发布求助
文献互助 智能选刊 最新文献

WESS '10最新文献

筛选
英文 中文
A comprehensive analysis of performance and side-channel-leakage of AES SBOX implementations in embedded software 综合分析了嵌入式软件中AES SBOX实现的性能和侧信道泄漏
WESS '10 Pub Date : 2010-10-24 DOI: 10.1145/1873548.1873553
A. Sinha, Zhimin Chen, P. Schaumont
{"title":"A comprehensive analysis of performance and side-channel-leakage of AES SBOX implementations in embedded software","authors":"A. Sinha, Zhimin Chen, P. Schaumont","doi":"10.1145/1873548.1873553","DOIUrl":"https://doi.org/10.1145/1873548.1873553","url":null,"abstract":"The Advanced Encryption Standard is used in almost every new embedded application that needs a symmetric-key cipher. In such embedded applications, high-performance as well as resistance against implementation attacks is mandatory. In this paper, we compare and contrast three different software implementations of AES. The first two are based on cryptographic lookup tables, while the third uses bit-slicing. We analyze the performance and side-channel resistance of each implementation on two different FPGA platforms, one based on a PowerPC processor, and the second based on a LEON-3 soft-core processor. Our measurements show that, on embedded platforms, a bit-sliced AES implementation does not always outperform a lookup-table based AES implementation. We also present a detailed analysis of the side-channel resistance and the source of side-channel leakage, and show that our bit-sliced implementation has eight times more side-channel leakage than the lookup-table implementations. Hence, we conclude that a variation on the implementation style for embedded software implementation of AES will not only affect performance, but also embedded system security.","PeriodicalId":114446,"journal":{"name":"WESS '10","volume":"232 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114231266","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
PoliMakE: a policy making engine for secure embedded software execution on chip-multiprocessors PoliMakE:一个策略制定引擎,用于在芯片多处理器上安全执行嵌入式软件
WESS '10 Pub Date : 2010-10-24 DOI: 10.1145/1873548.1873550
L. A. Bathen, N. Dutt
{"title":"PoliMakE: a policy making engine for secure embedded software execution on chip-multiprocessors","authors":"L. A. Bathen, N. Dutt","doi":"10.1145/1873548.1873550","DOIUrl":"https://doi.org/10.1145/1873548.1873550","url":null,"abstract":"Secure software execution on chip-multiprocessor platforms is compromised by threats such as software-based side channel attacks that expose information from shared memory. The increasing amount of shared (memory or computational) resources on emerging chip-multiprocessors further exacerbates security threats, highlighting the need for secure policies to manage on-chip resources. We present PoliMakE, a methodology that enables exploration and generation of customized policies to guarantee secure software execution on a chip-multiprocessor system in the presence of software-based side channel attacks. PoliMakE analyzes an application's security needs and generates a series of custom policies that dictate how to safely execute tasks and efficiently manage the computational, communication, and memory resources. Our experimental results on DRM, JPEG as well as some synthetic applications show that PoliMakE enables secure software execution with minimal performance overhead, while reducing power consumption, since the policies are customized to efficiently utilize the available on-chip resources. For the case study of running DRM in secure mode concurrently with JPEG encoding, we are able to observe 61% performance improvement when compared to standard approaches. Our policy generation engine is able to generate policies in only a matter of minutes for secure applications with hundreds of tasks. Unsecure applications were observed to resume execution up to 99% faster than with the traditional halt approach.","PeriodicalId":114446,"journal":{"name":"WESS '10","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115800775","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Countering early evaluation: an approach towards robust dual-rail precharge logic 对抗早期评估:一种实现稳健双轨预充逻辑的方法
WESS '10 Pub Date : 2010-10-24 DOI: 10.1145/1873548.1873554
S. Bhasin, S. Guilley, Florent Flament, Nidhal Selmane, J. Danger
{"title":"Countering early evaluation: an approach towards robust dual-rail precharge logic","authors":"S. Bhasin, S. Guilley, Florent Flament, Nidhal Selmane, J. Danger","doi":"10.1145/1873548.1873554","DOIUrl":"https://doi.org/10.1145/1873548.1873554","url":null,"abstract":"Wave Dynamic Differential Logic (WDDL) is a hiding countermeasure to thrawt side channel attacks (SCA). It suffers from a vulnerability called Early Evaluation, i.e. calculating output before all inputs are valid. This causes delay biases in WDDL even when synthesized with positive gates. s a consequence, the design can be attacked, although with extra effort, through side channel. However, WDDL is an appealing logic since it has already been reported to natively resist against multiple asymmetric faults. In this article, we suggest a Dual Rail Precharge Logic (DPL), similar to WDDL, free from early evaluation by design. We demonstrate practically that the early evaluation accounts for major part of the leakage. We also provide basic guidelines for designing such a DPL. This DPL can resist against side channel attacks and fault attacks at the same time. In line with the current security evaluation methodology, we use differential power analysis and mutual information to compare the modified WDDL with the traditional WDDL. To compare robustness w.r.t security, we conduct a proof-of-concept experiment that compares the two logics with identical implementations (P&R) apart from the logic style. The sensitive side channel leakage is reduced by half in the DPL without the early evaluation flaw.","PeriodicalId":114446,"journal":{"name":"WESS '10","volume":"53 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116149330","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 38
A new CRT-RSA algorithm resistant to powerful fault attacks 一种新的CRT-RSA算法,可抵抗强大的故障攻击
WESS '10 Pub Date : 2010-10-24 DOI: 10.1145/1873548.1873556
N. Ebeid, Rob Lambert
{"title":"A new CRT-RSA algorithm resistant to powerful fault attacks","authors":"N. Ebeid, Rob Lambert","doi":"10.1145/1873548.1873556","DOIUrl":"https://doi.org/10.1145/1873548.1873556","url":null,"abstract":"CRT-RSA is widely deployed in embedded devices to accelerate the RSA signature generation by about four times compared to regular RSA. However, since the Bellcore attack of 1996, research into securing CRT-RSA has remained active as countermeasures are themselves attacked. In this paper, we propose a new countermeasure designed with a powerful attacker in mind. The attacker may inject multiple precise/random faults and may alter the program counter to skip one or more instructions.\u0000 The strength of our countermeasure derives from combining signature validation with signature unblinding modulo n.","PeriodicalId":114446,"journal":{"name":"WESS '10","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123867141","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Hardware-assisted security enhanced Linux in embedded systems: a proposal 嵌入式系统中硬件辅助安全性增强的Linux:一个建议
WESS '10 Pub Date : 2010-10-24 DOI: 10.1145/1873548.1873551
Leandro Fiorin, A. Ferrante, Konstantinos Padarnitsas, S. Carucci
{"title":"Hardware-assisted security enhanced Linux in embedded systems: a proposal","authors":"Leandro Fiorin, A. Ferrante, Konstantinos Padarnitsas, S. Carucci","doi":"10.1145/1873548.1873551","DOIUrl":"https://doi.org/10.1145/1873548.1873551","url":null,"abstract":"As computing and communications increasingly pervade our lives, security and protection of sensitive data and systems are emerging as extremely important issues. This is especially true for embedded systems, often operating in non-secure environments, and with limited amount of computational, storage, and communication resources available. In servers and desktop systems, Security Enhanced Linux (SELinux) is currently used as a method to enhance security by enforcing a security control based on policies that confine user programs, or processes, to the minimum amount of privileges that they require for their execution. While providing a powerful mean for enhancing security in UNIX-like systems, SELinux still remains a feature that is too heavy to be fully supported by constrained devices. In this paper, we propose a hardware architecture for enhancing security and accelerating retrieval and applications of SELinux policies in embedded processors. We describe the general ideas behind our work, discussing motivations, advantages, and limits of the solution proposed, while suggesting the main steps needed to implement the described architecture on common embedded processors.","PeriodicalId":114446,"journal":{"name":"WESS '10","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132755183","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Enhancing network-on-chip components to support security of processing elements 增强片上网络组件,以支持处理元素的安全性
WESS '10 Pub Date : 2010-10-24 DOI: 10.1145/1873548.1873560
S. Lukovic, Nikolaos Christianos
{"title":"Enhancing network-on-chip components to support security of processing elements","authors":"S. Lukovic, Nikolaos Christianos","doi":"10.1145/1873548.1873560","DOIUrl":"https://doi.org/10.1145/1873548.1873560","url":null,"abstract":"Network-on-Chip (NoC) has emerged as a promising solution for scalable communication among steadily growing number of cores integrated in MultiProcessor System-on-Chips (MPSoCs). The increasing system heterogeneity together with the possibility of reconfiguration makes the overall system security one of the major concerns in MPSoC design. On the other hand, modular and scalable design of NoCs enables their enhancements in various directions for supporting services other than simple data routing.\u0000 In this work we propose and implement a solution to secure attached processing units from a buffer overflow type of the attacks that comes in a form of a protection module that is embedded into the Network Interface of the NoC. At the same time, our solution prevents potential propagation of the attack through the NoC towards other processors. We prove feasibility via prototype realization in FPGA technology for a MicroBlaze processor on Xilinx Virtex-II Pro board.","PeriodicalId":114446,"journal":{"name":"WESS '10","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132885317","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 26
Secure protocols for serverless remote product authentication 无服务器远程产品认证的安全协议
WESS '10 Pub Date : 2010-10-24 DOI: 10.1145/1873548.1873559
Abdourhamane Idrissa, A. Aubert, T. Fournel, V. Fischer
{"title":"Secure protocols for serverless remote product authentication","authors":"Abdourhamane Idrissa, A. Aubert, T. Fournel, V. Fischer","doi":"10.1145/1873548.1873559","DOIUrl":"https://doi.org/10.1145/1873548.1873559","url":null,"abstract":"Industrial companies lose large sums of money because of counterfeits and they need to efficiently protect their trademarks. Most of them implement their own anti-counterfeiting policy to deal with the menace. A number of technologies, such as holograms, smart cards, biometric markers and inks, can be employed to protect and authenticate genuine products. Instead of using markers and additional identification means, one of the recent methods use a PUF-like authentication method based on image processing. However, in order to authenticate the object (e.g. a trademark product), the method needs direct access to the database system containing the object's \"fingerprint\". The paper presents a new secure method to remotely authenticate the object without communication with the database server. In this method, an autonomous and secure embedded system called authentication device authenticates the product by extracting its morphometric fingerprint and comparing it with a signed original morphometric fingerprint printed on the object. However, we show that in order to secure the protocol, the authentication hardware needs to be authenticated, too. For this reason, we propose security protocols that allow to authenticate the authentication device and remotely check its integrity. The proposed security protocols are shown to be sure using formal methods of security protocol evaluation.","PeriodicalId":114446,"journal":{"name":"WESS '10","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122619156","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A new correlation frequency analysis of the side channel 一种新的侧信道相关频率分析方法
WESS '10 Pub Date : 2010-10-24 DOI: 10.1145/1873548.1873552
Edgar Mateos, C. Gebotys
{"title":"A new correlation frequency analysis of the side channel","authors":"Edgar Mateos, C. Gebotys","doi":"10.1145/1873548.1873552","DOIUrl":"https://doi.org/10.1145/1873548.1873552","url":null,"abstract":"Security in embedded computing systems is now an important concern for a diverse set of applications. However, the embedded hardware implementation may unintentionally leak information, through its electromagnetic emanations or current draw, which may lead to the revelation of secrets used in the cryptographic computations being performed. This paper presents an attack methodology and an empirical study, based on Correlation Analysis in the Frequency domain (CAF) with pre-characterization of the embedded system. Unlike previous research this analysis exploits the fact that a few frequencies are more likely to leak computing information, and are independent of the system clock (rather a function of the technology). Results indicate that the secret key can be reliably extracted from both hardware and software implementations of AES. The analysis presented is additionally tolerant to trace misalignments and has been tested with real power and electromagnetic (EM) traces used to extract 8-bit keys and full 128-bit keys. This research is important for providing more secure cryptographic computations necessary in many embedded systems.","PeriodicalId":114446,"journal":{"name":"WESS '10","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134291306","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 33
Hardware trust implications of 3-D integration 3-D集成的硬件信任含义
WESS '10 Pub Date : 2010-10-24 DOI: 10.1145/1873548.1873549
Ted Huffmire, T. Levin, Michael Bilzor, C. Irvine, Jonathan Valamehr, Mohit Tiwari, T. Sherwood, R. Kastner
{"title":"Hardware trust implications of 3-D integration","authors":"Ted Huffmire, T. Levin, Michael Bilzor, C. Irvine, Jonathan Valamehr, Mohit Tiwari, T. Sherwood, R. Kastner","doi":"10.1145/1873548.1873549","DOIUrl":"https://doi.org/10.1145/1873548.1873549","url":null,"abstract":"3-D circuit-level integration is a chip fabrication technique in which two or more dies are stacked and combined into a single circuit through the use of vertical electroconductive posts. Since the dies may be manufactured separately, 3-D circuit integration offers the option of enhancing a commodity processor with a variety of security functions. This paper examines the 3-D design approach and provides an analysis concluding that the commodity die system need not be independently trustworthy for the system of joined dies to provide certain trustworthy functions. In addition to describing the range of possible security enhancements (such as cryptographic services), we describe the ways in which multiple-die subsystems can depend on each other, and a set of processing abstractions and general design constraints with examples to address these dependencies.","PeriodicalId":114446,"journal":{"name":"WESS '10","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130396709","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 16
Improving the quality of ring oscillator PUFs on FPGAs 提高fpga环形振荡器puf的质量
WESS '10 Pub Date : 2010-10-24 DOI: 10.1145/1873548.1873557
D. Merli, F. Stumpf, C. Eckert
{"title":"Improving the quality of ring oscillator PUFs on FPGAs","authors":"D. Merli, F. Stumpf, C. Eckert","doi":"10.1145/1873548.1873557","DOIUrl":"https://doi.org/10.1145/1873548.1873557","url":null,"abstract":"Physical Unclonable Functions (PUFs) based on Ring Oscillators (ROs) are a promising primitive for FPGA security. However, the quality of their implementation depends on several design parameters. In this paper, we show that ring oscillator frequencies strongly depend on surrounding logic. Based on these findings, we propose a strategy for improving the quality of RO PUF designs by placing and comparing ROs in a chain-like structure. We also show that an increased RO runtime and RO disabling has a clear positive effect on the quality of a RO PUF. We implemented a RO PUF key generation system on an FPGA using our design strategy. Our results clearly indicate that our proposed design strategy can significantly improve the quality of a RO PUF implementation.","PeriodicalId":114446,"journal":{"name":"WESS '10","volume":"309 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132642623","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 107
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信