Gossip NoC -- Avoiding Timing Side-Channel Attacks through Traffic Management

Reinbrecht, Cezar; Susin, Altamiro; Bossuet, Lilian; Sepúlveda, Johanna

doi:10.1109/isvlsi.2016.25

Cited by 44 publications

(31 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…By monitoring the NoC traffic throughput the sensitive information is leaked. In addition, in this work we verify the timing security of a low area overhead timing protected NoC Gossip NoC [17]. The main contributions of our work are:…”

Section: Introductionmentioning

confidence: 95%

Side channel attack on NoC-based MPSoCs are practical: NoC Prime+Probe attack

Reinbrecht¹,

Susin²,

Bossuet³

et al. 2016

2016 29th Symposium on Integrated Circuits and Systems Design (SBCCI)

Self Cite

View full text Add to dashboard Cite

Many authors have shown how to break the AES cryptographic algorithm with side channel attacks, specially the timing attacks oriented to caches, like Prime+Probe. In this paper, we present a practical timing attack on NoC that improves Prime+Probe technique. Our attack targets the communication between an ARM Cortex-A9 core and a shared cache memory. Furthermore, we evaluate a secure enhanced NoC applied as a countermeasure of the timing attack. Finally, we demonstrate that attacks on MPSoCs through the NoC are a real threat and need to be further explored.

show abstract

Section: Introductionmentioning

confidence: 95%

Side channel attack on NoC-based MPSoCs are practical: NoC Prime+Probe attack

Reinbrecht¹,

Susin²,

Bossuet³

et al. 2016

2016 29th Symposium on Integrated Circuits and Systems Design (SBCCI)

Self Cite

View full text Add to dashboard Cite

show abstract

“…As a consequence of the malicious traffic, delays in the communication are caused and thus the malicious packets transmission is also delayed. At an endpoint at the other non-secured core, the adversary is able to measure the latency of their malicious traffic and infer how many collisions This threat model is not new, and its variations have also been used in best-effort NoC-based systems by [15], [16], [7]. The timing nature of the threat is also the same used in hard real-time uniprocessor systems by [17].…”

Section: Threat Model and Timing Side Channel Attacksmentioning

confidence: 99%

“…This triggers a cache attack, where the attacker perform a read request to the shared memory in IP 0 in step (6). As is [7] and [6], by reading the shared cache in step (7), the attacker can identify the memory sets accessed due the AES encryption. As a result a key candidate is obtained.…”

Section: Aes Noc Timing Attack Case Studymentioning

confidence: 99%

See 1 more Smart Citation

Side-channel protected MPSoC through secure real-time networks-on-chip

Indrusiak

Harbin

Reinbrecht

et al. 2019

Microprocessors and Microsystems

Self Cite

View full text Add to dashboard Cite

The integration of Multi-Processors System-on-Chip (MPSoCs) into the Internet-of-Things (IoT) context brings new opportunities, but also represent risks. Tight real-time constraints and security requirements should be considered simultaneously when designing MPSoCs. Network-on-Chip (NoCs) are specially critical when meeting these two conflicting characteristics. For instance the NoC design has a huge influence in the security of the system. A vital threat to system security are so-called side-channel attacks based on the NoC communication observations. To this end, we propose a NoC security mechanism suitable for hard real-time systems, in which schedulability is a vital design requirement. We present three contributions. First, we show the impact of the NoC routing in the security of the system. Second, we propose a packet route randomisation mechanism to increase NoC resilience against side-channel attacks. Third, using an evolutionary optimisation approach, we effectively apply route randomisation while controlling its impact on hard real-time performance guarantees. Extensive experimental evidence based on analytical and simulation models supports our findings.

show abstract

“…Timing Attacks: An analytical side-channel attack that exploits computational and communication data interactions on crypto-processing systems [25]. Ensuring all received JWTs are duly verified in a lucid and succinct verification contract of allowed crypto "alg", and other payload/header data cum the use of the "kid" makes the verification cut in stone without undergoing unauthorized mutation.…”

Section: A Security Mitmmentioning

confidence: 99%

A JSON Token-Based Authentication and Access Management Schema for Cloud SaaS Applications

Ethelbert

Moghaddam

Wieder

et al. 2017

2017 IEEE 5th International Conference on Future Internet of Things and Cloud (FiCloud)

View full text Add to dashboard Cite

Abstract-Cloud computing is significantly reshaping the computing industry built around core concepts such as virtualization, processing power, connectivity and elasticity to store and share IT resources via a broad network. It has emerged as the key technology that unleashes the potency of Big Data, Internet of Things, Mobile and Web Applications, and other related technologies; but it also comes with its challenges -such as governance, security, and privacy. This paper is focused on the security and privacy challenges of cloud computing with specific reference to user authentication and access management for cloud SaaS applications. The suggested model uses a framework that harnesses the stateless and secure nature of JWT for client authentication and session management. Furthermore, authorized access to protected cloud SaaS resources have been efficiently managed. Accordingly, a Policy Match Gate (PMG) component and a Policy Activity Monitor (PAM) component have been introduced. In addition, other subcomponents such as a Policy Validation Unit (PVU) and a Policy Proxy DB (PPDB) have also been established for optimized service delivery. A theoretical analysis of the proposed model portrays a system that is secure, lightweight and highly scalable for improved cloud resource security and management.

show abstract

Gossip NoC -- Avoiding Timing Side-Channel Attacks through Traffic Management

Cited by 44 publications

References 20 publications

Side channel attack on NoC-based MPSoCs are practical: NoC Prime+Probe attack

Side channel attack on NoC-based MPSoCs are practical: NoC Prime+Probe attack

Side-channel protected MPSoC through secure real-time networks-on-chip

A JSON Token-Based Authentication and Access Management Schema for Cloud SaaS Applications

Contact Info

Product

Resources

About