No Arabic abstract
Internet of Things connects lots of small constrained devices to the Internet. As in any other environment, communication security is important and cryptographic algorithms are one of many elements that we use in order to keep messages secure. Because of the constrained nature of these environments, it is necessary to use algorithms that do not require high computational power. Lightweight ciphers are therefore ideal candidates for this purpose. In this paper, we explore a possibility of attacking an ultra-lightweight cipher PRESENT by using a multiple fault attack. Utilizing the Differential Fault Analysis technique, we were able to recover the secret key with two faulty encryptions and an exhaustive search of 2^16 remaining key bits. Our attack aims at four nibbles in the penultimate round of the cipher, causing faulty output in all nibbles of the output. We also provide a practical attack scenario by exploiting Hardware Trojan (HT) technique for the proposed fault injection in a Xilinx Spartan-6 FPGA.
Persistent Fault Attack (PFA) is a recently proposed Fault Attack (FA) method in CHES 2018. It is able to recover full AES secret key in the Single-Byte-Fault scenario. It is demonstrated that classical FA countermeasures, such as Dual Modular Redundancy (DMR) and mask protection, are unable to thwart PFA. In this paper, we propose a fast-detection and faultcorrection algorithm to prevent PFA. We construct a fixed input and output pair to detect faults rapidly. Then we build two extra redundant tables to store the relationship between the adjacent elements in the S-box, by which the algorithm can correct the faulty elements in the S-box. Our experimental results show that our algorithm can effectively prevent PFA in both Single-ByteFault and Multiple-Bytes-Faults scenarios. Compared with the classical FA countermeasures, our algorithm has a much better effect against PFA. Further, the time cost of our algorithm is 40% lower than the classical FA countermeasures.
As deep learning systems are widely adopted in safety- and security-critical applications, such as autonomous vehicles, banking systems, etc., malicious faults and attacks become a tremendous concern, which potentially could lead to catastrophic consequences. In this paper, we initiate the first study of leveraging physical fault injection attacks on Deep Neural Networks (DNNs), by using laser injection technique on embedded systems. In particular, our exploratory study targets four widely used activation functions in DNNs development, that are the general main building block of DNNs that creates non-linear behaviors -- ReLu, softmax, sigmoid, and tanh. Our results show that by targeting these functions, it is possible to achieve a misclassification by injecting faults into the hidden layer of the network. Such result can have practical implications for real-world applications, where faults can be introduced by simpler means (such as altering the supply voltage).
As Field-programmable gate arrays (FPGAs) are widely adopted in clouds to accelerate Deep Neural Networks (DNN), such virtualization environments have posed many new security issues. This work investigates the integrity of DNN FPGA accelerators in clouds. It proposes DeepStrike, a remotely-guided attack based on power glitching fault injections targeting DNN execution. We characterize the vulnerabilities of different DNN layers against fault injections on FPGAs and leverage time-to-digital converter (TDC) sensors to precisely control the timing of fault injections. Experimental results show that our proposed attack can successfully disrupt the FPGA DSP kernel and misclassify the target victim DNN application.
GPUs are increasingly being used in security applications, especially for accelerating encryption/decryption. While GPUs are an attractive platform in terms of performance, the security of these devices raises a number of concerns. One vulnerability is the data-dependent timing information, which can be exploited by adversary to recover the encryption key. Memory system features are frequently exploited since they create detectable timing variations. In this paper, our attack model is a coalescing attack, which leverages a critical GPU microarchitectural feature -- the coalescing unit. As multiple concurrent GPU memory requests can refer to the same cache block, the coalescing unit collapses them into a single memory transaction. The access time of an encryption kernel is dependent on the number of transactions. Correlation between a guessed key value and the associated timing samples can be exploited to recover the secret key. In this paper, a series of hardware/software countermeasures are proposed to obfuscate the memory timing side channel, making the GPU more resilient without impacting performance. Our hardware-based approach attempts to randomize the width of the coalescing unit to lower the signal-to-noise ratio. We present a hierarchical Miss Status Holding Register (MSHR) design that can merge transactions across different warps. This feature boosts performance, while, at the same time, secures the execution. We also present a software-based approach to permute the organization of critical data structures, significantly changing the coalescing behavior and introducing a high degree of randomness. Equipped with our new protections, the effort to launch a successful attack is increased up to 1433X . 178X, while also improving encryption/decryption performance up to 7%.
Hardware security has risen in prominence in recent years with concerns stemming from a globalizing semiconductor supply chain and increased third-party IP (intellectual property) usage. Trojan detection is of paramount importance for ensuring systems with confidentiality, integrity, and availability. Existing methods for hardware Trojan detection in FPGA (field programmable gate array) devices include test-time methods, pre-implementation methods, and run-time methods. The first two methods provide effective ways of detecting some Trojans; however, Trojans may be specifically designed to avoid detection at test-time or before implementation making run-time detection a more attractive option. Run-time detection and removal of Trojans is highly desirable due to the wide range of critical systems which are deployed on FPGAs and may be difficult or costly to remove from operation. Many parallels can be drawn between hardware and natural systems, and one example creates an analogy between hardware attacks and biological attacks. We propose a CRISPR-Cas-inspired (clustered regularly interspaced palindromic repeats) method for detecting hardware Trojans in FPGAs. The fundamental concepts of the Type 1-E CRISPR-Cas mechanism are discussed and simulated to predict the flow of genetic information through this biological system. The basic structure of this system is utilized to propose a novel run-time Trojan detection method titled CADEFT (CRISPR-Cas-based Algorithm for DEtection of FPGA Trojans). Different levels of FPGA application design flow are explored, and CADEFT is proposed for realization at the bitstream level to monitor the configuration bitstream and the run-time properties of the FPGA. The flexibility of CADEFT originates in the CRISPR-Cas mechanisms ability to recognize similar albeit previously unseen patterns which may pose a threat to the system.