Yazar "Koç, Çetin Kaya" seçeneğine göre listele

Listeleniyor 1 - 8 / 8
  • Küçük Resim Yok
    Öğe
    Cache based remote timing attack on the AES
    (Springer Verlag, 2007) Acıiçmez, Onur; Schindler, Werner; Koç, Çetin Kaya
    We introduce a new robust cache-based timing attack on AES. We present experiments and concrete evidence that our attack can be used to obtain secret keys of remote cryptosystems if the server under attack runs on a multitasking or simultaneous multithreading system with a large enough workload. This is an important difference to recent cache-based timing attacks as these attacks either did not provide any supporting experimental results indicating if they can be applied remotely, or they are not realistically remote attacks. © Springer-Verlag Berlin Heidelberg 2007.
  • Küçük Resim Yok
    Öğe
    Cryptographic Algorithms on Reconfigurable Hardware Introduction
    (Springer, 2006) Rodriguez-Henriquez, Francisco; Saqib, N. A.; Diaz-Perez, A.; Koç, Çetin Kaya
    [Abstract Not Available]
  • Küçük Resim Yok
    Öğe
    Improving the novikov and kiselev user authentication scheme
    (2008) Kim, Minho; Koç, Çetin Kaya
    Novikov and Kiselev [7] proposed an authentication method of a user from a remote autonomous object. Recently, Yang et al. [12] and Awasthi [1] have pointed out that the Novikov-Kiselev scheme is insecure against the man-in-the-middle attack. In this article, we propose an improved version of the Novikov-Kiselev scheme to overcome such vulnerability.
  • Küçük Resim Yok
    Öğe
    On the power of Simple Branch Prediction Analysis
    (2007) Acıiçmez, Onur; Koç, Çetin Kaya; Seifert, J.-P.
    Very recently, a new software side-channel attack, called Branch Prediction Analysis (BPA) attack, has been discovered and also demonstrated to be practically feasible on popular commodity PC platforms. While the above recent attack still had the flavor of a classical timing attack against RSA, where one uses many execution-time measurements under the same key in order to statistically amplify some small but key-dependent timing differences, we dramatically improve upon the former result. We prove that a carefully written spy-process running simultaneously with an RSA-process, is able to collect during one single RSA signing execution almost all of the secret key bits. We call such an attack, analyzing the CPU's Branch Predictor states through spying on a single quasi-parallel computation process, a Simple Branch Prediction Analysis (SBPA) attack - sharply differentiating it from those one relying on statistical methods and requiring many computation measurements under the same key. The successful extraction of almost all secret key bits by our SBPA attack against an openSSL RSA implementation proves that the often recommended blinding or so called randomization techniques to protect RSA against side-channel attacks are, in the context of SBPA attacks, totally useless. Additional to that very crucial security implication, targeted at such implementations which are assumed to be at least statistically secure, our successful SBPA attack also bears another equally critical security implication. Namely, in the context of simple side-channel attacks, it is widely believed that equally balancing the operations after branches is a secure countermeasure against such simple attacks. Unfortunately, this is not true, as even such "balanced branch" implementations can be completely broken by our SBPA attacks. Moreover, despite sophisticated hardware-assisted partitioning methods such as memory protection, sandboxing or even virtualization, SBPA attacks empower an unprivileged process to successfully attack other processes running in parallel on the same processor. Thus, we conclude that SBPA attacks are much more dangerous than previously anticipated, as they obviously do not belong to the same category as pure timing attacks. Copyright 2007 ACM.
  • Küçük Resim Yok
    Öğe
    Polynomial basis multiplication over GF(2 m)
    (2006) Erdem, Serdar Süer; Yanık, Tuğrul; Koç, Çetin Kaya
    In this paper, we describe, analyze and compare various GF(2 m) multipliers. Particularly, we investigate the standard modular multiplication, the Montgomery multiplication, and the matrix-vector multiplication techniques. © Springer Science + Business Media B.V. 2006.
  • Küçük Resim Yok
    Öğe
    Predicting secret keys via branch prediction
    (Springer Verlag, 2007) Acıiçmez, Onur; Koç, Çetin Kaya; Seifert, J.-P.
    This paper announces a new software side-channel attack — enabled by the branch prediction capability common to all modern high-performance CPUs. The penalty paid (extra clock cycles) for a mispredicted branch can be used for cryptanalysis of cryptographic primitives that employ a data-dependent program flow. Analogous to the recently described cache-based side-channel attacks our attacks also allow an unprivileged process to attack other processes running in parallel on the same processor, despite sophisticated partitioning methods such as memory protection, sandboxing or even virtualization. In this paper, we will discuss several such attacks for the example of RSA, and experimentally show their applicability to real systems, such as OpenSSL and Linux. Moreover, we will also demonstrate the strength of the branch prediction side-channel attack by rendering the obvious countermeasure in this context (Montgomery Multiplication with dummy-reduction) as useless. Although the deeper consequences of the latter result make the task of writing an efficient and secure modular exponentiation (or scalar multiplication on an elliptic curve) a challenging task, we will eventually suggest some countermeasures to mitigate branch prediction side-channel attacks. © Springer-Verlag Berlin Heidelberg 2007.
  • Küçük Resim Yok
    Öğe
    Trace-driven cache attacks on AES
    (Springer Verlag, 2006) Acıiçmez, Onur; Koç, Çetin Kaya
    Cache based side-channel attacks have recently been attracted significant attention due to the new developments in the field. In this paper, we present an efficient trace-driven cache attack on a widely used implementation of the AES cryptosystem. We also evaluate the cost of the proposed attack in detail under the assumption of a noiseless environment. We develop an accurate mathematical model that we use in the cost analysis of our attack. We use two different metrics, specifically, the expected number of necessary traces and the cost of the analysis phase, for the cost evaluation purposes. Each of these metrics represents the cost of a different phase of the attack. © Springer-Verlag Berlin Heidelberg 2006.
  • Küçük Resim Yok
    Öğe
    Vulnerabilities in the Adachi-Aoki-Komano-Ohta micropayment scheme
    (2007) Kim, Minho; Koç, Çetin Kaya
    Rivest and Shamir presented two simple micropayment schemes, "PayWord" and "MicroMint," for making small purchases over the Internet [14]. Recently, Adachi et al. have pointed out that the PayWord scheme has two security problems, and proposed a new micropayment scheme to overcome these problems [1]. Nevertheless, we show that their protocol is still vulnerable to impersonation and replay attacks.