Securing Memory Encryption and Authentication Against Side-Channel Attacks Using Unprotected Primitives.

In this work, we present Meas-the first Memory Encryption and Authentication Scheme providing security against DPA attacks. ... Memory encryption is used in many devices to protect memory content from attackers with physical access to a device. ... The research leading to these results has received funding from the European Research Council (ERC) under the European Union's Horizon 2020 research and innovation programme (grant agreement No 681402) ...

doi:10.1145/3052973.3052985 dblp:conf/ccs/UnterluggauerWM17 fatcat:7qikovab6rafffoojmvxe5t7xa

In this work, we present Meas-the first Memory Encryption and Authentication Scheme providing security against DPA attacks. ... Memory encryption is used in many devices to protect memory content from attackers with physical access to a device. ... Side-channel attacks Present memory encryption and authentication schemes are designed to protect off-chip memory against adversaries with physical access assuming a microchip that is secure against all ...

doi:10.1007/s13389-018-0180-2 pmid:31231603 pmcid:PMC6555441 fatcat:5kuetrwwwnf7rkdhctgkpj46wa

significantly we demonstrate the construction of two attack primitives against SEV's memory encryption schemes, namely a memory decryption oracle and a memory encryption oracle, which enables an adversary ... to decrypt and encrypt arbitrary messages using the memory encryption keys of the VMs. ... The work was supported in part by the NSF grants 1750809, 1718084, 1834213, and 1834216, and research gifts from Intel and DFINITY foundation to Yinqian Zhang. Yan Solihin is supported in part by UCF. ...

dblp:conf/uss/LiZLS19 fatcat:3u3rod7j3ngtdofawfiln57mje

Our architecture uses two new primitives to achieve physical security. ... This article presents the AEGIS secure processor architecture, which enables new applications by ensuring private and authentic program execution even in the face of physical attack. ... Mechanisms that are commonly used in today's smartcards can prevent side-channel attacks. ...

doi:10.1016/j.istr.2005.05.002 fatcat:fs4yl5r63ba5tlciuudzw67oha

More specifically, we demonstrate recovery of the CTR_DRBG state variables K and V via a cache side-channel attack against AES as used in different CTR_DRBG implementations. ... We find that hard-learned lessons about side-channel leakage from encryption primitives have not been applied to PRGs, at all abstraction levels. ...

doi:10.1109/sp40000.2020.00046 dblp:conf/sp/CohneyKPGHRY20 fatcat:d33gxdi2zrbahd7m2xyi4dlpqq

In this article, we do not consider attacks using side channels such as memory access patterns or power supply voltage. 5 To prevent side-channel attacks, the processor must be equipped with additional ... To defend against physical attacks, Aegis uses integrity verification (IV) and memory encryption (ME) techniques. ... His research interests include secure embedded processors, architectural techniques for security and verification, and new programmable substrates for simplified synthesis. ...

doi:10.1109/mdt.2007.179 fatcat:nkirz46au5d7jkc7w5sdjgwheu

For applications that make intensive use of protected modules, and hence benefit most of the security guarantees provided, the performance cost is up to 14%. ... Protecting commodity operating systems against software exploits is known to be challenging, because of their sheer size. ... ACKNOWLEDGMENTS The authors thank all reviewers and proofreaders of the paper for their useful comments. We also explicitly thank Gijs Vanspauwen for his work on the compiler. ...

doi:10.1145/2382196.2382200 dblp:conf/ccs/StrackxP12 fatcat:ihpk4zaxp5fl7pgaa4zzluus5y

Using this side-channel protected building block, we implement a leakage resilient authenticated encryption with associated data (AEAD) scheme that enables secured firmware updates. ... In this context attackers usually have physical access to a device and therefore side-channel attacks have to be considered. ... Acknowledgments The work presented in this contribution was supported by the German Federal Ministry of Education and Research in the project ALESSIO through grant number 16KIS0629 and 16KIS0632. ...

doi:10.13154/tches.v2020.i4.365-388 dblp:journals/tches/UntersteinSSTIH20 fatcat:vly45rwqdzhrjagqernn7vhdva

DOAJ OJS

However, reported examples have shown that such cryptographic engines may become insecure against side-channel attacks at any later point in time. ... Depending on a side-channel evaluation of this primitive on the target platform, either a version with additional side-channel countermeasures or a more efficient variant is deployed. ... against side-channel attacks as it only processes public inputs and no secrets. ...

doi:10.1007/s13389-020-00247-2 fatcat:xgnl4djeznckzatufxling2ywq

Open Access

for which the requirements, the context of use and the security properties can vary. ... As a key establishment primitive, QKD however does not provide a standalone security service in its own: the secret keys established by QKD are in general then used by a subsequent cryptographic applications ... A also acknowledges enlightning discussions with Sylvain Guilley, Philippe Hoogsvorst and Jean-Luc Danger about side-channel attacks on cryptographic hardware. ...

arXiv:quant-ph/0701168v3 fatcat:j3wuwqjuarav3ft6chdvdsaw5a

Multiple Versions

Citation

Romain Alléaume, Cyril Branciard, Jan Bouda, Thierry Debuisschert, Mehrdad Dianati, Nicolas Gisin, Mark Godfrey, Philippe Grangier, Thomas Langer, Norbert Lutkenhaus, Christian Monyk, Philippe Painchault, Momtchil Peev, Andreas Poppe, Thomas Pornin, John Rarity, Renato Renner, Gregoire Ribordy, Michel Riguidel, Louis Salvail, Andrew Shields, Harald Weinfurter, Anton Zeilinger. "Using quantum key distribution for cryptographic purposes: a survey." arXiv (2014)

To address this problem, we designed and implemented a new primitive that helps provide better security for ciphers that use keys stored in easily accessible locations. ... Using a pseudorandom generator and additional novel software-protection techniques, we show how to implement this construction securely for AES. ... Also, this defends against side-channel attacks, such as cache-timing analysis. However, these methods could be slow because the random memory accesses may cause many cache misses. ...

doi:10.1007/978-3-540-89598-5_19 fatcat:ty4odmmamzgz3d3p775pweap3e

In this paper, we present embedded memory security (EMS); it protects against physical tampering of the memory of IoT devices. ... An adequate protection against attacks is only possible when the confidentiality and integrity of the data and applications of these devices are secured. ... ACKNOWLEDGMENT This work was labelled by the EUREKA cluster PENTA and funded by Dutch authorities under grant agreement PENTA-2018e-17004-SunRISE. ...

doi:10.1109/dsd53832.2021.00027 fatcat:b7kjxskwhfhn3hgwyslhf3b56e

This paper summarizes the representative security mechanisms of RISC-V hardware and architecture. Based on our survey, we predict the future research and development directions of RISC-V security. ... Data security and user privacy protection are common challenges faced by all IoT devices. ... (Section 4), ISA security extensions (Section 5), cryptographic primitives (Section 6), and protection against side-channel attacks (Section 7). ...

arXiv:2107.04175v1 fatcat:hr6avyprj5dvpav2pvnmfmvg2a

Open Access

Attacks on Internet of Things (IoT) devices are on the rise. Physical Unclonable Functions (PUFs) are proposed as a robust and lightweight solution to secure IoT devices. ... In this paper, we investigate the maturity of this technology and the challenges toward PUF utilization in IoT that still need to be addressed. ... against invasive and semi-invasive side channel attacks. ...

doi:10.3390/s19143208 fatcat:urnyqelp4jgvvg75ngplzkdxxi

DOAJ

to the Proceedings of the 30th USENIX Security Symposium is sponsored by USENIX. ... Section 3 presents an overview of the ciphertext side channel, their root causes, and two attack primitives. ... implementation of the latest OpenSSL library, which has been considered secure against side channels. • It discusses the applicability of the CIPHERLEAKS attack on SEV-SNP. ...

dblp:conf/uss/LiZWLC21 fatcat:hggolzqh6rb7bazuoovocxrx7q

Securing Memory Encryption and Authentication Against Side-Channel Attacks Using Unprotected Primitives

Preserved Fulltext

MEAS: memory encryption and authentication secure against side-channel attacks

Preserved Fulltext

Exploiting Unprotected I/O Operations in AMD's Secure Encrypted Virtualization

Preserved Fulltext

AEGIS: A single-chip secure processor

Preserved Fulltext

Pseudorandom Black Swans: Cache Attacks on CTR_DRBG

Preserved Fulltext

Aegis: A Single-Chip Secure Processor

Preserved Fulltext

Fides

Preserved Fulltext

Retrofitting Leakage Resilient Authenticated Encryption to Microcontrollers

Preserved Fulltext

SCA secure and updatable crypto engines for FPGA SoC bitstream decryption: extended version

Preserved Fulltext

Using quantum key distribution for cryptographic purposes: a survey [article]

Preserved Fulltext

Other Versions

The Long-Short-Key Primitive and Its Applications to Key Security [chapter]

Preserved Fulltext

Protecting IoT Devices through a Hardware-driven Memory Verification

Preserved Fulltext

A Survey on RISC-V Security: Hardware and Architecture [article]

Preserved Fulltext

Physical Unclonable Functions in the Internet of Things: State of the Art and Open Challenges

Preserved Fulltext

CIPHERLEAKS: Breaking Constant-time Cryptography on AMD SEV via the Ciphertext Side Channel

Preserved Fulltext