Home
Search results “Side channel attacks in cryptography research”
Side-Channel Analysis Demo: FPGA Board
 
04:42
Elke DeMulder, Research Scientist for Cryptography Research, demonstrates how field programmable gate arrays (FPGAs) can be compromised by side-channel attacks.
Views: 10980 Rambus Inc.
Side Channel Attacks
 
12:25
Gilber Goodwill of Cryptography Research demonstrates a side channel attack.
Views: 7710 GraniteVideo
16. Side-Channel Attacks
 
01:22:16
MIT 6.858 Computer Systems Security, Fall 2014 View the complete course: http://ocw.mit.edu/6-858F14 Instructor: Nickolai Zeldovich In this lecture, Professor Zeldovich discusses side-channel attacks, specifically timing attacks. License: Creative Commons BY-NC-SA More information at http://ocw.mit.edu/terms More courses at http://ocw.mit.edu
Views: 11245 MIT OpenCourseWare
The Mathematics of Side-Channel Attacks
 
01:00:34
We will look at a collection of mathematical problems suggested by side-channel attacks against public key cryptosystems, and how the techniques inspired by this work relate to a variety of different applications. First, we discuss the cold boot attack, a side-channel attack against disk encryption systems that uses the phenomenon of DRAM remanence to recover encryption keys from a running computer. In the course of the attack, however, there may be errors introduced in the keys that the attacker obtains. It turns out that the structure of the key data in an AES key schedule can allow an attacker to more efficiently recover the private key in the presence of such errors. We extend this idea to a RSA private keys, and show how the structure of RSA private key data can allow an attacker to recover a key in the presence of random errors from 27 of the bits of the original key. Most previous work on RSA key recovery used the lattice-based techniques introduced by Coppersmith for finding low-degree roots of polynomials modulo numbers of unknown factorization. We will show how powerful analogies from algebraic number theory allow us to translate this theorem from the ring of integers to the ring of polynomials and beyond. This sort of intellectual arbitrage allows us to give a faster algorithm for list decoding of Reed-Solomon codes along with a natural extension to multi-point algebraic geometric codes, as well as an algorithm to find small solutions to polynomials over ideals in number fields.
Views: 1072 Microsoft Research
RSA Power Analysis Side-Channel Attack - rhme2
 
12:07
Preparing an arduino nano board to perform a power analysis side channel attack and explaining how that can be used to break RSA. Also proof I can't count. RSA video: https://www.youtube.com/watch?v=sYCzu04ftaY rhme2 by riscure: http://rhme.riscure.com/home Oscilloscope: Rigol DS2072A Soldering Station: Weller WD1 -=[ 💻 Related Products ]=- → Soldering station:* https://amzn.to/2SII4du → Oscilloscope:* https://amzn.to/2SMsDAY → Cheaper Oscilloscope:* https://amzn.to/2RCzCyX -=[ 🔴 Stuff I use ]=- → Microphone:* https://amzn.to/2LW6ldx → Graphics tablet:* https://amzn.to/2C8djYj → Camera#1 for streaming:* https://amzn.to/2SJ66VM → Lens for streaming:* https://amzn.to/2CdG31I → Connect Camera#1 to PC:* https://amzn.to/2VDRhWj → Camera#2 for electronics:* https://amzn.to/2LWxehv → Lens for macro shots:* https://amzn.to/2C5tXrw → Keyboard:* https://amzn.to/2LZgCFD → Headphones:* https://amzn.to/2M2KhxW -=[ ❤️ Support ]=- → per Video: https://www.patreon.com/join/liveoverflow → per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join -=[ 🐕 Social ]=- → Twitter: https://twitter.com/LiveOverflow/ → Website: https://liveoverflow.com/ → Subreddit: https://www.reddit.com/r/LiveOverflow/ → Facebook: https://www.facebook.com/LiveOverflow/ -=[ 📄 P.S. ]=- All links with "*" are affiliate links. LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.
Views: 18163 LiveOverflow
Side Channels and Clouds: New Challenges in Cryptography
 
58:36
Emerging trends in computation such as cloud computing, virtualization, and trusted computing require that computation be carried out in remote and hostile environments, where attackers have unprecedented access to the devices, the data and the programs. This poses new problems and challenges for cryptography. In this talk, I will present two such challenges, and my recent work towards solving them. 1. Protecting against Side-channel Attacks: Computing devices leak information to the outside world not just through input-output interaction, but through physical characteristics of computation such as power consumption, timing, and electro-magnetic radiation. Such information leakage betrays information about the secrets stored within the devices, and has been successfully utilized to break many cryptographic algorithms in common use. These attacks are commonly called side-channel attacks. Side-channel attacks are particularly easy to carry out when the device is in the physical proximity of an attacker, as is often the case for modern devices such as smart-cards, TPM chips, mobile phones and laptops. In the first part of the talk, I will describe my recent work that lays the foundation of leakage-resilient cryptography ΓÇô the design of cryptographic schemes that protect against large classes of side-channel attacks. 2. Computing on Encrypted Data: Security in the setting of cloud computing involves a delicate balance of privacy and functionality: while the client must encrypt its data to keep it private from the server, it should also allow for the server to compute on the encrypted data. Can we simultaneously achieve these opposing goals? In the second part of the talk, I will describe an elementary construction of a cryptographic mechanism that allows computation on encrypted data (also called a fully homomorphic encryption scheme). Both these works leverage new mathematical techniques based on geometric objects called lattices.
Views: 279 Microsoft Research
Introduction to Side-Channel Power Analysis (SCA, DPA)
 
01:08:57
A complete introduction to side channel power analysis (also called differential power analysis). This is part of training available that will be available at http://www.ChipWhisperer.io shortly - also in person at Blackhat USA 2016 (see https://www.blackhat.com/us-16/).
Views: 12119 Colin O'Flynn
Covert Channels (CISSP Free by Skillset.com)
 
04:33
This Covert Channels training video is part of the CISSP FREE training course from Skillset.com (https://www.skillset.com/certifications/cissp). Skillset helps you pass your certification exam. Faster. Guaranteed. https://www.skillset.com Topic: Covert Channels Skill: Information System Vulnerability Fundamentals Skillset: Security Engineering Certification: CISSP Join the 40,000+ candidates in over 58 countries that have found a faster, better way to pass their certification exam. + Unlimited access to thousands of practice questions + Exam readiness score + Smart reinforcement + Focused training ensures 100% exam readiness + Personalized learning plan + Align exam engine to your current baseline knowledge + Eliminate wasted study time + Exam pass guarantee And much more - https://www.skillset.com
Views: 5970 Skillset
Side-Channel Attacks by Differential Power Analysis - Nathaniel Graff
 
15:38
Your software may be secure, but what about the computer it's running on? Nathaniel Graff describes how private data can be extracted from a running system without even needing a software exploit. Learn how data can be inadvertently leaked and what can be done to prevent it. Featuring a live demo with an oscilloscope!
Views: 2967 White Hat Cal Poly
Timing Side Channel - Applied Cryptography
 
00:31
This video is part of an online course, Applied Cryptography. Check out the course here: https://www.udacity.com/course/cs387.
Views: 680 Udacity
Practical side-channel attacks on embedded device cryptography - Dr Owen Lo and Doug Carson
 
52:25
The associated research paper is here: https://www.tandfonline.com/doi/abs/10.1080/23742917.2016.1231523
Views: 1356 The Cyber Academy
Cache Side-Channel Attacks Presentation
 
12:16
Dr. Farkas - Our initial slide detailing our credentials was cropped out by the screen application we were using. See our credentials below: John Gill - Currently in the final course to obtain the Cybersecurity Specialization offered by the University of South Carolina as well as completing a certification through CompTIA Security+. Daniel Gregory - Currently an Accounting major with a minor in Computer Science focused on Information Security. I've held multiple internship positions for IT audit work and currently secured employment at a Big Four accounting firm as an IT Risk Analyst. I am planning on attaining my Certified Information Systems Auditor license as well as the CompTIA Security+.
Views: 355 Daniel Gregory
Side-Channel Analysis - 11/05/2013 Part 1
 
38:30
Side-Channel Analysis By, Mostafa Taha: PhD student in the Secure Embedded Systems lab of Virginia Tech Abstract: Side-Channel Analysis is a collective term for passive non-invasive implementation attacks. It refers to the process by which, an adversary exploits any unintentional output of a cryptographic module to reveal secret information about that module. Unintentional outputs, also called side-channel outputs, include power consumption, electromagnetic radiation, execution time, and others. In this presentation, we will explore the world of embedded security, and side-channel analysis. We will start with the introduction and motivation to this research field. Then, we will focus on two cryptographic algorithms, AES as a block cipher, and Keccak as a hashing function. We will show some recent work on the attack side and the protection side of both algorithms
Views: 438 VT-MENA Seminar
All in the timing: How side channel attacks work
 
27:05
Philip "Phildini" James, Asheesh Laroia https://2018.northbaypython.org/schedule/presentation/22/ In this talk, you’ll learn about a category of security issue known as side channel attacks. You’ll be amused to see how features like automatic data compression, short-circuit execution, and deterministic hashing can be abused to bypass security systems. No security background knowledge is required. The talk assumes at least intermediate Python experience. We’ll take a tour of real side channel vulnerabilities in open source Python codebases, including the patches that fixed them. It also offers practical advice for avoiding these issues. My goal is to demystify this topic, even if you aren’t writing security-critical software. This talk is for intermediate or higher Python developers who want a foundation for understanding side channel security vulnerabilities. We hope to allow software developers without a security background to understand the security mindset. A Python conference north of the Golden Gate North Bay Python is a single-track conference with a carefully curated set of talks representing the diverse Python community and their different areas of interest. If a topic is less to your interest, or you've met some people you really want to sit down and chat with, we'll have plenty of areas away from the main theatre to catch up and chat. Our goal is to keep prices as low as possible. That means we won't be catering lunch. Instead, you can look forward to extra-long lunch breaks you can use to explore all of the great food options around the venue.
Views: 74 North Bay Python
Breaking AES with ChipWhisperer - Piece of scake (Side Channel Analysis 100)
 
14:09
Terrible DPA explanation and sharing my experience solving the side channel analysis challenge "piece of scake" from the rhme2 CTF. A real DPA tutorial by Colin O'Flynn: https://www.youtube.com/watch?v=OlX-p4AGhWs The ChipWhisperer AES tutorial: http://www.newae.com/sidechannel/cwdocs/tutorial.html ChipWhsiperer: http://newae.com/tools/chipwhisperer/ The DPA paper: https://www.rambus.com/introduction-to-differential-power-analysis-and-related-attacks/ rhme2 challenge files: https://github.com/Riscure/Rhme-2016 -=[ 🔴 Stuff I use ]=- → Microphone:* https://amzn.to/2LW6ldx → Graphics tablet:* https://amzn.to/2C8djYj → Camera#1 for streaming:* https://amzn.to/2SJ66VM → Lens for streaming:* https://amzn.to/2CdG31I → Connect Camera#1 to PC:* https://amzn.to/2VDRhWj → Camera#2 for electronics:* https://amzn.to/2LWxehv → Lens for macro shots:* https://amzn.to/2C5tXrw → Keyboard:* https://amzn.to/2LZgCFD → Headphones:* https://amzn.to/2M2KhxW -=[ ❤️ Support ]=- → per Video: https://www.patreon.com/join/liveoverflow → per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join -=[ 🐕 Social ]=- → Twitter: https://twitter.com/LiveOverflow/ → Website: https://liveoverflow.com/ → Subreddit: https://www.reddit.com/r/LiveOverflow/ → Facebook: https://www.facebook.com/LiveOverflow/ -=[ 📄 P.S. ]=- All links with "*" are affiliate links. LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm. #CTF #HardwareSecurity
Views: 38070 LiveOverflow
RuhrSec 2016: "Cache Side-Channel Attacks and the case of Rowhammer", Daniel Gruss
 
38:39
Abstract. Software security relies on isolation mechanisms provided by hardware and operating system. However, isolation mechanisms are often insufficient, for instance due to the existence of caches in hardware and software. Caches keep frequently used data in faster memory to reduce access time and to reduce the access frequency on slower memory. This introduces timing differences that can be exploited in side-channel attacks. The first half of this talk is about state-of-the-art cache side-channel attacks. Most cache attacks target cryptographic implementations and even full key recovery attacks cross-core, cross-VM in public clouds have been demonstrated. We recently found that cache attacks can be fully automatized, cache attacks are not limited to specific architectures, and cache attacks can be implemented based on a variety of hardware features. This broadens the field of cache attacks and increases their impact significantly. The second half of this talk is about the so-called Rowhammer effect, which can be exploited to gain unrestricted access to systems. Recent studies have found that in most DDR3 DRAM modules random bit flips can occur due to the Rowhammer effect. These hardware faults can be triggered by an attacker without accessing the corresponding memory location, but by accessing other memory locations in a high frequency. The first attacks used cache maintenance operations as caches would prevent such frequent accesses. Frequent accesses from JavaScript would allow a remote attacker to exploit the Rowhammer effect. For this purpose it is necessary to defeat the complex cache replacement policies. We showed that this is possible last year. In this talk we will detail how to evaluate the huge parameter space of eviction strategies, discuss intuitive and counter-intuitive timing effects, and thereby close the gap between local Rowhammer exploits in native code and remote Rowhammer exploits through websites. Biography. Daniel Gruss is a PhD Student at Graz University of Technology. He has done his master's thesis on identifying and minimizing architecture dependent code in operating system kernels. Daniel's research focuses on software-based side-channel attacks that exploit timing differences in hardware and operating system. In July 2015, he and his colleagues demonstrated the first hardware fault attack performed through a remote website, known as Rowhammer.js.
Views: 2363 Hackmanit GmbH
Side Channel Analysis of Cryptographic Implementations
 
48:21
Cryptography and Network Security by Prof. D. Mukhopadhyay, Department of Computer Science and Engineering, IIT Kharagpur. For more details on NPTEL visit http://nptel.iitm.ac.in
Views: 5822 nptelhrd
Research on Side-Channel Attcks - Development of a Standard Evaluation Environment -
 
05:17
Side-channel Attacks, which attempt to compromise crypto chips by analyzing measurable physical quantities such as power consumption and electromagnetic emanation, have become an important issue in information security. Research Institute for Secure Systems (RISEC) of AIST conducts research to advance the development of countermeasures against side-channel attacks and to develop a standard evaluation environment. Research Institute for Secure Systems (RISEC) Website http://www.risec.aist.go.jp/index-en.html
Views: 309 AIST Japan
The Mechanical Cryptographer: Tolerant Algebraic Side-Channel Attacks using pseudo-Boolean Solvers
 
52:55
Machine solvers are a class of general-purpose software tools which input a set of equations and output a satisfying assignment to these equations (or a proof of unsatisfiability). Solvers are used for a variety of practical applications, from VLSI verification to transportation route planning. Recently several authors have attempted to use solvers to perform one of the most challenging tasks in modern computer science - cryptanalysis of symmetric block ciphers such as AES. To use a solver for cryptanalysis, we provide it with a known plaintext, a known ciphertext and the set of mathematical equations which use an unknown secret key to transform between the two. The solver is then expected to output the secret key which links the given plaintext and ciphertext, thus satisfying the equation set. Fortunately, solvers are not currently capable of directly attacking modern ciphers. However, the situation is drastically different when side-channel data (information leaked from the cryptographic device due to its internal structure) is introduced into the equation. This talk will introduce side-channel cryptographic attacks, survey our latest efforts in using machine solvers to attack cryptosystems, and conclude with a successful attack on the AES cipher which requires surprisingly little side-channel data and computation time. Joint work with Mathieu Renauld, Fran�ois-Xavier Standaert and Avishai Wool
Views: 98 Microsoft Research
#HITB2017AMS D1T2 - Side Channel Attacks Against iOS Crypto Libraries And More - Najwa Aaraj
 
34:26
Cryptographic primitives and protocols are typically treated as mathematical components that represent the following provable security property: theoretically secure with an established formal security proof. However, in real-world applications, provable security is more often than not weakened by the actual implementation and the properties of the device / system / Operating system on which cryptographic primitives and protocols are deployed – are often exploitable by a side-channel attacker. Side-channel attacks represent a real threat to cryptographic implementations and as a by-product to the security of a secure system overall in almost all scenarios and use cases. The focus of this research is to study side channel attacks in the context of iOS Operating System, specifically drawing a difference between side channel attacks against user and system level applications using iOS provided crypto library(ies) and those using built-in and / or third party crypto libraries. While running our experiments, we use electromagnetic emanations from the processor as side-channel information and using clock as a trigger to discern Electromagnetic traces. We then conduct Differential Power Analysis (DPA) against hardened cryptographic implementations in order to recover keys used for symmetric ciphers computations as well as schemes used for Key Exchange / Key Agreement. Electromagnetic emanations will also be used to derive information from stateful protocols execution, where elements of the EM traces Fast Fourier Transform have peak frequencies being observed. === Senior Vice President – Special Projects at DarkMatter LLC, with 12+ years experience in information and systems security. International Experience: USA, Middle East, Australia, Africa, Asia Education * Ph.D. with Highest Honors in Computer Engineering from Princeton University * Masters Degree in Computer Engineering from Princeton University * B.Eng. in Computer and Communication Engineering from American University of Beirut Employment History * Lead Senior Associate, Booz & Company, USA and Middle East * Research Staff Member, NEC Labs-Princeton University, NJ, USA * Research Staff Member, IBM T. J. Watson, NY, USA * Research Staff Member, Intel Corporation, Oregon, USA Cyber Security – Related Experience Patents: Optimizing performance of integrity monitoring; Patent number: 8949797 Analysis and design of a hardware/software trusted platform module (TPM) for embedded systems Energy and execution time analysis of a software-based trusted platform module (TPM) INVISIOS: A Lightweight, Minimally Intrusive Secure Execution Environment – A framework for defending embedded systems against software attacks Dynamic Binary Instrumentation-Based Framework for Malware Defense Hybrid Arch. for Efficient and Secure Face Authentication in Embedded Systems – Architectures for efficient face authentication in embedded systems Neighbor stranger discrimination: a new defense mechanism against DDOS attacks
Side Channels and Clouds: New Challenges in Cryptography
 
58:28
Emerging trends in computation such as cloud computing, virtualization and trusted computing require that computation be carried out in remote and hostile environments, where attackers have unprecedented access to the devices, the data and the programs. This poses new challenges for cryptography. Vinod Vaikuntanathan of the MIT/IBM T.J. Watson Research Center recently spoke at the University of Washington, sharing his recent work in solving two of these new challenges, side-channel attacks and computing on encrypted data.
Views: 3909 UW Video
Web Timing Attacks Made Practical
 
43:29
by Timothy Morgan & Jason Morgan Timing side-channel attacks are a well-known class of flaw in cryptographic systems and applications in general. While these issues have been researched for decades, the complexities involved in obtaining accurate timing measurements and performing accurate statistical analysis has prevented the average pentester from identifying and exploiting these issues on a day-to-day basis. In this paper, we build on past research to make remote timing attacks practical against modern web applications. We scrutinize both methods of data collection and statistical analysis used by previous researchers, significantly improving results in both areas. We implement an adaptive Kalman filter, which provides greater accuracy in classifying timing differences, making timing attacks more practical in congested networks and speeding up attacks in ideal conditions. As part of this research, a new open source timing attack tool suite is being released to the community.
Views: 6237 Black Hat
Recover RSA private key from public keys - rhme2 Key Server (crypto 200)
 
12:42
Using the greatest common divisor (GCD) to factorize the public modulo into the secret primes, so we can forge a RSA signature. Source for the rhme2 challenges: https://github.com/Riscure/Rhme-2016 -=[ 🔴 Stuff I use ]=- → Microphone:* https://amzn.to/2LW6ldx → Graphics tablet:* https://amzn.to/2C8djYj → Camera#1 for streaming:* https://amzn.to/2SJ66VM → Lens for streaming:* https://amzn.to/2CdG31I → Connect Camera#1 to PC:* https://amzn.to/2VDRhWj → Camera#2 for electronics:* https://amzn.to/2LWxehv → Lens for macro shots:* https://amzn.to/2C5tXrw → Keyboard:* https://amzn.to/2LZgCFD → Headphones:* https://amzn.to/2M2KhxW -=[ ❤️ Support ]=- → per Video: https://www.patreon.com/join/liveoverflow → per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join -=[ 🐕 Social ]=- → Twitter: https://twitter.com/LiveOverflow/ → Website: https://liveoverflow.com/ → Subreddit: https://www.reddit.com/r/LiveOverflow/ → Facebook: https://www.facebook.com/LiveOverflow/ -=[ 📄 P.S. ]=- All links with "*" are affiliate links. LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm. #CTF #Cryptography
Views: 40435 LiveOverflow
CCS 2016 - Prefetch Side-Channel Attacks: Bypassing SMAP and Kernel ASLR
 
26:00
Authors: Daniel Gruss, Clémentine Maurice (TU Graz), Andreas Fogh (G-Data Advanced Analytics), Moritz Lipp and Stefan Mangard (TU Graz) presented at CCS 2016 - the 23rd ACM Conference on Computer and Communications Security (Hofburg Palace Vienna, Austria / October 24-28, 2016) - organized by SBA Research
Views: 879 CCS 2016
#HITB2016AMS D2T1 - Cache Side Channel Attacks: CPU Design As A Security Problem - Anders Fogh
 
53:49
In a casual conversation with Thomas “Halvar Flake” Dullien I suggested that performance counters could be used as a software mitigation for the row hammer exploit he and Mark Seaborn had developed. Thomas encouraged me to research it and it became suggestion for a software solution for row hammer. I presented this research with Nishat Herath during Black Hat 2015. While researching row hammer I noticed that the methodology I was developing could be important in mitigating cache side channel attacks and this led me into an almost year long project researching these attacks. In this talk we’ll focus on, how the micro architectural design of modern computers enables an attacker to breach trust boundaries. Specifically we’ll focus on how the cache subsystem of modern x86 computers can be abused to gain access to private data. Cache side channel attacks have been around for years, but have had a renaissance due to the emergence of a large, shared 3rd level cache and gained relevance through the spread of cloud computing due to increase attack surface. There are many side channels possible in modern computers; however, the cache is most likely the most important due to its central position in the computer. Given that cache side channel attacks are enabled by the CPU design, software defenses become notoriously difficult and yet at the same time in many cases it becomes the only viable solution. Cache side channel attacks are relevant when an attacker already has access to the same hardware as the victim, but is stopped by local restrictions such as user privileges, virtual machines or sandboxes. At first this seems restrictive, but modern computing is full of examples of such scenarios. Virtual machines in cloud computers is the classic example and cache side channel attacks easily reach across otherwise iron clad boundaries between virtual machines. Thin clients, java script running locally on web pages or multi user systems are other common examples. Despite of modern cache side channel attacks being relatively new, many important attacks have already been demonstrated: – Exfiltration of RSA 2048 private keys from co-located VM hosted in the amazon cloud – AES key extraction – ECDSA key extraction – Spying on keyboard input – Spying on mouse cursor – Breaking KASRL (Kernel Address Space Randomization Layout) ====== Anders Fogh is a co-founder and the vice president of engineering at Protect Software GmbH. He has led numerous low level engineering efforts in the past 11 years. Prior to that he worked at VOB GmbH and Pinnacle System where he was responsible for major developments in video and CD/DVD recording software. Since 1993 he has been an avid malware hobbyist and has reverse engineering experience with operating systems from DOS to present day OSs as well as devices ranging from DVD players to USB sticks. He holds a master’s degree in economics from the University of Aarhus. He was the first to suggest a software solution to the row hammer bug and spoke at Black Hat 2015 with Nishat Herath on the topic of using performance counters for security out comes.
NDSS 2018 JavaScript Zero: Real JavaScript and Zero Side-Channel Attacks
 
22:40
NDSS 2018 Session 7A: Web Security 03 JavaScript Zero: Real JavaScript and Zero Side-Channel Attacks SUMMARY Modern web browsers are ubiquitously used by billions of users, connecting them to the world wide web. From the other side, web browsers do not only provide a unified interface for businesses to reach customers, but they also provide a unified interface for malicious actors to reach users. The highly optimized scripting language JavaScript plays an important role in the modern web, as well as for browser-based attacks. These attacks include microarchitectural attacks, which exploit the design of the underlying hardware. In contrast to software bugs, there is often no easy fix for microarchitectural attacks. We propose JavaScript Zero, a highly practical and generic fine-grained permission model in JavaScript to reduce the attack surface in modern browsers. JavaScript Zero facilitates advanced features of the JavaScript language to dynamically deflect usage of dangerous JavaScript features. To implement JavaScript Zero in practice, we overcame a series of challenges to protect potentially dangerous features, guarantee the completeness of our solution, and provide full compatibility with all websites. We demonstrate that our proof-of-concept browser extension Chrome Zero protects against 11 unfixed state-of-the-art microarchitectural and sidechannel attacks. As a side effect, Chrome Zero also protects against 50% of the published JavaScript 0-day exploits since Chrome 49. Chrome Zero has a performance overhead of 1.82% on average. In a user study, we found that for 24 websites in the Alexa Top 25, users could not distinguish browsers with and without Chrome Zero correctly, showing that Chrome Zero has no perceivable effect on most websites. Hence, JavaScript Zero is a practical solution to mitigate JavaScript-based state-of-the-art microarchitectural and side-channel attacks. SLIDES http://wp.internetsociety.org/ndss/wp-content/uploads/sites/25/2018/03/NDSS2018_07A-3_Schwarz_Slides.pdf PAPER http://wp.internetsociety.org/ndss/wp-content/uploads/sites/25/2018/02/ndss2018_07A-3_Schwarz_paper.pdf SLIDES http://wp.internetsociety.org/ndss/wp-content/uploads/sites/25/2018/03/NDSS2018_07A-3_Schwarz_Slides.pdf AUTHORS Michael Schwarz (Graz University of Technology) Moritz Lipp (Graz University of Technology) Daniel Gruss (Graz University of Technology) Network and Distributed System Security (NDSS) Symposium 2018, 18-21 February 2018, Catamaran Resort Hotel & Spa in San Diego, California. https://www.ndss-symposium.org/ndss2018/programme/ ABOUT NDSS The Network and Distributed System Security Symposium (NDSS) fosters information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies. https://www.ndss-symposium.org/ #NDSS #NDSS18 #NDSS2018 #InternetSecurity
Views: 657 NDSS Symposium
Cryptographic Side Channels and Gotchas
 
46:41
Luke Teyssier is interested in broken things and finding creative ways to fix them. Its lead him to a career of research, and teaching, in malware and security. In this presentation, Luke does his best to make the complex topic of cryptography accessible to the average security engineer. This talk for SFAndroid takes a side-avenue approach to explore topics in cryptography, mobile security, and Android. If you have some catching up to do, no problem, Luke gives background information on the topics he covers before delving into more esoteric language and hypothetical threats. **If you're ready for more Android, stop by our site to explore pages of content and videos: http://marakana.com/s/tags/android
Views: 1110 InfoQ
Cache side-channel attack on virtualised infrastructure
 
03:41
The following video demonstrates a cache side-channel attack extracting the secret RSA key of a web server on a virtual infrastructure. There are three virtual machines in the demonstration: a web server which is the target of the attack, a web client which repeatedly connects to the server and the attacker's virtual machine. The attacker's VM is located on the same physical machine as the web server while the client may be a remote machine, and may be operated by the attacker. The demo begins by starting the web server and the web client. Communication between them is protected by TLS. The client repeatedly connects to the server and the server accepts the requested connections. The interesting action will take place in the attacker's virtual machine and the demonstration focuses on it. The attacker maps the cache - this means finding enough memory addresses in its memory space to fill as many of the 8192 sets of the cache as possible. The attacker goes over every set and compares its activity to the expected activity of sets that are involved in the RSA decryption operation. During the RSA decryption operation the attacker manages to take several samples for each bit in the RSA private key. The samples are expected to be slightly different depending on whether the bit is zero or one. However, due to noise, a single sequence of samples is insufficient to deduce the key correctly, thus we use many samples. Finally, we obtain the correct key. MIKELANGELO is a project, funded by European Union under the H2020 research and innovation programme. Contract number: 645402. Contacts: Niv Gilboa, Gabriel Scalosub MIKELANGELO project http://www.mikelangelo-project.eu CREDITS Produced by Daniel Vladušič - [email protected] Music - Haus Guest, Gunnar Olsen
Views: 363 MIKELANGELO project
NDSS 2018 - KeyDrown: Eliminating Software-Based Keystroke Timing Side-Channel Attacks
 
18:55
Session 4B: Software Attacks and Secure Architectures 01 KeyDrown: Eliminating Software-Based Keystroke Timing Side-Channel Attacks SUMMARY Besides cryptographic secrets, software-based sidechannel attacks also leak sensitive user input. The most accurate attacks exploit cache timings or interrupt information to monitor keystroke timings and subsequently infer typed words and sentences. These attacks have also been demonstrated in JavaScript embedded in websites by a remote attacker. We extend the stateof-the-art with a new interrupt-based attack and the first Prime+ Probe attack on kernel interrupt handlers. Previously proposed countermeasures fail to prevent software-based keystroke timing attacks as they do not protect keystroke processing through the entire software stack. We close this gap with KeyDrown, a new defense mechanism against software-based keystroke timing attacks. KeyDrown injects a large number of fake keystrokes in the kernel, making the keystroke interrupt density uniform over time, i.e., independent of the real keystrokes. All keystrokes, including fake keystrokes, are carefully propagated through the shared library to make them indistinguishable by exploiting the specific properties of software-based side channels. We show that attackers cannot distinguish fake keystrokes from real keystrokes anymore and we evaluate KeyDrown on a commodity notebook as well as on Android smartphones. We show that KeyDrown eliminates any advantage an attacker can gain from using software-based sidechannel attacks. SLIDES http://wp.internetsociety.org/ndss/wp-content/uploads/sites/25/2018/03/NDSS2018_04B-1_Schwarz_Slides.pdf PAPER https://www.ndss-symposium.org/wp-content/uploads/sites/25/2018/02/ndss2018_04B-1_Schwarz_paper.pdf AUTHORS Michael Schwarz (Graz University of Technology) Moritz Lipp (Graz University of Technology) Daniel Gruss (Graz University of Technology) Samuel Weiser (Graz University of Technology) Clementine Maurice (Univ. Rennes, CNRS, IRISA) Raphael Spreitzer (Graz University of Technology) Stefan Mangard (Graz University of Technology) Network and Distributed System Security (NDSS) Symposium 2018, 18-21 February 2018, Catamaran Resort Hotel & Spa in San Diego, California. https://www.ndss-symposium.org/ndss2018/programme/ ABOUT NDSS The Network and Distributed System Security Symposium (NDSS) fosters information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies. https://www.ndss-symposium.org/ #NDSS #NDSS18 #NDSS2018 #InternetSecurity
Views: 124 NDSS Symposium
Side-Channel Analysis - 11/05/2013 Part 2
 
13:24
Side-Channel Analysis By, Mostafa Taha: PhD student in the Secure Embedded Systems lab of Virginia Tech Abstract: Side-Channel Analysis is a collective term for passive non-invasive implementation attacks. It refers to the process by which, an adversary exploits any unintentional output of a cryptographic module to reveal secret information about that module. Unintentional outputs, also called side-channel outputs, include power consumption, electromagnetic radiation, execution time, and others. In this presentation, we will explore the world of embedded security, and side-channel analysis. We will start with the introduction and motivation to this research field. Then, we will focus on two cryptographic algorithms, AES as a block cipher, and Keccak as a hashing function. We will show some recent work on the attack side and the protection side of both algorithms
Views: 98 VT-MENA Seminar
Linear Repairing Codes and Side Channel Attacks
 
23:41
Paper by Hervé Chabanne and Houssem Maghrebi and Emmanuel Prouff, presented at CHES 2018. See https://www.iacr.org/cryptodb/data/paper.php?pubkey=28970
Views: 21 TheIACR
What Is Side Channel Attack & How It Works - Full Detail 🔥
 
07:55
Hello Guys !! In this video I will be talking about side channel attack by hackers to compromise a physical system by implementing a computer system to monitor various things of the system including time ,power consumption, electromagnetic radiation and even sound. You can save your system by attackers if you have knowledge of this attack. =================================== Our Website To Learn Cyber Security : https://technicalnavigator.in =================================== ============================================= ▶ Stay Safe On Internet ▶ Stay Legal Always ▶ Videos Of Ethical Hacking, Tips n Tricks, Cyber Security & Technology. ============================================== ---------CONNECT WITH ME-------------- ♥️ Twitter - https://goo.gl/wsmezo ♥️ Facebook Page - https://goo.gl/NSdiAa ♥️ Instagram - https://goo.gl/RRxMbk ♥️ Instagram TV - https://goo.gl/qXRmva ♥️ Telegram Channel - https://t.me/technicalnavigator ♥️ Telegram Group - https://t.me/TN_Family --------------------------------------------------------------------------------------------- Note : ALL THE IMAGES/PICTURES SHOWN IN THE VIDEO BELONGS TO THE RESPECTED OWNERS AND NOT ME.. I AM NOT THE OWNER OF ANY PICTURE/IMAGE SHOWN IN THE VIDEO -------------------------------------------------------------------------------------------- DISCLAIMER : THIS VIDEO IS FOR EDUCATIONAL PURPOSE ONLY. Please do not use this method for illegal or malicious activities because hacking is crime.if you do this then it's can land you in jail. Copyright Disclaimer Under Section 107 of the Copyright Act 1976, allowance is made for "fair use" for purposes such as criticism, comment, news reporting, teaching, scholarship, and research. Fair use is a use permitted by copyright statute that might otherwise be infringing. Non-profit, educational or personal use tips the balance in favor of fair use.
Views: 1093 Technical Navigator
RuhrSec 2017: "A new categorization system for Side-channel attacks on mo...", Dr. Veelasha Moonsamy
 
33:51
Side-channel attacks on mobile devices have gained increasing attention since their introduction in 2007. While traditional side-channel attacks, such as power analysis attacks and electromagnetic analysis attacks, required physical presence of the attacker as well as expensive equipment, an (unprivileged) application is all it takes to exploit the leaking information on modern mobile devices. Given the vast amount of sensitive information that are stored on smartphones, the ramifications of side-channel attacks affect both the security and privacy of users and their devices. In this talk, I will begin with an overview of existing side-channel attacks on mobile devices and argue for the need of a new categorization system as side-channel attacks have evolved significantly since their introduction during the smartcard era. I will explain how our proposed categorization system will help to facilitate the development of novel countermeasures and provide insights into possible future research directions. In the second part of my talk, I will present our latest work on how an adversary can exploit side-channel information, in this case power from the phone battery, to maliciously control a public charging station in order to exfiltrate data from a smartphone via a USB charging cable (i.e. without using the data transfer functionality).
Views: 257 Hackmanit GmbH
MIT develops RFID Chip that prevents Side-Channel attacks
 
03:13
Researchers at MIT and Texas Instruments have developed a new type of radio frequency identification (RFID) chip that is virtually impossible to hack. If such chips were widely adopted, it could mean that an identity thief couldn’t steal your credit card number or key card information by sitting next to you at a café, and high-tech burglars couldn’t swipe expensive goods from a warehouse and replace them with dummy tags. Texas Instruments has built several prototypes of the new chip, to the researchers’ specifications, and in experiments the chips have behaved as expected. The researchers presented their research this week at the International Solid-State Circuits Conference, in San Francisco. The chip is designed to prevent so-called side-channel attacks. Side-channel attacks analyze patterns of memory access or fluctuations in power usage when a device is performing a cryptographic operation, in order to extract its cryptographic key. One way to prevent side-channel attacks is to regularly change secret keys. In that case, the RFID chip would run a random-number generator that would spit out a new secret key after each transaction. A central server would run the same generator, and every time an RFID scanner queried the tag, it would relay the results to the server, to see if the current key was valid. Such a system would still, however, be vulnerable to a “power glitch” attack, in which the RFID chip’s power would be repeatedly cut right before it changed its secret key. An attacker could then run the same side-channel attack thousands of times, with the same key. Power-glitch attacks have been used to avoid limits on the number of incorrect password entries in password-protected devices, but RFID tags are particularly vulnerable to them, since they’re charged by tag readers and have no onboard power supplies. Two design innovations allow the MIT researchers’ chip to prevent power-glitch attacks: One is an on-chip power supply whose connection to the chip circuitry would be virtually impossible to cut, and the other is a set of “nonvolatile” memory cells that can store whatever data the chip is working on when it begins to lose power. For both of these features, the researchers use a special type of material known as a ferroelectric crystals. Because the chip has to charge capacitors and complete computations every time it powers on, it’s somewhat slower than conventional RFID chips. But in tests, the researchers found that they could get readouts from their chips at a rate of 30 per second, which should be more than fast enough for most RFID applications. This research is an important step toward the goal of a robust, low-cost, low-power authentication protocol for the industrial Internet. News Source: http://news.mit.edu/2016/hack-proof-rfid-chips-0203
USENIX Security '17 - Strong and Efficient Cache Side-Channel Protection...
 
28:22
Strong and Efficient Cache Side-Channel Protection using Hardware Transactional Memory Daniel Gruss, Graz University of Technology, Graz, Austria; Julian Lettner, University of California, Irvine, USA; Felix Schuster, Olya Ohrimenko, Istvan Haller, and Manuel Costa, Microsoft Research, Cambridge, UK Cache-based side-channel attacks are a serious problem in multi-tenant environments, for example, modern cloud data centers. We address this problem with Cloak, a new technique that uses hardware transactional memory to prevent adversarial observation of cache misses on sensitive code and data. We show that Cloak provides strong protection against all known cache-based side-channel attacks with low performance overhead. We demonstrate the efficacy of our approach by retrofitting vulnerable code with Cloak and experimentally confirming immunity against state-of-the-art attacks. We also show that by applying Cloak to code running inside Intel SGX enclaves we can effectively block information leakage through cache side channels from enclaves, thus addressing one of the main weaknesses of SGX. View the full program: https://www.usenix.org/sec17/program
Views: 460 USENIX
Higher-Order Side Channel Security and Mask Refreshing
 
22:50
Talk at FSE 2013. Jean-Sébastien Coron and Emmanuel Prouff and Matthieu Rivain and Thomas Roche. See http://www.iacr.org/cryptodb/data/paper.php?pubkey=25045
Views: 196 TheIACR
MQP Demo 2013 - Side-channel Attacks
 
01:22
MQP Demo 2013 - Side-channel Attacks Anh, Aung, Soe
Views: 157 Anh Do
Side Channel Attacks on Post Quantum Signature Schemes based on Multivariate Quadratic Equation
 
16:13
Paper by Aesun Park, Kyung-Ah Shim, Namhun Koo, Dong-Guk Han, presented at CHES 2018. See https://tches.iacr.org/index.php/TCHES/article/view/7284
Views: 51 TheIACR
ACM CCS 2017 - Cache Side Channels: State of the Art and Research Opportunities - Yinqian Zhang
 
01:31:45
Presented by Yinqian Zhang. October 31st, 2017. © 2017 ACM, Inc. All Rights Reserved. www.acm.org
Amir Herzberg - Cross-site Search Attacks: Practical Side-channel Privacy Attacks... [27 Jul 2015]
 
58:46
This talk is part of the CrySP Speaker Series on Privacy. For more information and to view other talks in the series, go to: https://crysp.uwaterloo.ca/speakers/ Cross-site Search Attacks: Practical Side-channel Privacy Attacks on Web Services Amir Herzberg, Bar Ilan University July 27, 2015 Abstract: Cross-site search (XS-search) attacks circumvent the same-origin policy and extract sensitive information, by using the time it takes for the browser to receive responses to search queries. This side-channel is usually considered impractical, due to the limited attack duration and high variability of delays. This may be true for naive XS-search attacks; however, we show that the use of better tools facilitates effective XS-search attacks, exposing information efficiently and precisely. We present and evaluate three types of tools: (1) appropriate statistical tests, (2) amplification of the timing side-channel, by `inflating' communication or computation, and (3) optimized, tailored divide-and-conquer algorithms, to identify terms from large `dictionaries'. These techniques may be applicable in other scenarios. We implemented and evaluated the attacks against the popular Gmail and Bing services, in several environments and ethical experiments, taking careful, IRB-approved measures to avoid exposure of personal information. Try a demo of the attack that efficiently extracts the name of authenticated Gmail user online in http://xssearch.weebly.com/. Joint work with Nethanel Gelernter. Bio: Prof. Amir Herzberg is a tenured professor in the department of computer science, Bar Ilan university. He received B.Sc. (1982, Computer Engineering), M.Sc. (1987, Electrical Engineering) and D.Sc. (1991, Computer Science), all from the Technion, Israel. His current research interests include Network security, Applied cryptography, Privacy, anonymity and covert communication, Cyber-security, Usable security and social-engineering attacks, Financial cryptography, Trust management, Network protocols and distributed algorithms, Security of and using new network paradigms. He filled research and management positions in IBM Research, Israeli Defense Forces and several companies, and is consulting when time allows.
On the Feasibility of Side-Channel Attacks with Brain-Computer Interfaces
 
31:59
From USENIX Security '12 Ivan Martinovic, University of Oxford; Doug Davies, Mario Frank, and Daniele Perito, University of California, Berkeley; Tomas Ros, University of Geneva; Dawn Song, University of California, Berkeley
Views: 476 USENIX
Horizontal Side Channel Attacks and Countermeasures on the ISW Masking Scheme
 
21:19
Alberto Battistello and Jean-Sébastien Coron and Emmanuel Prouff and Rina Zeitoun, CHES 2016. See http://www.iacr.org/cryptodb/data/paper.php?pubkey=27843
Views: 315 TheIACR
Acoustic Side Channel Attack - Additive Manufacturing (3D-Printer)
 
03:01
Our Technical paper can be found below: M. A. Al Faruque, S. Chhetri, A. Canedo, J. Wan, "Acoustic Side-Channel Attacks on Additive Manufacturing Systems", in the ACM/IEEE International Conference on Cyber-Physical Systems (ICCPS'16), Vienna, Austria, April, 2016 Visit our research page in: http://aicps.eng.uci.edu/research.htm
Views: 9723 AICPS
Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems
 
16:55
Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems Yuanzhong Xu Presented at the 2015 IEEE Symposium on Security & Privacy May 18--20, 2015 San Jose, CA http://www.ieee-security.org/TC/SP2015/ ABSTRACT The presence of large numbers of security vulnerabilities in popular feature-rich commodity operating systems has inspired a long line of work on excluding these operating systems from the trusted computing base of applications, while retaining many of their benefits. Legacy applications continue to run on the untrusted operating system, while a small hyper visor or trusted hardware prevents the operating system from accessing the applications' memory. In this paper, we introduce controlled-channel attacks, a new type of side-channel attack that allows an untrusted operating system to extract large amounts of sensitive information from protected applications on systems like Overshadow, Ink Tag or Haven. We implement the attacks on Haven and Ink Tag and demonstrate their power by extracting complete text documents and outlines of JPEG images from widely deployed application libraries. Given these attacks, it is unclear if Over shadow's vision of protecting unmodified legacy applications from legacy operating systems running on off-the-shelf hardware is still tenable.
Covert Channels
 
08:02
Cyber Attack Countermeasures Module 1 Cyber Security Safeguards Learning Objectives • Recognize the three basic types of cyber security safeguards • Describe early cyber security modeling including the reference model • Describe the fundamental roles of the Orange Book and TCB in cyber security • Summarize the basics of the Bell-LaPadula and Biba models for cyber security • Examine covert channels and the disclosure challenges they introduce • Recognize information flow models based on subject-object-action • Review hook-up security and non-composability of disclosure properties
Views: 376 intrigano
WHEN TCP MEETS SIDE CHANNEL -  Dr.Zhiyun Qian
 
30:04
Abstract: In GeekPwn2016 Mid-year Contest(2016.geekpwn.org), doctoral student Cao Yue of Dr.Zhiyun Qian showed ‘TCP hijacking’ attack. This attack can pop up a fishing web page and steal user’s password. This vulnerability in TCP/IP stack exists in almost all Android and Linux editions. Explained by Cao Yue, this vulnerability is found by his director, Mr. Qian found this vulnerability by reviewing Linux kernel source code. Speaker: Dr. Zhiyun Qian Dr. Zhiyun Qian is an assistant professor at University of California, Riverside. His research interest is on system and network security, including vulnerability discovery, Internet security (e.g., TCP/IP), Android security, side channels. He has published more than a dozen papers at the top security conferences including IEEE Security & Privacy, ACM CCS, USENIX Security, and NDSS. His work has resulted in real-world impact with security patches applied in Linux kernel, Android, and firewall products. His work on TCP side channel attacks won the most creative idea award at GeekPwn 2016. His research is currently supported by 10+ grants and gifts (including the NSF CAREER Award).
Views: 151 GeekPwn Keen
HAR 2009: Side channel analysis on embedded systems 5/6
 
09:49
Clip 5 Speaker: Job de Haas The presentation briefly introduces the state of the art analysis techniques used on smart cards today. Further, we define the types of embedded systems that these attacks may apply to. Then we illustrate the differences and commonalities of side channel analysis on smart cards and embedded systems. For more information go to: https://har2009.org/program/events/132.en.html
Views: 82 Christiaan008
Return-Oriented Flush-Reload Side Channels on ARM and Their Implications for Android Devices
 
27:27
Authors: Xiaokuan Zhang, Yuan Xiao and Yinqian Zhang (The Ohio State University) presented at CCS 2016 - the 23rd ACM Conference on Computer and Communications Security (Hofburg Palace Vienna, Austria / October 24-28, 2016) - organized by SBA Research
Views: 335 CCS 2016

Vivanza 20mg citalopram
100 mcg synthroid dosage too high
Amitriptyline hcl 100mg elavil barr
How to take prednisolone 5mg soluble tablets
Viroxyn generic cymbalta