68 Hits in 6.3 sec

Online Template Attack on ECDSA: [chapter]

Niels Roelofs, Niels Samwel, Lejla Batina, Joan Daemen
2020 Lecture Notes in Computer Science  
We retrieve the ephemeral private key from the power trace of a single scalar multiplication in an ECDSA signature generation and from that the signing private key using an online template attack.  ...  The innovation is that we generate the profiling traces using ECDSA signature verification on the same device.  ...  The first one is on portability and the other one is the work on online template attacks.  ... 
doi:10.1007/978-3-030-51938-4_16 fatcat:jisfsgvezng2vaj4a4ktiebkqe

Efficient and Secure ECDSA Algorithm and its Applications: A Survey [article]

Mishall Al-Zubaidie, Zhongwei Zhang, Ji Zhang
2019 arXiv   pre-print
Public-key cryptography algorithms, especially elliptic curve cryptography (ECC) and elliptic curve digital signature algorithm (ECDSA) have been attracting attention from many researchers in different  ...  This paper presents detailed and a comprehensive survey of an update of the ECDSA algorithm in terms of performance, security, and applications.  ...  Acknowledgements We would like to acknowledge and thank the efforts of Dr. Barbara Harmes, and Hawa Bahedh as well as the valuable feedback of the reviewers.  ... 
arXiv:1902.10313v1 fatcat:7k44pfghujbzdmoxpkynavzone

RASSLE: Return Address Stack based Side-channel LEakage

Anirban Chakraborty, Sarani Bhattacharya, Manaar Alam, Sikhar Patranabis, Debdeep Mukhopadhyay
2021 Transactions on Cryptographic Hardware and Embedded Systems  
iii) How an Elliptic Curve Digital Signature Algorithm (ECDSA) secret key on P-256 curve of OpenSSL can be revealed using Lattice Attack on partially leaked nonces with the aid of RASSLE?  ...  Finally, we demonstrate a full end-to-end attack on OpenSSL ECDSA using curve parameters of curve P-256.  ...  We also thank Arnab Sarkar for discussions and insights on using the deadline scheduler.  ... 
doi:10.46586/tches.v2021.i2.275-303 fatcat:yqkd65m3orc4bodm25segwg5sa

A Systematic Approach to the Side-Channel Analysis of ECC Implementations with Worst-Case Horizontal Attacks [chapter]

Romain Poussier, Yuanyuan Zhou, François-Xavier Standaert
2017 Lecture Notes in Computer Science  
As horizontal attacks allow extracting most of the information in the leakage traces of scalar multiplications, they are suitable to avoid risks of overestimated security levels.  ...  The wide number and variety of side-channel attacks against scalar multiplication algorithms makes their security evaluations complex, in particular in case of time constraints making exhaustive analyses  ...  This work has been funded in parts by the European Commission through the H2020 project 731591 (acronym REAS-SURE) and the ERC project 724725 (acronym SWORD).  ... 
doi:10.1007/978-3-319-66787-4_26 fatcat:w3xpfpff7zf4hliips3kpcdmyi

Template Attacks against ECC: practical implementation against Curve25519

Antoine Loiseau, Maxime Lecomte, Jacques J. A. Fournier
2020 2020 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)  
In addition, our attack requires only one attack trace.  ...  This paper shows how the attack is performed on the mbedTLS Curve25519 function and why conventional coordinates randomization countermeasures do not prevent this type of attack.  ...  [7] proposed an Online Template Attack and led to a very strong attack model which brings the attack close to real cases.  ... 
doi:10.1109/host45689.2020.9300261 fatcat:2xw2oq2xsvgunb6x4h7uycoabe

A Study on the SCA Trends for Application to IoT Devices

Bo-Yeon Sim, Dong-Guk Han
2020 Journal of Internet Services and Information Security  
Over the past 20 years, side-channel analysis (SCA) on IC Chip has mainly taken place.  ...  In particular, single-trace attacks that only use side-channel information are actively studied; it eliminates the need for information about the input and output values of cryptographic algorithms.  ...  In particular, there are many widely used ECDSA implementations associated with the blockchain and Fast IDentity Online (FIDO) running on a variety of mobile devices [25, 22] .  ... 
doi:10.22667/jisis.2020.02.29.002 dblp:journals/jisis/SimH20 fatcat:4sjvs66efzfctfw3v5emu7yezi

Fair electronic exchange using biometrics

Harkeerat Bedi, Li Yang, Joseph Kizza
2009 Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research Cyber Security and Information Intelligence Challenges and Strategies - CSIIRW '09  
Step 2: Bob buys these good or services by paying Alice online via an e-check or emoney.  ...  Decrypts the packet Z since it knows its own private key and extracts the secret M.c.  ...  ECIES is one incarnation of IES that is standardized.  ... 
doi:10.1145/1558607.1558638 dblp:conf/csiirw/BediYK09 fatcat:ala6wdzilfecjezer3idfgn47i

Key Bit-Dependent Side-Channel Attacks on Protected Binary Scalar Multiplication †

Bo-Yeon Sim, Junki Kang, Dong-Guk Han
2018 Applied Sciences  
We focused on the key bit identification functions of mbedTLS and OpenSSL in software implementations.  ...  We show that we could extract secret key bits with a 100% success rate using a single trace.  ...  Conflicts of Interest: The authors declare no conflict of interest.  ... 
doi:10.3390/app8112168 fatcat:y4nsmmzkmrhmdp2nhrw6qsbmdy

Integrating Fingerprint Verification into the Smart Card-Based Healthcare Information System

Daesung Moon, Yongwha Chung, Sung Bum Pan, Jin-Won Park
2009 EURASIP Journal on Advances in Signal Processing  
Based on the evaluation results, we analyze each scenario with respect to the security level and the real-time execution requirements in order to implement fingerprint verification in the smart card with  ...  privacy of the fingerprint data transmitted in the smart card with the client-server environment.  ...  In the online verification phase, the minutiae extracted from an input image is compared to the stored template, and the result of the comparison is returned.  ... 
doi:10.1155/2009/845893 fatcat:bfgnmmebsbhjdjsomb5go6fpe4

Power Analysis on NTRU Prime

Wei-Lun Huang, Jiun-Peng Chen, Bo-Yin Yang
2019 Transactions on Cryptographic Hardware and Embedded Systems  
The techniques include vertical correlation power analysis, horizontal indepth correlation power analysis, online template attacks, and chosen-input simple power analysis.  ...  Though in this work they focus on the decapsulation, they also work on the key generation and encapsulation of NTRU Prime.  ...  How to collect template traces and extract the template vectors? Attackers can notice with the naked eye a pattern repeated p times in the target trace.  ... 
doi:10.13154/tches.v2020.i1.123-151 dblp:journals/tches/HuangCY20 fatcat:bgdhbiyxdnf6nh437yjh57ywji

Cinderella: Turning Shabby X.509 Certificates into Elegant Anonymous Credentials with the Magic of Verifiable Computation

Antoine Delignat-Lavaud, Cedric Fournet, Markulf Kohlweiss, Bryan Parno
2016 2016 IEEE Symposium on Security and Privacy (SP)  
Despite advances in security engineering, authentication in applications such as email and the Web still primarily relies on the X.509 public key infrastructure introduced in 1988.  ...  To manage this diversity, we propose a new format for writing application policies by composing X.509 templates, and we provide a template compiler that generates C code for validating certificates within  ...  ACKNOWLEDGEMENTS The authors thank the anonymous reviewers for insightful comments, and Joseph Bonneau for shepherding the paper.  ... 
doi:10.1109/sp.2016.22 dblp:conf/sp/Delignat-Lavaud16 fatcat:jbgbn6ajojcplngoeolyunuip4

Software-based Microarchitectural Attacks [article]

Daniel Gruss
2017 arXiv   pre-print
In the first part, we provide background on modern processor architectures and discuss state-of-the-art attacks and defenses in the area of microarchitectural side-channel attacks and microarchitectural  ...  These attacks are especially interesting in scenarios where the attacker is unprivileged or even sandboxed. In this thesis, we focus on microarchitectural attacks and defenses on commodity systems.  ...  We present a countermeasure against Prefetch Side-Channel Attacks on commodity systems, that involves reorganizing the user and kernel address space to protect KASLR.  ... 
arXiv:1706.05973v1 fatcat:4hwdpe4dancmblsxasg3a75h7a

Systematic Classification of Side-Channel Attacks: A Case Study for Mobile Devices

Raphael Spreitzer, Veelasha Moonsamy, Thomas Korak, Stefan Mangard
2018 IEEE Communications Surveys and Tutorials  
Given the vast amount of sensitive information that are stored on smartphones, the ramifications of side-channel attacks affect both the security and privacy of users and their devices.  ...  Side-channel attacks on mobile devices have gained increasing attention since their introduction in 2007.  ...  FROST [79] , on the other hand, is a tool to recover disc encryption keys from RAM on Android devices by means of cold-boot attacks.  ... 
doi:10.1109/comst.2017.2779824 fatcat:4r5ceyc7pbdfxdmngtdncv4n5m

A Secured Digital Handwritten Signature Prototype for Visually Impaired People

Mohamed Taha, Benha University, Mazen Selim, Ahmed Yousry, Benha University, Benha University
2020 International Journal of Intelligent Engineering and Systems  
They may imitate their signatures in formal documents like contracts, money checks, and other vital documents, mainly in the governmental institutions.  ...  The proposed prototype uses the Least Significant Bit (LSB) algorithm for hiding some information, including the name of VI, the date, and the time of the signature.  ...  Acknowledgments The authors would like to express their gratitude to the Egyptian Al-Eradah Association for Special Needs Care, which has provided support and help for the research through the participation  ... 
doi:10.22266/ijies2020.1031.28 fatcat:2y3atmp3irgzdo2ke3q7fwznia

Winter is here! A decade of cache-based side-channel attacks, detection & mitigation for RSA

Maria Mushtaq, Muhammad Asim Mukhtar, Vianney Lapotre, Muhammad Khurram Bhatti, Guy Gogniat
2020 Information Systems  
It then undertakes a qualitative analysis of secret key retrieval efficiency, complexity, and the features being exploited on target cryptosystems in these attacks.  ...  Side-channel attacks (SCAs) are powerful cryptanalysis techniques that focus on the underlying implementation of cryptographic ciphers during execution rather than attacking the structure of cryptographic  ...  ACKNOWLEDGMENTS This work was partially supported by the Pak-France joint research project e-health.  ... 
doi:10.1016/ fatcat:odegutokz5hrhmwsznlc7px6qm
« Previous Showing results 1 — 15 out of 68 results