Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security最新文献

Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security 2018年硬件安全攻击与解决方案研讨会论文集

Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security Pub Date : 2018-10-15 DOI: 10.1145/3266444

Chip-Hong Chang, U. Rührmair, Wei Zhang

引用次数: 3

Fixing the CLOC with Fine-grain Leakage Analysis 通过细粒度泄漏分析修复 CLOC

Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security Pub Date : 2018-01-15 DOI: 10.1145/3266444.3266450

William Diehl, Farnoud Farahmand, Abubakr Abdulgadir, J. Kaps, K. Gaj

{"title":"Fixing the CLOC with Fine-grain Leakage Analysis","authors":"William Diehl, Farnoud Farahmand, Abubakr Abdulgadir, J. Kaps, K. Gaj","doi":"10.1145/3266444.3266450","DOIUrl":"https://doi.org/10.1145/3266444.3266450","url":null,"abstract":"Authenticated ciphers offer the promise of improved security for resource-constrained devices. Recent cryptographic contests and standardization efforts are evaluating authenticated ciphers for performance and security, including resistance to Differential Power Analysis (DPA). In this research, we study the CLOC-AES authenticated cipher in terms of vulnerability to DPA and cost of implementation of countermeasures against DPA. Using the FOBOS test architecture, we first show that an FPGA implementation of CLOC is vulnerable to DPA through Test Vector Leakage Assessment methodology (i.e., t-tests). After applying DPA countermeasures, we show that protected CLOC implementations pass t-tests, except for discrete leakage corresponding to a data-dependent branch condition in the CLOC specification. Using an enhanced tool called FOBOS Profiler, we analyze the source of t-test failure down to the exact clock cycle and device state, to confirm the source of leakage. We introduce a new protected non-linear transformation into the datapath, remove all data-dependent decision criteria from the device controller, and verify that the updated protected implementations pass t-tests. We show that the cost of including the protected non-linear transformation leads to 3.8 factor growth in area, 48 percent reduction in throughput, and 86 percent reduction in throughput-to-area ratio, compared to the unprotected implementation. Our analysis shows the high cost of DPA-protected non-linear transformations in authenticated ciphers above the cryptographic primitive layer.","PeriodicalId":104371,"journal":{"name":"Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security","volume":"56 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125997185","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 2

200 Gbps Hardware Accelerated Encryption System for FPGA Network Cards FPGA网卡200gbps硬件加速加密系统

Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security Pub Date : 2018-01-15 DOI: 10.1145/3266444.3266446

Zdenek Martinasek, J. Hajny, D. Smekal, L. Malina, Denis Matousek, Michal Kekely, N. Mentens

{"title":"200 Gbps Hardware Accelerated Encryption System for FPGA Network Cards","authors":"Zdenek Martinasek, J. Hajny, D. Smekal, L. Malina, Denis Matousek, Michal Kekely, N. Mentens","doi":"10.1145/3266444.3266446","DOIUrl":"https://doi.org/10.1145/3266444.3266446","url":null,"abstract":"We present the architecture and implementation of our encryption system designed for 200 Gbps FPGA (Field Programmable Gate Array) network cards utilizing the IPsec (IP security) protocol. To our knowledge, our hardware encryption system is the first that is able to encrypt network traffic at the full link speed of 200 Gbps using a proven algorithm in a secure mode of operation, on a network device that is already available on the market. Our implementation is based on the AES (Advanced Encryption Standard) encryption algorithm and the GCM (Galois Counter Mode) mode of operation, therefore it provides both encryption and authentication of transferred data. The design is modular and the AES can be easily substituted or extended by other ciphers. We present the full description of the architecture of our scheme, the VHDL (VHSIC Hardware Description Language) simulation results and the results of the practical implementation on the NFB-200G2QL network cards based on the Xilinx Virtex UltraScale+ chip. We also present the integration of the encryption core with the IPsec subsystem so that the resulting implementation is interoperable with other systems.","PeriodicalId":104371,"journal":{"name":"Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security","volume":"58 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121716703","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 9

Acoustic Denial of Service Attacks on Hard Disk Drives 针对硬盘驱动器的声学拒绝服务攻击

Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security Pub Date : 2018-01-15 DOI: 10.1145/3266444.3266448

Mohammad Shahrad, Arsalan Mosenia, Liwei Song, M. Chiang, D. Wentzlaff, Prateek Mittal

引用次数: 11

Implementing Trojan-Resilient Hardware from (Mostly) Untrusted Components Designed by Colluding Manufacturers 从(大多数)由串通制造商设计的不可信组件中实现抗木马硬件

Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security Pub Date : 2018-01-15 DOI: 10.1145/3266444.3266447

Olivier Bronchain, Louis Dassy, Sebastian Faust, François-Xavier Standaert

{"title":"Implementing Trojan-Resilient Hardware from (Mostly) Untrusted Components Designed by Colluding Manufacturers","authors":"Olivier Bronchain, Louis Dassy, Sebastian Faust, François-Xavier Standaert","doi":"10.1145/3266444.3266447","DOIUrl":"https://doi.org/10.1145/3266444.3266447","url":null,"abstract":"At CCS 2016, Dziembowski et al. proved the security of a generic compiler able to transform any circuit into a Trojan-resilient one based on a (necessary) number of trusted gates. Informally, it exploits techniques from the Multi-Party Computation (MPC) literature in order to exponentially reduce the probability of a successful Trojan attack. As a result, its concrete relevance depends on ( i ) the possibility to reach good performances with affordable hardware, and ( ii ) the actual number of trusted gates the solution requires. In this paper, we assess the practicality of the CCS 2016 Trojan-resilient compiler based on a block cipher case study, and optimize its performances in different directions. From the algorithmic viewpoint, we use a recent MPC protocol by Araki et al. (CCS 2016) in order to increase the throughput of our implementations, and we investigate various block ciphers and S-box representations to reduce their communication complexity. From a design viewpoint, we develop an architecture that balances the computation and communication cost of our Trojan-resilient circuits. From an implementation viewpoint, we describe a prototype hardware combining several commercial FPGAs on a dedicated printed circuit board. Thanks to these advances, we exhibit realistic performances for a Trojan-resilient circuit purposed for high-security applications, and confirm that the amount of trusted gates required by the CCS 2016 compiler is well minimized.","PeriodicalId":104371,"journal":{"name":"Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124395353","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 7

Hardware Security at the Limit: Nuclear Verification and Arms Control 极限硬件安全:核核查与军备控制

Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security Pub Date : 2018-01-15 DOI: 10.1145/3266444.3266456

A. Glaser

{"title":"Hardware Security at the Limit: Nuclear Verification and Arms Control","authors":"A. Glaser","doi":"10.1145/3266444.3266456","DOIUrl":"https://doi.org/10.1145/3266444.3266456","url":null,"abstract":"Nuclear weapons have re-emerged as one the main global security challenges of our time. Any further reductions in the nuclear arsenals will have to rely on robust verification mechanisms. This requires, in particular, trusted measurement systems to confirm the authenticity of nuclear warheads based on their radiation signatures. These signatures are considered extremely sensitive information, and inspection systems have to be designed to protect them. To accomplish this task, so-called information barriers\" have been proposed. These devices process sensitive information acquired during an inspection, but only display results in a pass/fail manner. Traditional inspection systems rely on complex electronics both for data acquisition and processing. Several research efforts have produced prototype systems, but after almost thirty years of research and development, no viable and widely accepted system has emerged. This talk highlights recent efforts to overcome this impasse. A first approach is to avoid electronics in critical parts of the measurement process altogether and to rely instead on physical phenomena to detect radiation and to confirm a unique fingerprint of the inspected warhead using a zero-knowledge protocol. A second approach is based on a radiation detection system using vintage electronics built around a 6502 processor. Hardware designed in the distant past, at a time when its use for sensitive measurements was never envisioned, may drastically reduce concerns that another party implemented backdoors or hidden switches. Sensitive information is only stored on traditional punched cards. The talk concludes with a roadmap and highlights opportunities for researchers from the hardware security community to make critical contributions to nuclear arms control and global security in the years ahead.","PeriodicalId":104371,"journal":{"name":"Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security","volume":"46 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114894219","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A Low-cost Function Call Protection Mechanism Against Instruction Skip Fault Attacks 针对指令跳过错误攻击的低成本函数调用保护机制

Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security Pub Date : 2018-01-15 DOI: 10.1145/3266444.3266453

Y. Yao, P. Schaumont

引用次数: 2

Demonstrating an LPPN Processor 演示LPPN处理器

Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security Pub Date : 2018-01-15 DOI: 10.1145/3266444.3266445

D. Kamel, Davide Bellizia, François-Xavier Standaert, D. Flandre, D. Bol

{"title":"Demonstrating an LPPN Processor","authors":"D. Kamel, Davide Bellizia, François-Xavier Standaert, D. Flandre, D. Bol","doi":"10.1145/3266444.3266445","DOIUrl":"https://doi.org/10.1145/3266444.3266445","url":null,"abstract":"Secure authentication is a necessary feature for the deployment of low-cost IoT devices. Due to their conceptual simplicity, protocols based on the Learning Parity with Noise (LPN) problem have been proposed as promising candidates for this purpose. However, recent research has shown that some implementation issues may limit the practical relevance of such protocols. First, they require a (Pseudo) Random number Generator (RNG) which may be expensive. Second, this RNG may be an easy target for side-channel analysis. The recently introduced Learning with Physical Noise (LPPN) assumption aims at mitigating these two issues. It removes the need of an RNG by directly performing erroneous computations, which is expected to lead to more efficient implementations and improved side-channel security. So far, the LPPN assumption has only been analyzed mathematically, and its feasibility discussed based on simulations, putting forward the possibility to control the error rate of an implementation thanks to frequency/voltage overscaling. In this paper, we confirm these promises by demonstrating a first prototype implementation of LPPN in a 28nm FDSOI CMOS technology which occupies an area of 19,400 μ m ^2$. We used a mixed 512-bit parallel/serial architecture in order to limit the exploitation of data-dependent errors with so-called filtering attacks. We additionally designed an on-chip feedback loop that adjusts a variable delay line in order to control the error rate, which prevents other attacks altering external parameters such as the supply voltage, operating temperature and clock frequency. Measurement results show that a simple authentication protocol based on LPPN would consumes 1 μJ per authentication at 0.45V supply. Combined with the excellent algorithmic properties of LPPN regarding security against side-channel and fault attacks, these concrete feasibility results therefore open the way towards the design of full authentication systems with high physical security, at lower cost than standard solutions based on block ciphers.","PeriodicalId":104371,"journal":{"name":"Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security","volume":"67 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114279154","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 5

Behavioral Fingerprinting of IoT Devices 物联网设备的行为指纹

Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security Pub Date : 2018-01-15 DOI: 10.1145/3266444.3266452

Bruhadeshwar Bezawada, Maalvika Bachani, Jordan Peterson, H. Shirazi, I. Ray, I. Ray

{"title":"Behavioral Fingerprinting of IoT Devices","authors":"Bruhadeshwar Bezawada, Maalvika Bachani, Jordan Peterson, H. Shirazi, I. Ray, I. Ray","doi":"10.1145/3266444.3266452","DOIUrl":"https://doi.org/10.1145/3266444.3266452","url":null,"abstract":"The Internet-of-Things (IoT) has brought in new challenges in device identification --what the device is, and authentication --is the device the one it claims to be. Traditionally, the authentication problem is solved by means of a cryptographic protocol. However, the computational complexity of cryptographic protocols and/or problems related to key management, render almost all cryptography based authentication protocols impractical for IoT. The problem of device identification is, on the other hand, sadly neglected. Almost always an artificially created identity is softly associated with the device. We believe that device fingerprinting can be used to solve both these problems effectively. In this work, we present a methodology to perform IoT device behavioral fingerprinting that can be employed to undertake strong device identification. A device behavior is approximated using features extracted from the network traffic of the device. These features are used to train a machine learning model that can be used to detect similar device-types. We validate our approach using five-fold cross validation; we report a identification rate of 93-100 and a mean accuracy of 99%, across all our experiments. Furthermore, we show preliminary results for fingerprinting device categories, i.e., identifying different devices having similar functionality.","PeriodicalId":104371,"journal":{"name":"Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security","volume":"47 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124113478","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 122

Secure Positioning and Location-Based Security for IoT and Beyond 物联网及其他领域的安全定位和基于位置的安全

Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security Pub Date : 2018-01-15 DOI: 10.1145/3266444.3266455

Srdjan Capkun

引用次数: 1