• Title/Summary/Keyword: Side Channel Attack

Search Result 166, Processing Time 0.032 seconds

Dictionary attack of remote user authentication scheme using side channel analysis (부채널 분석을 이용한 원거리 사용자 인증 기법의 사전공격)

  • Kim, Yong-Hun;Youn, Taek-Young;Park, Young-Ho;Hong, Seok-Hee
    • Journal of Broadcast Engineering
    • /
    • v.13 no.1
    • /
    • pp.62-68
    • /
    • 2008
  • Remote user authentication scheme is a cryptographic tool which permits a server to identify a remote user. In 2007, Wang et al. pointed out that Ku's remote user authentication scheme is vulnerable to a dictionary attack by obtaining some secret information in a smart card using side channel attacks. They also proposed a remote user authentication scheme which is secure against dictionary attack. In this paper, we analyze the protocol proposed by Wang et al. In the paper, it is claimed that the protocol is secure even though some values, which is stored in a smart card, are revealed to an adversary, However, we show that their protocol is insecure if the values are disclosed to an adversary.

Development of Side Channel Attack Analysis Tool on Smart Card (사이드 채널 공격에 대한 스마트카드 안전성의 실험적 분석)

  • Han Dong-Ho;Park Jea-Hoon;Ha Jae-Cheol;Lee Sung-Jae;Moon Sang-Jae
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.16 no.4
    • /
    • pp.59-68
    • /
    • 2006
  • Although the cryptographic algorithms in IC chip such as smart card are secure against mathematical analysis attack, they are susceptible to side channel attacks in real implementation. In this paper, we analyze the security of smart card using a developed experimental tool which can perform power analysis attacks and fault insertion attacks. As a result, raw smart card implemented SEED and ARIA without any countermeasure is vulnerable against differential power analysis(DPA) attack. However, in fault attack about voltage and clock on RSA with CRT, the card is secure due to its physical countermeasures.

JMP+RAND: Mitigating Memory Sharing-Based Side-Channel Attack by Embedding Random Values in Binaries (JMP+RAND: 바이너리 난수 삽입을 통한 메모리 공유 기반 부채널 공격 방어 기법)

  • Kim, Taehun;Shin, Youngjoo
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.9 no.5
    • /
    • pp.101-106
    • /
    • 2020
  • Since computer became available, much effort has been made to achieve information security. Even though memory protection defense mechanisms were studied the most among of them, the problems of existing memory protection defense mechanisms were found due to improved performance of computer and new defense mechanisms were needed due to the advent of the side-channel attacks. In this paper, we propose JMP+RAND that embedding random values of 5 to 8 bytes per page to defend against memory sharing based side-channel attacks and bridging the gap of existing memory protection defense mechanism. Unlike the defense mechanism of the existing side-channel attacks, JMP+RAND uses static binary rewriting and continuous jmp instruction and random values to defend against the side-channel attacks in advance. We numerically calculated the time it takes for a memory sharing-based side-channel attack to binary adopted JMP+RAND technique and verified that the attacks are impossible in a realistic time. Modern architectures have very low overhead for JMP+RAND because of the very fast and accurate branching of jmp instruction using branch prediction. Since random value can be embedded only in specific programs using JMP+RAND, it is expected to be highly efficient when used with memory deduplication technique, especially in a cloud computing environment.

Single Trace Side Channel Analysis on NTRUEncrypt Implementation (NTRUEncrypt에 대한 단일 파형 기반 전력 분석)

  • An, Soojung;Kim, Suhri;Jin, Sunghyun;Kim, HanBit;Kim, HeeSeok;Hong, Seokhie
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.28 no.5
    • /
    • pp.1089-1098
    • /
    • 2018
  • As the development of quantum computers becomes visible, the researches on post-quantum cryptography to alternate the present cryptography system have actively pursued. To substitute RSA and Elliptic Curve Cryptosystem, post-quantum cryptography must also consider side channel resistance in implementation. In this paper, we propose a side channel analysis on NTRU, based on the implementation made public in the NIST standardization. Unlike the previous analysis which exploits a thousands of traces, the proposed attack can recover the private key using a single power consumption trace. Our attack not only reduces the complexity of the attack but also gives more possibility to analyze a practical public key cryptosystem. Furthermore, we suggested the countermeasure against our attacks. Our countermeasure is much more efficient than existing implementation.

Power-Based Side Channel Attack and Countermeasure on the Post-Quantum Cryptography NTRU (양자내성암호 NTRU에 대한 전력 부채널 공격 및 대응방안)

  • Jang, Jaewon;Ha, Jaecheol
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.32 no.6
    • /
    • pp.1059-1068
    • /
    • 2022
  • A Post-Quantum Cryptographic algorithm NTRU, which is designed by considering the computational power of quantum computers, satisfies the mathematically security level. However, it should consider the characteristics of side-channel attacks such as power analysis attacks in hardware implementation. In this paper, we verify that the private key can be recovered by analyzing the power signal generated during the decryption process of NTRU. To recover the private keys, the Simple Power Analysis (SPA), Correlation Power Analysis (CPA) and Differential Deep Learning Analysis (DDLA) were all applicable. There is a shuffling technique as a basic countermeasure to counter such a power side-channel attack. Neverthe less, we propose a more effective method. The proposed method can prevent CPA and DDLA attacks by preventing leakage of power information for multiplication operations by only performing addition after accumulating each coefficient, rather than performing accumulation after multiplication for each index.

Fault Attack on a Point Blinding Countermeasure of Pairing Algorithms

  • Park, Jea-Hoon;Sohn, Gyo-Yong;Moon, Sang-Jae
    • ETRI Journal
    • /
    • v.33 no.6
    • /
    • pp.989-992
    • /
    • 2011
  • Recently, Page and Vercauteren proposed a fault attack on pairing algorithms and two countermeasures against such an attack. The countermeasure uses either a random scalar or a random point to blind the input points. To defeat the countermeasure using a random point, we utilize the point addition formula on an elliptic curve. As a result, we successfully defeat the countermeasure using a random point.

Analysis and Countermeasure on RSA Algorithm Having High Attack Complexity in Collision-Based Power Analysis Attack (충돌 전력 분석 공격에 높은 공격 복잡도를 갖는 RSA 알고리즘에 대한 취약점 분석 및 대응기법)

  • Kim, Suhri;Kim, Taewon;Jo, Sungmin;Kim, HeeSeok;Hong, Seokhie
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.26 no.2
    • /
    • pp.335-344
    • /
    • 2016
  • It is known that power analysis is one of the most powerful attack in side channel analysis. Among power analysis single trace attack is widely studied recently since it uses one power consumption trace to recover secret key of public cryptosystem. Recently Sim et al. proposed new exponentiation algorithm for RSA cryptosystem with higher attack complexity to prevent single trace attack. In this paper we analyze the vulnerability of exponentiation algorithm described by Sim et al. Sim et al. applied message blinding and random exponentiation splitting method on $2^t-ary$ for higher attack complexity. However we can reveal private key using information exposed during pre-computation generation. Also we describe modified algorithm that provides higher attack complexity on collision attack. Proposed algorithm minimized the reuse of value that are used during exponentiation to provide security under single collision attack.

Weight Recovery Attacks for DNN-Based MNIST Classifier Using Side Channel Analysis and Implementation of Countermeasures (부채널 분석을 이용한 DNN 기반 MNIST 분류기 가중치 복구 공격 및 대응책 구현)

  • Youngju Lee;Seungyeol Lee;Jeacheol Ha
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.33 no.6
    • /
    • pp.919-928
    • /
    • 2023
  • Deep learning technology is used in various fields such as self-driving cars, image creation, and virtual voice implementation, and deep learning accelerators have been developed for high-speed operation in hardware devices. However, several side channel attacks that recover secret information inside the accelerator using side-channel information generated when the deep learning accelerator operates have been recently researched. In this paper, we implemented a DNN(Deep Neural Network)-based MNIST digit classifier on a microprocessor and attempted a correlation power analysis attack to confirm that the weights of deep learning accelerator could be sufficiently recovered. In addition, to counter these power analysis attacks, we proposed a Node-CUT shuffling method that applies the principle of misalignment at the time of power measurement. It was confirmed through experiments that the proposed countermeasure can effectively defend against side-channel attacks, and that the additional calculation amount is reduced by more than 1/3 compared to using the Fisher-Yates shuffling method.

Random Point Blinding Methods for Koblitz Curve Cryptosystem

  • Baek, Yoo-Jin
    • ETRI Journal
    • /
    • v.32 no.3
    • /
    • pp.362-369
    • /
    • 2010
  • While the elliptic curve cryptosystem (ECC) is getting more popular in securing numerous systems, implementations without consideration for side-channel attacks are susceptible to critical information leakage. This paper proposes new power attack countermeasures for ECC over Koblitz curves. Based on some special properties of Koblitz curves, the proposed methods randomize the involved elliptic curve points in a highly regular manner so the resulting scalar multiplication algorithms can defeat the simple power analysis attack and the differential power analysis attack simultaneously. Compared with the previous countermeasures, the new methods are also noticeable in terms of computational cost.

Real-Time Detection on FLUSH+RELOAD Attack Using Performance Counter Monitor (Performance Counter Monitor를 이용한 FLUSH+RELOAD 공격 실시간 탐지 기법)

  • Cho, Jonghyeon;Kim, Taehyun;Shin, Youngjoo
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.8 no.6
    • /
    • pp.151-158
    • /
    • 2019
  • FLUSH+RELOAD attack exposes the most serious security threat among cache side channel attacks due to its high resolution and low noise. This attack is exploited by a variety of malicious programs that attempt to leak sensitive information. In order to prevent such information leakage, it is necessary to detect FLUSH+RELOAD attack in real time. In this paper, we propose a novel run-time detection technique for FLUSH+RELOAD attack by utilizing PCM (Performance Counter Monitor) of processors. For this, we conducted four kinds of experiments to observe the variation of each counter value of PCM during the execution of the attack. As a result, we found that it is possible to detect the attack by exploiting three kinds of important factors. Then, we constructed a detection algorithm based on the experimental results. Our algorithm utilizes machine learning techniques including a logistic regression and ANN(Artificial Neural Network) to learn from different execution environments. Evaluation shows that the algorithm successfully detects all kinds of attacks with relatively low false rate.