Shoei Nashimoto scite author profile

Shoei Nashimoto

5Publications

68Citation Statements Received

23Citation Statements Given

How they've been cited

123

How they cite others

Affiliations

Mitsubishi Electric (Japan), Mitsubishi Electric (United States), Tohoku University

Publications

Order By: Most citations

Oscillator without a combinatorial loop and its threat to FPGA in data centre

et al. 2019

View full text Add to dashboard Cite

Virtual field‐programmable gate array (FPGA) is an emerging technology to put multiple users in the same FPGA fabric with logical isolation. Security researchers have studied new threats in virtual FPGA and proposed attacks on the logical isolation by exploiting analogue natures of FPGA. These attacks use an oscillator comprising a combinatorial loop to have access to the analogue domain using digital components only. Interestingly, the system in the field prohibits a combinatorial loop by a design rule check. In this Letter, the authors study if prohibiting a combinatorial loop is sufficient to thwart the conventional attacks. They negatively answer the question by showing oscillators without a combinatorial loop. They also show how to detect and reject the proposed oscillators by a design rule check.

show abstract

A Low-Cost Replica-Based Distance-Spoofing Attack on mmWave FMCW Radar

Miura

Machida

Matsuda

et al. 2019

View full text Add to dashboard Cite

This paper presents a low-cost distance-spoofing attack on a mmWave Frequency Modulated Continuous Wave (FMCW) radar. It uses only a replica radar chipset and a single compact microcontroller board both in mass production. No expensive and bulky test instrument is required, and hence a low-cost and lightweight attack setup is developed. Even with the limited hardware resource in this setup, the replica radar can be precisely synchronized with the target radar for distance-spoofing capability. A half-chirp modulation scheme enables timing compensation between crystal oscillators on the replica and the target radar boards. A two-step delay insertion scheme precisely controls relative delay difference between two radars at ns-order, and as a result the attacker can manipulate distance measured at target radar with only around ±10m ranging error. This demonstrates potential feasibility of low-cost malicious attack on the commercial FMCW radar as a physical security threat. A countermeasure employing randomchirp modulation is proposed and its security level is evaluated under the proposed attack for secure and safe radar ranging.

show abstract

Buffer overflow attack with multiple fault injection and a proven countermeasure

et al. 2016

View full text Add to dashboard Cite

Low-cost distance-spoofing attack on FMCW radar and its feasibility study on countermeasure

et al. 2021

View full text Add to dashboard Cite

Bypassing Isolated Execution on RISC-V using Side-Channel-Assisted Fault-Injection and Its Countermeasure

Nashimoto

Suzuki

Ueno

et al. 2021

TCHES

View full text Add to dashboard Cite

RISC-V is equipped with physical memory protection (PMP) to prevent malicious software from accessing protected memory regions. PMP provides a trusted execution environment (TEE) that isolates secure and insecure applications. In this study, we propose a side-channel-assisted fault-injection attack to bypass isolation based on PMP. The proposed attack scheme involves extracting successful glitch parameters for fault injection from side-channel information under crossdevice conditions. A proof-of-concept TEE compatible with PMP in RISC-V was implemented, and the feasibility and effectiveness of the proposed attack scheme was validated through experiments in TEEs. The results indicate that an attacker can bypass the isolation of the TEE and read data from the protected memory region In addition, we experimentally demonstrate that the proposed attack applies to a real-world TEE, Keystone. Furthermore, we propose a software-based countermeasure that prevents the proposed attack.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Shoei Nashimoto

Oscillator without a combinatorial loop and its threat to FPGA in data centre

A Low-Cost Replica-Based Distance-Spoofing Attack on mmWave FMCW Radar

Buffer overflow attack with multiple fault injection and a proven countermeasure

Low-cost distance-spoofing attack on FMCW radar and its feasibility study on countermeasure

Bypassing Isolated Execution on RISC-V using Side-Channel-Assisted Fault-Injection and Its Countermeasure

Contact Info

Product

Resources

About