An Efficient Collision Power Attack on AES Encryption in Edge Computing

Niu, Yongchuan; Zhang, Jiawei; Wang, An; Chen, Caisen

doi:10.1109/access.2019.2896256

Cited by 39 publications

(21 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The third-party compromised the functionality of a given cryptosystem by exploiting the physical edge computing devices. Authors in [53] prevented the employed AES cryptographic algorithm against the side-channel attack by random masking and shuffling of the S-BOXES. An attack detection technique based on distributed extreme machine learning technology is employed in [84] to eliminate the side-channel attack on the used cryptosystem.…”

Section: F Physical Attackmentioning

confidence: 99%

“…computation and communication costs). Only four techniques [50], [51], [53], and [78] employed the lightweight metrics. Hence, future research on security and privacy in edge computing should focus on lightweight security, for example, Elliptic Curve Cryptography, Permutation Based Lightweight Cryptography, Block-Ciphers Lightweight Cryptography, etc.…”

Section: A Lightweight Security Featuresmentioning

confidence: 99%

See 1 more Smart Citation

Systematic Review on Security and Privacy Requirements in Edge Computing: State of the Art and Future Research Opportunities

et al. 2020

View full text Add to dashboard Cite

Edge computing is a promising paradigm that enhances the capabilities of cloud computing. In order to continue patronizing the computing services, it is essential to conserve a good atmosphere free from all kinds of security and privacy breaches. The security and privacy issues associated with the edge computing environment have narrowed the overall acceptance of the technology as a reliable paradigm. Many researchers have reviewed security and privacy issues in edge computing, but not all have fully investigated the security and privacy requirements. Security and privacy requirements are the objectives that indicate the capabilities as well as functions a system performs in eliminating certain security and privacy vulnerabilities. The paper aims to substantially review the security and privacy requirements of the edge computing and the various technological methods employed by the techniques used in curbing the threats, with the aim of helping future researchers in identifying research opportunities. This paper investigate the current studies and highlights the following: (1) the classification of security and privacy requirements in edge computing, (2) the state of the art techniques deployed in curbing the security and privacy threats, (3) the trends of technological methods employed by the techniques, (4) the metrics used for evaluating the performance of the techniques, (5) the taxonomy of attacks affecting the edge network, and the corresponding technological trend employed in mitigating the attacks, and, (6) research opportunities for future researchers in the area of edge computing security and privacy.INDEX TERMS Edge computing, edge computing attacks, systematic review, security and privacy requirements.

show abstract

Section: F Physical Attackmentioning

confidence: 99%

Section: A Lightweight Security Featuresmentioning

confidence: 99%

Systematic Review on Security and Privacy Requirements in Edge Computing: State of the Art and Future Research Opportunities

et al. 2020

View full text Add to dashboard Cite

show abstract

“…At last, Table 2 summarizes several typical collision attacks and their attack capabilities. The typical collision attacks we select include linear collision attack (LCA) [15], collision correlation attack (CCA) [14], non-linear collision attack (NLCA) [22], near collision attack (NCA) [23],collision attack on linear layers (LLCA) [24], and scalable collision attack on linear layers (LLSCA) [24]. Four practical hotspot issues for side channel collision attacks are used to compare, including whether traversal of plaintexts is required, whether practically determine the threshold is required, whether the leak samples is easily identifiable, and whether re-used masking scheme can be broken.…”

Section: Attack On Masked S-boxes Of Aesmentioning

confidence: 99%

Hypothesis Testing Based Side-Channel Collision Analysis

2019

View full text Add to dashboard Cite

Side-channel collision analysis has become a research hotspot since its first publication in 2003. Compared with differential power analysis (DPA) and correlation power analysis (CPA), collision analysis does not need to know the intermediate value and does not depend on a specific power model. Collision analysis includes collision detection phase and key recovery phase. After collisions have been detected, the cryptographic key can be recovered from these collisions using such cryptanalytic techniques as linear collision attack and algebraic collision attacks. Therefore, the success rate of the entire attack depends largely on the success rate of collision detection. In this paper, we propose an efficient collision detection method, which combines side channel information with hypothesis testing in statistics. With the traces gathering by repeatedly encrypting a certain plaintext that is unnecessary to be known, we are able to evaluate the cumulative distance between two collision S-boxes, then, define a null hypothesis H 0 and calculate the rejection region accordingly. Given some traces collected from repeatedly encrypting any identical plaintext, collisions can be detected by determining whether the cumulative distance between the corresponding two S-boxes falls into the rejection region or not. We compare our work with those related to side channel collision attack in recent years from perspective of four hot issues. Comparing with current methods, our proposed collision detection method is simpler and more feasible. Furthermore, the experiments show that the more accurate the constant power is, the higher the success rate of collision detection is.INDEX TERMS Side-channel collision analysis, detect collisions, hypothesis testing, AES.

show abstract

“…The efficiency of the second-order DPA greatly depends on the combining function it employs and the leakage model it constructs, but the combining function is just an approximate representation of the leakage. Collision attack [5][6][7] is another extensively applied method for achieving an attack on masked implementations. Clavier et al [5] utilized the reuse of masks to show the relationship among masked data in various substitution boxes (s-boxes) to perform the collision.…”

mentioning

confidence: 99%

“…Clavier et al [5] utilized the reuse of masks to show the relationship among masked data in various substitution boxes (s-boxes) to perform the collision. Scalable collision attack [7] is a fault-tolerant collision attack that can keep more useful key-related information to increase the success rate. This study presents a correlation leakage model which is a precise characterization of the leakage in first-order masked implementations.…”

mentioning

confidence: 99%