intruder ‘X’ node just routes control traffic between ‘Node A’ and ‘Node B’ and vice versa, without the modification accepted by the routing protocol.

5 Read more

Enhanced Scheme for Mitigating Jamming Attacks in MANETs

Enhanced Scheme for Mitigating Jamming Attacks in MANETs

Hongjiu Yang et.al [1]- In this paper, authors studied a countermeasure for wireless networked control system suffering from jamming attacks in cyber layer by a variable sampling approach. They utilized the stackelberg game approach to analyse interactions between users and jammers. They also designed a variable sampling controller that deal with data packets dropout. At last, authors validated the effectiveness of the proposed methodology by using a simulation numerical which was stable in the mean square sense.

8 Read more

1.
													Mitigating black hole and gray hole attacks in manets  using id3

1. Mitigating black hole and gray hole attacks in manets using id3

Black hole and gray hole attacks are the most important security problems in MANET. Black hole starts in route discovery phase and gray hole as an attack which drops packets in transmitting step [3]. Detection of gray hole is more difficult than black hole, because the attacker works as normal node then starts dropping of data. some of the proposed works are introduced to detect black and gray hole attacks, pointed out their advantages and disadvantages and at the end, these methods are compared from some aspects.

7 Read more

PiPoMonitor: Mitigating Cross-core Cache Attacks Using the Auto-Cuckoo Filter

PiPoMonitor: Mitigating Cross-core Cache Attacks Using the Auto-Cuckoo Filter

Abstract—Cache side channel attacks obtain victim cache line access footprint to infer security-critical information. Among them, cross-core attacks exploiting the shared last level cache are more threatening as their simplicity to set up and high capacity. Stateful approaches of detection-based mitigation observe precise cache behaviors and protect specific cache lines that are suspected of being attacked. However, their recording structures incur large storage overhead and are vulnerable to reverse engineering attacks. Exploring the intrinsic non-determinate layout of a traditional Cuckoo filter, this paper proposes a space efficient Auto-Cuckoo filter to record access footprints, which succeed to decrease storage overhead and resist reverse engineering attacks at the same time. With Auto-Cuckoo filter, we propose PiPoMonitor to detect Ping-Pong patterns and prefetch specific cache line to interfere with adversaries’ cache probes. Security analysis shows the PiPoMonitor can effectively mitigate cross-core attacks and the Auto-Cuckoo filter is immune to reverse engineering attacks. Evaluation results indicate PiPoMonitor has negligible impact on performance and the storage overhead is only 0.37%, an order of magnitude lower than previous stateful approaches.
Show more

6 Read more

Mitigating CSRF attacks on OAuth 2.0 Systems

Mitigating CSRF attacks on OAuth 2.0 Systems

Since RP developers often fail to add a state parameter to authorization requests, large numbers of real-world OAuth 2.0 implementations are vulnerable to CSRF attacks; moreover traditional Referer header, Origin header and Custom header countermeasures [3] are infeasible in the OAuth 2.0 frame- work. We propose instead to combine the Referer header and the fact that RPs register different URIs for different IdPs (see §III-A) to provide a novel means of mitigating CSRF attacks. We first describe how a Referer header can be used to mitigate CSRF attacks against the redirect uri in both the Authorization Code Grant Flow of OAuth 2.0 and the (very similar) Authorization Code Flow of OpenID Connect. A. Protecting the Authorization Code (Grant) Flow
Show more

6 Read more

Side  Channel  Power  Analysis  of  an  AES-256  Bootloader

Side Channel Power Analysis of an AES-256 Bootloader

Extending a standard CPA attack to work on AES-256 requires some modifications to the attack for the second decryption round, as detailed previously in [3] and [4]. In addition this paper has demonstrated the use of a standard CPA attack to determine the Initialization Vector (IV), which in general demonstrates the effectiveness of a CPA attack on a single XOR operation. As many cryptographic algorithms use XOR, the results of the CPA attack on an XOR are of particular interest beyond just the attack on AES. The CPA attack on the XOR operation was part of the original CPA paper experiments[2], and this paper provides some updated data for a recent 8-bit microcontroller.
Show more

6 Read more

Hardware / Software Co design using LEON3 Processor: AES as Case Study

Hardware / Software Co design using LEON3 Processor: AES as Case Study

manufacturer's FPGAs. These commercial solutions have certain limitations. The most important is that the implemented soft cores are dependent on the manufacturer's specific hardware. These soft cores are also closed source, so modifications or enhancements to these soft cores are impossible. For low budget projects, the cost of these software packages is unaffordable. Therefore, it is preferable to use open source cores [3] which are freely available from open source communities, for example open source core LEON3 by Gaisler Research [4, 5] and Open RISC 1200 from open cores.
Show more

5 Read more

Differential  Fault  Analysis  of  AES:  Towards  Reaching  its  Limits

Differential Fault Analysis of AES: Towards Reaching its Limits

There are two more versions of AES: AES-192 and AES-256. Initially, it was assumed that attack proposed by Piret e t al. can be extended to these two versions of the AES with little modification. However, this assumption has been shown to be wrong. In 2009, Li e t al. [18] proposed a complete attack on AES- 192 and AES-256. This attack required 16 or 3000 faulty ciphertexts depending on the fault model. Subsequently, many attacks were proposed on AES-192 and AES-256 [14,16,27]. The most recent among these attacks is an attack proposed by Kim [16], which only requires two faulty ciphertexts to uniquely determine the AES-192 key and three faulty ciphertext to retrieve the 256-bit key AES-256. Recently, there has been a significant research on the AES key schedule. Chen e t al. [8], improved Giraud’s attack [9] and showed that the proposed attack can retrieve the AES-128 key by inducing faults in 9-th round key and requires less than 30 faulty ciphertexts. Peacham e t al. [22], considered a different fault model where a fault is induced while the ninth round key is being generated. Therefore, the induced fault subsequently propagated to the tenth round key. Peacham’s attack required only 12 faulty ciphertexts to retrieve the AES-128 secret key. Takahashi e t al. [28], proposed a generalized attack that required only two faulty ciphertexts to reduce the number of key hypotheses for a AES- 128 secret key to 2 48 . Other variants of this attack were presented that, using
Show more

46 Read more

Estimation and analysis of multi GNSS differential code biases using a hardware signal simulator

Estimation and analysis of multi GNSS differential code biases using a hardware signal simulator

For global TEC monitoring and other related applications, it would be straightforward to carry out the analysis provided the receiver with the known DCB is part of the IGS/MGEX network. However, as in a general situation this receiver will not be part of the network, its DCB must be obtained from the manufacturer or otherwise carefully estimated through a tech- nique that can ensure that it is consistent with the available set of satellite DCBs. We hereby introduce a technique for satellite and receiver DCB estimation by first estimating the DCB of an available receiver through simulation and afterward ‘inserting’ this receiver in a global network for processing. For carrying out this technique, a Septentrio PolaRxS Pro ISMR, referred to hereafter as ‘SEPT,’ was used in conjunction with the Spirent GSS8000 hardware simulator, in a simulation where the state of the ionosphere, troposphere and the other group delays could be controlled, as demonstrated in Ammar (2011). Once the receiver DCB has been estimated, it is then used to con- strain the solution in a global network of stations following the strategy implemented by the Centre of Orbit Determination in Europe (CODE), to ultimately estimate the DCBs of the satellites and all the other receivers involved in the network (Schaer 1999). The final results should produce a consistent set of stable DCBs, which are now closer to their physical val- ues and therefore more representative to be employed in any TEC monitoring application. For validation purposes, another Septentrio PolaRxS Pro ISMR and a Javad Triumph-I receiver are also involved. These are referred to hereafter as ‘SEP2’ and ‘JAVD,’ respectively. Moreover, the idea of working with an ISMR as a primary receiver was originally conceived because of the specific feature of this receiver to estimate TEC for iono- spheric monitoring purposes, where the estimation of DCBs is desirable so that absolute and calibrated TEC can be obtained. Nevertheless, the proposed technique can be applied to any conventional multi-frequency, multi-constellation receiver, as long as its capabilities can be reflected in the GNSS simulator.
Show more

12 Read more

Increasing Resistance Against Power Analysis Attacks Using Dual Key Scheme

Increasing Resistance Against Power Analysis Attacks Using Dual Key Scheme

Execution of a mathematically secure encryption algorithm on hardware is known to leak certain information to the side channels of the hardware. These side channels include current consumed from power supply and electromagnetic radiation emitted from cryptographic hardware. The information thus leaked can be utilized to mount an attack to reveal secret information about the algorithm (e.g. encryption key). This method of extracting the information is broadly classified as “Side Channel Attacks”. A type of side channel attack called “Power Analysis” utilizes the power/current consumed information as a source of information leakage. Several measures including “hiding” have been proposed to counter these attacks. These counter measures are based upon inserting randomness or consuming nearly constant current thus reducing the value of this information. In this research, we propose a new hiding countermeasure which uses dual keys to perform cryptographic operations. This method cannot be bypassed by increasing the number of traces.
Show more

10 Read more

Performance Analysis of Different Mitigating Circuits For Power Quality Improvement

Performance Analysis of Different Mitigating Circuits For Power Quality Improvement

ABSTRACT: This paper work presents a comprehensive analysis of different types of passive filter configurations and Single phase Shunt Active Power Filter (SAPF) using digital notch filter and high pass filter modeled in MATLAB/SIMULINK. The controlling strategy employed in the Shunt Active Filter is, Hysteresis current controller. Hysteresis controller has been modeled using the relay block in MATLAB. The filter performances have been analyzed based on their harmonic mitigation capability and also on the problem of source loading that they might impose.Total harmonic distortion is found out by performing Fast Fourier Transform (FFT) analysis of each kind of filter. All the analysis have been made considering an AC-DC converter (α=0), i.e a Diode Bridge Rectifier.
Show more

9 Read more

Mitigating the Risks of Privilege-based Attacks in Federal Agencies

Mitigating the Risks of Privilege-based Attacks in Federal Agencies

We empower organizations to not only mitigate user-based risks arising from misuse of system or device privileges, but also identify and remediate asset vulnerabilities targeted by cyber attacks. As a result, our customers are able to address both internal and external threats, while making every device – physical, virtual, mobile and cloud – as secure as possible.

11 Read more

Detecting Flooding Attacks Using Power Divergence

Detecting Flooding Attacks Using Power Divergence

As described before, when applying the value of = 0.5 to the Power Divergence, this coincides with the Hellinger Distance (HD). Fig. 9 illustrates the behavior of SYN traffic with the SYN flooding attack under Power Divergence technique. It is obvious that with this value of , Power Divergence is not able to detect the 9 SYN flooding attacks. It can only detect the 7 first attacks but not the last 2 attacks at t = 310 and t = 350.

13 Read more

Mitigating  Multi-Target  Attacks  in  Hash-based  Signatures

Mitigating Multi-Target Attacks in Hash-based Signatures

Hash-based signatures are considered to be the most promising post-quantum alternative to existing schemes such as RSA and ECDSA, which are vulnerable to quantum attacks. This is especially so because the security of cryptographic hash functions is well understood under intensive scrutinization. In addition, there are exact reductionist proofs relating the hardness of breaking the schemes to the hardness of breaking security properties of the hash functions used in the schemes. This allows precise estimation of the security of specific parameter sets. Traditionally, the security of hash-based signature schemes was related to collision-resistance of the used hash function. In recent years several works focused on basing security on milder assumptions [16,12,13,23,25,6], such as second-preimage resistance and one-wayness. There are two fundamental reasons driving this trend. On the one hand, the attacks against the collision-resistance of SHA1 and MD5 motivated researchers to develop collision-resilient signature schemes [20,29]. On the other hand, collision resistance is subject to birthday attacks while (second-)preimage resistance is not. Hence, to reach a security level of λ bits, a hash function with n = 2λ bit digests is needed if collision resistance is required whereas for (second-)preimage resistance only n = λ bit digests are needed. Halving the output size of the used hash function immediately halves the signature and key sizes of hash-based signatures.
Show more

40 Read more

AppCon: Mitigating evasion attacks to ML cyber detectors

AppCon: Mitigating evasion attacks to ML cyber detectors

The application of machine learning algorithms to cybersecurity must face the problem posed by adversarial attacks. In this paper, we propose AppCon , a novel approach that aims to improve the resilience of cyber detectors against evasion attacks. Our solution is particularly suited to strengthen machine learning-based network intrusion detection systems deployed in realistic environments. The proposal combines the effectiveness of ensemble learning with the intuition that modern network environments generate traffic from a finite set of applications; the goal is limiting the options that an attacker can use to craft his malicious adversarial samples by tailoring the NIDS for the set of applications used in the protected network. We evaluate the quality of AppCon through an extensive experimental campaign in a botnet detection scenario. The results provide evidence that our solution achieves the symmetric quality of mitigating evasion attacks while not affecting the detection performance in non-adversarial settings, and that it is effective on multiple supervised ML algorithms. These improvements represent a meaningful step towards the development of more secure cyber detectors relying on machine learning. The present work presents margins for future improvements: an enticing idea consists of evaluating the synergy of the proposed AppCon approach with other defensive strategies, with the goal of further improving the detection rate against evasion attacks. Author Contributions: Conceptualization: G.A. and G.R.; methodology, G.A., M.A., and G.R.; software, G.R. and V.G.C.; validation, G.A., M.M., and V.G.C.; formal analysis, G.A., M.M.; investigation, G.A. and G.R.; resources, M.M.; data curation, G.A. and G.R.; writing—original draft preparation, G.A.; writing—review and editing, G.A., M.M., V.G.C., and M.A.; visualization, G.A., V.G.C., and G.R.; supervision, M.A.; project administration, M.M. All authors have read and agreed to the published version of the manuscript.
Show more

23 Read more

Poseidon: Hardware Support for Buffer Overflow Attacks

Poseidon: Hardware Support for Buffer Overflow Attacks

implies that we need to read the register file, and propagate this information down the pipeline. While the target address for a return instruction is already latched in the source operand, the stack pointer needs some support for propagation. The registers would be read after the fetch stage and before the renaming stage. In the case of call and return instructions, in order to be able to record the stack pointer accurately, we have to create the illusion of having an extra source operand for these instructions. In order to avoid having to change the ISA, whatever value of rSP (where rSP is used to denote the register which is architected to hold the Stack Pointer) is read from the register file at the point of fetching these instructions, would be latched and sent down the pipeline along with the instruction. This description is discussed in section 4.1 where we talk about simulating this detection mechanism using a detailed, out-of-order timing simulator, simplescalar 3.0[24]. Since the operating system needs to save and restore state of the shadow stack, the shadow stack needs to be visible to the OS. Besides the entries shown in Fig. 3.1, other state associated with the shadow stack would include the top of stack pointer and perhaps a length register. An alternative to the length register would be to implicitly run the Full() function described in section 3.1 every cycle.
Show more

52 Read more

Mitigating Sybil Attacks By Using Sybil Based Defense Mechanism In Large Social Networks

Mitigating Sybil Attacks By Using Sybil Based Defense Mechanism In Large Social Networks

In this step it identification and detection of the Sybil nodes for entire community user (or ) nodes presented in the social network based representation graph . The algorithm divide the Sybil region into smaller Sybil region to exact identification of the Sybil user in the social network graph based representation using network simulation tool, if the values of the Sybil node one 𝑆 1 is smaller than the Sybil region then it is identified as non Sybil region or else is considered as Sybil user ,similarly it is applied for Sybil user two. The system is applied to entire network through the random walk length estimation method in Algorithm 3 and it is applied to Algorithm 4. Initiate the algorithm with 𝑅 random walks for each number of the Sybil nodes and calculation the ratio of lifeless walks; previous to they attain the required length. If it is smaller than the 𝛽 it becomes close to one it is considered as the Sybil node. Repeat this procedure until the value of the node is no lesser than 𝛽 .
Show more

9 Read more

Show all 10000 documents...