Proceedings of the 5th Workshop on Attacks and Solutions in Hardware Security最新文献

筛选
英文 中文
WaC
Proceedings of the 5th Workshop on Attacks and Solutions in Hardware Security Pub Date : 2021-11-15 DOI: 10.1145/3474376.3487284
Yoo-Seung Won, Soham Chatterjee, Dirmanto Jap, Arindam Basu, S. Bhasin
{"title":"WaC","authors":"Yoo-Seung Won, Soham Chatterjee, Dirmanto Jap, Arindam Basu, S. Bhasin","doi":"10.1145/3474376.3487284","DOIUrl":"https://doi.org/10.1145/3474376.3487284","url":null,"abstract":"Commercial machine learning accelerators like Intel neural Compute Stick 2 (NCS2) enable efficient inference on otherwise low resource edge devices. However, these accelerators are also exposed to new threats leveraging physical access. In this paper, we present the first results demonstrating practical electromagnetic side-channel attack on NCS2, allowing secret weight recovery from executed models.","PeriodicalId":339465,"journal":{"name":"Proceedings of the 5th Workshop on Attacks and Solutions in Hardware Security","volume":"81 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130812667","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A Forward Error Compensation Approach for Fault Resilient Deep Neural Network Accelerator Design 故障弹性深度神经网络加速器设计的前向误差补偿方法
Proceedings of the 5th Workshop on Attacks and Solutions in Hardware Security Pub Date : 2021-11-15 DOI: 10.1145/3474376.3487281
Wenye Liu, Chip-Hong Chang
{"title":"A Forward Error Compensation Approach for Fault Resilient Deep Neural Network Accelerator Design","authors":"Wenye Liu, Chip-Hong Chang","doi":"10.1145/3474376.3487281","DOIUrl":"https://doi.org/10.1145/3474376.3487281","url":null,"abstract":"Deep learning accelerator is a key enabler of a variety of safety-critical applications such as self-driving car and video surveillance. However, recently reported hardware-oriented attack vectors, e.g., fault injection attacks, have extended the threats on deployed deep neural network (DNN) systems beyond the software attack boundary by input data perturbation. Existing fault mitigation schemes including data masking, zeroing-on-error and circuit level time-borrowing techniques exploit the noise-tolerance of neural network models to resist random and sparse errors. Such noise tolerant-based schemes are not sufficiently effective to suppress intensive transient errors if a DNN accelerator is blasted with malicious and deliberate faults. In this paper, we conduct comprehensive investigations on reported resilient designs and propose a more robust countermeasure to fault injection attacks. The proposed design utilizes shadow flip flops for error detection and lightweight circuit for timely error correction. Our forward error compensation scheme rectifies the incorrect partial sum of the multiply-accumulation operation by estimating the difference between the correct and error-inflicted computation. The difference is added back to the final accumulated result at a later cycle without stalling the execution pipeline. We implemented our proposed design and the existing fault-mitigation schemes on the same Intel FPGA-based DNN accelerator to demonstrate its substantially enhanced resiliency against deliberate fault attacks on two popular DNN models, ResNet50 and VGG16, trained with ImageNet.","PeriodicalId":339465,"journal":{"name":"Proceedings of the 5th Workshop on Attacks and Solutions in Hardware Security","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115952069","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Practical Aspects on Non-profiled Deep-learning Side-channel Attacks against AES Software Implementation with Two Types of Masking Countermeasures including RSM 采用包括RSM在内的两种掩蔽对策实现非轮廓深度学习侧信道攻击AES软件的实践
Proceedings of the 5th Workshop on Attacks and Solutions in Hardware Security Pub Date : 2021-11-15 DOI: 10.1145/3474376.3487285
Kunihiro Kuroda, Yuta Fukuda, Kota Yoshida, T. Fujino
{"title":"Practical Aspects on Non-profiled Deep-learning Side-channel Attacks against AES Software Implementation with Two Types of Masking Countermeasures including RSM","authors":"Kunihiro Kuroda, Yuta Fukuda, Kota Yoshida, T. Fujino","doi":"10.1145/3474376.3487285","DOIUrl":"https://doi.org/10.1145/3474376.3487285","url":null,"abstract":"Deep-learning side-channel attacks (DL-SCAs), applying deep neural networks (DNNs) to SCAs, are known that can easily attack some existing SCA countermeasures such as masking and random jitter. While there have been many studies on profiled DL-SCAs, a new approach that involves applying deep learning to non-profiled attacks was proposed in 2018. In our study, we investigate the structure of DNN models and attack points (PoI: Points of Interests) for non-profiled DL-SCAs using the ANSSI SCA database with a masking countermeasure. The results of investigations indicate that it is better to use a simple network model, apply regularization to prevent over-fitting, and select a wide range of power traces that contain side-channel information as the PoI. We also implemented AES-128 software implementation protected with the RSM (Rotating Sboxes Masking) countermeasure, which has never been attacked by non-profiled DL-SCAs, on the Xmega128 microcontroller and carried out non-profiled DL-SCAs against it. Non-profiled DL-SCAs successfully recovered all partial keys while the conventional power analysis could not. We conducted two types of experimental analyses to clarify that DL-SCAs learn mask-values used in the masking countermeasure. One is the-gradient visualization used in previous studies, and the other is a new analysis method using partial removal of power traces.","PeriodicalId":339465,"journal":{"name":"Proceedings of the 5th Workshop on Attacks and Solutions in Hardware Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130043002","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
Machine Learning on Encrypted Data: Hardware to the Rescue 加密数据上的机器学习:硬件救援
Proceedings of the 5th Workshop on Attacks and Solutions in Hardware Security Pub Date : 2021-11-15 DOI: 10.1145/3474376.3487276
F. Koushanfar
{"title":"Machine Learning on Encrypted Data: Hardware to the Rescue","authors":"F. Koushanfar","doi":"10.1145/3474376.3487276","DOIUrl":"https://doi.org/10.1145/3474376.3487276","url":null,"abstract":"Machine Learning on encrypted data is a yet-to-be-addressed challenge. Several recent key advances across different layers of the system, from cryptography and mathematics to logic synthesis and hardware are paving the way for practical realization of privacy preserving computing for certain target applications. This talk highlights the crucial role of hardware and advances in computing architecture in supporting the recent progresses in the field. I outline the main technologies and mixed computing models. I particularly center my talk on the recent progress in synthesis of Garbled Circuits that provide a leap in scalable realization of machine learning on encrypted data. I explore how hardware could pave the way for navigating the complex space of privacy-preserving computing in general, and enabling scalable future mixed protocol solutions. I conclude by briefly discussing the challenges and opportunities moving forward.","PeriodicalId":339465,"journal":{"name":"Proceedings of the 5th Workshop on Attacks and Solutions in Hardware Security","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125634092","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
WaC
Proceedings of the 5th Workshop on Attacks and Solutions in Hardware Security Pub Date : 2021-11-15 DOI: 10.1145/3474376.3487279
Erland Wittkotter
{"title":"WaC","authors":"Erland Wittkotter","doi":"10.1145/3474376.3487279","DOIUrl":"https://doi.org/10.1145/3474376.3487279","url":null,"abstract":"The current encryption infrastructure is no match for an Artificial Superintelligence (ASI), the likely result of a possible intelligence explosion by a self-improving AI. That kind of ASI would likely be able to modify any software and thereby steal encryption keys instead of doing a brute-force attack. Under such circumstances, any private, public, or session key processed within a CPU must be considered compromised. Although an ASI with that kind of skill does not exist yet, it is important to be prepared - because that level of attack by an ASI is feasible. Reliable and unbreakable encryption and communication (Trustworthy Encryption and Communication) must be the bedrock technology for any ASI Safety solution that tries to keep ASI under control. No current solution can determine if the corresponding receiver or sender has dedicated crypto hardware or possibly compromised crypto soft-ware. The proposed solution is a hardware component with Key-Safe and an associated Encryption/Decryption Unit for processing data. This component will not allow any key, in particular not the public key to be in cleartext outside the Key-Safe. Keys are referred to via their hashcodes. If ASI was able to breach the hardware protection around the keys, then the solution will create evidence when stolen keys are being used outside the hardware component. Key-Safes and Hashcodes related to public/private keys can be integrated into a minimally extended version of TLS and PKI.","PeriodicalId":339465,"journal":{"name":"Proceedings of the 5th Workshop on Attacks and Solutions in Hardware Security","volume":"89 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127822876","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Speculative Execution Attacks and Hardware Defenses 推测执行攻击和硬件防御
Proceedings of the 5th Workshop on Attacks and Solutions in Hardware Security Pub Date : 2021-11-15 DOI: 10.1145/3474376.3487404
R. Lee
{"title":"Speculative Execution Attacks and Hardware Defenses","authors":"R. Lee","doi":"10.1145/3474376.3487404","DOIUrl":"https://doi.org/10.1145/3474376.3487404","url":null,"abstract":"Speculative execution attacks like Spectre and Meltdown exploit hardware performance optimization features to illegally access a secret and then leak the secret to an unauthorized recipient. Many variants of speculative execution attacks (also called transient execution attacks) have been proposed in the last few years, and new ones are constantly being discovered. While software mitigations for some attacks have been proposed, they often cause very significant performance degradation. Hardware solutions are also being proposed actively by the research community, especially as these are attacks on hardware microarchitecture. In this talk, we identify the critical steps in a speculative attack, and the root cause of successful attacks. We define the concept of \"security dependencies\", which should be implemented to prevent data leaks and other security breaches. We propose a taxonomy of defense strategies and show how proposed hardware defenses fall under each defense strategy. We discuss security-performance tradeoffs, which can decrease the performance overhead while still preventing security breaches. We suggest design principles for future security-aware microarchitecture.","PeriodicalId":339465,"journal":{"name":"Proceedings of the 5th Workshop on Attacks and Solutions in Hardware Security","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125151058","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Breaking Masked and Shuffled CCA Secure Saber KEM by Power Analysis 破解蒙面和洗牌的CCA安全军刀密钥
Proceedings of the 5th Workshop on Attacks and Solutions in Hardware Security Pub Date : 2021-11-15 DOI: 10.1145/3474376.3487277
Kalle Ngo, E. Dubrova, T. Johansson
{"title":"Breaking Masked and Shuffled CCA Secure Saber KEM by Power Analysis","authors":"Kalle Ngo, E. Dubrova, T. Johansson","doi":"10.1145/3474376.3487277","DOIUrl":"https://doi.org/10.1145/3474376.3487277","url":null,"abstract":"In this paper, we show that a software implementation of CCA secure Saber KEM protected by first-order masking and shuffling can be broken by deep learning-based power analysis. Using an ensemble of deep neural networks created at the profiling stage, we can recover the session key and the long-term secret key from 257xN and 24x257xN traces, respectively, where N is the number of repetitions of the same measurement. The value of N depends on the implementation, environmental factors, acquisition noise, etc.; in our experiments N=10 is enough to succeed. The neural networks are trained on a combination of 80% of traces from the profiling device with a known shuffling order and 20% of traces from the device under attack captured for all-0 and all-1 messages. \"Spicing\" the training set with traces from the device under attack helps minimize the negative effect of device variability.","PeriodicalId":339465,"journal":{"name":"Proceedings of the 5th Workshop on Attacks and Solutions in Hardware Security","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127386347","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 21
Isadora
Proceedings of the 5th Workshop on Attacks and Solutions in Hardware Security Pub Date : 2021-11-15 DOI: 10.1007/978-1-4020-6754-9_8762
Calvin Deutschbein, Andres Meza, Francesco Restuccia, R. Kastner, C. Sturton
{"title":"Isadora","authors":"Calvin Deutschbein, Andres Meza, Francesco Restuccia, R. Kastner, C. Sturton","doi":"10.1007/978-1-4020-6754-9_8762","DOIUrl":"https://doi.org/10.1007/978-1-4020-6754-9_8762","url":null,"abstract":"","PeriodicalId":339465,"journal":{"name":"Proceedings of the 5th Workshop on Attacks and Solutions in Hardware Security","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124030389","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Design Space Exploration of SABER in 65nm ASIC SABER在65nm ASIC上的设计空间探索
Proceedings of the 5th Workshop on Attacks and Solutions in Hardware Security Pub Date : 2021-09-16 DOI: 10.1145/3474376.3487278
Malik Imran, Felipe Almeida, J. Raik, Andrea Basso, S. Roy, S. Pagliarini
{"title":"Design Space Exploration of SABER in 65nm ASIC","authors":"Malik Imran, Felipe Almeida, J. Raik, Andrea Basso, S. Roy, S. Pagliarini","doi":"10.1145/3474376.3487278","DOIUrl":"https://doi.org/10.1145/3474376.3487278","url":null,"abstract":"This paper presents a design space exploration for SABER, one of the finalists in NIST's quantum-resistant public-key cryptographic standardization effort. Our design space exploration targets a 65nm ASIC platform and has resulted in the evaluation of 6 different architectures. Our exploration is initiated by setting a baseline architecture which is ported from FPGA. In order to improve the clock frequency (the primary goal in our exploration), we have employed several optimizations: (i) use of compiled memories in a 'smart synthesis' fashion, (ii) pipelining, and (iii) logic sharing between SABER building blocks. The most optimized architecture utilizes four register files, achieves a remarkable clock frequency of 1GHz while only requiring an area of 0.314mm2. Moreover, physical synthesis is carried out for this architecture and a tapeout-ready layout is presented. The estimated dynamic power consumption of the high-frequency architecture is approximately 184mW for key generation and 187mW for encapsulation or decapsulation operations. These results strongly suggest that our optimized accelerator architecture is well suited for high-speed cryptographic applications.","PeriodicalId":339465,"journal":{"name":"Proceedings of the 5th Workshop on Attacks and Solutions in Hardware Security","volume":"74 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-09-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127345795","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Trojan Awakener: Detecting Dormant Malicious Hardware Using Laser Logic State Imaging 木马唤醒器:检测休眠恶意硬件使用激光逻辑状态成像
Proceedings of the 5th Workshop on Attacks and Solutions in Hardware Security Pub Date : 2021-07-21 DOI: 10.1145/3474376.3487282
Thilo Krachenfels, Jean-Pierre Seifert, Shahin Tajik
{"title":"Trojan Awakener: Detecting Dormant Malicious Hardware Using Laser Logic State Imaging","authors":"Thilo Krachenfels, Jean-Pierre Seifert, Shahin Tajik","doi":"10.1145/3474376.3487282","DOIUrl":"https://doi.org/10.1145/3474376.3487282","url":null,"abstract":"The threat of hardware Trojans (HTs) and their detection is a widely studied field. While the effort for inserting a Trojan into an application-specific integrated circuit (ASIC) can be considered relatively high, especially when trusting the chip manufacturer, programmable hardware is vulnerable to Trojan insertion even after the product has been shipped or during usage. At the same time, detecting dormant HTs with small or zero-overhead triggers and payloads on these platforms is still a challenging task, as the Trojan might not get activated during the chip verification using logical testing or physical measurements. In this work, we present a novel Trojan detection approach based on a technique known from integrated circuit (IC) failure analysis, capable of detecting virtually all classes of dormant Trojans. Using laser logic state imaging (LLSI), we show how supply voltage modulations can awaken inactive Trojans, making them detectable using laser voltage imaging techniques. Therefore, our technique does not require triggering the Trojan. To support our claims, we present two case studies on 28 nm SRAM- and flash-based field-programmable gate arrays (FPGAs). We demonstrate how to detect with high confidence small changes in sequential and combinatorial logic as well as in the routing configuration of FPGAs in a non-invasive manner. Finally, we discuss the practical applicability of our approach on dormant analog Trojans in ASICs.","PeriodicalId":339465,"journal":{"name":"Proceedings of the 5th Workshop on Attacks and Solutions in Hardware Security","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132101791","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信