We discuss the first power and timing side channels on Strong Physical Unclonable Functions (Strong PUFs) in the literature, and describe their efficient exploitation via adapted machine learning (ML) techniques. Our method is illustrated by the example of the two currently most secure (CCS 2010, IEEE T-IFS 2013) electrical Strong PUFs, so-called XOR Arbiter PUFs and Lightweight PUFs. It allows...

As a widely used block cipher, AES has been the target of many attacks, including side-channel attacks. Masking is a countermeasure to mitigate side-channel attacks by hiding the intermediate values used in cryptographic algorithms with random values. However, the masking scheme, especially high-order masking, has large overhead. In this paper we study efficient implementations of the higher-or...

Attacks by drones (i.e., unmanned combat air vehicles) continue to generate heated political and ethical debates. Here we examine the quantitative nature of drone attacks, focusing on how their intensity and frequency compare with that of other forms of human conflict. Instead of the power-law distribution found recently for insurgent and terrorist attacks, the severity of attacks is more akin ...

Timing attacks exploit a loophole that allows any website to deduce confidential information f rom a web user visiting the website by peeping into the user’s Internet cache or DNS resolver cache. Any unscrupulous attacker can also insert ‘cache cookies’ into the user’s Internet cache. The solutions, which have been proposed so far, are disabling the caches, the java script, java and domain tagg...

Low-latency anonymous communication protocols in general, and the popular onion-routing protocol in particular, are broken against simple timing attacks. While there have been few proposed solutions to this problem when the adversary is active, several padding schemes have been proposed to defend against a passive adversary that just observes timing patterns. Unfortunately active adversaries ca...

The security and reliability of GPS receivers are critical to Phasor Measurement Units (PMUs). These devices provide synchronized voltage and current phasor measurements in power systems based on GPS timing. However, due to the unencrypted nature and low received signal to noise ratio of civil GPS signals, jamming and spoofing attacks on GPS receivers can pose a risk to both the position and ti...

Cache attacks exploit memory access patterns of cryptographic implementations. Constant-Time implementation techniques have become an indispensable tool in fighting cache timing attacks. These techniques engineer the memory accesses of cryptographic operations to follow a uniform key independent pattern. However, the constant-time behavior is dependent on the underlying architecture, which can ...

Side channels and covert channels can give untrusted applications access to the trusted and sensitive data in order to retrieve private information.. In this poster, we present a countermeasure called the Smartflush against cache-based Side Channel Attacks (SCAs). The Smartflush is a quick-patch countermeasure proposed to counter timing attacks that exploit inclusive caches in Intel’s x86 archi...