Maya: Using Formal Control to Obfuscate Power Side Channels

Information flow tracking (IFT) is a fundamental computer security technique used to understand how information moves through a computing system. Hardware IFT techniques specifically target security vulnerabilities related to the design, verification, testing, manufacturing, and deployment of hardware circuits. Hardware IFT can detect unintentional design flaws, malicious circuit modifications, timing side channels, access control violations, and other insecure hardware behaviors. This article surveys the area of hardware IFT. We start with a discussion on the basics of IFT, whose foundations were introduced by Denning in the 1970s. Building upon this, we develop a taxonomy for hardware IFT. We use this to classify and differentiate hardware IFT tools and techniques. Finally, we discuss the challenges yet to be resolved. The survey shows that hardware IFT provides a powerful technique for identifying hardware security vulnerabilities, as well as verifying and enforcing hardware security properties.

Download Full-text

Using multiple input, multiple output formal control to maximize resource efficiency in architectures

ACM SIGARCH Computer Architecture News ◽

10.1145/3007787.3001207 ◽

2016 ◽

Vol 44 (3) ◽

pp. 658-670

Author(s):

Raghavendra Pradyumna Pothukuchi ◽

Amin Ansari ◽

Petros Voulgaris ◽

Josep Torrellas

Keyword(s):

Multiple Input Multiple Output ◽

Resource Efficiency ◽

Formal Control ◽

Multiple Input ◽

Input Multiple Output

Download Full-text

Masculinities in an Occupational Setting: a Gender Perspective on Resistance toward Formal Control

Journal of Scandinavian Studies in Criminology and Crime Prevention ◽

10.1080/14043850601010422 ◽

2006 ◽

Vol 7 (2) ◽

pp. 107-125 ◽

Cited By ~ 3

Author(s):

Lotta Pettersson

Keyword(s):

Gender Perspective ◽

Formal Control ◽

Occupational Setting

Download Full-text

Formal Control of Traffic Systems via Network Decomposition

2018 Annual American Control Conference (ACC) ◽

10.23919/acc.2018.8430880 ◽

2018 ◽

Cited By ~ 1

Author(s):

Kemal Cagri Bardakci ◽

Ebru Aydin Gol

Keyword(s):

Network Decomposition ◽

Formal Control ◽

Traffic Systems

Download Full-text

A Systematic Study of Cache Side Channels Across AES Implementations

Lecture Notes in Computer Science - Engineering Secure Software and Systems ◽

10.1007/978-3-319-62105-0_14 ◽

2017 ◽

pp. 213-230 ◽

Cited By ~ 4

Author(s):

Heiko Mantel ◽

Alexandra Weber ◽

Boris Köpf

Keyword(s):

Systematic Study ◽

Side Channels

Download Full-text

Pilot Test of the Trisensor, A New Generation Sonar Sensory Aid

Journal of Visual Impairment & Blindness ◽

10.1177/0145482x8307700906 ◽

1983 ◽

Vol 77 (9) ◽

pp. 446-449 ◽

Cited By ~ 2

Author(s):

Randolph D. Easton ◽

Richard M. Jackson

Keyword(s):

Pilot Study ◽

High Resolution ◽

Object Localization ◽

Pilot Test ◽

Angle Error ◽

Space Object ◽

Near Space ◽

Side Channels ◽

Center Channel ◽

New Generation

This report describes the results of a pilot study undertaken to assess systematically the usability of the Trisensor in near space, object localization tasks. In general, findings support the contention that the high resolution, center channel reduces the degree of angle error when reaching for targets in near space. It was also found that the degree of angle error associated with the binaural side channels could be reduced if targets were moved from the periphery into place during localization.

Download Full-text

Analyzing Cache Side Channels Using Deep Neural Networks

Proceedings of the 34th Annual Computer Security Applications Conference on - ACSAC '18 ◽

10.1145/3274694.3274715 ◽

2018 ◽

Cited By ~ 5

Author(s):

Tianwei Zhang ◽

Yinqian Zhang ◽

Ruby B. Lee

Keyword(s):

Neural Networks ◽

Deep Neural Networks ◽

Side Channels

Download Full-text

The Influence of Governance Mechanism on Supply Chain Performance in Developing Economies: Insights from Ghana

International Journal of Business and Management ◽

10.5539/ijbm.v11n4p252 ◽

2016 ◽

Vol 11 (4) ◽

pp. 252

Author(s):

Emmanuel Kwabena Anin ◽

Dominic Essuman ◽

Kwame Owusu Sarpong

Keyword(s):

Supply Chain ◽

Social Control ◽

Structural Equation ◽

Transaction Cost Economics ◽

Developing Economies ◽

Market Performance ◽

Operational Efficiency ◽

Governance Mechanism ◽

Mediating Role ◽

Formal Control

Drawing on the Transaction Cost Economics (TCE) and taking the perspective of a developing economy, the study examined the impacts of governance mechanisms (GM-formal control and social control) on supply chain (SC) performance (operational efficiency and service & market performance). Data were collected using questionnaires from 152 firms operating in the most industrialized regions of Ghana. Structural equation modelling technique (using LISREL 8.5) was employed in estimating the study’s model. The study finds significant positive associations between formal control and operational efficiency; and between social control and service & market performance. The study also finds that within the research context, social control is antecedent of (adherence to) formal control; and that the effect of social control on operational efficiency is fully channelled via formal control. These findings imply that firms’ ability to institute and implement GMs would present them opportunities to enhance the performance of their SCs. Theoretically, the results suggest the potential mediating role of formal control in the link between social control and SC performance; which means that having in place formal controls is necessary for firms in this part of the world (who mostly rely on social control) to better experience benefits arising out of social relationships.

Download Full-text

Online Template Attacks: Revisited

IACR Transactions on Cryptographic Hardware and Embedded Systems ◽

10.46586/tches.v2021.i3.28-59 ◽

2021 ◽

pp. 28-59

Author(s):

Alejandro Cabrera Aldaya ◽

Billy Bob Brumley

Keyword(s):

Power Consumption ◽

Elliptic Curve ◽

Side Channel ◽

Powerful Technique ◽

Leakage Model ◽

On Demand ◽

Side Channels ◽

Generic Framework ◽

Template Attacks ◽

Elliptic Curve Scalar Multiplication

An online template attack (OTA) is a powerful technique previously used to attack elliptic curve scalar multiplication algorithms. This attack has only been analyzed in the realm of power consumption and EM side channels, where the signals leak related to the value being processed. However, microarchitecture signals have no such feature, invalidating some assumptions from previous OTA works.In this paper, we revisit previous OTA descriptions, proposing a generic framework and evaluation metrics for any side-channel signal. Our analysis reveals OTA features not previously considered, increasing its application scenarios and requiring a fresh countermeasure analysis to prevent it.In this regard, we demonstrate that OTAs can work in the backward direction, allowing to mount an augmented projective coordinates attack with respect to the proposal by Naccache, Smart and Stern (Eurocrypt 2004). This demonstrates that randomizing the initial targeted algorithm state does not prevent the attack as believed in previous works.We analyze three libraries libgcrypt, mbedTLS, and wolfSSL using two microarchitecture side channels. For the libgcrypt case, we target its EdDSA implementation using Curve25519 twist curve. We obtain similar results for mbedTLS and wolfSSL with curve secp256r1. For each library, we execute extensive attack instances that are able to recover the complete scalar in all cases using a single trace.This work demonstrates that microarchitecture online template attacks are also very powerful in this scenario, recovering secret information without knowing a leakage model. This highlights the importance of developing secure-by-default implementations, instead of fix-on-demand ones.

Download Full-text