共查询到20条相似文献,搜索用时 171 毫秒
1.
2.
3.
旁路攻击是一种通过分析密码设备在运行时所产生的旁路信息来分析该密码设备的秘密信息的方法.Paul Kocher等人在1998年提出的功耗分析现在已经是针对密码设备的旁路攻击中非常常见的一种.在硬件实现的密码设备中,双轨逻辑是一种有效的抵抗功耗分析的方法,它通过用两位物理比特来表示一位逻辑比特,使数据0和1的表述对称,从而平衡了功耗的大小.对于软件实现的密码设备,也可以借鉴双轨逻辑的思路,这里给出了一个较为完备的软件级双轨逻辑方案,解决了一些前人方案的不周全指出,并之后在一个DES算法的实验中,验证方案的有效性. 相似文献
4.
为了防止智能卡在做加密运算时,旁路信息会通过功耗的变化而泄露,提出了一种抗差分功耗分析攻击的方法.首先研究了AES算法的加密规则,然后采用8位的处理器模拟智能卡,在智能卡上实现了对AES算法中的轮密钥加的差分功耗攻击.为了抵抗轮密钥加的差分功耗攻击,文中在算法级别上提出了一种掩码技术,其核心是用不同的随机量对密码运算过程中明文和密钥进行掩码,实验结果表明,该方法成功地抵抗了差分功耗攻击. 相似文献
5.
6.
7.
8.
9.
基于旁路分析的集成电路芯片硬件木马检测 总被引:1,自引:0,他引:1
针对密码芯片中硬件木马电路检测的困难性,介绍了根据芯片旁路信息进行硬件木马检测的思想.在形式化定义基于旁路分析的硬件木马检测问题的基础上,分析了含硬件木马与不含硬件木马的密码芯片对应旁路信号在主成份分析结果上的差异,并以此对FPGA实现的含硬件木马的DES密码原型芯片进行了检测实验,实验结果表明了基于旁路信号主成份分析在密码芯片硬件木马检测中的效果. 相似文献
10.
针对微控制器代码旁路逆向恢复的问题,采用逆向工程思想与旁路攻击方法,依据不同的指令在芯片内执行时,会产生不同的功耗旁路泄漏信号这一特点,在已实现的单条指令旁路模板恢复的基础上,综合考虑程序的"上下文"信息,运用隐马尔可夫模型(HMM)对该问题进行建模描述与求解.对AT89C52微控制器中运行的数据加密标准(DES)加密算法的部分指令序列的恢复实验表明,该方法能够有效的恢复出微控制器芯片中运行的指令序列. 相似文献
11.
Three-dimensional (3D) integration is envisioned as a natural defense to thwart side-channel analysis (SCA) attacks on the hardware implementation of cryptographic algorithms. However, neither physical experiments nor quantitative analysis is available in existing works to study the impact of power distribution network (PDN) on the SCA attacks. Through quantitative analyses and experiments with realistic 3D models, this work demonstrates the impact of noise in PDN on the 3D chip's resilience against correlation power analysis (CPA) attack, which is one of SCA attacks. The characteristic of PDN noise is extracted from our experiments. To expand the natural defense originated from the 3D integration, this work proposes to exploit the PDN noise inherently existing in 3D chips to thwart CPA attacks. Instead of introducing external noise or flattening the power profile, the proposed method utilizes the spatially and temporally varied supply voltages from other 3D planes to blur the power correlation of the crypto unit. Both theoretical analysis and experimental validation prove that the proposed method can effectively enhance the resilience of a crypto unit embedded in the 3D chip against CPA attacks. Simulation results show the proposed method improves the average guessing entropy by 9× over the baseline. Emulation on an FPGA platform demonstrates that the proposed method successfully slows down the key retrieval speed of CPA attack, with significantly less power overhead than representable power equalization techniques. Test vector leakage assessment (TVLA) shows that the proposed method improves the confidence to accept null hypothesis 201× over the baseline. 相似文献
12.
13.
Sparse power equalization placement for limiting jamming attack propagation in transparent optical networks 总被引:1,自引:0,他引:1
Amornrat Jirattigalachote Nina Skorin-Kapov Marija Furdek Jiajia Chen Paolo Monti Lena Wosinska 《Optical Switching and Networking》2011,8(4):249-258
The latest advances in Wavelength Division Multiplexing (WDM) technology are making it possible to build all-optical transparent WDM networks, which are expected to be able to satisfy the rapid growth of today’s capacity demand. However, the transparency of such networks makes them highly vulnerable to deliberate attacks, specifically targeting the physical layer. Physical-layer attacks, such as high-power jamming, can cause severe service disruption or even service denial, enhanced by their capability to propagate through a transparent optical network. Several attack-aware routing and wavelength assignment algorithms have been proposed to reduce the possible disruption caused by high-power jamming attacks. However, even with network planning approaches which take network security, specifically physical-layer attacks, into account, resilience to deliberate attacks in such scenarios remains an issue.In this paper, we propose the use of wavelength-selective attenuators as power equalizers inside network nodes to limit the propagation of high-power jamming attacks. Due to the increased cost of optical switching nodes associated with the addition of power equalizers, we aim at minimizing their number through sparse power equalization placement. We developed a set of greedy algorithms to solve what we call the Power Equalization Placement (PEP) problem with the objective of minimizing the number of power equalizers needed to reduce, to a desired level, the propagation of high-power jamming attacks for a given routing scheme. We further improved upon these results by proposing a GRASP (Greedy Randomized Adaptive Search Procedure) heuristic with a somewhat longer execution time, but with significantly superior results. The performance evaluation results indicate that the proposed GRASP heuristic can achieve the same attack propagation reduction as can be obtained by equipping all nodes with power equalizers by placing them at less than 50% of the nodes on average, potentially yielding significant cost savings. 相似文献
14.
Aditya Bakshi Sunanda Gupta Akhil Gupta Sudeep Tanwar Kuei‐Fang Hsiao 《International Journal of Communication Systems》2020,33(12)
In recent years, to solve the problem of face spoofing, momentous work has been done in this field, but still, there is a need for establishing counter measures to the biometric spoofing attacks. Although trained and evaluated on different databases, impressive results have been achieved in existing face anti‐spoofing techniques, but biometric authentication is a very significant problem as imposters are using lots of reconstructed samples or fake synthetic material or structure that can be used for various attack purposes. For the first time, to the best of our knowledge, this paper explains the security for face anti‐spoofing detection using linear discriminant analysis and validates the results by calculating HTER and accuracy on different databases (i.e., REPLAY ATTACK and CASIA). The proposed model, that is, three‐tier face anti‐spoofing detection model (3T‐FASDM), is used for the detection of the fake biometric user and works well for real‐time applications. The proposed methods tested on a set of state‐of‐the‐art anti‐spoofing features for the face mode gives a very low degree of complexity as 26 general image quality measures are applied to differentiate among legitimate and imposter samples. The outcomes obtained from publically available data show that this technique has improved performance and accuracy by analyzing the HTER and machine learning classifiers that are helpful to differentiate among real and fake traits. 相似文献
15.
随着FPGA在商业、国防等领域的广泛应用,出现了很多针对FPGA的攻击方法,电路安全性面临着极大挑战。为了进一步研究FPGA的安全机制,文章介绍了一种新的侧信道分析(SCA)方法,并首次在Xilinx Virtex-7芯片上分析了加密位流在加载过程中存在的安全漏洞。相比之前的攻击目标,Virtex-7芯片规模更大,采集的信号信噪比更低,攻击难度更大。之前的研究使用的是SASEBO或SAKURA这类专为SCA设计的测试板,而该文的分析是第一个在Xilinx官方评估板上进行的实例,由于官方评估板不是针对侧信道信号采集设计的电路板,因此需要经过处理才能获得足够的信噪比。使用电磁辐射作为侧信道测量值,在80万条电磁曲线内就能够获得一组密钥。通过密钥解密,得到明文位流,攻击者就能够对FPGA进行逆向分析、克隆等操作,从而影响FPGA的安全。 相似文献
16.
As one of the most popular lightweight ci-phers in recent years, LBlock has attracted great attention. Researchers have explored the security of LBlock against various attacks. We focus on fault attack—one of the most important implementation attacks. In the past two years, fault attacks under the random fault model have been suc-cessfully applied to LBlock, supposing faults were injected at the end of the 24th to the 31st round. If faults are injected at the end of the 23rd round, previous attacks only work under the semi-random fault model. For the first time, we address this issue and propose a 23rd round fault attack under the random fault model. Compared with the previous works, our attack extends the fault injection to earlier round, with reasonable time cost and no extra faults. Experiments show that it only takes 10 faults to recover the secret key. 相似文献
17.
Ahmed Abdel Moamen Haitham S. Hamza Iman A. Saroit 《International Journal of Communication Systems》2014,27(11):2808-2831
A mobile ad‐hoc network (MANET) is a collection of autonomous nodes that communicate with each other by forming a multi‐hop radio network. Routing protocols in MANETs define how routes between source and destination nodes are established and maintained. Multicast routing provides a bandwidth‐efficient means for supporting group‐oriented applications. The increasing demand for such applications coupled with the inherent characteristics of MANETs (e.g., lack of infrastructure and node mobility) have made secure multicast routing a crucial yet challenging issue. Recently, several multicast routing protocols (MRP) have been proposed in MANETs. Depending on whether security is built‐in or added, MRP can be classified into two types: secure and security‐enhanced routing protocols, respectively. This paper presents a survey on secure and security‐enhanced MRP along with their security techniques and the types of attacks they can confront. A detailed comparison for the capability of the various routing protocols against some known attacks is also presented and analyzed. Copyright © 2013 John Wiley & Sons, Ltd. 相似文献
18.
防DPA攻击的标准单元库的设计与实现 总被引:1,自引:0,他引:1
给出了一个功耗恒定标准单元库的设计实现方法,并利用该标准单元库实现了DES密码算法中的S-盒。实验结果表明,这种标准单元库能够很好地起到防DPA攻击的作用。 相似文献
19.
密码设备面临故障攻击的威胁,针对密码芯片的故障攻击手段研究是密码学和硬件安全领域的重要研究方向.脉冲激光具有较好的时空分辨性,是一种准确度较高的故障攻击手段.该文详细描述了激光注入攻击的原理和方法,以集成AES-128算法的微控制器(MCU)为例实施了激光注入攻击实验.实验以微控制器的SRAM为攻击目标,分别成功实现了差分故障攻击和子密钥编排攻击,恢复了其16 Byte的完整密钥,其中后一种攻击是目前首次以激光的手段实现.研究表明,激光注入攻击能准确定位关键数据存放的物理位置,并能在任意的操作中引入错误,实现单比特的数据翻转,满足故障攻击模型的需求.激光注入攻击能在较短时间内完成自动攻击和密文收集,攻击过程贴近真实场景,对密码芯片具有极大的威胁. 相似文献
20.
A mobile pay‐TV service is one of the ongoing services of multimedia systems. Designing an efficient mechanism for authentication and key distribution is an important security requirement in mobile pay‐TV systems. Until now, many security protocols have been proposed for mobile pay‐TV systems. However, the existing protocols for mobile pay‐TV systems are vulnerable to various security attacks. Recently, Wang and Qin proposed an authentication scheme for mobile pay‐TV systems using bilinear pairing on elliptic curve cryptography. They claimed that their scheme could withstand various attacks. In this paper, we demonstrate that Wang and Qin's scheme is vulnerable to replay attacks and impersonation attacks. Furthermore, we propose a novel security protocol for mobile pay‐TV systems using the elliptic curve cryptosystem to overcome the weaknesses of Wang and Qin's scheme. In order to improve the efficiency, the proposed scheme is designed in such a way that needs fewer scalar multiplication operations and does not use bilinear pairing, which is an expensive cryptographic operation. Detailed analyses, including verification using the Automated Validation of Internet Security Protocols and Applications tool and implementation on FPGA, demonstrate that the proposed scheme not only withstands active and passive attacks and provides user anonymity but also has a better performance than Wang and Qin's scheme. 相似文献