Fuzzing+Hardware Performance Counters-Based Detection of Algorithm Subversion Attacks on Postquantum Signature Schemes

نویسندگان

چکیده

NIST is standardizing Post Quantum Cryptography (PQC) algorithms that are resilient to the computational capability of quantum computers. Past works show malicious subversion with cryptographic software (algorithm attacks) weaken implementations. We PQC digital signature codes can be subverted in line previously reported flawed implementations generate verifiable, but less-secure signatures, demonstrating risk such attacks. Since, all processors have built-in Hardware Performance Counters (HPCs), there exists a body work proposing low-cost Machine Learning (ML)-based integrity checking using HPC fingerprints. However, HPC-based approaches may not detect codes. A miniscule percentage qualitative inputs when applied improve this accuracy 98%. propose grey-box fuzzing as pre-processing step obtain aid method.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

SIGDROP: Signature-based ROP Detection using Hardware Performance Counters

Return-Oriented Programming (ROP) is a software exploit for system compromise. By chaining short instruction sequences from existing code pieces, ROP can bypass static code-integrity checking approaches and non-executable page protections. Existing defenses either require access to source code or binary, a customized compiler or hardware modifications, or suffer from high performance and storag...

متن کامل

Lattice Attacks on Digital Signature Schemes

We describe a lattice attack on the Digital Signature Algorithm (DSA) when used to sign many messages, mi, under the assumption that a proportion of the bits of each of the associated ephemeral keys, yi, can be recovered by alternative techniques.

متن کامل

On the Performance of Signature Schemes Based on Elliptic Curves

This paper describes a fast software implementation of the elliptic curve version of DSA, as specified in draft standard documents ANSI X9.62 and IEEE P1363. We did the implementations for the fields GF(2), using a standard basis, and GF(p). We discuss various design decisions that have to be made for the operations in the underlying field and the operations on elliptic curve points. In particu...

متن کامل

Real time detection of cache-based side-channel attacks using hardware performance counters

In this paper we analyze three methods to detect cache-based side-channel attacks in real time, preventing or limiting the amount of leaked information. Two of the three methods are based on machine learning techniques and all the three of them can successfully detect an attacker in about one fifth of the time required to complete the attack. There were no false positives in our test environmen...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

ژورنال

عنوان ژورنال: IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems

سال: 2023

ISSN: ['1937-4151', '0278-0070']

DOI: https://doi.org/10.1109/tcad.2022.3159749