Side Channel Attack

Year 2019, Volume: 6 Issue: 3, 61 - 73, 30.09.2019

Ahmet Efe Khalid Mohammed Alashik

Abstract

Embedded frameworks remain continuously adopted in a varied range of application places. Cryptography is the design besides analysis of calculated structures that enable communications for security issue in the presence of malicious adversaries. Side channel attacks are a current class of attacks that remains very powerful in practice. Via measuring side channel data, the attacker has the ability to capture very sensitive data. Despite the fact that conventional side-channel attacks, such by means of power analysis attacks besides electromagnetic analysis attacks, required physical presence of the attacker by means of expensive equipment, an application is all it takes to exploit the leaking data on nowadays trendy mobiles. Given the vast amount of sensitive data that remain putting in storage on smartphones, the ramifications of side-channel attacks affect both the security besides confidentiality of utilizer’s besides their gadget. Side-channel attacks remain a technique that can break the security protection via exploiting non-functional behaviors. This study focused on various parametric attacks, like time analysis Attack, Power Analysis Attack, Electromagnetic Analysis Attack. In this paper we have evaluated the current memory-level side-channel attacks and countermeasures, mainly focusing on the timing attacks against cloud and embedded frameworks available in the literature. 

Keywords

Side channel Attack, Security, Attacks, Vulnerability

References

• [1] Quisquater, J., Math Rizk, Side Channel Attack - State of the art, (2002).
• [2] Singh, S., Side Channel Attacks, Department of Computer Science, Indian Institute of Technology Bombay, April 14, (2009).
• [3] Mesquita, D., Badrignan, B., Torres, L., Sassattell, G., Robert, M., Bajard, J.C., Moraes, F., “A Leak Resistant Architecture against Side Channel Attacks”.
• [4] Okeya, K., Sakurai, K., “A Multiple Power Analysis Breaks the Advanced Version of the Randomized Addition-Subtraction Chains Countermeasure against Side Channel Attacks”, ITW2003, Paris, France, (2003).
• [5] Lee, Y.S., Choi, Y.J., Han, D.G., Kim, H.W., Kim, H.N., “A Nobel Key-Search Method for Side Channel Attacks based on Pattern Recognition”, ICASSP, (2008).
• [6] R¨udinger, J., Finger, A., “Algorithm Design and Side Channel Vulnerability on the Example of DPA Attack”, Proceedings of the Sixth International Conference on Networking (ICN'07).
• [7] Sundaresan, V., Rammohan S., Vemuri, R., “Defense against Side-Channel Power Analysis Attacks on Microelectronic Systems”.
• [8] Kong, J., Acıiçmez, O., Seifert J.P., Zhou, H., “Hardware-Software Integrated Approaches to Defend Against Software Cache-based Side Channel Attacks”, IEEE (2008).
• [9] Le, T.H., Clediere, J., Serviere, C., Lacoume, J.L., “How can Signal Processing benefit Side Channel Attacks”, IEEE, (2007).
• [10] R¨udinger, J., Finger, A., “Key Dependent Operation and Algorithm Specific Complexity of Statistical Side Channel Attacks”, IEEE (2009).
• [11] Le, T.H., Clédière, J., Servière, C., Lacoume, J.L., “Noise Reduction in Side Channel Attack Using Fourth-Order Cumulant”, IEEE Transactions on Information Forensics and Security, 2(4), (2007).
• [12] Clavier, C., “Passive and Active Combined Attacks on AES - Combining Fault Attacks and Side Channel Analysis”, 2010 Workshop on Fault Diagnosis and Tolerance in Cryptography.
• [13] Amiel, F., Villegas, K., “Passive and Active Combined Attacks –Combining Fault Attacks and Side Channel Analysis”, 2007 Workshop on Fault Diagnosis and Tolerance in Cryptography.
• [14] Pongaliur, K., Abraham, Z., Alex X., Liu, Xiao L., Kempel, L., “Securing Sensor Nodes Against Side Channel Attacks”, 11th IEEE High Assurance Systems Engineering Symposium, (2008).
• [15] Rahaman M.Z., Hossain, M.A., “Side Channel Attack Prevention for AES Smart Card”, Proceedings of 11 th International Conference on Computer and Information Technology (ICCIT 2008), Khulna, Bangladesh, (2008).
• [16] Kocher, P., “Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and other Systems.” in Advances in Cryptology (CRYPTO ’96). Lecture Notes in Computer Science, 1109, 104-113 (1996).
• [17] Chaum, D., “Blind signatures for untraceable payments.” Advances in cryptology, 199-203 (1983).
• [18] Mangard, S., Oswald, E, Popp. T., “Power Analysis Attacks: Revealing the Secrets of Smart Cards.” Springer, (2007).
• [19] Kömmerling O., Kuhn. M., "Design principles for tamper-resistant smartcard processors", Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology, 2-2, (1999).
• [20] Skorobogatov S., "Semi-invasive attacks - a new approach to hardware security analysis.", Technical report, University of Cambridge, Computer Laboratory, (2005).
• [21] Yamaguchi, M., Toriduka, H., Kobayashi, S., Sugawara, T., Homma, N., Satoh, A., Aoki, T., "Development of an on-chip micro shielded-loop probe to evaluate performance of magnetic film to protect a cryptographic LSI from electromagnetic analysis." Electromagnetic Compatibility (EMC), International Symposium, 103-108, IEEE, (2010).
• [22] Wolter, S., Matz, H., Schubert, A., Laur, R., "On the VLSI implementation of the international data encryption algorithm IDEA." Circuits and Systems, 1995 IEEE International Symposium, 1, 397-400, IEEE, (1995).
• [23] Gaubatz G., Sunar, B., "Robust finite field arithmetic for fault-tolerant public-key cryptography." Fault Diagnosis and Tolerance in Cryptography, 196-210, Springer Berlin Heidelberg, (2006).
• [24] Karri, R., Kuznetsov, G., Goessel M., "Parity-based concurrent error detection of substitution-permutation network block ciphers." In Cryptographic Hardware and Embedded Systems-CHES, 113-124, Springer Berlin Heidelberg, (2003).
• [25] Bertoni, G., Breveglieri, L., Koren, I., Maistri, P., Piuri V., "Error analysis and detection procedures for a hardware implementation of the advanced encryption standard." Computers, IEEE Transactions, 4, 492-505, (2003).
• [26] Shamir, A., "Method and apparatus for protecting public key schemes from timing and fault attacks." U.S. Patent 5, 991,415, November 23, (1999).
• [27] Kim, C., Quisquater J.-J., "Fault attacks for CRT based RSA: New attacks, new results, and new countermeasures." Information Security Theory and Practices. Smart Cards, Mobile and Ubiquitous Computing Systems, 215-228. Springer Berlin Heidelberg, (2007).
• [28] Yen, S.-M., Kim, S., Lim, S., Moon, S.-J., "RSA speedup with Chinese remainder theorem immune against hardware fault cryptanalysis." Computers, IEEE., 52, 4, 461-472, (2003).
• [29] Regazzoni, F., Eisenbarth, T., Grossschadl, J., Breveglieri, L., "Power attacks resistance of cryptographic s-boxes with added error detection circuits." In Defect and Fault-Tolerance in VLSI Systems, 22nd IEEE International Symposium, 508-516, IEEE, (2007).
• [30] Regazzoni, F., Eisenbarth, T., Breveglieri, L., Ienne, P., Koren. I., "Can knowledge regarding the presence of countermeasures against fault attacks simplify power attacks on cryptographic devices?" Defect and Fault Tolerance of VLSI Systems, IEEE International Symposium, 202-210, IEEE, (2008).
• [31] Regazzoni, F., Breveglieri, L., Lenne, P., Koren, I., "Interaction Between Fault Attack Countermeasures and the Resistance Against Power Analysis Attacks." Fault Analysis in Cryptography, 257-272. Springer Berlin Heidelberg, (2012).
• [32] Wang, D., Neupane, A., Qian, Z., Ghazaleh, N., Krishnamurthy, S. V., Colbert, E.J.M., Yu, P., “Unveiling your keystrokes: A Cache-based Side-channel Attack on Graphics Libraries” Network and Distributed Systems Security (NDSS) Symposium, (2019).
• [33] Faezi, S., Chhetri, S. R., Malawade, A. V., Chaput, J. C., Grover, W., Brisk, P., Al Faruque, M. A., “Oligo-Snoop: A Non-Invasive Side Channel Attack Against DNA Synthesis Machines” Network and Distributed Systems Security (NDSS) Symposium (2019).
• [34] Gu, J., Wang, J., Yu, Z., Shen, K., “Traffic-Based Side-Channel Attack in Video Streaming”, IEEE/ACM Transactions on Networking, 27(3 ) (2019).
• [35] Yan, M., Sprabery, R., Gopireddy, B., Fletcher, C., Campbell, R., Torrellas, J., “Attack Directories, Not Caches: Side-Channel Attacks in a Non-Inclusive World”, iacoma.cs.uiuc.edu, (2019).
• [36] Chakraborty, N., Anand, V.S., Mondal, S., “Towards identifying and preventing behavioral side channel attack on recording attack resilient unaided authentication service” Computers & Security Volume, 84, 193-205, (2019).
• [37] Fell, A., Pham, H. T.h, Lam, S. K., “TAD: time side-channel attack defense of obfuscated source code” ASPDAC '19 Proceedings of the 24th Asia and South Pacific Design Automation Conference, 58-63, (2019).
• [38] Lee, C.Y., Huang, T.P., Chen, K.H., Lin, Y.H., Ru, S., “A High Current efficiency Stacked Digital Low Dropout Array with True-Random-Noise Injection and Ultralow Output Ripple for Power-Side Channel Attack Protection”, IEEE Xplore, July (2019).
• [39] Das, D., Golder, A., Danial, J., Ghosh, S., Raychowdhury, A., Sen, S., “X-DeepSCA: Cross-Device Deep Learning Side Channel Attack” Proceeding DAC '19 Proceedings of the 56th Annual Design Automation Conference, Article No. 134, (2019).
• [40] Das, D., Nath, M., Chatterjee, B., Ghosh, S., Sen, S., “STELLAR: A Generic EM Side-Channel Attack Protection through Ground-Up Root-cause Analysis” EasyChair Preprint № 839, (2019).
• [41] Mitra, A., “What is Side hannel Attack”, The Security Buddy, https://www.thesecuritybuddy.com/ vulnerabilities/what-is-side-channel-attack/ (2017).