中文 English

Spatial Analysis Tools & Side Channel Attacks


Abstract "Practical side-channel attacks on recent devices may be challenging due to the poor quality of acquired signals. It can originate from different factors, such as the growing architecture complexity, especially in System-on-Chips, creating unpredictable and concurrent operation of multiple signal sources in the device. This work makes use of mixture distributions to formalize... » read more

Hardware Countermeasures Benchmarking against Fault Attacks


Abstract "The development of differential fault analysis (DFA) techniques and mechanisms to inject faults into cryptographic circuits brings with it the need to use protection mechanisms that guarantee the expected level of security. The AES cipher, as a standard, has been the target of numerous DFA techniques, where its security has been compromised through different formulations and types of... » read more

Verifying Side-Channel Security Pre-Silicon


As security grows in importance, side-channel attacks pose a unique challenge because they rely on physical phenomena that aren’t always modeled for the design verification process. While everything can be hacked, the goal is to make it so difficult that an attacker concludes it isn't worth the effort. For side-channel attacks, the pre-silicon design is the best place to address any known ... » read more

DPA Countermeasures Done Right


In the late nineties, Paul Kocher, Josh Jaffe, and Ben Jun published a paper that caused many across industry sectors to reconsider what cryptographic implementations should look like. They described an exploit wherein an adversary could extract secrets from a device by analyzing the power consumption or electromagnetic emittance from the device when it was executing cryptographic operations. S... » read more

Building A Defense In Depth Against Cyberattacks


As the number and type of cyberattacks, from the “simple and cheap” to the “expensive and sophisticated,” continues to grow at a dramatic pace, protection of chips and devices must employ a defense in depth strategy. In this way, if an attacker successfully bypasses a mechanism of protection, they’ll face another layer of defense, rather than a clear path to the assets they seek to ex... » read more

Quantifiable Assurance: From IPs to Platforms


Abstract: "Hardware vulnerabilities are generally considered more difficult to fix than software ones because of their persistent nature after fabrication. Thus, it is crucial to assess the security and fix the potential vulnerabilities in the earlier design phases, such as Register Transfer Level (RTL), gate-level or physical layout. The focus of the existing security assessment techniques i... » read more

Security Starts With A Threat Assessment


Developing the security architecture for an electronic device begins with building a threat model wherein we ask these questions: What is the operational environment in which the device needs to function? What type of attacks can be identified? What level of access does a potential attacker have to the device? What possible attack paths can an attacker exploit? What resources (... » read more

DNS Cache Poisoning Attack: Resurrections with Side Channels


Abstract "DNS is one of the fundamental and ancient protocols on the Internet that supports many network applications and services. Unfortunately, DNS was designed without security in mind and is subject to a variety of serious attacks, one of which is the well-known DNS cache poisoning attack. Over the decades of evolution, it has proven extraordinarily challenging to retrofit strong security... » read more

Bandwidth Utilization Side-Channel On ML Inference Accelerators


Abstract—Accelerators used for machine learning (ML) inference provide great performance benefits over CPUs. Securing confidential model in inference against off-chip side-channel attacks is critical in harnessing the performance advantage in practice. Data and memory address encryption has been recently proposed to defend against off-chip attacks. In this paper, we demonstrate that bandwidth... » read more

2021 CWE Most Important Hardware Weaknesses


"The 2021 CWE™ Most Important Hardware Weaknesses is the first of its kind and the result of collaboration within the Hardware CWE Special Interest Group (SIG), a community forum for individuals representing organizations within hardware design, manufacturing, research, and security domains, as well as academia and government. The goals for the 2021 Hardware List are to drive awarenes... » read more

← Older posts