-
Chapter and Conference Paper
An In-Depth Security Evaluation of the Nintendo DSi Gaming Console
The Nintendo DSi is a handheld gaming console released by Nintendo in 2008. In Nintendo’s line-up the DSi served as a successor to the DS and was later succeeded by the 3DS. The security systems of both the DS...
-
Chapter and Conference Paper
Provable Secure Software Masking in the Real-World
We evaluate eight implementations of provable secure side-channel masking schemes that were published in top-tier academic venues such as Eurocrypt, Asiacrypt, CHES and SAC. Specifically, we evaluate the side-...
-
Chapter and Conference Paper
On the Susceptibility of Texas Instruments SimpleLink Platform Microcontrollers to Non-invasive Physical Attacks
We investigate the susceptibility of the Texas Instruments SimpleLink platform microcontrollers to non-invasive physical attacks. We extracted the ROM bootloader of these microcontrollers and then analysed it ...
-
Chapter and Conference Paper
Design Considerations for EM Pulse Fault Injection
Electromagnetic-fault injection (EM-FI) setups are appealing since they can be made at a low cost, achieve relatively high spatial resolutions, and avoid the need of tampering with the PCB or packaging of the ...
-
Chapter and Conference Paper
An In-Depth and Black-Box Characterization of the Effects of Laser Pulses on ATmega328P
Laser fault injection is a complex, physical process with many parameters that influence the success of the injection. Some parameters are difficult to control. While many works have established that focused lase...
-
Chapter and Conference Paper
A First-Order Chosen-Plaintext DPA Attack on the Third Round of DES
DPA attacks usually exhibit a “divide-and-conquer” property: the adversary needs to enumerate only a small space of the key (a key sub-space) when performing the DPA attack. This is achieved trivially in the o...
-
Chapter and Conference Paper
Fault Analysis of the ChaCha and Salsa Families of Stream Ciphers
We present a fault analysis study of the ChaCha and Salsa families of stream ciphers. We first show that attacks like differential fault analysis that are common in the block cipher setting are not applicable ...
-
Chapter and Conference Paper
Consolidating Inner Product Masking
Masking schemes are a prominent countermeasure to defeat power analysis attacks. One of their core ingredients is the encoding function. Due to its simplicity and comparably low complexity overheads, many mask...
-
Chapter and Conference Paper
Fast Leakage Assessment
We describe a fast technique for performing the computationally heavy part of leakage assessment, in any statistical moment (or other property) of the leakage samples distributions. The proposed technique outp...
-
Chapter and Conference Paper
Does Coupling Affect the Security of Masked Implementations?
Masking schemes achieve provable security against side-channel analysis by using secret sharing to decorrelate key-dependent intermediate values of the cryptographic algorithm and side-channel information. Mas...
-
Chapter and Conference Paper
Design and Implementation of a Waveform-Matching Based Triggering System
Implementation attacks such as side channel attacks and fault attacks require triggering mechanisms to activate the acquisition device or fault injection equipment. Most academic works work with a very simple ...
-
Chapter and Conference Paper
Consolidating Masking Schemes
In this paper we investigate relations between several masking schemes. We show that the Ishai–Sahai–Wagner private circuits construction is closely related to Threshold Implementations and the Trichina gate. ...
-
Chapter and Conference Paper
DPA, Bitslicing and Masking at 1 GHz
We present DPA attacks on an ARM Cortex-A8 processor running at 1 GHz. This high-end processor is typically found in portable devices such as phones and tablets. In our case, the processor sits in a single boa...
-
Chapter and Conference Paper
On the Cost of Lazy Engineering for Masked Software Implementations
Masking is one of the most popular countermeasures to mitigate side-channel analysis. Yet, its deployment in actual cryptographic devices is well known to be challenging, since designers have to ensure that th...
-
Chapter and Conference Paper
Inner Product Masking Revisited
Masking is a popular countermeasure against side channel attacks. Many practical works use Boolean masking because of its simplicity, ease of implementation and comparably low performance overhead. Some recent...
-
Chapter and Conference Paper
A Note on the Use of Margins to Compare Distinguishers
Relative distinguishing margins are becoming a popular measure for comparing distinguishers. This paper presents some examples that show that this measure, although informative and intuitively sound, should no...
-
Chapter and Conference Paper
Generic DPA Attacks: Curse or Blessing?
Generic DPA attacks, such as MIA, have been recently proposed as a method to mount DPA attacks without the need for possibly restrictive assumptions on the leakage behaviour. Previous work identified some shor...
-
Chapter and Conference Paper
Higher-Order Threshold Implementations
Higher-order differential power analysis attacks are a serious threat for cryptographic hardware implementations. In particular, glitches in the circuit make it hard to protect the implementation with masking....
-
Chapter and Conference Paper
A More Efficient AES Threshold Implementation
Threshold Implementations provide provable security against first-order power analysis attacks for hardware and software implementations. Like masking, the approach relies on secret sharing but it differs in t...
-
Chapter and Conference Paper
Power Analysis of Atmel CryptoMemory – Recovering Keys from Secure EEPROMs
Atmel CryptoMemory devices offer non-volatile memory with access control and authenticated encryption. They are used in commercial and military applications e.g. to prevent counterfeiting, to store secrets suc...