Fuzzing+Hardware Performance Counters-Based Detection of Algorithm Subversion Attacks on Postquantum Signature Schemes
نویسندگان
چکیده
NIST is standardizing Post Quantum Cryptography (PQC) algorithms that are resilient to the computational capability of quantum computers. Past works show malicious subversion with cryptographic software (algorithm attacks) weaken implementations. We PQC digital signature codes can be subverted in line previously reported flawed implementations generate verifiable, but less-secure signatures, demonstrating risk such attacks. Since, all processors have built-in Hardware Performance Counters (HPCs), there exists a body work proposing low-cost Machine Learning (ML)-based integrity checking using HPC fingerprints. However, HPC-based approaches may not detect codes. A miniscule percentage qualitative inputs when applied improve this accuracy 98%. propose grey-box fuzzing as pre-processing step obtain aid method.
منابع مشابه
SIGDROP: Signature-based ROP Detection using Hardware Performance Counters
Return-Oriented Programming (ROP) is a software exploit for system compromise. By chaining short instruction sequences from existing code pieces, ROP can bypass static code-integrity checking approaches and non-executable page protections. Existing defenses either require access to source code or binary, a customized compiler or hardware modifications, or suffer from high performance and storag...
متن کاملLattice Attacks on Digital Signature Schemes
We describe a lattice attack on the Digital Signature Algorithm (DSA) when used to sign many messages, mi, under the assumption that a proportion of the bits of each of the associated ephemeral keys, yi, can be recovered by alternative techniques.
متن کاملOn the Performance of Signature Schemes Based on Elliptic Curves
This paper describes a fast software implementation of the elliptic curve version of DSA, as specified in draft standard documents ANSI X9.62 and IEEE P1363. We did the implementations for the fields GF(2), using a standard basis, and GF(p). We discuss various design decisions that have to be made for the operations in the underlying field and the operations on elliptic curve points. In particu...
متن کاملReal time detection of cache-based side-channel attacks using hardware performance counters
In this paper we analyze three methods to detect cache-based side-channel attacks in real time, preventing or limiting the amount of leaked information. Two of the three methods are based on machine learning techniques and all the three of them can successfully detect an attacker in about one fifth of the time required to complete the attack. There were no false positives in our test environmen...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems
سال: 2023
ISSN: ['1937-4151', '0278-0070']
DOI: https://doi.org/10.1109/tcad.2022.3159749