Beyond Cache Attacks

2021 ◽  
Vol 20 (2) ◽  
pp. 1-23
Author(s):  
Johanna Sepúlveda ◽  
Mathieu Gross ◽  
Andreas Zankl ◽  
Georg Sigl
Keyword(s):  
Secret Key ◽  
Enabling Technology ◽  
Communication Structure ◽  
Cryptographic Primitives ◽  
Key Recovery ◽  
Bus Arbitration ◽  
Time Division ◽  
The Impact ◽  
The Internet Of Things ◽  
Cache Attacks

System-on-Chips (SoCs) are a key enabling technology for the Internet-of-Things (IoT), a hyper-connected world where on- and inter-chip communication is ubiquitous. SoCs usually integrate cryptographic hardware cores for confidentiality and authentication services. However, these components are prone to implementation attacks. During the operation of a cryptographic core, the secret key may passively be inferred through cache observations. Access-driven attacks exploiting these observations are therefore a vital threat to SoCs operating in IoT environments. Previous works have shown the feasibility of these attacks in the SoC context. Yet, the SoC communication structure can be used to further improve access-based cache attacks. The communication attacks are not as well-understood as other micro-architectural attacks. It is important to raise the awareness of SoC designers of such a threat. To this end, we present four contributions. First, we demonstrate an improved Prime+Probe attack on four different AES-128 implementations (original transformation tables, T 0 -Only, T 2KB , and S-Box). As a novelty, this attack exploits the collisions of the bus-based SoC communication to further increase its efficiency. Second, we explore the impact of preloading on the efficiency of our communication-optimized attack. Third, we integrate three countermeasures ( shuffling , mini-tables , and Time-Division Multiple Access (TDMA) bus arbitration ) and evaluate their impact on the attack. Although shuffling and mini-tables countermeasures were proposed in previous work, their application as countermeasures against the bus-based attack was not studied before. In addition, TDMA as a countermeasure for bus-based attacks is an original contribution of this work. Fourth, we further discuss the implications of our work in the SoC design and its perspective with the new cryptographic primitives proposed in the ongoing National Institute of Standard and Technology Lightweight Cryptography competition. The results show that our improved communication-optimized attack is efficient, speeding up full key recovery by up to 400 times when compared to the traditional Prime+Probe technique. Moreover, the protection techniques are feasible and effectively mitigate the proposed improved attack.

scholarly journals Cold Boot Attacks on LUOV

2020 ◽  
Vol 10 (12) ◽  
pp. 4106 ◽  
Author(s):  
Ricardo Villanueva-Polanco
Keyword(s):  
Key Generation ◽  
Secret Key ◽  
Cryptographic Primitives ◽  
Key Recovery ◽  
Recovery Algorithm ◽  
Private Key ◽  
Research Article ◽  
The Family ◽  
And Performance ◽  
First Time

This research article assesses the feasibility of cold boot attacks on the lifted unbalanced oil and Vinegar (LUOV) scheme, a variant of the UOV signature scheme. This scheme is a member of the family of asymmetric cryptographic primitives based on multivariable polynomials over a finite field K and has been submitted as candidate to the ongoing National Institute of Standards and Technology (NIST) standardisation process of post-quantum signature schemes. To the best of our knowledge, this is the first time that this scheme is evaluated in this setting. To perform our assessment of the scheme in this setting, we review two implementations of this scheme, the reference implementation and the libpqcrypto implementation, to learn the most common in-memory private key formats and next develop a key recovery algorithm exploiting the structure of this scheme. Since the LUOV’s key generation algorithm generates its private components and public components from a 256-bit seed, the key recovery algorithm works for all the parameter sets recommended for this scheme. Additionally, we tested the effectiveness and performance of the key recovery algorithm through simulations and found the key recovery algorithm may retrieve the private seed when α = 0.001 (probability that a 0 bit of the original secret key will flip to a 1 bit) and β (probability that a 1 bit of the original private key will flip to a 0 bit) in the range { 0.001 , 0.01 , 0.02 , … , 0.15 } by enumerating approximately 2 40 candidates.

scholarly journals Estimation during Design Phases of Suitable SRAM Cells for PUF Applications Using Separatrix and Mismatch Metrics

Electronics ◽  
2021 ◽  
Vol 10 (12) ◽  
pp. 1479
Author(s):  
Abdel Alheyasat ◽  
Gabriel Torrens ◽  
Sebastià A. Bota ◽  
Bartomeu Alorda
Keyword(s):  
Low Cost ◽  
Error Correcting Codes ◽  
Design Parameters ◽  
Secret Key ◽  
Fuzzy Extractor ◽  
Initial State ◽  
Cryptographic Primitives ◽  
Physically Unclonable Functions ◽  
Start Up ◽  
The Impact

Physically unclonable functions (PUFs) are used as low-cost cryptographic primitives in device authentication and secret key creation. SRAM-PUFs are well-known as entropy sources; nevertheless, due of non-deterministic noise environment during the power-up process, they are subject to low challenge-response repeatability. The dependability of SRAM-PUFs is usually accomplished by combining complex error correcting codes (ECCs) with fuzzy extractor structures resulting in an increase in power consumption, area, cost, and design complexity. In this study, we established effective metrics on the basis of the separatrix concept and cell mismatch to estimate the percentage of cells that, due to the effect of variability, will tend to the same initial state during power-up. The effects of noise and temperature in cell start-up processes were used to validate the proposed metrics. The presented metrics may be applied at the SRAM-PUF design phases to investigate the impact of different design parameters on the percentage of reliable cells for PUF applications.

scholarly journals Sustainable Supply Chains with Blockchain, IoT and RFID: A Simulation on Order Management

2021 ◽  
Vol 13 (11) ◽  
pp. 6372
Author(s):  
Vincenzo Varriale ◽  
Antonello Cammarano ◽  
Francesca Michelino ◽  
Mauro Caputo
Keyword(s):  
Supply Chains ◽  
New Technologies ◽  
Emerging Technologies ◽  
Sustainable Supply Chains ◽  
Time Performance ◽  
Order Management ◽  
Management Processes ◽  
Managerial Implications ◽  
The Impact ◽  
The Internet Of Things

The digital transformation of supply chains should revolutionize entire management processes and improve various aspects of sustainability. In particular, the plans of Industry 4.0 aim towards a digitization of several procedures by exploiting emerging technologies such as the Internet of Things, RFID and blockchain. The purpose of this study is to highlight how order and disruption events processes can be improved with the adoption of emerging technologies and how this reflects on the improvement of sustainability aspects. The study is based on the comparison of two simulation scenarios between three actors in the cheese supply chain. In particular, a first traditional scenario “as is” is simulated without the use of new technologies and is compared to a second scenario “to be” that adopts IoT, RFID and blockchain. The results show an improvement in time performance for managing both perfect and non-compliant orders. The developed framework highlights the impact of new technologies on sustainability aspects, showing further managerial implications.

scholarly journals Cryptanalysis of Loiss Stream Cipher-Revisited

2014 ◽  
Vol 2014 ◽  
pp. 1-7
Author(s):  
Lin Ding ◽  
Chenhui Jin ◽  
Jie Guan ◽  
Qiuyan Wang
Keyword(s):  
Time Complexity ◽  
Stream Cipher ◽  
Linear Equations ◽  
Data Complexity ◽  
Secret Key ◽  
Key Recovery ◽  
Systems Of Linear Equations ◽  
Key Recovery Attack ◽  
Better Than

Loiss is a novel byte-oriented stream cipher proposed in 2011. In this paper, based on solving systems of linear equations, we propose an improved Guess and Determine attack on Loiss with a time complexity of 2231and a data complexity of 268, which reduces the time complexity of the Guess and Determine attack proposed by the designers by a factor of 216. Furthermore, a related key chosenIVattack on a scaled-down version of Loiss is presented. The attack recovers the 128-bit secret key of the scaled-down Loiss with a time complexity of 280, requiring 264chosenIVs. The related key attack is minimal in the sense that it only requires one related key. The result shows that our key recovery attack on the scaled-down Loiss is much better than an exhaustive key search in the related key setting.

Review in IoT for Healthcare in Our Life Engineering

2021 ◽  
Vol 18 (1) ◽  
pp. 9-20
Author(s):  
Bayadir Issa ◽  
Qabeela Thabit
Keyword(s):  
Internet Of Things ◽  
Healthcare Services ◽  
Technological Advancement ◽  
Enabling Technology ◽  
Significant Research ◽  
Previous Decade ◽  
Technology Services ◽  
The Many ◽  
Healthcare Expenses ◽  
The Internet Of Things

Over the previous decade, significant research has been conducted in the field of healthcare services and their technological advancement. To be more precise, the Internet of Things (IoT) has demonstrated potential for connecting numerous medical devices, sensors, and healthcare professionals in order to deliver high-quality medical services in remote locations. This has resulted in an increase in patient safety, a decrease in healthcare expenses, an increase in the healthcare services’ accessibility, and an increase in the industry’s healthcare operational efficiency. This paper provides an overview of the possible healthcare uses of Internet of Things (IoT)-based technologies. The evolution of the HIoT application has been discussed in this article in terms of enabling technology, services of healthcare, and applications for resolving different healthcare challenges. Additionally, effort difficulties and drawbacks with the HIoT system are explored. In summary, this study provides a complete source of information on the many applications of HIoT together the purpose is to help future academics who are interested in working in the field and making advances gain knowledge into the issue.

scholarly journals IMPLEMENTASI SOCIETY 5.0 DALAM KEBIJAKAN DAN STRATEGI PENDIDIKAN PADA PANDEMI COVID-19

2022 ◽  
Vol 2 (1) ◽  
pp. 34-43
Author(s):  
ADITYA ZULMI RAHMAWAN ◽  
ZAENURIYAH EFFENDI
Keyword(s):  
Big Data ◽  
Internet Of Things ◽  
Learning Process ◽  
Research Method ◽  
Social Sector ◽  
Scientific Journals ◽  
Artificial Intelligent ◽  
The Social ◽  
The Impact ◽  
The Internet Of Things

The COVID-19 pandemic poses problems in various sectors. The most vulnerable sector in this situation is the social sector, especially education. Problems such as the learning process make the continuity of education a concern. This is a challenge for the community in the era of society 5.0 in the hope of overcoming the problems that arise due to the Covid-19 pandemic. The use of big data, artificial intelligence, and the internet of things is an alternative effort to help deal with the impact of the pandemic in accordance with the conditions in this disruptive era. This study aims to determine the policies and strategies of society 5.0 in the learning process as an effort to handle the impact of the pandemic. This study uses a systematic review research method of literature published by scientific journals in the period January 2010 to December 2021. The data used comes from published journals related to the topics studied and from various electronic media. The results of the study can find out strategies in the learning process in the implementation of society 5.0 in policies in the field of education as an effort to deal with the impact of the covid-19 pandemic. ABSTRAKPandemi covid-19 memberikan permasalahan di berbagai sektor. Sektor yang paling rentan dalam situasi ini adalah sektor sosial terutama pada pendidikan. Permasalahan seperti proses pembelajaran membuat keberlangsungan pendidikan menuai kekhawatiran. Hal ini menjadi sebuah tantangan bagi masyarakat di era society 5.0 dengan harapan dapat mengatasi permasalahan yang timbul akibat pandemi Covid-19. Pemanfaatan big data, artificial intelligent, dan internet of things menjadi upaya alternatif dalam membantu menangani dampak pandemi yang sesuai dengan keadaan di era disruptif ini. Penelitian ini bertujuan untuk mengetahui kebijakan dan strategi society 5.0 dalam proses pembelajaran sebagai upaya penanganan dampak pandemi. Penelitian ini menggunakan metode penelitian tinjauan sistematis terhadap literatur yang diterbitkan oleh jurnal ilmiah pada periode Januari tahun 2010 hingga Desember 2021. Sumber yang digunakan berasal dari jurnal-jurnal yang sudah dipublikasikan terkait dengan topik yang dikaji dan dari berbagai media elektronik. Hasil penelitian dapat mengetahui strategi dalam proses pembelajaran dalam implementasi society 5.0 pada kebijakan di bidang pendidikan sebagai upaya menghadapi dampak pandemi covid-19.

scholarly journals Internet of Trees

2021 ◽  
Vol 10 (2) ◽  
pp. 750-753
Keyword(s):  
Forest Fires ◽  
Low Cost ◽  
Web Server ◽  
Fire Risk ◽  
Fire Detection ◽  
Natural Habitats ◽  
The Public ◽  
Recorded Data ◽  
The Impact ◽  
The Internet Of Things

The frequency of the forest fires that have occurred in the different parts of the world, In recent decades significant population problems and causing the death if the wild animals as the impact of these fires extend beyond the destruction of the natural habitats. The proliferation of the Internet of Things industry, resolutions for initial fire detection should be developed. The valuation of the fire risk of an area and communication of this realities to the population could reduce the amount of fires originated by accident or due to carelessness of the public user. This paper proposes a low-cost network based on NXP Rapid IOT kit and Long Range (Lora) technology to autonomously estimate the level of fire risk in the forest. The system comprises of NXP Rapid IOT kit which humidity, air quality and detection of the tree fall. The data from each node stored and processed in a in a web server or the mobile application that sendsthe recorded data to a web server for graphical conception of collected data.

Sign in / Sign up

Export Citation Format

Share Document