Proceedings of the 4th ACM Workshop on Attacks and Solutions in Hardware Security最新文献_第2页

Lightweight Implementation of the LowMC Block Cipher Protected Against Side-Channel Attacks 防止侧信道攻击的LowMC分组密码的轻量级实现

Proceedings of the 4th ACM Workshop on Attacks and Solutions in Hardware Security Pub Date : 2020-11-09 DOI: 10.1145/3411504.3421219

Javad Bahrami, V. Dang, Abubakr Abdulgadir, Khaled N. Khasawneh, J. Kaps, K. Gaj

{"title":"Lightweight Implementation of the LowMC Block Cipher Protected Against Side-Channel Attacks","authors":"Javad Bahrami, V. Dang, Abubakr Abdulgadir, Khaled N. Khasawneh, J. Kaps, K. Gaj","doi":"10.1145/3411504.3421219","DOIUrl":"https://doi.org/10.1145/3411504.3421219","url":null,"abstract":"LowMC is a parameterizable block cipher developed for use in Multi-Party Computation (MPC) and Fully Homomorphic Encryption (FHE). In these applications, linear operations are much less expensive in terms of resource utilization compared to the non-linear operations due to their low multiplicative complexity. In this work, we implemented two versions of LowMC -- unrolled and lightweight. Both implementations are realized using RTL VHDL. To the best of our knowledge, we report the first lightweight implementation of LowMC and the first implementation protected against side-channel analysis (SCA). For the SCA protection, we used a hybrid 2/3 shares Threshold Implementation (TI) approach, and for the evaluation, the Test Vector Leakage Assessment (TVLA) method, also known as the T-test. Our unprotected implementations show information leakage at 10K traces, and after protection, they could successfully pass the T-test for 1 million traces. The Xilinx Vivado is used for the synthesis, implementation, functional verification, timing analysis, and programming of the FPGA. The target FPGA family is Artix-7, selected due to its widespread use in multiple applications. Based on our results, the numbers of LUTs are 867 and 3,328 for the lightweight and the unrolled architecture with unrolling factor U = 16, respectively. It takes 14.21 μs for the lightweight architecture and 1.29 μs for the unrolled design with U = 16 to generate one 128-bit block of the ciphertext. The fully unrolled architecture beats the best previous implementation by Kales et al. in terms of the number of LUTs by a factor of 4.5. However, this advantage comes at the cost of having 2.9 higher latency.","PeriodicalId":136554,"journal":{"name":"Proceedings of the 4th ACM Workshop on Attacks and Solutions in Hardware Security","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-11-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126946515","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 4

WaC: A New Doctrine for Hardware Security 硬件安全的新原则

Proceedings of the 4th ACM Workshop on Attacks and Solutions in Hardware Security Pub Date : 2020-07-18 DOI: 10.1145/3411504.3421217

A. Hastings, S. Sethumadhavan

引用次数: 8

SpectreRewind: Leaking Secrets to Past Instructions 幽灵风:泄露秘密到过去的指示

Proceedings of the 4th ACM Workshop on Attacks and Solutions in Hardware Security Pub Date : 2020-03-27 DOI: 10.1145/3411504.3421216

Jacob Fustos, M. Bechtel, H. Yun

{"title":"SpectreRewind: Leaking Secrets to Past Instructions","authors":"Jacob Fustos, M. Bechtel, H. Yun","doi":"10.1145/3411504.3421216","DOIUrl":"https://doi.org/10.1145/3411504.3421216","url":null,"abstract":"Transient execution attacks use microarchitectural covert channels to leak secrets that should not have been accessible during logical program execution. Commonly used micro-architectural covert channels are those that leave lasting footprints in the micro-architectural state, for example, a cache state change, from which the secret is recovered after the transient execution is completed. In this paper, we present SpectreRewind, a new approach to create and exploit contention-based covert channels for transient execution attacks. In our approach, a covert channel is established by issuing the necessary instructions logically before the transiently executed victim code. Unlike prior contention based covert channels, which require simultaneous multi-threading (SMT), SpectreRewind supports covert channels based on a single hardware thread, making it viable on systems where the attacker cannot utilize SMT. We show that contention on the floating point division unit on commodity processors can be used to create a high-performance (~100 KB/s), low-noise covert channel for transient execution attacks instead of commonly used flush+reload based cache covert channels. We also show that the proposed covert channel works in the JavaScript sandbox environment of a Chrome browser.","PeriodicalId":136554,"journal":{"name":"Proceedings of the 4th ACM Workshop on Attacks and Solutions in Hardware Security","volume":"81 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-03-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"113985201","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 24

Proceedings of the 4th ACM Workshop on Attacks and Solutions in Hardware Security 第四届ACM硬件安全攻击与解决方案研讨会论文集

Proceedings of the 4th ACM Workshop on Attacks and Solutions in Hardware Security Pub Date : 1900-01-01 DOI: 10.1145/3411504

引用次数: 0