Higher-Order DCA against Standard Side-Channel Countermeasures

in Polian, Ilia; Stöttinger, Marc (Eds.) Constructive Side-Channel Analysis and Secure Design (2019, March 16)

At CHES 2016, Bos et al. introduced differential computational analysis (DCA) as an attack on white-box software implementations of block ciphers. This attack builds on the same principles as DPA in the ... [more ▼]

At CHES 2016, Bos et al. introduced differential computational analysis (DCA) as an attack on white-box software implementations of block ciphers. This attack builds on the same principles as DPA in the classical side-channel context, but uses computational traces consisting of plain values computed by the implementation during execution. It was shown to be able to recover the key of many existing AES white-box implementations. The DCA adversary is passive, and so does not exploit the full power of the white-box setting, implying that many white-box schemes are insecure even in a weaker setting than the one they were designed for. It is therefore important to develop implementations which are resistant to this attack. We investigate the approach of applying standard side-channel countermeasures such as masking and shuffling. Under some necessary conditions on the underlying randomness generation, we show that these countermeasures provide resistance to standard (first-order) DCA. Furthermore, we introduce higher-order DCA, along with an enhanced multivariate version, and analyze the security of the countermeasures against these attacks. We derive analytic expressions for the complexity of the attacks – backed up through extensive attack experiments – enabling a designer to quantify the security level of a masked and shuffled implementation in the (higher-order) DCA setting. [less ▲]

Combining Deep Gaussian Process and Rule-Based Method for Decision-Making in Self-Driving Simulation with Small Data

in 2019 15th International Conference on Computational Intelligence and Security (CIS) (2019, March 05)

Self-driving vehicle is a popular and promising field in artificial intelligence. Conventional architecture consists of multiple sensors, which work collaboratively to sense the units on road to yield a ... [more ▼]

Self-driving vehicle is a popular and promising field in artificial intelligence. Conventional architecture consists of multiple sensors, which work collaboratively to sense the units on road to yield a precise and safe driving strategy. Besides the precision and safety, the quickness of decision is also a major concern. In order to react quickly, the vehicle need to predict its next possible action, such as acceleration, brake and steering angle, according to its latest few actions and status. In this paper, we treat this decision-making problem as a regression problem and use deep gaussian process to predict its next action. The regression model is trained using simulation data sets and accurately captures the most significant features. Combined with rule-based method, it can be used in Torcs simulation engine to realize successful loop trip on virtual roads. The proposed method outperforms the existing reinforcement learning methods on the performance indicators of time consumption and the size of data volume. It may be useful for real road tests in the future. [less ▲]

Wohlbefinden und Inklusion – ein Widerspruch?

Presentation (2019, March)

Using Agent Based Modelling for describing mobility decisions in pre-urban societies

Scientific Conference (2019, February 26)

Analysis and Improvement of Differential Computation Attacks against Internally-Encoded White-Box Implementations

in IACR Transactions on Cryptographic Hardware and Embedded Systems (2019), 2019(2), 225-255

White-box cryptography is the last security barrier for a cryptographic software implementation deployed in an untrusted environment. The principle of internal encodings is a commonly used white-box ... [more ▼]

White-box cryptography is the last security barrier for a cryptographic software implementation deployed in an untrusted environment. The principle of internal encodings is a commonly used white-box technique to protect block cipher implementations. It consists in representing an implementation as a network of look-up tables which are then encoded using randomly generated bijections (the internal encodings). When this approach is implemented based on nibble (i.e. 4-bit wide) encodings, the protected implementation has been shown to be vulnerable to differential computation analysis (DCA). The latter is essentially an adaptation of differential power analysis techniques to computation traces consisting of runtime information, e.g., memory accesses, of the target software. In order to thwart DCA, it has then been suggested to use wider encodings, and in particular byte encodings, at least to protect the outer rounds of the block cipher which are the prime targets of DCA. In this work, we provide an in-depth analysis of when and why DCA works. We pinpoint the properties of the target variables and the encodings that make the attack (in)feasible. In particular, we show that DCA can break encodings wider than 4-bit, such as byte encodings. Additionally, we propose new DCA-like attacks inspired from side-channel analysis techniques. Specifically, we describe a collision attack particularly effective against the internal encoding countermeasure. We also investigate mutual information analysis (MIA) which naturally applies in this context. Compared to the original DCA, these attacks are also passive and they require very limited knowledge of the attacked implementation, but they achieve significant improvements in terms of trace complexity. All the analyses of our work are experimentally backed up with various attack simulation results. We also verified the practicability of our analyses and attack techniques against a publicly available white-box AES implementation protected with byte encodings –which DCA has failed to break before– and against a “masked” white-box AES implementation –which intends to resist DCA. [less ▲]

Integrating sustainability risks - Implications of the ESMA consultation paper on the integration of sustainability risks and factors

E-print/Working paper (2019)

The private equity sector has been increasingly adopting responsible investment practices, with investors being the initial driving force. According to the Global private equity survey conducted by PwC in ... [more ▼]

The private equity sector has been increasingly adopting responsible investment practices, with investors being the initial driving force. According to the Global private equity survey conducted by PwC in 2017, 60% of all private equity firms questioned (111 general partners from 22 countries) stated that they have incorporated ESG (Environmental, Social and Governance) factors within their initial screening process. 44% of them aim to align their sustainability efforts to the UN Sustainable Development Goals. [less ▲]

A genome-wide association study of sodium levels and drug metabolism in an epilepsy cohort treated with carbamazepine and oxcarbazepine

in Epilepsia Open (2019)

Sicherheit und Risiko unter dem Gesichtspunkt der Gouvernementalität: Zur Funktion des Kredits

in Mein, Georg; Christians, Heiko (Eds.) Gefahr oder Risiko. Zur Geschichte von Kalkül und Einbildungskraft (2019)

How ill is your IT Portfolio? : Measuring Criticality in IT Portfolios Using Epidemiology

in 40th International Conference on Information Systems, Munich, Germany, 2019 (2019)

IT project portfolios, consisting of IT projects, also interact with the entire IT landscape. In case of a failure of only one element, existing dependencies can lead to a cascade failure, which can cause ... [more ▼]

IT project portfolios, consisting of IT projects, also interact with the entire IT landscape. In case of a failure of only one element, existing dependencies can lead to a cascade failure, which can cause high losses. Despite the present effects of systemic risk, research into IT portfolio management lacks suitable methods to quantitatively assess systemic risk. We follow the design science research paradigm to develop and evaluate our ‘on track’ or ‘in difficulty’ (TD) method by applying the SI model, representing a recognized network diffusion model in epidemiology, in an IT portfolio context. We evaluate our method using a real-world dataset. We introduce a criticality measure for diffusion models in IT portfolios and compare the TD method’s results and the alpha centrality to human judgment as a benchmark. From our evaluation, we conclude that the TD method outperforms alpha centrality and is a suitable risk measure in IT portfolio management. [less ▲]

Decoupling, Information Technology, and the Tradeoff between Organizational Reliability and Organizational Agility

in 27th European Conference on Information Systems (ECIS) (2019)

Information technology (IT) units within organizations pursue both organizational reliability and agility goals. Reliability ensures the stability and business continuity of organizations, whereas agility ... [more ▼]

Information technology (IT) units within organizations pursue both organizational reliability and agility goals. Reliability ensures the stability and business continuity of organizations, whereas agility helps to detect and exploit market opportunities. In our research, we study projects in 19 organizations and unravel the relationship between agility and reliability. We observe that in certain cases reliability can undermine agility and vice versa. Global rules, routines, and procedures can hinder organizational agility whereas responding creatively for agility can locally undermine global organizational reliability. Further, we find that organizations often use decoupling to deal with this trade-off. Although decoupling enables them to be agile and reliable at the same time, it risks undermining both capabilities in the future, by encouraging the accumulation of technical debt. We find indications of how technical debt limits opportunities to creatively respond and can increase vulnerabilities. [less ▲]