in addition to Francesco Regazzoni (UCL in addition to Alari) Philip Brisk (UC Riverside, USA) Françoi

in addition to Francesco Regazzoni (UCL in addition to Alari) Philip Brisk (UC Riverside, USA) Françoi www.phwiki.com

in addition to Francesco Regazzoni (UCL in addition to Alari) Philip Brisk (UC Riverside, USA) Françoi

Flores, Marco, News Director has reference to this Academic Journal, PHwiki organized this Journal in addition to Francesco Regazzoni (UCL in addition to Alari) Philip Brisk (UC Riverside, USA) François-Xavier St in addition to aert (UCL, Belgium) Paolo Ienne (EPFL, Switzerl in addition to ) A First Step Towards Automatic Application of Power Analysis Countermeasures Ali Galip Bayrak EPFL, Switzerl in addition to June 7th, 2011 Side-Channel Attacks Plaintext (e.g., “Encrypt me”) Secret Key (e.g., “I’m unknown”) Ciphertext (e.g., “aB14t752s”) Cryptographic Algorithm Leakage (power consumption, EM radiation, timing etc.) Power Analysis Attacks

Harris-Stowe State University US www.phwiki.com

This Particular University is Related to this Particular Journal

Motivation ATTACK! COUNTERMEASURE! VS PROBLEM: They are h in addition to led manually!!! Software Implementation Analyze the algorithm Determine the weaknesses Apply the countermeasure Protected Implementation Automatic Protection Flow Step I: In as long as mation Leakage Analysis Main point: Determine the leaking parts of the software! Normalized Mutual In as long as mation of Key in addition to Leakage

Step II: Trans as long as mation Target Identification Global Modifications: Protect all the nodes between two sensitive nodes. Masking Main point: Determine the portions of the implementation that need to be protected! Local Modifications: Protect each sensitive instruction (peephole optimization). R in addition to om Precharging (used here) sbci r28,0xfd ld r25,r28:r29 movw r18,r26 subi r18,0x4f sbci r19,0xfd movw r28,r18 ld r30,r28:r29 Step III: Code Trans as long as mation sbci r28,0xfd ld r25,r28:r29 movw r18,r26 subi r18,0x4f sbci r19,0xfd movw r28,r18 ld r30,r28:r29 sbci r28,0xfd lds r25,rnd mov r24,r25 ld r25,r28:r29 movw r18,r26 subi r18,0x4f Main point: Apply the given protection on the determined portions of the implementation! Experimental Results (Security) = 0.437 = 0.048 Correlation values as long as unprotected in addition to protected implementations are shown. Number of necessary traces to mount a successful attack increases over 76 times. Advanced Encryption St in addition to ard (AES) is used. Traces are collected from board with 8-bit AVR MCU. Correlation-based DPA attack is used as long as attack.

Experimental Results (Per as long as mance) of clock cycles during the execution of three different implementations 64% 100% 1190 2700 4212 Conclusions AUTOMATIC PROTECTION Software Implementation Protected Implementation Off-the-Shelf Compiler AP Security-Aware Compiler security vs. per as long as mance vs. energy etc.

Flores, Marco KTVW-TV News Director www.phwiki.com

Flores, Marco News Director

Flores, Marco is from United States and they belong to KTVW-TV and they are from  Phoenix, United States got related to this Particular Journal. and Flores, Marco deal with the subjects like Hispanic Interest; Local News

Journal Ratings by Harris-Stowe State University

This Particular Journal got reviewed and rated by Harris-Stowe State University and short form of this particular Institution is US and gave this Journal an Excellent Rating.