6,103 Hits in 5.1 sec

A Novel Design Flow for a Security-Driven Synthesis of Side-Channel Hardened Cryptographic Modules

Sorin Huss, Oliver Stein
2017 Journal of Low Power Electronics and Applications  
In addition to the theoretical introduction of the fundamental concepts, we demonstrate an application to the hardening of a complete hardware implementation of the block cipher PRESENT.  ...  While the first one describes how the framework automatically detects vulnerabilities against power attacks, the second one explains how a design can be hardened in an automatic way by means of appropriate  ...  Author Contributions: The authors shared the work related to both the development of the fundamental concept and to the writing of this paper.  ... 
doi:10.3390/jlpea7010004 fatcat:6s7e7kll7falpo4bolpe3dijv4


Przemyslaw Strzelczyk
2011 Mokslas: Lietuvos Ateitis  
Therefore, there is a need to perform iris feature matching without revealing the features itself and reference template.  ...  Iris biometrics is considered one of the most accurate and robust methods of identity verification.  ...  Then, the cryptographically secure pseudo-random number generator creates a secret encryption key used for encrypting the reference iris code.  ... 
doi:10.3846/mla.2011.001 fatcat:6v7zdz525fecngxha42eotudbu

Compiler Assisted Masking [chapter]

Andrew Moss, Elisabeth Oswald, Dan Page, Michael Tunstall
2012 Lecture Notes in Computer Science  
In this paper we make a first step to automate this process, at least for first-order Boolean masking, allowing the development of compilers capable of protecting programs against DPA.  ...  Differential Power Analysis (DPA) attacks find a statistical correlation between the power consumption of a cryptographic device and intermediate values within the computation.  ...  This work has been supported in part by EPSRC via grants EP/I005226/1 and EP/H001689/1, and also been supported in part the European Commission through the ICT Programme under Contract ICT-2007-216676  ... 
doi:10.1007/978-3-642-33027-8_4 fatcat:e5f3wsgptncczkqx6d7vn7nz5y

Automatic Application of Power Analysis Countermeasures

Ali Galip Bayrak, Francesco Regazzoni, David Novo, Philip Brisk, Francois-Xavier Standaert, Paolo Ienne
2015 IEEE transactions on computers  
As information leakage implies a loss of security, the compiler then identifies (groups of) instruction instances to protect with a software countermeasure such as random precharging or Boolean masking  ...  We introduce a compiler that automatically inserts software countermeasures to protect cryptographic algorithms against power-based side-channel attacks.  ...  BACKGROUND INFORMATION Historically, attacks on cryptosystems have attempted to exploit the weaknesses of cryptographic algorithms in terms of their mathematical structure.  ... 
doi:10.1109/tc.2013.219 fatcat:l2tviwta5ndzhk3oftmkv3jevy

Special issue from mathematics to embedded devices

Yves Aubry, Pierre Barthélémy, Nadia El Mrabet
2021 Cryptography and Communications  
The protection of data and files in the dematerialised structure should be provided by a cryptographic protocol.  ...  Side-channel attacks are powerfull attacks that use the information leakage of a cryptographic protocol during its execution. Several countermeasures exist and masking is one of them.  ... 
doi:10.1007/s12095-021-00502-1 fatcat:jmce2u2k6vdyfofnjurkhi6aou

On the Effect of the (Micro)Architecture on the Development of Side-Channel Resistant Software [article]

Lauren De Meyer, Elke De Mulder, Michael Tunstall
2020 IACR Cryptology ePrint Archive  
There are many examples of how to assess the side-channel resistance of a hardware implementation for a given order, where one has to take into account all transitions and glitches produced by a given  ...  However, microprocessors do not conform with the ideal circuit model which is typically used to gain confidence in the security of masking against side-channel attacks.  ...  For example, if one were to apply Boolean masking to a cryptographic algorithm in compiled code, the compiler would be likely to remove the mask in as many places as it can.  ... 
dblp:journals/iacr/MeyerMT20 fatcat:z5qhyuexyvcprpy6cbxvgnrki4

Micro-architectural Power Simulator for Leakage Assessment of Cryptographic Software on ARM Cortex-M3 Processors [chapter]

Yann Le Corre, Johann Großschädl, Daniel Dinu
2018 Lecture Notes in Computer Science  
Masking is a common technique to protect software implementations of symmetric cryptographic algorithms against Differential Power Analysis (DPA) attacks.  ...  To fill this gap, we present MAPS, a micro-architectural power simulator for the M3 series of ARM Cortex processors, one of today's most widely-used embedded platforms.  ...  We also provided a number of guidelines on how to take the pipeline leakages into consideration when developing a masked implementation of a cipher.  ... 
doi:10.1007/978-3-319-89641-0_5 fatcat:2xzvhhd3pfgjzmvhq3xjqeseau


Gene F. Hoffnagle
1991 IBM Systems Journal  
Since there is no com- plete and final algorithmic solution for computer and data security, they show how engineering and common sense can be used to form the basis for the development of practical cryptographic  ...  The advantage of the control vector ap- proach is shown to be programs that are simpler and that operate on a robust data structure.  ... 
doi:10.1147/sj.302.0128 fatcat:dwryjjbcozhsxfu7aefwnweaw4

A smart random code injection to mask power analysis based side channel attacks

Jude Angelo Ambrose, Roshan G. Ragel, Sri Parameswaran
2007 Proceedings of the 5th IEEE/ACM international conference on Hardware/software codesign and system synthesis - CODES+ISSS '07  
Our processor model costs an additional area of 1.2%, and an average of 25% i n r unt i m e a nd 28. 5% i n energy ove r heads f or i ndust r y s t a ndard cryptographic algorithms.  ...  One of the security issues in embedded system is the ability of an adversary to perform side channel attacks.  ...  It also increases the code size by a significant amount, as all of the shift operations need to be masked (they block only a single sbox).  ... 
doi:10.1145/1289816.1289832 dblp:conf/codes/AmbroseRP07 fatcat:ubf7zs7jbzg7thhw3mvdriqkwi

Formal construction of the Mathematically Analyzed Separation Kernel

W. Martin, P. White, F.S. Taylor, A. Goldberg
2000 Proceedings ASE 2000. Fifteenth IEEE International Conference on Automated Software Engineering  
The Mathematically Analyzed Separation Kernel (MASK), has been used by Motorola on a smartcard project, und as part of a hardware cryptographic platform called the Advanced INFOSEC Machine (AIM).  ...  This paper describes the formal specijication and development of a separation kernel.  ...  The main concern for AIM was establishment of separate cryptographic channels. Each channel might have data at a different security level, using different cryptographic algorithms.  ... 
doi:10.1109/ase.2000.873658 dblp:conf/kbse/MartinWTG00 fatcat:r56f3csmr5fx5pghedxmjrlgbq

Characterising and Comparing the Energy Consumption of Side Channel Attack Countermeasures and Lightweight Cryptography on Embedded Devices

David McCann, Kerstin Eder, Elisabeth Oswald
2015 2015 International Workshop on Secure Internet of Things (SIoT)  
In addition to this, we provide a methodology for developing an ISA based energy model for cryptographic software with an accuracy of ±5%.  ...  In addition to providing our methodology for developing this model, we also show that using variations of instructions that reduce the size of code can reduce the energy consumption by as much as 30% −  ...  We have shown how to build a statistical model and that calibrating the model with a variety of test data can be used to increase the accuracy of the model.  ... 
doi:10.1109/siot.2015.11 dblp:conf/siot/McCannEO15 fatcat:ec5cta66pzha7iuu3wlejsm4eu

Formal Verification of Software Countermeasures against Side-Channel Attacks

Hassan Eldib, Chao Wang, Patrick Schaumont
2014 ACM Transactions on Software Engineering and Methodology  
of a cryptographic algorithm are independent of the secret key.  ...  A common strategy for designing countermeasures against power-analysis-based side-channel attacks is using random masking techniques to remove the statistical dependency between sensitive data and sidechannel  ...  We have conducted experiments on a set of masking countermeasures for cryptographic software, including the ones applied to AES and the MAC-Keccak reference code submitted to Round 3 of NIST's SHA-3 competition  ... 
doi:10.1145/2685616 fatcat:tyfoa57ewve7vewbnu5wfhuyue

Algebraic manipulation detection codes and their applications for design of secure cryptographic devices

Zhen Wang, Mark Karpovsky
2011 2011 IEEE 17th International On-Line Testing Symposium  
As a case study, we present the protection architectures based on AMD codes for multipliers in Galois fields used for the elliptic curve cryptography.  ...  The results show that the proposed architecture can provide a very low error masking probability at the cost of a reasonable area overhead.  ...  The structure of the predictor for the resulting AMD codes is shown in Figure 3 .  ... 
doi:10.1109/iolts.2011.5994535 dblp:conf/iolts/WangK11 fatcat:tk2ei6eokvgypjkj7lmexbpsgy

Higher-Order Masking Scheme against DPA Attack in Practice: McEliece Cryptosystem Based on QD-MDPC Code

2019 KSII Transactions on Internet and Information Systems  
To address this problem, a higher-order masking scheme for a McEliece cryptosystem based on the quasi-dyadic moderate density parity check (QD-MDPC) code has been proposed.  ...  The proposed scheme has a small key size and is able to resist DPA attacks. In this paper, a novel McEliece cryptosystem based on the QD-MDPC code is demonstrated.  ...  Next, we use the third-order DPA attack model to attack McEliece based on the McEliece masking cryptographic algorithm of the QD-MDPC code.  ... 
doi:10.3837/tiis.2019.02.033 fatcat:h3yvlbjywjc5hixygygj6j7ozi

Key handling with control vectors

S. M. Matyas
1991 IBM Systems Journal  
In contrast, the variant mask is a single field con- sisting of a set of encoded mask values (generally a small set). The undefined code points are reserved for future use.  ...  The con- trol vector consists of a set of structured fields whose encoded values and meanings are defined by the architecture, and a set of unstructured fields and code points reserved for future use.  ... 
doi:10.1147/sj.302.0151 fatcat:u2dkz2xarfbrniqlxzkb77u4tm
« Previous Showing results 1 — 15 out of 6,103 results