At Conferences:
Hardening microprocessors against side-channel attacks is a critical aspect of ensuring their security. A key step in this process is identifying and mitigating ``leaky" hardware modules, which leak information during the execution of cryptographic algorithms. In this paper, we explore how different leakage detection methods, the Side-channel Vulnerability Factor (SVF) and the Test Vector Leakage Assessment (TVLA), contribute to hardening of microprocessors. We conduct experiments on two RISC-V cores, SHAKTI and Ibex, using two cryptographic algorithms, SHA-3 and AES. Our findings suggest that SVF and TVLA can provide valuable insights into identifying leaky modules. However, the effectiveness of these methods can vary depending on the specific core and cryptographic algorithm in use. We conclude that the choice of leakage detection method should be based not only on computational cost but also on the specific requirements of the system, the implementation of the algorithm examined and the nature of the potential threats.
Electronic devices that populate the Internet of Things play increasingly important roles in our everyday lives. When these devices process, store, or communicate personal or company-critical data, digital security becomes a necessity. However, mechanisms to secure electronic systems have a significant influence on the cost of the system and come with an overhead in energy consumption, computational delay, and (silicon) chip area. Therefore, developing secure electronic systems is a balancing act between minimizing the overhead and maximizing the security. Moreover, in rapidly evolving markets, there is another parameter that can have a negative influence on the security strength of electronic devices, namely the time to market: it takes longer to bring a secure product to the market than to develop a product with no or little security measures in place. In the PROACT project, we tackle the challenge of maximizing the security strength while minimizing the overhead w.r.t. energy consumption, computational delay, and hardware resources, as well as reducing the time to market of digital electronic systems. We specifically focus on the fast development of efficient cryptographic hardware with protection against physical attacks, i.e., attacks that exploit the physical implementation of cryptographic algorithms. Physical attacks are categorized into (1) side-channel analysis attacks that target the extraction of secret information by monitoring side-channels like the power consumption, the electromagnetic emanation or the timing of the device, and (2) fault analysis attacks that aim at introducing computational errors that lead to the leakage of secret information. Physical security is of vital importance when potential attackers can easily get in the vicinity of an electronic system. This is the case in, e.g., medical sensor devices, wearables and implants, which are typically constrained in energy budget, cost and form factor, and are therefore the perfect use case for the results of PROACT.
Fault injection attacks have caused implementations to behave unexpectedly, resulting in a spectacular bypass of security features and even the extraction of cryptographic keys. Clearly, developers want to ensure the robustness of the software against faults and eliminate production weaknesses that could lead to exploitation. Several fault simulators have been released that promise cost-effective evaluations against fault attacks. In this paper, we set out to discover how suitable such tools are, for a developer who wishes to create robust software against fault attacks. We found four open-source fault simulators that employ different techniques to navigate faults, which we objectively compare and discuss their benefits and drawbacks. Unfortunately, none of the four open-source fault simulators employ artificial intelligence (AI) techniques. However, AI was successfully applied to improve the fault simulation of cryptographic algorithms, though none of these tools is open source. We suggest improvements to open-source fault simulators inspired by the AI techniques used by cryptographic fault simulators.
@ICIRCA 2020
Association rule mining is utilized to take care of various types of area issues. These days' affiliation rule mining has been stretched out to huge information. As a result of the gigantic measure of information, a solitary way the sequential procedure isn't adequate subsequently. The most basic piece of ARM is discovering a potential relationship between things in an enormous exchange based dataset. The well-known algorithms in particular apriori and FP Growth has been identified & implemented those algorithms using the WEKA (version 3.7.10) tool.