• International Journal of Computer Science & Network Security
• /
• v.22 no.6
• /
• pp.288-296
• /
• 2022

Side-channel attacks are a quiet mighty type of attack that targets specific physical implementations vulnerabilities. Even though several researchers have examined diverse means and methods of detecting side-channel attacks, at the present time a systematic review of these approaches does not exist. The purposes of this paper are to give an extensive analysis of literature on side-channel attack detection and offer intuitiveness from past research studies. In this study, a literature survey is conducted on articles related to side-channel attack detection between 2020 and 2022 from ACM and IEEE digital libraries. From the 10 publications included in the study, it appears they target either a single type of side-channel attacks or multiple types of side-channel attacks. Therefore, a vital review of each of the two categories is provided, as well as possible prospective research in this field of study.

• ETRI Journal
• /
• v.30 no.2
• /
• pp.315-325
• /
• 2008

In this paper, we first investigate the side channel analysis attack resistance of various FPGA hardware implementations of the ARIA block cipher. The analysis is performed on an FPGA test board dedicated to side channel attacks. Our results show that an unprotected implementation of ARIA allows one to recover the secret key with a low number of power or electromagnetic measurements. We also present a masking countermeasure and analyze its second-order side channel resistance by using various suitable preprocessing functions. Our experimental results clearly confirm that second-order differential side channel analysis attacks also remain a practical threat for masked hardware implementations of ARIA.

• The KIPS Transactions:PartC
• /
• v.10C no.5
• /
• pp.557-564
• /
• 2003

This paper analyzes the side channel attacks for smartcard devices, and proposes the smartcard suity evaluation criteria for side-channel attacks. To setup the smartcard security evaluation criteria for side-channel attacks, we analyze similar security evaluation criteria for cryptographic algorithms, cryptographic modules, and smartcard protection profiles based on the common criterion. Futhermore, we propose the smartcard security evaluation criteria for side-channel attacks. It can be useful to evaluate a cryptosystem related with information security technology and in addition, it can be applied to building smartcard protection profile.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.2
• /
• pp.3-9
• /
• 2009

In this paper we introduce a new side-channel attack using block cipher cryptanalysis named meet-in-the middle attack. Using our new side-channel technique we introduce side-channel attacks on AES with reduced masked rounds. That is, we show that AES with reduced 10 masked rounds is vulnerable to side channel attacks based on an existing 4-round function. This shows that one has to mask the entire rounds of the 12-round 192-bit key AES to prevent our attacks. Our results are the first ones to analyze AES with reduced 10 masked rounds.

• Annual Conference of KIPS
• /
• 2017.04a
• /
• pp.373-375
• /
• 2017

Side-channel attacks and in particular differential power analysis (DPA) attacks pose a serious threat to cryptographic implementations. One approach to counteract such attacks is cryptographic schemes based on fresh re-keying. In settings of pre-shared secret keys, such schemes render DPA attacks infeasible by deriving session keys and by ensuring that the attacker cannot collect side-channel leakage on the session key during cryptographic operations with different inputs. This paper present a study on rekeying approach against side channel attacks with current secure schemes and their rekeying functions.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.10a
• /
• pp.101-103
• /
• 2022

Elliptic curve cryptography (ECC) is widely used in hardware implementations of public-key crypto-systems for IoT devices and V2X communication because it is suitable for efficient hardware implementation and has high security strength. However, ECC-based public-key cryptography is known to have security vulnerabilities against side-channel attacks, so it is necessary to apply countermeasures against security attacks in designing ECC processor. This paper describes a survey on the side-channel attacks and countermeasures applicable to ECC processor design.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.3
• /
• pp.477-489
• /
• 2014

Based on some flaws occurred for implementing a public key cryptosystem in the embedded security device, many side-channel attacks to extract the secret private key have been tried. In spite of the fact that the cryptographic exponentiation is basically composed of a sequence of multiplications and squarings, a new Square Always exponentiation algorithm was recently presented as a countermeasure against side-channel attacks based on trading multiplications for squarings. In this paper, we propose Known Power Collision Analysis and modified Doubling attacks to break the Right-to-Left Square Always exponentiation algorithm which is known resistant to the existing side-channel attacks. And we also present a Collision-based Combined Attack which is a combinational method of fault attack and power collision analysis. Furthermore, we verify that the Square Always algorithm is vulnerable to the proposed side-channel attacks using computer simulation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1237-1246
• /
• 2020

Recently, several cache side channel attacks have been proposed to extract secret information by exploiting design flaws of the microarchitecture. The Flush+Reload attack, one of the cache side channel attack, can be applied to malicious application attacks due to its properties of high resolution and low noise. In this paper, we proposed a detection system, which detects the cache-based attacks using the PCM(Performance Counter Monitor) for monitoring CPU cache activity. Especially, we observed the variation of each counter value of PCM in case of two kinds of attacks, Spectre attack and secret recovering attack during AES encryption. As a result, we found that four hardware counters were sensitive to cache side channel attacks. Our detector based on machine learning including SVM(Support Vector Machine), RF(Random Forest) and MLP(Multi Level Perceptron) can detect the cache side channel attacks with high detection accuracy.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.12
• /
• pp.6098-6122
• /
• 2018

Cache-based side-channel attacks have achieved more attention along with the development of cloud computing technologies. However, current host-based mitigation methods either provide bad compatibility with current cloud infrastructure, or turn out too application-specific. Besides, they are defending blindly without any knowledge of on-going attacks. In this work, we present CacheSCDefender, a framework that provides a (Virtual Machine Monitor) VMM-based comprehensive defense framework against all levels of cache attacks. In designing CacheSCDefender, we make three key contributions: (1) an attack-aware framework combining our novel dynamic remapping and traditional cache cleansing, which provides a comprehensive defense against all three cases of cache attacks that we identify in this paper; (2) a new defense method called dynamic remapping which is a developed version of random permutation and is able to deal with two cases of cache attacks; (3) formalization and quantification of security improvement and performance overhead of our defense, which can be applicable to other defense methods. We show that CacheSCDefender is practical for deployment in normal virtualized environment, while providing favorable security guarantee for virtual machines.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.5
• /
• pp.993-1006
• /
• 2024

The recent increase in public cloud usage has led to various security issues. In response, CPU manufacturers have introduced Trusted Execution Environment (TEE) technology, allowing secure service usage even with potentially untrustworthy cloud service providers. For instance, AMD offers VM-level TEE through SEV(Secure Encrypted Virtualization). However, it has been raised that confidential information can be leaked via page fault-based side-channel attacks on VMs protected by SEV. To address this, this paper proposes a method for real-time detection of such attacks in SEV environments. Nonetheless, since attackers can have hypervisor-level privileges under the SEV threat model, realizing this is challenging. To overcome this, we propose two approaches. First, using VMPL(Virtual Machine Privileged Level) to protect the detection program from untrusted hypervisors. Second, utilizing vPMU(virtual Performance Monitoring Unit) to derive new features for detecting page side-channel attacks. The designed and implemented detection program achieved a 95.38% accuracy in detecting page fault side-channel attacks.