Ultra-reliable low-latency communication (URLLC) in 5G networks is designed to support time-critical applications such as industrial control systems (ICSs), where user equipment (UEs) communicate with a base station (BS) very high reliability and low latency. Most of these communications ICSs are periodic associated hard deadlines. To provide reliable service while satisfying the deadlines, BS ...

We investigate side-channel attacks where the attacker only needs the Hamming weights of several secret exponents to guess a longterm secret. Such weights can often be recovered by SPA, EMA, or simply timing attack. We apply this principle to propose a timing attack on the GPS identification scheme. We consider implementations of GPS where the running time of the exponentiation (commitment phas...

Current Voice over IP (VoIP) services are regarded less secure than the traditional public switched telephone network (PSTN). This is due to the fact that VoIP services are frequently deployed in an relatively open environment, so that VoIP infrastructures can be easily accessed by potential attackers. Furthermore, current VoIP services heavily rely on other public Internet infrastructures shar...

Hardware specialization in the form of accelerators offer significant improvement in performance and energy efficiency compared to general-purpose processors. However, there is usually a lack of security guarantees by the existing hardware design methodologies. In this report, we show that shared hardware accelerators are vulnerable to timing channel attacks and can leak sensitive information. ...

Cross origin request attacks (CORA) such as Cross site request forgery (CSRF), cross site timing, etc. continue to pose a threat on the modern day web. Current browser security policies inadequately mitigate these attacks. Additionally, third party authentication services are now the preferred way to carry out identity management between multiple enterprises and web applications. This scenario,...

The Montgomery multiplication is commonly used as the core algorithm for cryptosystems based on modular arithmetic. With the advent of new classes of attacks (timing attacks, power attacks), the implementation of the algorithm should be carefully studied to thwart those attacks. Recently, Colin D. Walter proposed a constant time implementation of this algorithm [17,18]. In this paper, we propos...

This paper will attempt to explain some of the side-channel attack techniques in a fashion that is easily comprehensible by the layman. What follows is a presentation of three different attacks (power, timing and fault attacks) that can be carried out on cryptographic devices such as smart-cards. For each of the three attacks covered, a puzzle and it‘s solution will be given, which will act as ...

Many operators of cellphone networks now offer location-based services to their customers, whereby an operator often outsources service provisioning to a third-party provider. Since a person’s location could reveal sensitive information about the person, the operator must ensure that the service provider processes location information about the operator’s customers in a privacy-preserving way. ...

We develop a new notion of security against timing attacks where the attacker is able to simultaneously observe the execution time of a program and the probability of the values of low variables. We then show how to measure the security of a program with respect to this notion via a computable estimate of the timing leakage and use this estimate for cost optimisation.