Refine
Departments, institutes and facilities
Document Type
- Conference Object (22)
- Doctoral Thesis (2)
- Part of Periodical (2)
- Article (1)
- Part of a Book (1)
- Conference Proceedings (1)
- Preprint (1)
Year of publication
Language
- English (30) (remove)
Keywords
- DPA (3)
- Fault analysis (3)
- IP protection (3)
- Basic Access Control (2)
- Boolean Masking (2)
- E-Passport (2)
- Embedded software (2)
- LOTUS Sensor Node (2)
- MESD (2)
- MRTD (2)
This book constitutes the thoroughly refereed post-conference proceedings of the 15th International Conference on Smart Card Research and Advanced Applications, CARDIS 2016, held in Cannes, France, in November 2016. The 15 revised full papers presented in this book were carefully reviewed and selected from 29 submissions. The focus of the conference was on all aspects of the design, development, deployment, validation, and application of smart cards or smart personal devices.
Diese Arbeit beschäftigt sich mit der Effizienz der Seitenkanal-Kryptanalyse. In Teil II dieser Arbeit demonstrieren wir, wie die Laufzeit der wichtigsten Analysewerkzeuge mit Hilfe der CUDA Plattform erheblich gesteigert werden kann. Zweitens untersuchen wir neue Ansätze der profilierenden Seitenkanal-Kryptanalyse. Der Forschungszweig des maschinellen Lernens kann für deutliche Verbesserungen adaptiert werden, wurde jedoch wenig dahingehend untersucht. In Teil III dieser Arbeit präsentieren wir zwei neue Methoden, die einige Gemeinsamkeiten jedoch auch einige Unterschiede aufbieten, sodass sich Prüfergebnisse in einem vollständigeren Bild zeigen lassen. Darüber hinaus schlagen wir in Teil IV eine Seitenkanalanwendung zum Schutz geistigen Eigentums (IP) vor. In Teil V beschäftigen wir uns tiefergehend mit praktischer Seitenkanal-Kryptanalyse, indem wir Attacken auf einen Sicherheitsmikrokontroller durchführen, der Anwendung in einer, in Deutschland weit verbreiteten, EC Karte findet.
This paper presents implementation results of several side channel countermeasures for protecting the scalar multiplication of ECC (Elliptic Curve Cryptography) implemented on an ARM Cortex M3 processor that is used in security sensitive wireless sensor nodes. Our implementation was done for the ECC curves P-256, brainpool256r1, and Ed25519. Investigated countermeasures include Double-And-Add Always, Montgomery Ladder, Scalar Randomization, Randomized Scalar Splitting, Coordinate Randomization, and Randomized Sliding Window. Practical side channel tests for SEMA (Simple Electromagnetic Analysis) and MESD (Multiple Exponent, Single Data) are included. Though more advanced side channel attacks are not evaluated, yet, our results show that an appropriate level of resistance against the most relevant attacks can be reached.
Fault-Channel Watermarks
(2016)
TinyECC 2.0 is an open source library for Elliptic Curve Cryptography (ECC) in wireless sensor networks. This paper analyzes the side channel susceptibility of TinyECC 2.0 on a LOTUS sensor node platform. In our work we measured the electromagnetic (EM) emanation during computation of the scalar multiplication using 56 different configurations of TinyECC 2.0. All of them were found to be vulnerable, but to a different degree. The different degrees of leakage include adversary success using (i) Simple EM Analysis (SEMA) with a single measurement, (ii) SEMA using averaging, and (iii) Multiple-Exponent Single-Data (MESD) with a single measurement of the secret scalar. It is extremely critical that in 30 TinyECC 2.0 configurations a single EM measurement of an ECC private key operation is sufficient to simply read out the secret scalar. MESD requires additional adversary capabilities and it affects all TinyECC 2.0 configurations, again with only a single measurement of the ECC private key operation. These findings give evidence that in security applications a configuration of TinyECC 2.0 should be chosen that withstands SEMA with a single measurement and, beyond that, an addition of appropriate randomizing countermeasures is necessary.
Topics
Dialogue University President Hartmut Ihne and Jakob Rhyner, Vice Rector of the United Nations University (UNU), talk about common goals and the concept of regional internationality ...
Studies and Teaching University scores high with the Teaching Quality Pact (Pro-MINT-us), career training and Bachelor studies all in one, three attractive Master’s programmes set up, central e-Learning platform online, International Centre for Sustainable Development already hard at work ...
Research Graduate Institute establishes new Ph.D. culture, research focus on visual computing secures third-party funding, energy harvesting project wins university competition, research on the impact of zero gravity on arteries, security systems protect against car thieves ...
Campus Centre for Science and Technology Transfer, International Welcome Centre - a first stop for foreign students, alumni coordinator keeps in close contact with former students, hackathon brings students from around the world together, H-BRS prepared for the double Abitur year ...
What if ... ... the Bonn-Rhein-Sieg University of Applied Sciences did not exist? Personal answers to an unusual question ...
Region H-BRS- a strong engine for the region, research centre for region’s SMEs looks for investors, companies invest in scholarships, students advise the Alexander- Koenig-Gesellschaft, BusinessCampus opens a third location, concept for medical tourism along the Rhine corridor ...
International Mechanical engineering students in Ethiopia, businesses and universities collaborate in Ghana, university partnership with Namibia, Study Buddies for foreign students, student initiates German-Argentine Master’s degree, Spanish teacher conference, intercultural training for all university staff ...
Facts and Figures Programmes of study, statistics, organisational structure, international partnerships, awards ...
On an Integration of an Information Security Management System into an Enterprise Architecture
(2010)
This thesis is dedicated to models and algorithms for the use in physical cryptanalysis which is a new evolving discipline in implementation security of information systems.
Physical observables such as the power consumption or electromagnetic emanation of a cryptographic module are so-called `side channels'. They contain exploitable information about internal states of an implementation at runtime. Physical effects can also be used for the injection of faults. Fault injection is successful if it recovers internal states by examining the effects of an erroneous state propagating through the computation.
The best currently known approach in physical cryptanalysis is a thorough experimental verification at a profiling stage, which is included in methods achieving maximum power. The final multivariate algorithms of this thesis can be seen as the most efficient ones in side channel cryptanalysis.