Why Cryptography Should Not Rely on Physical Attack Complexity

Krämer, Juliane

doi:10.1007/978-981-287-787-1

Cited by 6 publications

(3 citation statements)

References 61 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The symmetric algorithms exposed in this section were implemented, aiming to deliver some level of mathematical safety. However, both symmetric and asymmetric algorithms are known to be vulnerable to SCA even with high numerical robustness (i.e., higher bit-width encryption) [27].…”

Section: Symmetric Cryptography Algorithmsmentioning

confidence: 99%

Enhancing Side Channel Attack-Resistance of the STTL Combining Multi-Vt Transistors with Capacitance and Current Paths Counterbalancing

Lima

Paim

Wuerdig

et al. 2020

JICS

View full text Add to dashboard Cite

Differential power analysis (DPA) exploits the difference between the instantaneous power of the circuit arches transitions to stole the state as information aiming to unveil the cryptographic key. Secure triple track logic (STTL) is a circuit-level countermeasure to DPA attacks based on dual-rail precharge logic (DPL). STTL is robust to attacks due to the delay in an insensitive feature that mitigates the logic glitches generated by the different path delays that lead to the logic gate inputs until they stabilize. The main STTL drawback, however, is the asymmetry of the transistor topology. Asymmetry causes unbalanced internal capacitances and different internal paths for the current flow, and DPA exploits it as a source of information leakage. Our work proposes three circuit topologies, combining multi-Vt transistors with a circuit counterbalancing strategy, aiming to improve the STTL DPA attack-resistance. Data encryption standard substitution-box circuit, designed in a TSMC 40 nm CMOS process, is our application case study to evaluate the DPA attack-resistance. Results gathered at the application-level show that our proposals outperform DPA attack-resistance of the prior work.

show abstract

Section: Symmetric Cryptography Algorithmsmentioning

confidence: 99%

Enhancing Side Channel Attack-Resistance of the STTL Combining Multi-Vt Transistors with Capacitance and Current Paths Counterbalancing

Lima

Paim

Wuerdig

et al. 2020

JICS

View full text Add to dashboard Cite

show abstract

“…We call this the "good enough" approach to security. Others, especially the field of cryptography [102], follow the approach of "perfect security". Perfect security refers to using every possible mean to achieve security.…”

Section: Review Of Security Threats For Protocols and Servicesmentioning

confidence: 99%

SoK: An Analysis of Protocol Design: Avoiding Traps for Implementation and Deployment

Fiebig,

Lichtblau,

Streibelt

et al. 2016

Preprint

View full text Add to dashboard Cite

Today's Internet utilizes a multitude of different protocols. While some of these protocols were first implemented and used and later documented, other were first specified and then implemented. Regardless of how protocols came to be, their definitions can contain traps that lead to insecure implementations or deployments. A classical example is insufficiently strict authentication requirements in a protocol specification. The resulting Misconfigurations, i.e., not enabling strong authentication, are common root causes for Internet security incidents. Indeed, Internet protocols have been commonly designed without security in mind which leads to a multitude of misconfiguration traps. While this is slowly changing, to strict security considerations can have a similarly bad effect. Due to complex implementations and insufficient documentation, security features may remain unused, leaving deployments vulnerable.In this paper we provide a systematization of the security traps found in common Internet protocols. By separating protocols in four classes we identify major factors that lead to common security traps. These insights together with observations about enduser centric usability and security by default are then used to derive recommendations for improving existing and designing new protocols-without such security sensitive traps for operators, implementors and users.

show abstract

“…Some microcontrollers even allow the execution of a program from the SRAM in order to fasten execution or minimize power consumption. In the context involving the manipulation of sensitive data such as encryption [1], this area becomes a target of choice for attackers.…”

Section: Introductionmentioning

confidence: 99%

Descrambling of Embedded SRAM Using a Laser Probe

Chef

Chua

Tay

et al. 2018

2018 IEEE International Symposium on the Physical and Failure Analysis of Integrated Circuits (IPFA)

View full text Add to dashboard Cite

Understanding the organization of memory is a mandatory first step in various fields of applications such as failure analysis, defect localization, qualification and testing of space electronics, and security evaluation. For the last category, localization of specific addresses may be used for content estimation or encryption key recovery, with several techniques being reported for this task. In this paper, we discuss the application of laser probing for descrambling memory embedded in 8 bits microcontrollers designed and manufactured by different companies in various technology nodes.

show abstract

Why Cryptography Should Not Rely on Physical Attack Complexity

Cited by 6 publications

References 61 publications

Enhancing Side Channel Attack-Resistance of the STTL Combining Multi-Vt Transistors with Capacitance and Current Paths Counterbalancing

Enhancing Side Channel Attack-Resistance of the STTL Combining Multi-Vt Transistors with Capacitance and Current Paths Counterbalancing

SoK: An Analysis of Protocol Design: Avoiding Traps for Implementation and Deployment

Descrambling of Embedded SRAM Using a Laser Probe

Contact Info

Product

Resources

About