Special Issue "Side Channel Attacks in Embedded Systems"

A special issue of Applied Sciences (ISSN 2076-3417). This special issue belongs to the section "Electrical, Electronics and Communications Engineering".

Deadline for manuscript submissions: 25 December 2021.

Special Issue Editors

Prof. Dr. Guy Gogniat
E-Mail Website
Guest Editor
CNRS Lab-STICC UMR 6285, Université Bretagne Sud, Centre de recherche Christiaan Huygens, BP 92116 - 56321 Lorient, CEDEX, France
Interests: embedded systems security; cache-based side-channel attacks; obfuscation techniques for HLS
Prof. Dr. Vianney Lapotre
E-Mail Website
Guest Editor
CNRS Lab-STICC UMR 6285, Université Bretagne Sud, Centre de recherche Christiaan Huygens, BP 92116 - 56321 Lorient, CEDEX, France
Interests: embedded systems; multiprocessor architecture; self-adaptation; security; Cybersecurity
Dr. Maria Mushtaq
E-Mail Website
Guest Editor
CNRS LIRMM UMR 5506, Université de Montpellier, Montpellier, CEDEX 5, France
Interests: information security; cryptography; embedded systems

Special Issue Information

Dear Colleagues,

In recent years, researchers have demonstrated that modern computing systems are vulnerable from both computational and storage perspectives, and most of the performance optimizations present in modern-day computing systems can potentially expose them to adversaries and the leakage of critical information. These existing vulnerabilities lead to side-channel information leakage in many different ways, from physical to microarchitectural information. Moreover, new leakage channels keep appearing in existing architecture. Thus, the real attack surface is still unknown, both at software and hardware levels.

Side-channel analysis (SCA) has, therefore, become an important field of research. Side-channel attacks exploit existing vulnerabilities in order to extract privileged information at both physical and computational and storage levels. In order to enhance the resistance of cryptographic and security critical implementations within the design phase, countermeasures and analysis techniques are mandatory. Quality metrics regarding security are also required in order to optimize the design and development process.

This Special Issue is seeking original papers presenting attacks and exploitations, secure implementation, secure design and evaluation tools, detection techniques, and software and hardware countermeasure techniques, with a special focus on side-channel attacks.

Prof. Dr. Guy Gogniat
Prof. Dr. Vianney Lapotre
Dr. Maria Mushtaq
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All papers will be peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Applied Sciences is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2000 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • side-channel analysis
  • fault-injection attacks
  • leakage-resilient cryptography
  • trusted execution environment
  • protections against micro-architectural side-channel and covert channel attacks
  • physical side-channel attacks and countermeasures
  • run-time detection techniques
  • operating system and hypervisor level countermeasures against side-channel attacks

Published Papers (4 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

Jump to: Review

Article
Balancing the Leakage Currents in Nanometer CMOS Logic—A Challenging Goal
Appl. Sci. 2021, 11(15), 7143; https://doi.org/10.3390/app11157143 - 02 Aug 2021
Viewed by 451
Abstract
The imbalance of the currents leaked by CMOS standard cells when different logic values are applied to their inputs can be exploited as a side channel to recover the secrets of cryptographic implementations. Traditional side-channel countermeasures, primarily designed to thwart the dynamic leakage [...] Read more.
The imbalance of the currents leaked by CMOS standard cells when different logic values are applied to their inputs can be exploited as a side channel to recover the secrets of cryptographic implementations. Traditional side-channel countermeasures, primarily designed to thwart the dynamic leakage behavior, were shown to be much less powerful against this static threat. Thus, a special protection mechanism called Balanced Static Power Logic (BSPL) has been proposed very recently. Essentially, fundamental standard cells are re-designed to balance their drain-source leakage current independent of the given input. In this work, we analyze the BSPL concept in more detail and reveal several design issues that limit its effectiveness as a universal logic library. Although balancing drain-source currents remains a valid approach even in more advanced technology generations, we show that it is conceptually insufficient to achieve a fully data-independent leakage behavior in smaller geometries. Instead, we suggest an alternative approach, so-called improved BSPL (iBSPL). To evaluate the proposed method, we use information theoretic analysis. As an attack strategy, we have chosen Moments-Correlating DPA (MCDPA), since this analysis technique does not depend on a particular leakage model and allows a fair comparison. Through these evaluation methods, we show iBSPL demands fewer resources and delivers better balance in the ideal case as well as in the presence of process variations. Full article
(This article belongs to the Special Issue Side Channel Attacks in Embedded Systems)
Show Figures

Figure 1

Article
Performing Cache Timing Attacks from the Reconfigurable Part of a Heterogeneous SoC—An Experimental Study
Appl. Sci. 2021, 11(14), 6662; https://doi.org/10.3390/app11146662 - 20 Jul 2021
Viewed by 420
Abstract
Cache attacks are widespread on microprocessors and multi-processor system-on-chips but have not yet spread to heterogeneous systems-on-chip such as SoC-FPGA that are found in increasing numbers of applications on servers or in the cloud. This type of SoC has two parts: a processing [...] Read more.
Cache attacks are widespread on microprocessors and multi-processor system-on-chips but have not yet spread to heterogeneous systems-on-chip such as SoC-FPGA that are found in increasing numbers of applications on servers or in the cloud. This type of SoC has two parts: a processing system that includes hard components and ARM processor cores and a programmable logic part that includes logic gates to be used to implement custom designs. The two parts communicate via memory-mapped interfaces. One of these interfaces is the accelerator coherency port that provides optional cache coherency between the two parts. In this paper, we discuss the practicability and potential threat of inside-SoC cache attacks using the cache coherency mechanism of a complex heterogeneous SoC-FPGA. We provide proof of two cache timing attacks Flush+Reload and Evict+Time when SoC-FPGA is targeted, and proof of hidden communication using a cache-based covert channel. The heterogeneous SoC-FPGA Xilinx Zynq-7010 is used as an experimental target. Full article
(This article belongs to the Special Issue Side Channel Attacks in Embedded Systems)
Show Figures

Figure 1

Article
Search-Space Reduction for S-Boxes Resilient to Power Attacks
Appl. Sci. 2021, 11(11), 4815; https://doi.org/10.3390/app11114815 - 24 May 2021
Viewed by 580
Abstract
The search of bijective n×n S-boxes resilient to power attacks in the space of dimension (2n)! is a controversial topic in the cryptology community nowadays. This paper proposes partitioning the space of (2n)! [...] Read more.
The search of bijective n×n S-boxes resilient to power attacks in the space of dimension (2n)! is a controversial topic in the cryptology community nowadays. This paper proposes partitioning the space of (2n)! S-boxes into equivalence classes using the hypothetical power leakage according to the Hamming weights model, which ensures a homogeneous theoretical resistance within the class against power attacks. We developed a fast algorithm to generate these S-boxes by class. It was mathematically demonstrated that the theoretical metric confusion coefficient variance takes constant values within each class. A new search strategy—jumping over the class space—is justified to find S-boxes with high confusion coefficient variance in the space partitioned by Hamming weight classes. In addition, a decision criterion is proposed to move quickly between or within classes. The number of classes and the number of S-boxes within each class are calculated, showing that, as n increases, the class space dimension is an ever-smaller fraction of the space of S-boxes, which significantly reduces the space of search of S-boxes resilient to power attacks, when the search is performed from class to class. Full article
(This article belongs to the Special Issue Side Channel Attacks in Embedded Systems)
Show Figures

Graphical abstract

Review

Jump to: Research

Review
Physical Side-Channel Attacks on Embedded Neural Networks: A Survey
Appl. Sci. 2021, 11(15), 6790; https://doi.org/10.3390/app11156790 - 23 Jul 2021
Viewed by 606
Abstract
During the last decade, Deep Neural Networks (DNN) have progressively been integrated on all types of platforms, from data centers to embedded systems including low-power processors and, recently, FPGAs. Neural Networks (NN) are expected to become ubiquitous in IoT systems by transforming all [...] Read more.
During the last decade, Deep Neural Networks (DNN) have progressively been integrated on all types of platforms, from data centers to embedded systems including low-power processors and, recently, FPGAs. Neural Networks (NN) are expected to become ubiquitous in IoT systems by transforming all sorts of real-world applications, including applications in the safety-critical and security-sensitive domains. However, the underlying hardware security vulnerabilities of embedded NN implementations remain unaddressed. In particular, embedded DNN implementations are vulnerable to Side-Channel Analysis (SCA) attacks, which are especially important in the IoT and edge computing contexts where an attacker can usually gain physical access to the targeted device. A research field has therefore emerged and is rapidly growing in terms of the use of SCA including timing, electromagnetic attacks and power attacks to target NN embedded implementations. Since 2018, research papers have shown that SCA enables an attacker to recover inference models architectures and parameters, to expose industrial IP and endangers data confidentiality and privacy. Without a complete review of this emerging field in the literature so far, this paper surveys state-of-the-art physical SCA attacks relative to the implementation of embedded DNNs on micro-controllers and FPGAs in order to provide a thorough analysis on the current landscape. It provides a taxonomy and a detailed classification of current attacks. It first discusses mitigation techniques and then provides insights for future research leads. Full article
(This article belongs to the Special Issue Side Channel Attacks in Embedded Systems)
Show Figures

Figure 1

Back to TopTop