This paper presents an improved simple power attack against the key schedule of Camellia. While the original attack required an exact determination of the Hamming weight of intermediate data values based on power meas...This paper presents an improved simple power attack against the key schedule of Camellia. While the original attack required an exact determination of the Hamming weight of intermediate data values based on power measurements, in this paper, two types of the simple power attack are presented and shown to be tolerant of errors that might occur in the Hamming weight determinations. In practical applications of the attack, such errors are likely to occur due to noise and distortion in the power measurements and their mapping to the Hamming weights of the data. To resist these attacks, the required design rationale of key schedules and several practical countermeasures are suggested.展开更多
In this paper,we propose two new attack algorithms on RSA implementations with CRT(Chinese remainder theorem).To improve the attack efficiency considerably,a clustering collision power attack on RSA with CRT is introd...In this paper,we propose two new attack algorithms on RSA implementations with CRT(Chinese remainder theorem).To improve the attack efficiency considerably,a clustering collision power attack on RSA with CRT is introduced via chosen-message pairs.This attack method is that the key parameters dp and dq are segmented by byte,and the modular multiplication collisions are identified by k-means clustering.The exponents dp and dq were recovered by 12 power traces of six groups of the specific message pairs,and the exponent d was obtained.We also propose a second order clustering collision power analysis attack against RSA implementation with CRT,which applies double blinding exponentiation.To reduce noise and artificial participation,we analyze the power points of interest by preprocessing and k-means clustering with horizontal correlation collisions.Thus,we recovered approximately 91%of the secret exponents manipulated with a single power curve on RSA-CRT with countermeasures of double blinding methods.展开更多
The number and creativity of side channel attacks have increased dramatically in recent years. Of particular interest are attacks leveraging power line communication to 1) gather information on power consumption from ...The number and creativity of side channel attacks have increased dramatically in recent years. Of particular interest are attacks leveraging power line communication to 1) gather information on power consumption from the victim and 2) exfiltrate data from compromised machines. Attack strategies of this nature on the greater power grid and building infrastructure levels have been shown to be a serious threat. This project further explores this concept of a novel attack vector by creating a new type of penetration testing tool: an USB power adapter capable of remote monitoring of device power consumption and communicating through powerline communications.展开更多
Hash-based message authentication code(HMAC)is widely used in authentication and message integrity.As a Chinese hash algorithm,the SM3 algorithm is gradually winning domestic market value in China.The side channel sec...Hash-based message authentication code(HMAC)is widely used in authentication and message integrity.As a Chinese hash algorithm,the SM3 algorithm is gradually winning domestic market value in China.The side channel security of HMAC based on SM3(HMAC-SM3)is still to be evaluated,especially in hardware implementation,where only intermediate values stored in registers have apparent Hamming distance leakage.In addition,the algorithm structure of SM3 determines the difficulty in HMAC-SM3 side channel analysis.In this paper,a skillful bit-wise chosen-plaintext correlation power attack procedure is proposed for HMAC-SM3 hardware implementation.Real attack experiments on a field programmable gate array(FPGA)board have been performed.Experimental results show that we can recover the key from the hypothesis space of 2256 based on the proposed procedure.展开更多
Retraction: LIU Shuanggen, NI Haiying, HU Yupu, LIAO Yunyan. An Improved Simple Power Attack against Camellia's Key Schedule. Wuhan University Journal of Natural Sciences, 2008, 13(5): 591-594. DOI: 10.1007/s 11...Retraction: LIU Shuanggen, NI Haiying, HU Yupu, LIAO Yunyan. An Improved Simple Power Attack against Camellia's Key Schedule. Wuhan University Journal of Natural Sciences, 2008, 13(5): 591-594. DOI: 10.1007/s 11859-008-0516-3展开更多
The security of Internet of Things(IoT)is a challenging task for researchers due to plethora of IoT networks.Side Channel Attacks(SCA)are one of the major concerns.The prime objective of SCA is to acquire the informat...The security of Internet of Things(IoT)is a challenging task for researchers due to plethora of IoT networks.Side Channel Attacks(SCA)are one of the major concerns.The prime objective of SCA is to acquire the information by observing the power consumption,electromagnetic(EM)field,timing analysis,and acoustics of the device.Later,the attackers perform statistical functions to recover the key.Advanced Encryption Standard(AES)algorithm has proved to be a good security solution for constrained IoT devices.This paper implements a simulation model which is used to modify theAES algorithm using logicalmasking properties.This invariant of the AES algorithm hides the array of bits during substitution byte transformation of AES.This model is used against SCAand particularly Power Analysis Attacks(PAAs).Simulation model is designed on MATLAB simulator.Results will give better solution by hiding power profiles of the IoT devices against PAAs.In future,the lightweight AES algorithm with false key mechanisms and power reduction techniques such as wave dynamic differential logic(WDDL)will be used to safeguard IoT devices against side channel attacks by using Arduino and field programmable gate array(FPGA).展开更多
Correlation power analysis(CPA) has become a successful attack method about crypto-graphic hardware to recover the secret keys. However, the noise influence caused by the random process interrupts(RPIs) becomes an imp...Correlation power analysis(CPA) has become a successful attack method about crypto-graphic hardware to recover the secret keys. However, the noise influence caused by the random process interrupts(RPIs) becomes an important factor of the power analysis attack efficiency, which will cost more traces or attack time. To address the issue, an improved method about empirical mode decomposition(EMD) was proposed. Instead of restructuring the decomposed signals of intrinsic mode functions(IMFs), we extract a certain intrinsic mode function(IMF) as new feature signal for CPA attack. Meantime, a new attack assessment is proposed to compare the attack effectiveness of different methods. The experiment shows that our method has more excellent performance on CPA than others. The first and the second IMF can be chosen as two optimal feature signals in CPA. In the new method, the signals of the first IMF increase peak visibility by 64% than those of the tradition EMD method in the situation of non-noise. On the condition of different noise interference, the orders of attack efficiencies are also same. With external noise interference, the attack effect of the first IMF based on noise with 15dB is the best.展开更多
With the development of electric power technology, information technology and military technology, the impact of cyber attack on electric power infrastructure has increasingly become a hot spot issue which calls both ...With the development of electric power technology, information technology and military technology, the impact of cyber attack on electric power infrastructure has increasingly become a hot spot issue which calls both domestic and foreign attention. First, main reasons of the impact on power infrastructure caused by cyber attack are analyzed from the following two aspects: 1) The dependence of electric power infrastructure on information infrastructure makes cyber attack issues in information field likely to affect electric power field. 2) As regards to the potential threat sources, it will be considerably profitable to launch cyber attacks on electric power infrastructure. On this basis, this paper gives a classified elaboration on the characteristics and the possibilities of cyber attacks on electrical infrastructures. Finally, the recently published actual events of cyber attacks in respect of threat sources, vulnerabilities and assaulting modes are analyzed and summarized.展开更多
An embedded cryptosystem needs higher reconfiguration capability and security. After analyzing the newly emerging side-channel attacks on elliptic curve cryptosystem (ECC), an efficient fractional width-w NAF (FWNA...An embedded cryptosystem needs higher reconfiguration capability and security. After analyzing the newly emerging side-channel attacks on elliptic curve cryptosystem (ECC), an efficient fractional width-w NAF (FWNAF) algorithm is proposed to secure ECC scalar multiplication from these attacks. This algorithm adopts the fractional window method and probabilistic SPA scheme to reconfigure the pre-computed table, and it allows designers to make a dynamic configuration on pre-computed table. And then, it is enhanced to resist SPA, DPA, RPA and ZPA attacks by using the random masking method. Compared with the WBRIP and EBRIP methods, our proposals has the lowest total computation cost and reduce the shake phenomenon due to sharp fluctuation on computation performance.展开更多
基金the National Natural Science Foundation of China (60673072)the Natural Basic Research Program of China (2007CB311201)
文摘This paper presents an improved simple power attack against the key schedule of Camellia. While the original attack required an exact determination of the Hamming weight of intermediate data values based on power measurements, in this paper, two types of the simple power attack are presented and shown to be tolerant of errors that might occur in the Hamming weight determinations. In practical applications of the attack, such errors are likely to occur due to noise and distortion in the power measurements and their mapping to the Hamming weights of the data. To resist these attacks, the required design rationale of key schedules and several practical countermeasures are suggested.
基金supported by the National Key R&D Program of China(No.2017YFB0802300)the Key Research and Development Project of Sichuan Province(No.2020YFG0307,No.2018TJPT0012)the Key Research and Development Project of Chengdu(No.2019-YF05-02028-GX).
文摘In this paper,we propose two new attack algorithms on RSA implementations with CRT(Chinese remainder theorem).To improve the attack efficiency considerably,a clustering collision power attack on RSA with CRT is introduced via chosen-message pairs.This attack method is that the key parameters dp and dq are segmented by byte,and the modular multiplication collisions are identified by k-means clustering.The exponents dp and dq were recovered by 12 power traces of six groups of the specific message pairs,and the exponent d was obtained.We also propose a second order clustering collision power analysis attack against RSA implementation with CRT,which applies double blinding exponentiation.To reduce noise and artificial participation,we analyze the power points of interest by preprocessing and k-means clustering with horizontal correlation collisions.Thus,we recovered approximately 91%of the secret exponents manipulated with a single power curve on RSA-CRT with countermeasures of double blinding methods.
文摘The number and creativity of side channel attacks have increased dramatically in recent years. Of particular interest are attacks leveraging power line communication to 1) gather information on power consumption from the victim and 2) exfiltrate data from compromised machines. Attack strategies of this nature on the greater power grid and building infrastructure levels have been shown to be a serious threat. This project further explores this concept of a novel attack vector by creating a new type of penetration testing tool: an USB power adapter capable of remote monitoring of device power consumption and communicating through powerline communications.
基金Project supported by the Major Program of the Ministry of Industry and Information Technology of China(No.2017ZX01030301)the Beijing Natural Science Foundation of China(No.4162053)
文摘Hash-based message authentication code(HMAC)is widely used in authentication and message integrity.As a Chinese hash algorithm,the SM3 algorithm is gradually winning domestic market value in China.The side channel security of HMAC based on SM3(HMAC-SM3)is still to be evaluated,especially in hardware implementation,where only intermediate values stored in registers have apparent Hamming distance leakage.In addition,the algorithm structure of SM3 determines the difficulty in HMAC-SM3 side channel analysis.In this paper,a skillful bit-wise chosen-plaintext correlation power attack procedure is proposed for HMAC-SM3 hardware implementation.Real attack experiments on a field programmable gate array(FPGA)board have been performed.Experimental results show that we can recover the key from the hypothesis space of 2256 based on the proposed procedure.
文摘Retraction: LIU Shuanggen, NI Haiying, HU Yupu, LIAO Yunyan. An Improved Simple Power Attack against Camellia's Key Schedule. Wuhan University Journal of Natural Sciences, 2008, 13(5): 591-594. DOI: 10.1007/s 11859-008-0516-3
文摘The security of Internet of Things(IoT)is a challenging task for researchers due to plethora of IoT networks.Side Channel Attacks(SCA)are one of the major concerns.The prime objective of SCA is to acquire the information by observing the power consumption,electromagnetic(EM)field,timing analysis,and acoustics of the device.Later,the attackers perform statistical functions to recover the key.Advanced Encryption Standard(AES)algorithm has proved to be a good security solution for constrained IoT devices.This paper implements a simulation model which is used to modify theAES algorithm using logicalmasking properties.This invariant of the AES algorithm hides the array of bits during substitution byte transformation of AES.This model is used against SCAand particularly Power Analysis Attacks(PAAs).Simulation model is designed on MATLAB simulator.Results will give better solution by hiding power profiles of the IoT devices against PAAs.In future,the lightweight AES algorithm with false key mechanisms and power reduction techniques such as wave dynamic differential logic(WDDL)will be used to safeguard IoT devices against side channel attacks by using Arduino and field programmable gate array(FPGA).
基金supported by The National Natural Science Foundation of China under Grants 61571063,61501100 and 61472357
文摘Correlation power analysis(CPA) has become a successful attack method about crypto-graphic hardware to recover the secret keys. However, the noise influence caused by the random process interrupts(RPIs) becomes an important factor of the power analysis attack efficiency, which will cost more traces or attack time. To address the issue, an improved method about empirical mode decomposition(EMD) was proposed. Instead of restructuring the decomposed signals of intrinsic mode functions(IMFs), we extract a certain intrinsic mode function(IMF) as new feature signal for CPA attack. Meantime, a new attack assessment is proposed to compare the attack effectiveness of different methods. The experiment shows that our method has more excellent performance on CPA than others. The first and the second IMF can be chosen as two optimal feature signals in CPA. In the new method, the signals of the first IMF increase peak visibility by 64% than those of the tradition EMD method in the situation of non-noise. On the condition of different noise interference, the orders of attack efficiencies are also same. With external noise interference, the attack effect of the first IMF based on noise with 15dB is the best.
文摘With the development of electric power technology, information technology and military technology, the impact of cyber attack on electric power infrastructure has increasingly become a hot spot issue which calls both domestic and foreign attention. First, main reasons of the impact on power infrastructure caused by cyber attack are analyzed from the following two aspects: 1) The dependence of electric power infrastructure on information infrastructure makes cyber attack issues in information field likely to affect electric power field. 2) As regards to the potential threat sources, it will be considerably profitable to launch cyber attacks on electric power infrastructure. On this basis, this paper gives a classified elaboration on the characteristics and the possibilities of cyber attacks on electrical infrastructures. Finally, the recently published actual events of cyber attacks in respect of threat sources, vulnerabilities and assaulting modes are analyzed and summarized.
基金supported by the National Natural Science Foundation of China(60373109)Ministry of Science and Technologyof China and the National Commercial Cryptography Application Technology Architecture and Application DemonstrationProject(2008BAA22B02).
文摘An embedded cryptosystem needs higher reconfiguration capability and security. After analyzing the newly emerging side-channel attacks on elliptic curve cryptosystem (ECC), an efficient fractional width-w NAF (FWNAF) algorithm is proposed to secure ECC scalar multiplication from these attacks. This algorithm adopts the fractional window method and probabilistic SPA scheme to reconfigure the pre-computed table, and it allows designers to make a dynamic configuration on pre-computed table. And then, it is enhanced to resist SPA, DPA, RPA and ZPA attacks by using the random masking method. Compared with the WBRIP and EBRIP methods, our proposals has the lowest total computation cost and reduce the shake phenomenon due to sharp fluctuation on computation performance.
