Visible to the public Biblio

Filters: Keyword is known-plaintext attack  [Clear All Filters]
2023-04-14
Kumar, Gaurav, Riaz, Anjum, Prasad, Yamuna, Ahlawat, Satyadev.  2022.  On Attacking IJTAG Architecture based on Locking SIB with Security LFSR. 2022 IEEE 28th International Symposium on On-Line Testing and Robust System Design (IOLTS). :1–6.
In recent decennium, hardware security has gained a lot of attention due to different types of attacks being launched, such as IP theft, reverse engineering, counterfeiting, etc. The critical testing infrastructure incorporated into ICs is very popular among attackers to mount side-channel attacks. The IEEE standard 1687 (IJTAG) is one such testing infrastructure that is the focus of attackers these days. To secure access to the IJTAG network, various techniques based on Locking SIB (LSIB) have been proposed. One such very effective technique makes use of Security Linear Feedback Shift Register (SLFSR) along with LSIB. The SLFSR obfuscates the scan chain information from the attacker and hence makes the brute-force attack against LSIB ineffective.In this work, it is shown that the SLFSR based Locking SIB is vulnerable to side-channel attacks. A power analysis attack along with known-plaintext attack is used to determine the IJTAG network structure. First, the known-plaintext attack is used to retrieve the SLFSR design information. This information is further used along with power analysis attack to determine the exact length of the scan chain which in turn breaks the whole security scheme. Further, a countermeasure is proposed to prevent the aforementioned hybrid attack.
ISSN: 1942-9401
2017-09-15
Schulz, Matthias, Loch, Adrian, Hollick, Matthias.  2016.  DEMO: Demonstrating Practical Known-Plaintext Attacks Against Physical Layer Security in Wireless MIMO Systems. Proceedings of the 9th ACM Conference on Security & Privacy in Wireless and Mobile Networks. :201–203.

After being widely studied in theory, physical layer security schemes are getting closer to enter the consumer market. Still, a thorough practical analysis of their resilience against attacks is missing. In this work, we use software-defined radios to implement such a physical layer security scheme, namely, orthogonal blinding. To this end, we use orthogonal frequency-division multiplexing (OFDM) as a physical layer, similarly to WiFi. In orthogonal blinding, a multi-antenna transmitter overlays the data it transmits with noise in such a way that every node except the intended receiver is disturbed by the noise. Still, our known-plaintext attack can extract the data signal at an eavesdropper by means of an adaptive filter trained using a few known data symbols. Our demonstrator illustrates the iterative training process at the symbol level, thus showing the practicability of the attack.