可信平台芯片的一种硬件攻击防范设计

信息安全芯片已逐渐向SoC、平台芯片的方向发展，同时其面临的各种来自硬件攻击的威胁也渐渐增加，分析了常见的主动、被动式旁路攻击的手段和原理，并结合一款可信平台芯片的设计实例提出了一些有针对性的防范手段及实现方式。     

Exploiting Multi-Phase On-Chip Voltage Regulators as Strong PUF Primitives for Securing IoT

The physical randomness of the flying capacitors in the multi-phase on-chip switched-capacitor (SC) voltage converter is exploited as a novel strong physical unclonable function (PUF) primitive for IoT authentication. Moreover, for the strong PUF we devised, an approximated constant input power is achieved against side-channel attacks and a non-linear transformation block is utilized to scramble the high linear relationship between the input challenges and output responses against machine-learning attacks. The results show that the novel strong PUF primitive we designed achieves a nearly 51.3% inter-Hamming distance (HD) and 98.5% reliability while maintaining a high security level against both side-channel and machine-learning attacks.     

基于随机加法链的高级加密标准抗侧信道攻击对策

侧信道攻击已经对高级加密标准(AES)的硬件安全造成严重威胁,如何抵御侧信道攻击成为目前亟待解决的问题。字节替换操作作为AES算法中唯一的非线性操作,提高其安全性对整个加密算法有重要意义。该文提出一种基于随机加法链的AES抗侧信道攻击对策,该对策用随机加法链代替之前固定的加法链来实现有限域GF(28)上的乘法求逆操作,在此基础上研究随机加法链对算法安全性和有效性方面的影响。实验表明,所提随机加法链算法比之前固定的加法链算法在抵御侧信道攻击上更加安全、有效。     

物理可观测下DES的安全性研究

利用物理观测效应进行的旁路攻击,是通过对密码设备工作时泄漏的时间、功耗等信息的分析,获取密码系统的密钥或相关秘密信息.已有大量防护对策但并没有从根本上阻止攻击.本文在AT89C52上加载了DES算法,并在该平台上对差分功耗旁路攻击与防护方法进行了实验和验证.根据Micali和Reyzin建立的物理观测密码术理论模型,将该模型具体化,对可以抵抗黑盒攻击的密码要素进行修正以抵抗基于物理泄漏的旁路攻击,将RO(random oracle)模型用于物理观测现实世界的安全性证明,给出了对称加密方案物理可观测下安全性定义,并对DES定义了在DPA攻击下的安全性.     

Securing Encryption Systems With a Switched Capacitor Current Equalizer

Hardware encryption engines are essential components of secure systems. They are widely used in desktop applications such as the trusted platform module as well as in mobile applications where they offer high energy efficiency compared to their software implementation counterparts. Unfortunately, ASIC encryption engines leak side-channel information through their power supplies. This information can be used by attackers to reveal their secret keys with attacks such as differential power analysis. Dual-rail logic and noise addition circuits increase the security against these attacks, but they add higher than 3x overheads in area, power, and performance to unsecured encryption engines. In this work, we present a switched capacitor circuit that equalizes the current to isolate the critical encryption activity from the external supplies, eliminating the side-channel information leakage. The secure encryption system was implemented in a 0.13 ?m CMOS technology with 7.2% area and 33% power overheads and a 2 × performance degradation. The secret encryption key was not revealed after ten million side-channel attacks.     

Jetson Nano神经网络物理电磁泄漏安全研究

如果采用旁路攻击方法对神经网络结构、框架进行攻击,恢复出结构、权重等信息,会产生敏感信息的泄漏,因此,需要警惕神经网络计算设备在旁路攻击领域产生敏感信息泄露的潜在风险。本文基于Jetson Nano平台,针对神经网络及神经网络框架推理时产生的旁路电磁泄漏信号进行采集,设计了基于深度学习方法的旁路攻击算法,对旁路进行分析研究,并对两个维度的安全进行评估。研究表明,良好的网络转换策略能够提升网络分类识别准确率5%～12%。两种评估任务中,针对同一框架下不同结构的典型神经网络推理时,电磁泄漏的分类准确率达到97.21%;针对不同神经网络框架下同一种网络推理时,电磁泄漏的分类准确率达到100%。说明旁路电磁攻击方法对此类嵌入式图像处理器(GPU)计算平台中的深度学习算法隐私产生了威胁。     

Security Against Hardware Trojan Attacks Using Key-Based Design Obfuscation

Malicious modification of hardware in untrusted fabrication facilities, referred to as hardware Trojan, has emerged as a major security concern. Comprehensive detection of these Trojans during post-manufacturing test has been shown to be extremely difficult. Hence, it is important to develop design techniques that provide effective countermeasures against hardware Trojans by either preventing Trojan attacks or facilitating detection during test. Obfuscation is a technique that is conventionally employed to prevent piracy of software and hardware intellectual property (IP). In this work, we propose a novel application of key-based circuit structure and functionality obfuscation to achieve protection against hardware Trojans triggered by rare internal circuit conditions. The proposed obfuscation scheme is based on judicious modification of the state transition function, which creates two distinct functional modes: normal and obfuscated. A circuit transitions from the obfuscated to the normal mode only upon application of a specific input sequence, which defines the key. We show that it provides security against Trojan attacks in two ways: (1) it makes some inserted Trojans benign, i.e. they become effective only in the obfuscated mode; and (2) it prevents an adversary from exploiting the true rare events in a circuit to insert hard-to-detect Trojans. The proposed design methodology can thus achieve simultaneous protection from hardware Trojans and hardware IP piracy. Besides protecting ICs against Trojan attacks in foundry, we show that it can also protect against malicious modifications by untrusted computer-aided design (CAD) tools in both SoC and FPGA design flows. Simulation results for a set of benchmark circuits show that the scheme is capable of achieving high levels of security against Trojan attacks at modest area, power and delay overhead.     

Secure Hardware Implementation of Nonlinear Functions in the Presence of Glitches

Hardware implementations of cryptographic algorithms are vulnerable to side-channel attacks. Side-channel attacks that are based on multiple measurements of the same operation can be countered by employing masking techniques. Many protection measures depart from an idealized hardware model that is very expensive to meet with real hardware. In particular, the presence of glitches causes many masking techniques to leak information during the computation of nonlinear functions. We discuss a recently introduced masking method which is based on secret sharing and multi-party computation methods. The approach results in implementations that are provably resistant against a wide range of attacks, while making only minimal assumptions on the hardware. We show how to use this method to derive secure implementations of some nonlinear building blocks for cryptographic algorithms. Finally, we provide a provable secure implementation of the block cipher Noekeon and verify the results by means of low-level simulations.     

Mutual Information Analysis: a?Comprehensive Study

Mutual Information Analysis is a generic side-channel distinguisher that has been introduced at CHES 2008. It aims to allow successful attacks requiring minimum assumptions and knowledge of the target device by the adversary. In this paper, we compile recent contributions and applications of MIA in a comprehensive study. From a theoretical point of view, we carefully discuss its statistical properties and relationship with probability density estimation tools. From a practical point of view, we apply MIA in two of the most investigated contexts for side-channel attacks. Namely, we consider first-order attacks against an unprotected implementation of the DES in a full custom IC and second-order attacks against a masked implementation of the DES in an 8-bit microcontroller. These experiments allow to put forward the strengths and weaknesses of this new distinguisher and to compare it with standard power analysis attacks using the correlation coefficient.     

Cryptographic Algorithms on the GA144 Asynchronous Multi-Core Processor

Pervasive computing has turned many ordinary commodity products to smart and digital computing devices. Though these devices are mostly equipped with low-cost processors offering limited computing power, they are often requested to handle user-sensitive data. This evidently calls for the integration of different security services that typically involves computationally expensive cryptography. In this context, lightweight cryptographic constructions came recently up to minimize the computational burden on such constrained devices. Unfortunately, many of those constructions were too simplistic to preserve long-lasting confidence in their security. Therefore we aim for another approach in this work and implement standardized and well-established cryptography on an alternative, lightweight platform, namely an asynchronous GA144 ultra-low-powered multi-core processor with 144 tiny cores. We demonstrate that symmetric and asymmetric cryptography such as AES and RSA can be realized on this low-end device. With energy consumption being as low as 0.63 μJ and 22.3 mJ, this platform achieves a performance of 38 μs and 462.9 ms per AES and RSA operation, respectively.This translates to an energy consumption and computation time that is significantly lower than many lightweight implementations reported so far. We finally emphasize that this low-power and asynchronous operation of cryptography does not eliminate the threat of physical attacks, in particular power attacks. We evaluate the side-channel resistance of our design and identified that less than 5,000 measurements are already sufficient to fully recover the 128-bit key of the unprotected AES implementation.     

Universal masking on logic gate level

A concept of random masking of arbitrary logic circuits on the logic gate level is developed and several techniques are proposed. The results are important for protecting hardware implementations of cryptographic algorithms against side-channel attacks.     

自适应安全管理平台研究与实现

随着网络攻击行为的日益盛行,单一安全设备已不能满足安全管理需要,通过不同主机、网络设备、安全设备和应用系统的关联分析发现异常和攻击行为成为必须.本文提出综合的动态关联分析框架,从预防、检测、响应三个方面来全面防御各种异常行为和攻击现象,并对相关实现技术进行介绍,重点介绍动态矩阵算法实现基于时间的事件多步关联分析.     

Power analysis attack resilient block cipher implementation based on 1-of-4 data encoding

Side-channel attacks pose an inevitable challenge to the implementation of cryptographic algorithms, and it is important to mitigate them. This work identifies a novel data encoding technique based on 1-of-4 codes to resist differential power analysis attacks, which is the most investigated category of side-channel attacks. The four code words of the 1-of-4 codes, namely (0001, 0010, 1000, and 0100), are split into two sets: set-0 and set-1. Using a select signal, the data processed in hardware is switched between the two encoding sets alternately such that the Hamming weight and Hamming distance are equalized. As a case study, the proposed technique is validated for the NIST standard AES-128 cipher. The proposed technique resists differential power analysis performed using statistical methods, namely correlation, mutual information, difference of means, and Welch's t-test based on the Hamming weight and distance models. The experimental results show that the proposed countermeasure has an area overhead of 2.3× with no performance degradation comparatively.     

A methodological review on attack and defense strategies in cyber warfare

Cyberspace is an integration of cyber physical system components that integrates computation, networking, physical processes, embedded computers and network monitors which uses feedback loops for controlling the processes where the computations are affected by processes and vice versa. More general, cyber physical systems include all equipments operated on preprogrammed instructions ranging from simple electronic devices to the ultra-modern warfare equipments along with life saving devices. Active cyber-attacks can cause cyber warfare situations by disrupting an entire community of people, which in turn raises an emergency situation to the nation. Thus, cyber warfare is a major threat to the nation at large. In this paper, we analyze the various aspects of cyber warfare situations and a survey on ongoing attacks, defense and cyber forensics strategies in that field. Internet of Things (IoT) is an emerging computing area which enables Machine to Machine communication in cyber physical systems. An attack on IoT causes major issues to the security on the devices and thus, the various threats and attacks on IoT are analyzed here. Overall monitoring and data acquisition in cyber physical systems is done by Supervisory Control and Data Acquisition systems and are mainly targeted by the attackers in order to leave the cyberspace applications not functioning. Therefore, the various threats, attacks and research issues pertaining to the cyberspace are surveyed in this paper along with a few research issues and challenges that are to be solved in the area of cyber warfare.

     

基于Montgomery算法安全漏洞的SPA攻击算法

公钥密码体制的算法大多基于有限域的幂指数运算或者离散对数运算。而这些运算一般会采用Montgomery算法来降低运算的复杂度。针对Montgomery算法本身存在可被侧信道攻击利用的信息泄露问题,从理论和实际功耗数据2方面分析了Montgomery算法存在的安全漏洞,并基于该漏洞提出了对使用Montgomery算法实现的模幂运算进行简单能量分析（SPA, simple power analysis）攻击算法。利用该算法对实际模幂运算的能量曲线进行了功耗分析攻击。实验表明该攻击算法是行之有效的。     

Secure communication in CloudIoT through design of a lightweight authentication and session key agreement scheme

Internet of Things (IoT) is a newly emerged paradigm where multiple embedded devices, known as things, are connected via the Internet to collect, share, and analyze data from the environment. In order to overcome the limited storage and processing capacity constraint of IoT devices, it is now possible to integrate them with cloud servers as large resource pools. Such integration, though bringing applicability of IoT in many domains, raises concerns regarding the authentication of these devices while establishing secure communications to cloud servers. Recently, Kumari et al proposed an authentication scheme based on elliptic curve cryptography (ECC) for IoT and cloud servers and claimed that it satisfies all security requirements and is secure against various attacks. In this paper, we first prove that the scheme of Kumari et al is susceptible to various attacks, including the replay attack and stolen-verifier attack. We then propose a lightweight authentication protocol for secure communication of IoT embedded devices and cloud servers. The proposed scheme is proved to provide essential security requirements such as mutual authentication, device anonymity, and perfect forward secrecy and is robust against security attacks. We also formally verify the security of the proposed protocol using BAN logic and also the Scyther tool. We also evaluate the computation and communication costs of the proposed scheme and demonstrate that the proposed scheme incurs minimum computation and communication overhead, compared to related schemes, making it suitable for IoT environments with low processing and storage capacity.     

MEM-DnP—A Novel Energy Efficient Approach for Memory Integrity Detection and Protection in Embedded Systems

The pervasiveness of modern day embedded systems has led to the storing of huge amounts of sensitive information in them. These embedded devices often have to operate under insecure environments and are hence susceptible to software and physical attacks. Thus, security has been and will remain one of the prime concerns in the embedded systems. Although a lot of hardware and software techniques have been proposed to provide high levels of security, they are hampered by the trade-offs created by the design constraints in embedded systems. This paper presents a novel energy efficient approach for MEMory integrity Detection and Protection (MEM-DnP). The key feature of the proposed MEM-DnP is that it can be adaptively tuned to a memory integrity verification module by using a sensor module. This significantly reduces the energy overheads imposed on an embedded system as compared to the conventional memory integrity verification mechanisms. The simulation results show that the average energy saved in the combined detection and protection mechanism ranges from 85.5 % to 99.998 %. This is substantially higher compared to the results achieved in basecase simulations with traditional memory integrity verification techniques.     

Leakage-resilient certificateless signcryption scheme

In practical applications,the potential adversary may exploit partial information about the secret keys by side-channel attacks ,traditional certificateless signcryption schemes can’t resist these key-leakage attacks.A leakage-resilient certificateless signcryption scheme based on Elliptic Curve Cryptography and bilinear pairing was presented.In the random oracle,proved that the security of the scheme is based on the decisional Diffie-Hellman assumption.The scheme is also proved semantically secure against adaptive posterior chosen-ciphertext key-leakage attacks (KL-CCA2),and existentially unforgeable against chosen-message key-leakage attacks(KL-CMA).The proposed scheme was free from non-interactive zero knowledge proof system and needs no bilinear paring operation in signcryption phase.Compared with other schemes of the same kind,the proposed scheme can resist key-leakage attacks and maintains high efficiency.     

Lightweight PUF based authentication scheme for fog architecture

Fog computing improves efficiency and reduces the amount of bandwidth to the cloud. In many use cases, the internet of things (IoT) devices do not know the fog nodes in advance. Moreover, as the fog nodes are often placed in open publicly available places, they can be easily captured. Therefore, it should be ensured that even if the key material is leaked from the fog devices, the previously generated session keys and the identity of the devices can be kept secret, i.e. satisfying anonymity, unlinkability, perfect forward secrecy and resistance against stolen devices attack. Such demands require a multi-factor authentication scheme, which is typically done by providing input of the user with password or biometric data. However, in real use case scenarios, IoT devices should be able to automatically start the process without requiring such manual interaction and also fog devices need to autonomously operate. Therefore, this paper proposes a physical unclonable function (PUF) based mutual authentication scheme, being the first security scheme for a fog architecture, capable of providing simultaneously all these suggested security features. In addition, we also show the resistance against other types of attacks like synchronization and known session specific temporary information attack. Moreover, the scheme only relies on symmetric key based operations and thus results in very good performance, compared to the other fog based security systems proposed in literature.

     

Analysis of attacks against the security of keyless-entry systems for vehicles and suggestions for improved designs

Remote control of vehicle functions using a handheld electronic device became a popular feature for vehicles. Such functions include, but are not limited to, locking, unlocking, remote start, window closures, and activation of an alarm. As consumers enjoy the remote access and become more comfortable with the remote functions, original equipment manufacturers (OEMs) have started looking for new features to simplify and reduce the user interface for vehicle access. These new features will provide users with an additional level of comfort without requiring them to touch or press any button on any remote devices to gain access to the vehicle. While this extra level of comfort is a desirable feature, it introduces several security threats against the vehicle's keyless-entry system. This paper describes a number of attacks against the security of keyless-entry systems of vehicles and also presents analyzes of several attacks and compares the vulnerability of the system under different attacks. At the end, some suggestions for improved design are proposed.