Key-dependent side-channel cube attack on CRAFT

CRAFT is a tweakable block cipher introduced in 2019 that aims to provide strong protection against differential fault analysis. In this paper, we show that CRAFT is vulnerable to side-channel cube attacks. We apply side-channel cube attacks to CRAFT with the Hamming weight leakage assumption. We found that the first half of the secret key can be recovered from the Hamming weight leakage after the first round. Next, using the recovered key bits, we continue our attack to recover the second half of the secret key. We show that the set of equations that are solvable varies depending on the value of the key bits. Our result shows that 99.90% of the key space can be fully recovered within a practical time.     

DEFIDNET: A framework for optimal allocation of cyberdefenses in Intrusion Detection Networks

Intrusion Detection Networks (IDN) are distributed cyberdefense systems composed of different nodes performing local detection and filtering functions, as well as sharing information with other nodes in the IDN. The security and resilience of such cyberdefense systems are paramount, since an attacker will try to evade them or render them unusable before attacking the end systems. In this paper, we introduce a system model for IDN nodes in terms of their logical components, functions, and communication channels. This allows us to model different IDN node roles (e.g., detectors, filters, aggregators, correlators, etc.) and architectures (e.g., hierarchical, centralized, fully distributed, etc.). We then introduce a threat model that considers adversarial actions executed against particular IDN nodes, and also the propagation of such actions throughout connected nodes. Based on such models, we finally introduce a countermeasure allocation model based on a multi-objective optimization algorithm to obtain optimal allocation strategies that minimize both risk and cost. Our experimental results obtained through simulation with different IDN architectures illustrate the benefit of our framework to design and reconfigure cyberdefense systems optimally.     

单片机破解的常用方法及应对策略

介绍了单片机内部密码破解的常用方法，重点说明了侵入型攻击／物理攻击方法的详细步骤，最后，从应用角度出发，提出了对付破解的几点建议。     

Binary rewriting and call interception for efficient runtime protection against buffer overflows

Buffer overflow vulnerabilities are one of the most commonly and widely exploited security vulnerabilities in programs. Most existing solutions for avoiding buffer overflows are either inadequate, inefficient or incompatible with existing code. In this paper, we present a novel approach for transparent and efficient runtime protection against buffer overflows. The approach is implemented by two tools: Type Information Extractor and Depositor (TIED) and LibsafePlus. TIED is first used on a binary executable or shared library file to extract type information from the debugging information inserted in the file by the compiler and reinsert it in the file as a data structure available at runtime. LibsafePlus is a shared library that is preloaded when the program is run. LibsafePlus intercepts unsafe C library calls such as strcpy and uses the type information made available by TIED at runtime to determine whether it would be ‘safe’ to carry out the operation. With our simple design we are able to protect most applications with a performance overhead of less than 10%. Copyright © 2006 John Wiley & Sons, Ltd.     

High-level synthesis design flow for power side-channel security

The lack of efficient security guidance is a prominent problem in the design flow of high-level synthesis. To tackle this issue, this paper proposes a security-based high-level synthesis design flow featuring the power side-channel vulnerabilities. The side-channel leakage is quantified by establishing a secure component module library, a more efficient and secure parallel scheduling mechanism is generated by optimizing the control flow, and a more secure architecture of the storage system is achieved by optimizing the data flow. The goal is to perform tradeoffs between performance and security, reducing the side-channel risks at the early stage of design and simultaneously generating more secure and efficient cryptographic cores in hardware. Furthermore, the proposed HLS design flow is verified on a field programmable gate array platform. Experimental results show that, in comparison with the traditional design flow, this method reduces the resources by 72% and the clock cycles by 70% and increases the throughput by 88%, and that it can lower the power side-channel risks within an ongoing design to the greatest extent.     

数字水印攻击及对策分析

数字水印技术作为数字媒体版权保护的重要手段越来越引起人们的重视。文章讨论了数字水印的概念、特征,重点介绍了数字水印的鲁棒性及影响数字水印鲁棒性的因素,总结和分析了数字水印主要攻击方式并提出相应的应对措施。     

基于FPGA实现AES的侧信道碰撞攻击

为了解决攻击点在能量迹中具体位置的识别问题,在对侧信道碰撞攻击技术研究的基础上,提出了通过计算能量迹中每个采样点的方差来识别攻击点的方差检查技术。并利用基于相关系数的碰撞检测方法,对一种AES的FPGA实现实施了攻击。实验结果表明,方差检查技术可以有效地识别攻击点在能量迹中的具体位置。     

迭代立方攻击及其应用

由于种种原因,实际分析中立方攻击通常无法找到相当数量的密钥比特线性表达式,基于迭代的思想,提出了一种迭代立方攻击方法。将其应用于55轮KATAN32算法,实验结果表明较之前的方法,该方法具有更小的数据复杂度和计算复杂度,攻击效果明显。     

低速率拒绝服务攻击研究与进展综述

低速率拒绝服务攻击是新型的拒绝服务攻击,对Internet的安全造成严重的潜在威胁,引起众多研究者的兴趣和重视,成为网络安全领域的重要研究课题之一.自2003年以来,研究者先后刻画了Shrew攻击、降质攻击、脉冲拒绝服务攻击和分布式拒绝服务攻击等多种低速率拒绝服务攻击方式,并提出了相应的检测防范方法.从不同角度对这种新型攻击的基本机理和攻击方法进行了深入的研究;对TCP拥塞控制机制进行了安全性分析,探讨了引起安全问题的原因;对现有的各种各样的LDoS攻击防范和检测方案,从多个方面进行了分类总结和分析评价;最后总结了当前研究中出现的问题,并展望了未来研究发展的趋势,希望能为该领域的研究者提供一些有益的启示.     

智能电网的安全可控性

计算机与信息技术在电力系统中的广泛应用提高了电网的自动化、智能化水平,同时也将传统IT领域的众多安全隐患引入了电网。智能电网是社会域、信息域、物理域多域交互、渗透形成的大规模新型融合网络,其安全威胁具有多域渗透、跨域攻击的特点。文中描述了智能电网基本安全需求及其与传统IT安全需求的不同;分析了智能电网中多域渗透攻击并且对信息-物理安全威胁进行分类;基于分域防护、多域协同、边界防护的思想提出了智能电网多域协同安全防护模型。