64 Hits in 7.8 sec

Bounding the Cache-Side-Channel Leakage of Lattice-Based Signature Schemes Using Program Semantics [chapter]

Nina Bindel, Johannes Buchmann, Juliane Krämer, Heiko Mantel, Johannes Schickel, Alexandra Weber
2018 Lecture Notes in Computer Science  
The leakage bounds we compute with program analysis are sound overapproximations of cacheside-channel leakage. We detect four cache-side-channel vulnerabilities in the implementation of ring-TESLA.  ...  Due to a recent key recovery from a lattice-based implementation, it becomes clear that cache side channels are a serious threat for lattice-based implementations.  ...  This work has been partially funded by the DFG as part of projects P1 and E3 within the CRC 1119 CROSSING.  ... 
doi:10.1007/978-3-319-75650-9_15 fatcat:iywj6552b5ddfbgxqsvcufuq2e

MicroWalk: A Framework for Finding Side Channels in Binaries [article]

Jan Wichelmann, Ahmad Moghimi, Thomas Eisenbarth, Berk Sunar
2018 arXiv   pre-print
We develop a software framework named for side-channel analysis of binaries which can be extended to support new classes of leakage.  ...  For the first time, by utilizing , we perform rigorous leakage analysis of two widely-used closed-source cryptographic libraries: Intel IPP and Microsoft CNG.  ...  of side channels.  ... 
arXiv:1808.05575v1 fatcat:22htj3stpvdolcf4cgrwu7pbum

Hardware-Software Contracts for Secure Speculation [article]

Marco Guarnieri, Boris Köpf, Jan Reineke, Pepe Vila
2020 arXiv   pre-print
On the hardware side, we use the framework to provide the first formalization and comparison of the security guarantees provided by a representative class of mechanisms for secure speculation.  ...  On the software side, we use the framework to characterize program properties that guarantee secure co-design in two scenarios traditionally investigated in isolation: (1) ensuring that a benign program  ...  The semantics is based on the semantics from [13] , [18] and it models the execution of µ ASM programs by a simple out-of-order processor with a unified cache for data and instructions and a branch  ... 
arXiv:2006.03841v3 fatcat:jkj3xiqbd5d4baalaqgprzzka4

Statically Checking Confidentiality of Shared Memory Programs with Dynamic Labels

Marcus V
2008 2008 Third International Conference on Availability, Reliability and Security  
We provide a mechanically-checked soundness proof and show the effectiveness of a countermeasure to the AES cache side-channel attack.  ...  Synchronisation renders parts of the shared memory inaccessible to those programs which adhere to the locking policy.  ...  We applied our algorithm to a central part of the AES encryption algorithm and proved confidentiality for a countermeasure to a cache side-channel attack on the encryption key.  ... 
doi:10.1109/ares.2008.56 dblp:conf/IEEEares/Volp08 fatcat:deg5jitc5nfjplgrfvbf43ybwe

A survey of microarchitectural timing attacks and countermeasures on contemporary hardware

Qian Ge, Yuval Yarom, David Cock, Gernot Heiser
2016 Journal of Cryptographic Engineering  
We classify types of attacks according to a taxonomy of the shared resources leveraged for such attacks. Moreover, we take a detailed look at attacks used against shared caches.  ...  Microarchitectural timing channels expose hidden hardware state though timing.  ...  Leakage channels are often classified according to the threat model: Side channels refer to the accidental leakage of sensitive data (for example an encryption key) by a trusted party, while covert channels  ... 
doi:10.1007/s13389-016-0141-6 fatcat:7fvkr7h54rbl5mx6vrochsgtkm

Flow-Limited Authorization

Owen Arden, Jed Liu, Andrew C. Myers
2015 2015 IEEE 28th Computer Security Foundations Symposium  
FLAC programs selectively enable flows of information; the type system ensures that attackers cannot create unauthorized flows.  ...  We embed the FLAM logic in a core programming model, the Flow-Limited Authorization Calculus (FLAC).  ...  However, the authorization process has the potential to leak confidential information in two distinct ways. The first source of leakage is a side channel in the authorization process.  ... 
doi:10.1109/csf.2015.42 dblp:conf/csfw/ArdenLM15 fatcat:sxrbaf5vyffyfdhafjvqnqmyry

Efficient implementation of ideal lattice-based cryptography

Thomas Pöppelmann
2017 it - Information Technology  
One alternative is lattice-based cryptography which allows the construction of asymmetric public-key encryption and signature schemes that offer a good balance between security, performance, and key as  ...  AbstractAlmost all practically relevant asymmetric cryptosystems like RSA or ECC are either based on the hardness of factoring or on the hardness of the discrete logarithm problem.  ...  Necessary future work to facilitate practical adoption of BLISS and other lattice-based DSSs would be the evaluation of the resistance against side-channel attacks and the implementation of side-channel  ... 
doi:10.1515/itit-2017-0030 fatcat:mpmamskk25h3lbyshy4rfd4y4y

Generic Side-channel attacks on CCA-secure lattice-based PKE and KEMs

Prasanna Ravi, Sujoy Sinha Roy, Anupam Chattopadhyay, Shivam Bhasin
2020 Transactions on Cryptographic Hardware and Embedded Systems  
Firstly, we identified EM-based side-channel vulnerabilities in the error correcting codes (ECC) enabling us to distinguish based on the value/validity of decrypted codewords.  ...  We subsequently exploit these vulnerabilities to demonstrate practical attacks applicable to six CCA-secure lattice-based PKE/KEMs competing in the second round of the NIST standardization process.  ...  The work was done during the visit of second author to NTU. The visit and the work was partially funded by BMW Asia Pte Ltd (Award no. M4062657.B60.500000).  ... 
doi:10.13154/tches.v2020.i3.307-335 dblp:journals/tches/RaviRCB20 fatcat:vxjrhqhmffcm5a5pdo5tqpk624

Distributed computing column 48

Idit Keidar
2012 ACM SIGACT News  
Acknowledgements We are grateful to the speakers, to the program committee members of WTTM 2012 for their help in reviewing this year's submissions and to Panagiota Fatourou for her help in the organization  ...  of the event.  ...  and lock-based programs, thus allowing to compare the amount of concurrency of a concurrent program [10] .  ... 
doi:10.1145/2421119.2421137 fatcat:qivpih26l5fp3ejfmium3bhfdu

Proceedings of the Third Workshop on Formal Integrated Development Environment

Kim G. Larsen
2017 Electronic Proceedings in Theoretical Computer Science  
We would like to put our preliminary results of our proposed approach together and evaluate (1) whether DSE is applicable to SPLs in order to e ciently derive the behavioural changes among di↵erent products  ...  , and (2) to what extent feature interactions including the added, modified, and deleted behavioural changes are covered by the automatically generated test cases.  ...  It has long been known that static analysis in insufficient for the detection of side-channel attacks (e.g., cache attacks, power attacks, etc.).  ... 
doi:10.4204/eptcs.240.0.1 fatcat:imfjolcxmrfm7kqiz523rbyj5i

Secure System Virtualization: End-to-End Verification of Memory Isolation [article]

Hamed Nemati
2020 arXiv   pre-print
The reduced trusted computing base minimizes the system attack surface and facilitates the use of formal methods to ensure functional correctness and security of the kernel.  ...  They reduce the software portion of the system's trusted computing base to a thin layer, which enforces isolation between low- and high-criticality components.  ...  Since we are not interested in evaluating a specific signature scheme, we computed the signature of each physical block as the xor of the contained words, allowing us to focus on the overhead introduced  ... 
arXiv:2005.02605v1 fatcat:h7sdyjoxyrexhaswjns5mcfdey

Secure Multiparty Computation and Trusted Hardware: Examining Adoption Challenges and Opportunities

Joseph I. Choi, Kevin R. B. Butler
2019 Security and Communication Networks  
This paper revisits the history of improvements to SMC over the years and considers the possibility of coupling trusted hardware with SMC.  ...  The traditional enabler of SMC is cryptography, but the significant number of cryptographic operations required results in these techniques being impractical for most real-time, online computations.  ...  This work is supported in part by the US National Science Foundation under grant CNS-1540217.  ... 
doi:10.1155/2019/1368905 fatcat:izynm6msrvehfa3ghkw7tykk34

Security Protocols in a Nutshell [article]

Mohsen Toorani
2016 arXiv   pre-print
Furthermore, a survey on computational security models for authenticated key exchange (AKE) and password-authenticated key exchange (PAKE) protocols, as the most important and well-studied type of security  ...  It reviews foundations of security protocols, taxonomy of attacks on security protocols and their implementations, and different methods and models for security analysis of protocols.  ...  Acknowledgment The author would like to thank Øyvind Ytrehus for helpful comments and discussions.  ... 
arXiv:1605.09771v2 fatcat:mkbc3in6tvdo7madnvqaxogbfq

Post-Quantum Cryptography [chapter]

Qijun Gu, Pascal Paillier, Tanja Lange, Edlyn Teske, Darrel Hankerson, Alfred Menezes, David Zhang, Feng Yue, Wangmeng Zuo, Jean-Jacques Quisquater, Gildas Avoine, Gerald Brose (+73 others)
2011 Encyclopedia of Cryptography and Security  
Scientists from all over the world gave talks on the state of the art of quantum computers and on cryptographic schemes that may be able to resist attacks by quantum computers.  ...  The use of general descriptive names, registered names, trademarks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective  ...  Acknowledgements We thank Phong Nguyen and Markus Rückert for helpful discussions on the practical security of lattice-based cryptography.  ... 
doi:10.1007/978-1-4419-5906-5_386 fatcat:ucdkilta7zc3voq7nqctmjkcr4

2020 Index IEEE Internet of Things Journal Vol. 7

2020 IEEE Internet of Things Journal  
., Rateless-Code-Based Secure Cooperative Transmission Scheme for Industrial IoT; JIoT July 2020 6550-6565 Jamalipour, A., see Murali, S., JIoT Jan. 2020 379-388 James, L.A., see Wanasinghe, T.R.,  ...  ., +, JIoT May 2020 4016-4027 Revisit of Certificateless Signature Scheme Used to Remote Authentication Schemes for Wireless Body Area Networks.  ...  ., +, JIoT June 2020 5359-5370 Revisit of Certificateless Signature Scheme Used to Remote Authentication Schemes for Wireless Body Area Networks.  ... 
doi:10.1109/jiot.2020.3046055 fatcat:wpyblbhkrbcyxpnajhiz5pj74a
« Previous Showing results 1 — 15 out of 64 results