Filters








31 Hits in 3.5 sec

Practical Electromagnetic Template Attack on HMAC [chapter]

Pierre-Alain Fouque, Gaëtan Leurent, Denis Réal, Frédéric Valette
2009 Lecture Notes in Computer Science  
In this paper, we show a very efficient side channel attack against HMAC. Our attack assumes the presence of a side channel that reveals the Hamming distance of some registers.  ...  The secret key can be recovered using a "template attack" with a computation of about 2 32 3 κ compression functions, where κ is the number of 32-bit words of the key.  ...  Here, we focus on more practical attacks on HMAC.  ... 
doi:10.1007/978-3-642-04138-9_6 fatcat:stnfyp3xpre5bc6kzwsxb5n2za

Deep Learning-based Side Channel Attack on HMAC SM3

Xin Jin, Yong Xiao, Shiqi Li, Suying Wang
2020 International Journal of Interactive Multimedia and Artificial Intelligence  
This work demonstrates the interests of this new method and show that this attack can be performed in practice.  ...  We can choose different methods, such as traditional side channel analysis, template attack-based side channel analysis to recover the secret key.  ...  Acknowledgment This work was supported by Electric Power Research Institute from China Southern Power Grid in Guangzhou, China under project "Security analysis research on smart meter in power grid system  ... 
doi:10.9781/ijimai.2020.11.007 fatcat:t7qaz4myb5fabphmmcerq4r5iu

Differential Power Analysis of HMAC Based on SHA-2, and Countermeasures [chapter]

Robert McEvoy, Michael Tunstall, Colin C. Murphy, William P. Marnane
2007 Lecture Notes in Computer Science  
Using an implementation on a commercial FPGA board, we show that such attacks are practical in reality.  ...  In this paper, we describe a DPA attack strategy for the HMAC algorithm, based on the SHA-2 hash function family.  ...  We focus on SHA-256 in our attacks, because it is easier in practice to perform a side-channel attack on a 32-bit word than on a 64-bit word.  ... 
doi:10.1007/978-3-540-77535-5_23 fatcat:y3jcw3uihvfhpcsdd4qwpcgjfe

EM Analysis in the IoT Context: Lessons Learned from an Attack on Thread

Daniel Dinu, Ilya Kizhvatov
2018 Transactions on Cryptographic Hardware and Embedded Systems  
When successfully applied on a Thread network, the attack gives full network access to the adversary.  ...  We choose the most feasible attack vector to build a complete attack that combines network specific mechanisms and Differential Electromagnetic Analysis.  ...  Experimental results show that in practice template attacks suffer from the variability caused by different devices or different acquisition campaigns [CK14] .  ... 
doi:10.13154/tches.v2018.i1.73-97 dblp:journals/tches/DinuK18 fatcat:uyvlubtlvrcjpln64zjbdqm3vy

Users Authentication and Privacy control of RFID Card [article]

Ikuesan R. Adeyemi, Norafida Bt. Ithnin
2012 arXiv   pre-print
Authenticating users at the Card end of the RFID technology constitutes one of the major sources of attacks on the system.  ...  In this research, we studied the various known attacks and mitigation available. We proposed a conceptual framework that that can be used to mitigate the unauthorized use of RFID Card.  ...  [23] demonstrated a practical relay attack on evoting system. similarly, [19] performed a practical relay attack on the communication process between a tag and a reader.  ... 
arXiv:1210.1647v1 fatcat:dhpc5arrgrhqznk73kcitgeace

On Making U2F Protocol Leakage-Resilient via Re-keying [article]

Donghoon Chang, Sweta Mishra, Somitra Kumar Sanadhya, Ajit Pratap Singh
2017 IACR Cryptology ePrint Archive  
We also briefly explain how the side channel attacks on the U2F protocol and the corresponding proposed countermeasures are similarly applicable to Universal Authentication Framework (UAF) protocol.  ...  In this work we show why the U2F protocol is not secure against side channel attacks (SCA).  ...  Conclusions In this work, we observe that a side channel attack is possible on the U2F protocol which may compromise the device secret key DS k and attestation private key SK M .  ... 
dblp:journals/iacr/ChangMSS17 fatcat:v435tbfnijb57ow2uiantqzoka

Introduction to differential power analysis

Paul Kocher, Joshua Jaffe, Benjamin Jun, Pankaj Rohatgi
2011 Journal of Cryptographic Engineering  
The attacks are practical, non-invasive, and highly effective-even against complex and noisy systems where cryptographic computations account for only a small fraction of the overall power consumption.  ...  We also introduce approaches for preventing DPA attacks and for building cryptosystems that remain secure even when implemented in hardware that leaks.  ...  The MRED attack on RSA [25] is also a variant of this approach. Template attacks Template attacks [51, 52] seek to make maximal use of a small number of traces from a target device.  ... 
doi:10.1007/s13389-011-0006-y fatcat:xwxqrsf6hfdbti7vplmm745quy

SH-SecNet: An Enhanced Secure Network Architecture for the Diagnosis of Security Threats in a Smart Home

Saurabh Singh, Pradip Kumar Sharma, Jong Hyuk Park
2017 Sustainability  
Considering all of the aspects of existing research on security threats and attacks on smart homes, the idea of the paper is to develop a security system to protect smart home network communication.  ...  Moreover, the proposed architecture utilizes the cryptographic technique Elliptic Curve Digital Signature Algorithm ECDSA and keyed-Hash Message Authentication Code (HMAC), as well as applying a watermarking  ...  Li-Fi is a new kind of wireless communication system using light as a medium instead of traditional radio-frequency electromagnetic radiation.  ... 
doi:10.3390/su9040513 fatcat:biorfpraeregrohrj62dlywr3e

Secure and Trusted Application Execution on Embedded Devices [chapter]

Konstantinos Markantonakis, Raja Naeem Akram, Mehari G. Msgna
2015 Lecture Notes in Computer Science  
, where they might be in the possession of an attacker.  ...  Such an agnostic view on the security and trust of the embedded devices can be pivotal in their adoption and trust acquisition from the general public and service providers.  ...  Countermeasures to the attacks on the runtime data include but are not limited to: 1.  ... 
doi:10.1007/978-3-319-27179-8_1 fatcat:qann2ltknrdgrpt4y665s5gk5u

Exploring the security landscape: NoC-based MPSoC to Cloud-of-Chips

Gaurav Sharma, Georgios Bousdras, Soultana Ellinidou, Olivier Markowitch, Jean-Michel Dricot, Dragomir Milojevic
2021 Microprocessors and microsystems  
Practical implementation of CoC systems needs to solve the problem of scalable, configurable and secure communication not only between different functional blocks in a single ICs, but also between different  ...  To boost such extremely flexible communication infrastructure CoC system relies on Software-Defined Network-on-Chip (SDNoC) paradigm that combines design-time configurability of on-chip systems (NoC) and  ...  In 2016, a practical cache-timing attack was launched on NoC using Prime+Probe technique [41] .  ... 
doi:10.1016/j.micpro.2021.103963 fatcat:pgpd7mvybfblxprbphgshyniz4

Device Authentication In Wireless And Pervasive Environments

Georgios Kambourakis, Stefanos Gritzalis, Jong Hyuk Park
2010 Intelligent Automation and Soft Computing  
We constructively argue on each solution presented examining its advantages and disadvantages.  ...  This physical layer "vulnerability" is also under investigation by several researchers in the context of the so called template attacks.  ...  On the other hand, device authentication based on this scheme may be practical in corporate networks -by constructing beforehand a database of all authorized devices' electromagnetic D R A F T signatures  ... 
doi:10.1080/10798587.2010.10643089 fatcat:3scffeggbbad3f2kqwn6z7qlti

Efficient Protocols for Secure Broadcast in Controller Area Networks

Bogdan Groza, Stefan Murvay
2013 IEEE Transactions on Industrial Informatics  
the past controllers were assumed to operate in secure perimeters, but today these environments are well connected to the outside world and recent incidents showed them extremely vulnerable to cyber-attacks  ...  chosen as they are located somewhat on the extremes of computational power.  ...  Here kd stands from some material derived from the key template, i.e., previously released keys, in order to assure sufficient entropy against pre-computed attacks, similar to salting.  ... 
doi:10.1109/tii.2013.2239301 fatcat:qyr22ynlijdnjcansszn3pgyge

EverCrypt: A Fast, Verified, Cross-Platform Cryptographic Provider

Jonathan Protzenko, Bryan Parno, Aymeric Fromherz, Chris Hawblitzel, Marina Polubelova, Karthikeyan Bhargavan, Benjamin Beurdouche, Joonwon Choi, Antoine Delignat-Lavaud, Cedric Fournet, Natalia Kulatova, Tahina Ramananandro (+4 others)
2020 2020 IEEE Symposium on Security and Privacy (SP)  
This does not necessarily rule out more advanced side channel attacks based, e.g., on electromagnetic radiation or speculative execution. C.  ...  HMAC and HKDF build on the agile hash interface, and hence inherit targeted implementations on supported platforms.  ...  . // Agile HMAC bool HMAC is supported alg(Hash hash alg x); void HMAC compute(Hash hash alg a, uint8 t * mac, uint8 t * key, uint32 t keylen, uint8 t * data, uint32 t datalen); Figure 14 .  ... 
doi:10.1109/sp40000.2020.00114 dblp:conf/sp/ProtzenkoPFHPBB20 fatcat:zbxp4jsbrrdfldn3kiqpceimhu

Differential Power Analysis of HMAC SHA-2 in the Hamming Weight Model
english

2013 Proceedings of the 10th International Conference on Security and Cryptography   unpublished
In this paper, we present an attack on HMAC SHA-2 in the Hamming weight leakage model, which advantageously can be used when no information is available on the targeted implementation.  ...  As any algorithm manipulating secret data, HMAC is potentially vulnerable to side channel attacks.  ...  ., 2009] presents a template attack on HMAC SHA-1, which implies a more powerful adversary than DPA [Chari et al., 2002] .  ... 
doi:10.5220/0004532702300241 fatcat:nls56sncsjcmbo4hbgzxovj3ie

Microcontroller-based implementation of parsekey+ for limited resources embedded applications

Atilla Elçi, Behnam Rahnama, Reza Makvandi
2011 Proceedings of the 4th international conference on Security of information and networks - SIN '11  
Likewise, the ParseKey+ scheme avoids replay, meet-in-the-middle, ciphertext-only, and side-channel attacks. ParseKey+ relies on scattering sub-keys in a block of uniformly created random noise.  ...  We wish to implement the ParseKey+ authentication system with limited resources on AVR microcontrollers.  ...  This means that if a hash-function is collision free and no two different objects to make them one-way. Popular MAC algorithms are HMAC [12] , [13] and the Data Authentication Algorithm [13] .  ... 
doi:10.1145/2070425.2070473 dblp:conf/sin/ElciRM11 fatcat:bt77ph5rbvfctg3qhglu3ipa2q
« Previous Showing results 1 — 15 out of 31 results