发布求助
文献互助 智能选刊 最新文献

CS2 '14最新文献

筛选
英文 中文
Adaptive entity-identifier generation for IMD emergency access 用于IMD紧急访问的自适应实体标识符生成
CS2 '14 Pub Date : 2014-01-20 DOI: 10.1145/2556315.2556324
R. M. Seepers, C. Strydis, I. Sourdis, C. I. Zeeuw
{"title":"Adaptive entity-identifier generation for IMD emergency access","authors":"R. M. Seepers, C. Strydis, I. Sourdis, C. I. Zeeuw","doi":"10.1145/2556315.2556324","DOIUrl":"https://doi.org/10.1145/2556315.2556324","url":null,"abstract":"Recent work on wireless Implantable Medical Devices (IMDs) has revealed the need for secure communication in order to prevent data theft and implant abuse by malicious attackers. However, security should not be provided at the cost of patient safety and an IMD should, thus, remain accessible during an emergency regardless of device security. In this paper, we present a novel method of providing IMD emergency access, based on generating Entity Identifiers (EI) using the Inter-Pulse Intervals (IPIs) of heartbeats. We evaluate the current state-of-the-art in EI-generation in terms of security and accessibility for healthy subjects with a wide range of heart rates. Subsequently, we present an adaptive EI-generation algorithm which takes the heart rate into account, maintaining an acceptable emergency-mode activation time (between 5-55.4 s) while improving security by up to 3.4x for high heart rates. Finally, we show that activating emergency mode may consume as little as 0.24μJ from the IMD battery.","PeriodicalId":153749,"journal":{"name":"CS2 '14","volume":"175 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-01-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123019685","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
Detecting positive voltage attacks on CMOS circuits 检测CMOS电路的正电压攻击
CS2 '14 Pub Date : 2014-01-20 DOI: 10.1145/2556315.2556320
Kamil Gomina, P. Gendrier, P. Candelier, J. Rigaud, A. Tria
{"title":"Detecting positive voltage attacks on CMOS circuits","authors":"Kamil Gomina, P. Gendrier, P. Candelier, J. Rigaud, A. Tria","doi":"10.1145/2556315.2556320","DOIUrl":"https://doi.org/10.1145/2556315.2556320","url":null,"abstract":"This work investigates voltage attacks over the nominal voltage on CMOS digital circuits designed on advanced technology nodes. The behavior of both combinatorial and sequential logic is analyzed in presence of static and dynamic overvoltage attacks. It points out that only modifications of propagation delays occur in presence of such attacks. Timing detection circuits are then introduced to detect hold violations. These circuits offer good performance with low area overhead but their implementation require extra timing constraints on the design to protect. In addition, multiple power domain circuits must be considered to thwart overpowering attacks.","PeriodicalId":153749,"journal":{"name":"CS2 '14","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-01-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128181195","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Group-signature schemes on constrained devices: the gap between theory and practice 受限设备上的群签名方案:理论与实践的差距
CS2 '14 Pub Date : 2014-01-20 DOI: 10.1145/2556315.2556321
Raphael Spreitzer, Jörn-Marc Schmidt
{"title":"Group-signature schemes on constrained devices: the gap between theory and practice","authors":"Raphael Spreitzer, Jörn-Marc Schmidt","doi":"10.1145/2556315.2556321","DOIUrl":"https://doi.org/10.1145/2556315.2556321","url":null,"abstract":"Group-signature schemes allow members within a predefined group to prove specific properties without revealing more information than necessary. Potential areas of application include electronic IDs (eIDs) and smartcards, i.e., resource-constrained environments. Though literature provides many theoretical proposals for group-signature schemes, practical evaluations regarding the applicability of such mechanisms in resource-constrained environments are missing. In this work, we investigate four different group-signature schemes in terms of mathematical operations, signature length, and the proposed revocation mechanisms. We also use the RELIC toolkit to implement the two most promising of the investigated group-signature schemes---one of which is going to be standardized in ISO/IEC 20008---for the AVR microcontroller. This allows us to give practical insights into the applicability of pairings on the AVR microcontroller in general and the applicability of group-signature schemes in particular on the very same. Contrary to the general recommendation of precomputing and storing pairing evaluations if possible, we observed that the evaluation of pairings might be faster than computations on cached pairings.","PeriodicalId":153749,"journal":{"name":"CS2 '14","volume":"69 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-01-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114143641","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Memory-efficient on-card byte code verification for Java cards 内存高效的卡上字节码验证Java卡
CS2 '14 Pub Date : 2014-01-20 DOI: 10.1145/2556315.2556323
Reinhard Berlach, Michael Lackner, C. Steger, Johannes Loinig, E. Haselsteiner
{"title":"Memory-efficient on-card byte code verification for Java cards","authors":"Reinhard Berlach, Michael Lackner, C. Steger, Johannes Loinig, E. Haselsteiner","doi":"10.1145/2556315.2556323","DOIUrl":"https://doi.org/10.1145/2556315.2556323","url":null,"abstract":"Java enabled smart cards are widely used to store confidential information in a trusted and secure way in an untrusted and insecure environment, for example the credit card in your briefcase. In this environment the owner of the card can install and run any applet on his card, such as the loyalty application of your favorite store. However, every applet that runs on a trusted card has to be verified. On-card Bytecode Verification is a crucial step towards creating a trusted environment on the smart cards. The innovative verification method presented in this work comes without any additional off-card component and uses nearly the same amount of memory as the execution of the applet uses. The usage of a Control Flow Graph and Basic Blocks and the implementation of a temporary transformation of the methods reduces the complexity of this new verifier. We will show a detailed analysis of the implemented algorithm and preliminary tests of a prototype on a Java Card.","PeriodicalId":153749,"journal":{"name":"CS2 '14","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-01-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131250663","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
High-order timing attacks 高阶定时攻击
CS2 '14 Pub Date : 2014-01-20 DOI: 10.1145/2556315.2556316
J. Danger, Nicolas Debande, S. Guilley, Youssef Souissi
{"title":"High-order timing attacks","authors":"J. Danger, Nicolas Debande, S. Guilley, Youssef Souissi","doi":"10.1145/2556315.2556316","DOIUrl":"https://doi.org/10.1145/2556315.2556316","url":null,"abstract":"The timing attack (TA) is a side-channel analysis (SCA) variant that exploits information leakage through the computation duration. Previously, leakages in timing have been exploited by comparison analysis, most often thanks to \"correlation - collision\" or pre-characterization on a clone device. Time bias can also be used to break a secret crypto-system by linear correlations in a non-profiled setting. There is direct parallel between the Correlation Power Attack (CPA) and TA, the distinguisher being the same, but the exploited data being either vertical or horizontal. The countermeasures against such attacks consist in making the algorithm run in either random or constant time. In this paper, we show that the former is prone to high-order attacks that analyse the higher moments of the time computation during code execution. We present successful second-order timing attacks (2O-TA) based on a correlation and compare it to the second-order power attack. All experiments have been conducted on an 8-bit processor running an AES-128.","PeriodicalId":153749,"journal":{"name":"CS2 '14","volume":"75 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-01-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133999589","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Remote cache-timing attacks against AES 针对AES的远程缓存定时攻击
CS2 '14 Pub Date : 2014-01-20 DOI: 10.1145/2556315.2556322
V. Saraswat, Daniel Feldman, Denis Foo Kune, Satyajit Das
{"title":"Remote cache-timing attacks against AES","authors":"V. Saraswat, Daniel Feldman, Denis Foo Kune, Satyajit Das","doi":"10.1145/2556315.2556322","DOIUrl":"https://doi.org/10.1145/2556315.2556322","url":null,"abstract":"We present a cache-timing attack on the Advanced Encryption Standard (AES) [14] with the potential to be applied remotely and develop an evaluation framework for comparing the relative performance of the attacks under various simulated network conditions. We examine Bernstein's original AES cache-timing attack [3], and its variants [6, 12, 10]. We conduct an analysis of network noise and develop a hypothesis fishing concept in order to reduce the number of samples required to recover a key in our implementation of the attacks of [3]. Our rough estimate for the number of samples required is about 2 × 109 which is comparable to the estimate 4 × 109 of our month-long experiment using Bernstein's technique [3].","PeriodicalId":153749,"journal":{"name":"CS2 '14","volume":"119 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-01-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132551840","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Countering type confusion and buffer overflow attacks on Java smart cards by data type sensitive obfuscation 通过数据类型敏感混淆对抗Java智能卡上的类型混淆和缓冲区溢出攻击
CS2 '14 Pub Date : 2014-01-20 DOI: 10.1145/2556315.2556317
Michael Lackner, Reinhard Berlach, R. Weiss, C. Steger
{"title":"Countering type confusion and buffer overflow attacks on Java smart cards by data type sensitive obfuscation","authors":"Michael Lackner, Reinhard Berlach, R. Weiss, C. Steger","doi":"10.1145/2556315.2556317","DOIUrl":"https://doi.org/10.1145/2556315.2556317","url":null,"abstract":"Java enabled smart cards protect security-related code and data by a sandbox concept. Unfortunately, this sandbox can be bypassed by fault attacks. Therefore, there is a substantial need for transparent, effective, and low-overhead countermeasures. This work demonstrates a new countermeasure against type confusion and buffer overflow attacks. This new countermeasure is based on obfuscating the security critical calculation parts of a virtual machine by secret keys. This countermeasure was integrated into a Java Card virtual machine running on a smart card prototype. New hardware features were added to this prototype to accelerate the obfuscating operation. The execution time overhead of the new countermeasure is demonstrated by performing run-time measurements on the prototype.","PeriodicalId":153749,"journal":{"name":"CS2 '14","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-01-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127526673","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Towards attacks on restricted memory areas through co-processors in embedded multi-OS environments via malicious firmware injection 针对嵌入式多操作系统环境中通过恶意固件注入的协处理器对受限内存区域的攻击
CS2 '14 Pub Date : 2014-01-20 DOI: 10.1145/2556315.2556318
Pierre Schnarz, J. Wietzke, I. Stengel
{"title":"Towards attacks on restricted memory areas through co-processors in embedded multi-OS environments via malicious firmware injection","authors":"Pierre Schnarz, J. Wietzke, I. Stengel","doi":"10.1145/2556315.2556318","DOIUrl":"https://doi.org/10.1145/2556315.2556318","url":null,"abstract":"Multi-operating systems have been introduced to manage the manifold requirements of embedded systems. Especially in safety critical environments like the automotive domain the system's security must be guaranteed. Despite the state-of-the-art virtualization mechanisms, the idea of asymmetric-multi-processing can be used to split a system's hardware resources, which makes the virtualization of hardware obsolete. However, this special technique to implement a multi-operating system might add special demands to security objectives like isolation. In this paper an attack vector is shown, which utilizes a co-processor to break through the isolation of an operating system domain. Using a multi-operating system environment, we inject a malicious firmware into the co-processor in order to circumvent isolation mechanisms on behalf of an attacking operating system. Our attack vector demonstrates weaknesses in CPU centric isolation mechanisms, which will be further presented in the remainder of the document.","PeriodicalId":153749,"journal":{"name":"CS2 '14","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-01-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131660089","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
On using genetic algorithms for intrinsic side-channel resistance: the case of AES S-box 用遗传算法求解固有侧信道电阻:以AES S-box为例
CS2 '14 Pub Date : 2014-01-20 DOI: 10.1145/2556315.2556319
S. Picek, Baris Ege, L. Batina, D. Jakobović, L. Chmielewski, M. Golub
{"title":"On using genetic algorithms for intrinsic side-channel resistance: the case of AES S-box","authors":"S. Picek, Baris Ege, L. Batina, D. Jakobović, L. Chmielewski, M. Golub","doi":"10.1145/2556315.2556319","DOIUrl":"https://doi.org/10.1145/2556315.2556319","url":null,"abstract":"Finding balanced S-boxes with high nonlinearity and low transparency order is a difficult problem. The property of transparency order is important since it specifies the resilience of an S-box against differential power analysis. Better values for transparency order and hence improved side-channel security often imply less in terms of nonlinearity. Therefore, it is impossible to find an S-box with all optimal values. Currently, there are no algebraic procedures that can give the preferred and complete set of properties for an S-box. In this paper, we employ evolutionary algorithms to find S-boxes with desired cryptographic properties. Specifically, we conduct experiments for the 8×8 S-box case as used in the AES standard. The results of our experiments proved the feasibility of finding S-boxes with the desired properties in the case of AES. In addition, we show preliminary results of side-channel experiments on different versions of \"improved\" S-boxes.","PeriodicalId":153749,"journal":{"name":"CS2 '14","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-01-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125126108","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 40
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信