skip to main content

Search for: All records

Creators/Authors contains: "Schaumont, Patrick"

Note: When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher. Some full text articles may not yet be available without a charge during the embargo (administrative interval).
What is a DOI Number?

Some links on this page may take you to non-federal websites. Their policies may differ from this site.

  1. Side-channel attacks that leak sensitive information through a computing device's interaction with its physical environment have proven to be a severe threat to devices' security, particularly when adversaries have unfettered physical access to the device. Traditional approaches for leakage detection measure the physical properties of the device. Hence, they cannot be used during the design process and fail to provide root cause analysis. An alternative approach that is gaining traction is to automate leakage detection by modeling the device. The demand to understand the scope, benefits, and limitations of the proposed tools intensifies with the increase in the number of proposals. In this SoK, we classify approaches to automated leakage detection based on the model's source of truth. We classify the existing tools on two main parameters: whether the model includes measurements from a concrete device and the abstraction level of the device specification used for constructing the model. We survey the proposed tools to determine the current knowledge level across the domain and identify open problems. In particular, we highlight the absence of evaluation methodologies and metrics that would compare proposals' effectiveness from across the domain. We believe that our results help practitioners who want to use automated leakagemore »detection and researchers interested in advancing the knowledge and improving automated leakage detection.« less
    Free, publicly-accessible full text available May 30, 2023
  2. Motivated by the rise of quantum computers, existing public-key cryptosystems are expected to be replaced by post-quantum schemes in the next decade in billions of devices. To facilitate the transition, NIST is running a standardization process which is currently in its final Round. Only three digital signature schemes are left in the competition, among which Dilithium and Falcon are the ones based on lattices. Besides security and performance, significant attention has been given to resistance against implementation attacks that target side-channel leakage or fault injection response. Classical fault attacks on signature schemes make use of pairs of faulty and correct signatures to recover the secret key which only works on deterministic schemes. To counter such attacks, Dilithium offers a randomized version which makes each signature unique, even when signing identical messages. In this work, we introduce a novel Signature Correction Attack which not only applies to the deterministic version but also to the randomized version of Dilithium and is effective even on constant-time implementations using AVX2 instructions. The Signature Correction Attack exploits the mathematical structure of Dilithium to recover the secret key bits by using faulty signatures and the public-key. It can work for any fault mechanism which can inducemore »single bit-flips. For demonstration, we are using Rowhammer induced faults. Thus, our attack does not require any physical access or special privileges, and hence could be also implemented on shared cloud servers. Using Rowhammer attack, we inject bit flips into the secret key s1 of Dilithium, which results in incorrect signatures being generated by the signing algorithm. Since we can find the correct signature using our Signature Correction algorithm, we can use the difference between the correct and incorrect signatures to infer the location and value of the flipped bit without needing a correct and faulty pair. To quantify the reduction in the security level, we perform a thorough classical and quantum security analysis of Dilithium and successfully recover 1,851 bits out of 3,072 bits of secret key $s_{1}$ for security level 2. Fully recovered bits are used to reduce the dimension of the lattice whereas partially recovered coefficients are used to to reduce the norm of the secret key coefficients. Further analysis for both primal and dual attacks shows that the lattice strength against quantum attackers is reduced from 2128 to 281 while the strength against classical attackers is reduced from 2141 to 289. Hence, the Signature Correction Attack may be employed to achieve a practical attack on Dilithium (security level 2) as proposed in Round 3 of the NIST post-quantum standardization process.« less
    Free, publicly-accessible full text available June 1, 2023
  3. As continuous health monitoring and treatment outside of the traditional clinical environment has become of interest to healthcare providers and governments, the manufacturers of miniaturized wireless biomedical devices have sought to facilitate this idea. Much research has been devoted to smart-and-connected health technologies of various form factors including injectables, implantables, ingestibles, and wearables. Such devices are constrained in physical size, power-consumption budget, storage capacity, and computing power. Yet, they handle sensitive, private information and require trust as they directly affect the health of the patient by means of stimulation and/or drug delivery. In this work, we discuss the role of security as a fundamental component of these devices. We propose a generic layered model to support lightweight and cost-effective implementation of data security and protection mechanisms against possible attacks.
  4. Intermittent computing applications in the IoT space, such as long-term monitoring of the structural integrity of infrastructures, rely on battery-less computing systems powered through scavenged energy. For such systems, power-loss is a fact of life, and there is a need for a secure power transition mechanism to convert the active system state into a protected nonvolatile form and back. We evaluate the architectural needs to secure these power transitions and to adapt computations based on the scavenged energy. Our objective is to enforce confidentiality, integrity, freshness, and authenticity over the system state across power loss. We observe that secure power transitions are delicate and complex. We need secure checkpoints which are expensive to compute, and which may require hardware-accelerated cryptography and isolated secure non-volatile storage. Next, we observe that in intermittent systems, the energy subsystem does not adapt to the needs of the application. Rather, the application must adjust its computing pattern to the available energy. We define an energy-harvester subsystem interface to optimize the run-time activity of the intermittent system. The interface drives the optimized execution of a secure communication protocol (covering key-exchange and bulk encryption), such that wasted energy is eliminated and that run-time performance is improved. Wemore »report results from several prototyping experiments.« less