Sharif Digital Repository

Several logic styles such as Masked Dual-Rail Pre-charge Logic (MDPL) and Dual-Rail Random Switching Logic (DRSL) have been recently proposed to make implementations resistant against power analysis attacks. In this paper, it is shown that the circuits which contain sequential elements, flip-flops, and implemented in MDPL or DRSL styles are vulnerable to DPA attacks. Based on our results, the information leakage of CMOS D-flip-flops that are used to construct MDPL and DRSL D-flip-fiops is the cause of this vulnerability. To reduce the leakage, a modification on the structure of the MDPL and DRSL flip-flops are proposed; two CMOS D-flip-flops are used in the suggested structure. The proposed... 

Composite field arithmetic is known as an alternative method for lookup tables in implementation of S-box block of AES algorithm. The idea is to breakdown the computations to lower order fields and compute the inverse there. Recently this idea have been used both for reducing the area in implementation of S-boxes and masking implementations of AES algorithm. The most compact design using this technique is presented by Canright using only 92 gates for an S-box block. In another approach, IAIK laboratory has presented a masked implementation of AES algorithm with higher security comparing common masking methods using Composite field arithmetic. Our work in this paper is to use basic ideas of... 

In this paper we describe two differential fault attack techniques against Advanced Encryption Standard (AES). We propose two models for fault occurrence; we could find all 128 bits of key using one of them and only 6 faulty ciphertexts. We need approximately 1500 faulty ciphertexts to discover the key with the other fault model. Union of these models covers all faults that can occur in the 9th round of encryption algorithm of AES-128 cryptosystem, One of main advantage of proposed fault models is that any fault in the AES encryption from start (AddRoundKey with the main key before the first round) to MixColumns function of 9th round can be modeled with one of our fault models. These models... 

CPU caches are powerful sources of information leakage. To develop practical cache-based attacks, the need for automation of the process of finding exploitable cachebased side-channels in computer systems is felt more than ever. Cache template attack is a generic technique that utilizes Flush+Reload attack in order to automatically exploit cache vulnerability of Intel platforms. Cache template attack on the T-table-based AES implementation consists of two phases including the profiling phase and key exploitation phase. Profiling is a preprocessing phase to monitor dependencies between the secret key and behavior of the cache memory. In addition, the addresses of T-tables can be obtained... 

Advanced metering infrastructure (AMI) provides 2-way communications between the utility and the smart meters. Developing authenticated key exchange (AKE) and broadcast authentication (BA) protocols is essential to provide secure communications in AMI. The security of all existing cryptographic protocols is based on the assumption that secret information is stored in the nonvolatile memories. In the AMI, the attackers can obtain some or all of the stored secret information from memories by a great variety of inexpensive and fast side-channel attacks. Thus, all existing AKE and BA protocols are no longer secure. In this paper, we investigate how to develop secure AKE and BA protocols in the... 

Side-channel attacks are a group of powerful attacks in hardware security that exploit the deficiencies in the implementation of systems. Timing side-channel attacks are one of the main side-channel attack categories that use the time difference of running an operation in different states. Many powerful attacks can be classified into this type of attack, including cache attacks. The limitation of these attacks is the need to run the spy program on the victim’s system. Various studies have tried to overcome this limitation by implementing these attacks remotely on JavaScript and WebAssembly. This paper provides the first comprehensive evaluation of timing side-channel attacks on JavaScript... 

Side Channel Analysis (SCA) are still harmful threats against security of embedded systems. Due to the fact that every kind of SCA attack or countermeasure against it needs to be implemented before evaluation, a huge amount of time and cost of this process is paid for providing high resolution measurement tools, calibrating them and also implementation of proposed design on ASIC or target platform. In this paper, we have introduced a novel simulation platform for evaluation of power based SCA attacks and countermeasures. We have used Synopsys power analysis tools in order to simulate a processor and implement a successful Differential Power Analysis (DPA) attack on it. Then we focused on the... 

Cyber-physical systems contain networked embedded systems. Such systems may implement cryptographic algorithms for processing and/or communication. Therefore, they can be prone to side-channel attacks. Differential power analysis is one of such attacks, which is considered among the most serious threats against cryptographic devices. Various metrics have been proposed to evaluate the resistance of different implementations against these attacks. Some of these metrics need side-channel attacks to be conducted and depend on the considered power model. Due to the vast variety of proposed side-channel attacks and power models, comprehensively evaluating a design under these metrics is commonly... 

The elliptic curve cryptography (ECC) has gained attention mainly due to its lower complexity compared to other asymmetric methods while providing the same security level. The most performance critical operation in ECC is the point multiplication. Thus, its efficient implementation is desirable. One of the most secure and lightweight ECC curves, which satisfies all standard security criteria, is the Curve25519. In this paper, a low latency Karatsuba-Ofman-based field multiplier (KOM) and an efficient point multiplication over Curve25519 have been proposed. The improvements have been achieved mainly due to the proposed low latency pipelined KOM and efficient scheduling of field operations.... 

Augmenting the security of cryptographic algorithms by protecting them against side-channel active attacks (and natural faults) is essential in cryptographic engineering. BLAKE algorithm is an efficient hash function which has been developed based on Bernstein's ChaCha stream cipher. Because of the fact that Google has chosen ChaCha along with Bernstein's Poly1305 message authentication code as a replacement for RC4 in TLS for Internet security, BLAKE's implementation is of paramount importance. In this paper, we present high-performance fault detection schemes for BLAKE. Specifically, for the round function, two fault diagnosis approaches are developed and analyzed in terms of error... 

With the exponential growth in the internet of things (IoT) applications such as smart city and e-health, more embedded devices and smart nodes are connected to the network. In order to provide security for such resource-constrained devices, different cryptographic schemes such as public key encryption (PKE) are required. However, considering the high complexity and vulnerability of classic PKE schemes against quantum attacks, it is necessary to consider other possible options. Recently, lattice-based cryptography and especially learning with errors (LWE) have gained high attention due to resistance against quantum attacks and relatively low-complexity operations. During the past decade,... 

While the Internet of Things (IoT) shapes the future of the Internet, communications among nodes must be secured by employing cryptographic schemes such as public-key encryption (PKE). However, classic PKE schemes, such as RSA and elliptic curve cryptography (ECC) suffer from both high complexity and vulnerability to quantum attacks. During the past decade, post-quantum schemes based on the learning with errors (LWEs) problem have gained high attention due to the lower complexity among PKE schemes. In addition to resistance against theoretical (quantum and classic) attacks, every practical implementation of any cryptosystem must also be evaluated against different side-channel attacks such... 

In this paper we propose a new method for applying hiding countermeasure against CPA attacks. This method is for software implementation, based on smoothing power consumption of the device. We propose a new heuristic encoding scheme for implementing block cipher algorithms. Our new method includes only AND-equivalent and XOR-equivalent operations since every cryptographic algorithm can be implemented with two basic operations, namely AND, XOR. In order to practically evaluate resistance improvement against CPA, we implement the proposed coding scheme on SIMON, a lightweight block cipher, on a smartcard with ATmega163 microprocessor. The results of this implementation show a 350 times more... 

This paper presents an extension to PathFinder FPGA routing algorithm, which enables it to deliver FPGA designs free from risks of crosstalk attacks. Crosstalk side-channel attacks are a real threat in large designs assembled from various IPs, where some IPs are provided by trusted and some by untrusted sources. It suffices that a ring-oscillator based sensor is conveniently routed next to a signal that carries secret information (for instance, a cryptographic key), for this information to possibly get leaked. To address this security concern, we apply several different strategies and evaluate them on benchmark circuits from Verilog-to-Routing tool suite. Our experiments show that, for a...