Bit-flipping attack

Abstract: In global mobile network, it is essential to authenticate mobile users and provide secure communication between a user, foreign agent and the home agent using session key. Designing a secure and efficient authentication protocol for roaming users in mobile network is a challenging. The authors wen et al. analyzed Jiang et al. authentication scheme recently and proved that the scheme cannot resist with replay attack and stolen-verifier attack. Later, they come up with a smart card based authentication scheme for roaming service. The Wen et al.'s scheme protects anonymity of the user and is believed to have many abilities to resist a various kind of cryptographic attacks. However, through careful analysis, we find that Wen et al.'s scheme is vulnerable to bit flipping attack, impersonation (forgery attacks), insider attack, denial-of-service attack, unfair key agreement and cannot provide user's anonymity. To remedy these weaknesses and to achieve low communication and computation costs, we proposed an efficient secure authentication scheme for roaming users in global mobile networks. The performance analysis shows that the proposed authentication protocol is simple and secure.

Abstract: A Key Derivation Function (KDF) derives cryptographic keys from private string and public information. The security property for the cryptographic keys is indistinguishable from the random strings of equal length. The security analysis of KDFs has received increasing attention. The practice important of KDFs is reflected in the adoption of industry standards such as NIST800-135 and PKCS5. This study proposes a robust security framework that takes into consideration the side-channel attacks. The robust security framework consists of the proposed security model and existing security models. The proposed security model is known as Adaptive Chosen All Inputs Model (CAM), which analyses the security of KDFs in terms of the bit-flipping attack and timing attack. The existing security model is the Adaptive Chosen Public Inputs Model (CPM). This research shows the implication of relationship and the non-implication relationship between CAM and CPM. The simulation of security models is according to the indistinguishable game played between a challenger and an adversary. These security models are used to evaluate existing KDFs. The result shows that none of the existing KDFs are secure in CAM for both the bit-flipping attack and timing attack. Hence, this research introduces an alternative KDF that is proven secure in CAM.

Abstract: Logic encryption is a hardware security technique that uses extra key inputs to prevent unauthorized use of a circuit. With the discovery of the SAT-based attack, new encryption techniques such as SARLock and Anti-SAT are proposed, and further combined with traditional logic encryption techniques, to guarantee both high error rates and resilience to the SAT-based attack. In this paper, the SAT-based bit-flipping attack is presented. It first separates the two groups of keys via SAT-based bit-flippings, and then attacks the traditional encryption and the SAT-resilient encryption, by conventional SAT-based attack and by-passing attack, respectively. The experimental results show that the bit-flipping attack successfully returns a circuit with the correct functionality and significantly reduces the execution time compared with other advanced attacks.

Abstract: Logic encryption is a hardware security technique that uses extra key inputs to prevent unauthorized use of a circuit. With the discovery of the SAT-based attack, new encryption techniques such as SARLock and Anti-SAT are proposed, and further combined with traditional logic encryption techniques, to guarantee both high error rates and resilience to the SAT-based attack. In this paper, the SAT-based bit-flipping attack is presented. It first separates the two groups of keys via SAT-based bit-flippings, and then attacks the traditional encryption and the SAT-resilient encryption, by conventional SAT-based attack and by-passing attack, respectively. The experimental results show that the bit-flipping attack successfully returns a circuit with the correct functionality and significantly reduces the execution time compared with other advanced attacks.