Maryam Tabaeifard; Ali Jahanian
Abstract
Side-channel Analysis (SCA) attacks are effective methods for extracting encryption keys, and with deep learning (DL) techniques, much stronger attacks have been carried out on victim devices. However, carrying out this kind of attack is much more challenging in cross-device attacks when the profiling ...
Read More
Side-channel Analysis (SCA) attacks are effective methods for extracting encryption keys, and with deep learning (DL) techniques, much stronger attacks have been carried out on victim devices. However, carrying out this kind of attack is much more challenging in cross-device attacks when the profiling device and target device are similar but not the same, which can cause the attack to fail. We also reached this conclusion when using only DL-SCA attack on our cross-devise (Atmega microcontroller devices). Due to different processes that lead to significant device-to-device variations, the accuracy of the attack was, on average, only 23%. In this paper, we proposed a method for a real attack on cross-devices using pre-processing methods based on a combination of DL-based Autoencoder and Gaussian low-pass filter (GLPF). According to our analysis results, the accuracy of the attack using only deep learning-based Autoencoder increased to 70% on average, and it improved up to 82% by adding the GLPF technique. The results also showed that combining DL-based autoencoder and GLPF can lead to a successful attack with a maximum of 300 power traces from the victim device.
Milad Salimian; Ali Jahanian
Abstract
Side-channel analysis methods can reveal the secret information of digital electronic systems by analyzing the dependency between the power consumption of implemented cryptographic algorithms and the secret data. Recent studies show that it is possible to gather information about power consumption from ...
Read More
Side-channel analysis methods can reveal the secret information of digital electronic systems by analyzing the dependency between the power consumption of implemented cryptographic algorithms and the secret data. Recent studies show that it is possible to gather information about power consumption from FPGAs without any physical access. High flexibilities of modern FPGAs cause that they are used for cloud accelerator in Platform as a Service (PaaS) system; however, new serious vulnerabilities emerged for these platforms. Although there are some reports about how switching activities from one region of FPGA affect other regions, details of this technique are not analyzed. In this paper, we analyzed the strength of this kind of attack and examined the impact of geometrical and electrical parameters of the victim/attacker modules on the efficiency of this attack. We utilized a Zynq-based Xilinx platform as the device under attack. Experimental results and analyses show that the distance between the victim module and the sensor modules is not the only effective parameter on the quality of attack; the influence of the relational location of victim/attacker modules could be more considerable on the quality of attack.
Gholam Reza Moghissi; Ali Payandeh
Abstract
The exact manner of BKZ algorithm for higher block sizes cannot be studied by practical running, so simulation of BKZ can be used to predict the total cost and output quality of BKZ algorithm. Sampling method of enumeration solution vector v is one of the main components of designing BKZ-simulation and ...
Read More
The exact manner of BKZ algorithm for higher block sizes cannot be studied by practical running, so simulation of BKZ can be used to predict the total cost and output quality of BKZ algorithm. Sampling method of enumeration solution vector v is one of the main components of designing BKZ-simulation and can be divided into two phases: sampling norm of solution vector v and sampling corresponding coefficient vectors. This paper introduces a simple and efficient idea for sampling the norm of enumeration solution v for any success probability of enumeration bounding functions, while to the best of our knowledge, no such sampling method for norm of enumeration solution is proposed in former studies. Next, this paper analyzes the structure and probability distribution of coefficient vectors (corresponding with enumeration solution v), and consequently introduces the sampling methods for these coefficient vectors which are verified by our test results, while no such a deep analysis for sampling coefficient vectors is considered in design of former BKZ-simulations. Moreover, this paper proposes an approximation for cost of enumerations pruned by optimal bounding functions.
Musbah Aqel; Twana Saeed Ali; Tugberk Kaya
Abstract
In recent years technology and management information system has been an excellent response too many global challenges, technology innovation has expanded over almost all the sectors of, and it made many processes more accurate and very faster than before. Technology systems playeda big role part in ...
Read More
In recent years technology and management information system has been an excellent response too many global challenges, technology innovation has expanded over almost all the sectors of, and it made many processes more accurate and very faster than before. Technology systems playeda big role part in election processes in many democratic countries nowadays. The commission, in Iraq, suffers from many problems such as fraud, time-consuming and delays in the election processes that take a long time and also witness a delay in revealing the results. This research paper focuses on adapting the biometric system in Iraq; there are several different perspectives to specify the IHEC’s employees and manager’s attitude towards technology in general and Biometric system specifically. Most of the staff members feel confident about transforming into a technology system. In their responses to the questionnaires, most of them focused on getting trained before they start using the system. In this research, the data is collected by using survey technique from the independent high electoral commission managers and staff members, and the data is analyzed by using SPSS.
Maryam Rajabzadeh Assar; Mustafa Isam Ahmed Al-Baghdadi
Abstract
Designing authentication techniques suitable for wireless sensor networks (WSNs) with their dedicated consideration is critical due to the nature of public channel. In 2022, Liu et al. presented an authentication protocol which employs dynamic authentication credentials (DACs) and Intel software guard ...
Read More
Designing authentication techniques suitable for wireless sensor networks (WSNs) with their dedicated consideration is critical due to the nature of public channel. In 2022, Liu et al. presented an authentication protocol which employs dynamic authentication credentials (DACs) and Intel software guard extensions (SGX) to guarantee security in WSNs, and it was shown that it is secure by formal and informal security analysis. In this paper, we show that it is not secure against desynchronization attack and offline guessing attack for long-term random numbers of users. In addition, it suffers from the known session-specific temporary information attack. Then, to address these vulnerabilities an improved authentication scheme using DAC and Intel SGX will be presented. It is shown that not only it is secure against aforementioned attacks with employing formal and informal analysis, but also it has a reasonable communication and computation overhead. It should be highlighted that the communication and computation overheads of our proposal are increased negligibly, but it provides more security features compared to the baseline protocol.