Click to edit Present’s Name Three Attacks, Many Process Variations and One Expansive Countermeasure International Workshop on Cybersecurity Darshana Jayasinghe,

Slides:



Advertisements
Similar presentations
Information Security – Theory vs. Reality , Winter 2011 Guest Lecturer: Yossi Oren 1.
Advertisements

Chap. 5: Advanced Encryption Standard (AES) Jen-Chang Liu, 2005 Adapted from lecture slides by Lawrie Brown.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Statistical Tools Flavor Side-Channel Collision Attacks
1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.
1 SECURE-PARTIAL RECONFIGURATION OF FPGAs MSc.Fisnik KRAJA Computer Engineering Department, Faculty Of Information Technology, Polytechnic University of.
White-Box Cryptography
Differential Power Analysis of Smartcards How secure is your private information? Author: Ryan Junee Supervisor: Matt Barrie.
The Advanced Encryption Standard (AES) Simplified.
Wide Collisions in Practice Xin Ye, Thomas Eisenbarth Florida Atlantic University, USA 10 th ACNS Singapore.
Zheming CSCE715.  A wireless sensor network (WSN) ◦ Spatially distributed sensors to monitor physical or environmental conditions, and to cooperatively.
Computes the partial dot products for only the diagonal and upper triangle of the input matrix. The vector computed by this architecture is added to the.
Extensible Processors. 2 ASIP Gain performance by:  Specialized hardware for the whole application (ASIC). −  Almost no flexibility. −High cost.  Use.
Advanced Encryption Standard
Exploring timing based side channel attacks against i CCMP Suman Jana, Sneha K. Kasera University of Utah Introduction
Advanced Encryption Standard. This Lecture Why AES? NIST Criteria for potential candidates The AES Cipher AES Functions and Inverse Functions AES Key.
1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.
1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.
The Design of Improved Dynamic AES and Hardware Implementation Using FPGA 游精允.
Performance Analysis of Processor Characterization Presentation Performed by : Winter 2005 Alexei Iolin Alexander Faingersh Instructor:
Radu Muresan CODES+ISSS'04, September 8-10, 2004, Stockholm, Sweden1 Current Flattening in Software and Hardware for Security Applications Authors: R.
Field Programmable Gate Array (FPGA) Layout An FPGA consists of a large array of Configurable Logic Blocks (CLBs) - typically 1,000 to 8,000 CLBs per chip.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Study of AES Encryption/Decription Optimizations Nathan Windels.
Cryptanalysis of Modern Symmetric-Key Block Ciphers [Based on “A Tutorial on Linear and Differential Cryptanalysis” by Howard Heys.] Modern block ciphers.
Cryptography and Network Security
Written By: Kris Tiri and Ingrid Verbauwhede Presented By: William Whitehouse.
Differential Cryptanalysis - quite similar to linear cryptanalysis - exploits the relationship between the difference of two inputs and the difference.
9/17/15UB Fall 2015 CSE565: S. Upadhyaya Lec 6.1 CSE565: Computer Security Lecture 6 Advanced Encryption Standard Shambhu Upadhyaya Computer Science &
Advance Encryption Standard. Topics  Origin of AES  Basic AES  Inside Algorithm  Final Notes.
HW/SW PARTITIONING OF FLOATING POINT SOFTWARE APPLICATIONS TO FIXED - POINTED COPROCESSOR CIRCUITS - Nalini Kumar Gaurav Chitroda Komal Kasat.
1 Lect. 7 : Data Encryption Standard. 2 Data Encryption Standard (DES)  DES - History 1976 – adopted as a federal standard 1977 – official publication.
Swankoski MAPLD 2005 / B103 1 Dynamic High-Performance Multi-Mode Architectures for AES Encryption Eric Swankoski Naval Research Lab Vijay Narayanan Penn.
AES Advanced Encryption Standard. Requirements for AES AES had to be a private key algorithm. It had to use a shared secret key. It had to support the.
AES (Advanced Encryption Standard) By- Sharmistha Roy M.Tech, CSE 1 st semester NIT, Agartala.
StrideBV: Single chip 400G+ packet classification Author: Thilan Ganegedara, Viktor K. Prasanna Publisher: HPSR 2012 Presenter: Chun-Sheng Hsueh Date:
Kouichi Itoh, Tetsuya Izu and Masahiko Takenaka Workshop on Cryptographic Hardware and Embedded Systems (CHES 2002) August, 2002 Address-bit Differential.
An EDA-Friendly Protection Scheme against Side-Channel Attacks Ali Galip Bayrak 1 Nikola Velickovic 1, Francesco Regazzoni 2, David Novo 1, Philip Brisk.
Advanced Encryption Standard. Origins NIST issued a new version of DES in 1999 (FIPS PUB 46-3) DES should only be used in legacy systems 3DES will be.
R ECONFIGURABLE H ARDWARE FOR H IGH - SECURITY /H IGH -P ERFORMANCE E MBEDDED S YSTEMS : T HE SAFES P ERSPECTIVE Guy Gogniat, Tilman Wolf, Wayne Burleson,
Exploiting Cache-Timing in AES: Attacks and Countermeasures Ivo Pooters March 17, 2008 Seminar Information Security Technology.
A paper by: Paul Kocher, Joshua Jaffe, and Benjamin Jun Presentation by: Michelle Dickson.
A Biased Fault Attack on the Time Redundancy Countermeasure for AES Sikhar Patranabis, Abhishek Chakraborty, Phuong Ha Nguyen and Debdeep Mukhopadhyay.
Cracking the DES Encryption
Advanced Encryption Standard Dr. Shengli Liu Tel: (O) Cryptography and Information Security Lab. Dept. of Computer.
FPGA Implementation of RC6 including key schedule Hunar Qadir Fouad Ramia.
A Ultra-Light Block Cipher KB1 Changhoon Lee Center for Information Security Technologies, Korea University.
AES Encryption FIPS 197, November 26, Bit Block Encryption Key Lengths 128, 192, 256 Number of Rounds Key Length Rounds Block.
Final Presentation Encryption on Embedded System Supervisor: Ina Rivkin students: Chen Ponchek Liel Shoshan Spring 2014 Part B.
1 Information Security – Theory vs. Reality , Winter Lecture 3: Power analysis, correlation power analysis Lecturer: Eran Tromer.
Module :MA3036NI Symmetric Encryption -3 Lecture Week 4.
The Advanced Encryption Standard Part 1: Overview
Le Trong Ngoc Security Fundamentals (2) Encryption mechanisms 4/2011.
Prof. Reuven Aviv, Nov 2013 Public Key Infrastructure1 Prof. Reuven Aviv Tel Hai Academic College Department of Computer Science Problem Set 1: Cryptography.
Yossi Oren, yos strudel bgu.ac.il, yossioren System Security Engineering course, Dec
Provides Confidentiality
Advanced Information Security 6 Side Channel Attacks
Xin Fang, Pei Luo, Yunsi Fei, and Miriam Leeser
Triple DES.
Instructor: Dr. Phillip Jones
The Advanced Encryption Standard: Rijndael
Data Security and Encryption (CSE348)
AES Objectives ❏ To review a short history of AES
امنیت و اعتماد سخت افزاری
Dynamic High-Performance Multi-Mode Architectures for AES Encryption
ADVANCED ENCRYPTION STANDARDADVANCED ENCRYPTION STANDARD
International Data Encryption Algorithm
Advanced Encryption Standard
Advanced Encryption Standard (AES)
Presentation transcript:

Click to edit Present’s Name Three Attacks, Many Process Variations and One Expansive Countermeasure International Workshop on Cybersecurity Darshana Jayasinghe, Angelo Ambrose, Aleks Ignjatovic, Sri Parameswaran

Representation of Money 600 AD – Paper drafts representing the value of coins in China Coins represented by the intrinsic value of the material Today – Money is represented by strings of 1s and 0s Adapted from Prof Yasuura’s talk 2008

School of Computer Science and Engineering AES Unprotected AES Circuit 3 Plaintext Key SubByte ShiftRows Mix Columns Add Round Key SubByte ShiftRows Add Round Key Ciphertext N-1 Plaintext 128 bits ; Key 128, 192 or 256 bits AES N=10 AES - 192N=12 AES - 256N=14

School of Computer Science and Engineering Power Analysis Attacks Often non-intrusive and invasive First proposed by Kocher in 1998 – Simple power analysis – Differential power analysis – Correlation power analysis – Mutual information analysis Many more ….. Power consumption Plaintext, Key, Ciphertext Plaintext, Key, Ciphertext

School of Computer Science and Engineering Simple Power Analysis Widely used against Asymmetric-key algorithms embedded.com RSA Implementation

School of Computer Science and Engineering Differential Power Analysis Attacks - DPA PtKeyPtkeyBinaryμWμW 3F003F E006E B300B M 0 = M 1 = Key 0255 |R| PtKeyPtkeyBinaryμWμW 3F013E E016F B301B PtKeyPtkeyBinaryμWμW 3F053A E D C B305b

School of Computer Science and Engineering PtKeyPtkeyHW(S(Ptkey))μWμW 3F003F550 6E006E B300B PtKeyPtkeyHW(S(Ptkey))μWμW 3F013E450 6E016F B301B PtKeyPtkeyHW(S(Ptkey))μWμW 3F053A150 6E D C436 B305b Correlation Power Analysis Attacks - CPA

School of Computer Science and Engineering Attack on Standard AES Circuit

School of Computer Science and Engineering CPA can only detect linear dependencies Shannon's entropy is used to calculate the mutual information Often the key convergence rate falls behind the CPA Mutual Information Analysis Attacks 9 Hypothetical power consumption Observed power consumption Source: Wikipedia

School of Computer Science and Engineering Logic 1Logic 2 Yokohama 06 Basics of Algorithmic Balancing CMOSWDDL by Tiri 07 AES

School of Computer Science and Engineering Balancing : MUTE AES Proposed by Ambrose for a processor based environment

School of Computer Science and Engineering Back to AES Circuit Assume:

School of Computer Science and Engineering State 2 2 Way Balancing State 1

School of Computer Science and Engineering 4-way or Quadruple Balancing State 1 State 2 Can prove the same for timing

School of Computer Science and Engineering QuadSeal-4

School of Computer Science and Engineering QuadSeal-uni 512 bits 8 bits 32 bits

School of Computer Science and Engineering Attack on QuadSeal Visible Key bytes

School of Computer Science and Engineering Process Variation Path imbalances Aging effects. Process Variation Inter-dieIntra-die 18

School of Computer Science and Engineering …,L6,L5,L4,L3,L2,L1.,L6,L5,L4,L3, L2,L1 19 P1, P2, P3, P4, P5, P6, …..

School of Computer Science and Engineering QuadSeal Against Process Variation Each core (Din, Kin), (Din, Kin), (Din,Kin) and (Din,Kin) 24 inputs combinations 63-bit LFSR repetition time of ( ) Running at 50 MHz, (5, 849 years more precise) 20 Enable Signal

School of Computer Science and Engineering 21

School of Computer Science and Engineering CPA attacks

School of Computer Science and Engineering How Efficient is the swapping? 23

School of Computer Science and Engineering CPA attacks

School of Computer Science and Engineering Software Implementation of QuadSeal Microblaze is a 32 bit soft processor by Xilinx 32 bit input 32 bit output; 2 32 entries (4 GB) But only 256 entries will be used Composite SubByte table as a Hardware IP Pre-clear ? –After each table lookup, data lines are refreshed by loading 00000…0 (32’h0) Throughput X/4 25 Microblaze Control FPGA SASEBO GII Virtex V PC

School of Computer Science and Engineering Devices we target and attacks we prevent! DEVICES – ASIC – FPGA – Software on 32-bit Processors – Extensible Processors ATTACKS WE PREVENT – Differential Power Analysis Attacks (DPA) – Correlation Power Analysis (CPA) – Mutual Analysis Attacks

School of Computer Science and Engineering An Example Attack Setup

School of Computer Science and Engineering Thank you!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.