Mostafa Taha scite author profile

Recent research has demonstrated that there is no sharp distinction between passive attacks based on sidechannel leakage and active attacks based on fault injection. Fault behavior can be processed as side-channel information, offering all the benefits of Differential Power Analysis including noise averaging and hypothesis testing by correlation. This paper introduces Differential Fault Intensity Analysis, which combines the principles of Differential Power Analysis and fault injection. We observe that most faults are biased -such as single-bit, two-bit, or three-bit errors in a byte -and that this property can reveal the secret key through a hypothesis test. Unlike Differential Fault Analysis, we do not require precise analysis of the fault propagation. Unlike Fault Sensitivity Analysis, we do not require a fault sensitivity profile for the device under attack. We demonstrate our method on an FPGA implementation of AES with a fault injection model. We find that with an average of 7 fault injections, we can reconstruct a full 128-bit AES key.

show abstract

QMS: Evaluating the side-channel resistance of masked software from source code

Eldib¹,

Wang²,

Taha³

et al. 2014

View full text Add to dashboard Cite

Many commercial systems in the embedded space have shown weakness against power analysis based side-channel attacks in recent years. Designing countermeasures to defend against such attacks is both labor intensive and error prone. Furthermore, there is a lack of formal methods for quantifying the actual strength of a countermeasure implementation. Security design errors may therefore go undetected until the side-channel leakage is physically measured and evaluated. We show a better solution based on static analysis of C source code. We introduce the new notion of Quantitative Masking Strength (QMS) to estimate the amount of information leakage from software through side channels. The QMS can be automatically computed from the source code of a countermeasure implementation. Our experiments, based on side-channel measurement on real devices, show that the QMS accurately quantifies the side-channel resistance of the software implementation.

show abstract

Quantitative Masking Strength: Quantifying the Power Side-Channel Resistance of Software Code

Eldib

Wang

Taha

et al. 2015

IEEE Trans. Comput.-Aided Des. Integr. Circuits Syst.

View full text Add to dashboard Cite

Lightweight Side Channel Resistance: Threshold Implementations of S<sc>imon</sc>

Shahverdi

Taha

Eisenbarth

2017

IEEE Trans. Comput.

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Mostafa Taha

Survey on Threats and Attacks on Mobile Networks

Differential Fault Intensity Analysis

QMS: Evaluating the side-channel resistance of masked software from source code

Quantitative Masking Strength: Quantifying the Power Side-Channel Resistance of Software Code

Lightweight Side Channel Resistance: Threshold Implementations of S<sc>imon</sc>

Contact Info

Product

Resources

About