## CryptoDB

### Michael Tunstall

#### Publications

Year
Venue
Title
2015
EPRINT
2015
EPRINT
2015
EPRINT
2015
CHES
2014
ASIACRYPT
2013
FSE
2012
CHES
2010
EPRINT
In this paper we present two attacks that exploit cache events, which are visible in some side channel, to derive a secret key used in an implementation of AES. The first is an improvement of an adaptive chosen plaintext attack presented at ACISP 2006. The second is a new known plaintext attack that can recover a 128-bit key with approximately 30 measurements to reduce the number of key hypotheses to $2^{28}$. This is comparable to classical Differential Power Analysis; however, our attacks are able to overcome certain masking techniques. We also show how to deal with unreliable cache event detection in the real-life measurement scenario and present practical explorations on a 32-bit ARM microprocessor.
2010
CHES
2006
EPRINT
Random delays are commonly used as a countermeasure to inhibit side channel analysis and fault attacks in embedded devices. This paper proposes a different manner of generating random delays. The alternative proposed increases the desynchronisation compared to uniformly distributed random delays. It is also shown that it is possible to reduce the amount of time lost due to random delays, while maintaining the increased variation.
2005
PKC
2004
EPRINT
The effect of faults on electronic systems has been studied since the 1970s when it was noticed that radioactive particles caused errors in chips. This led to further research on the effect of charged particles on silicon, motivated by the aerospace industry who was becoming concerned about the effect of faults in airborn electronic systems. Since then various mechanisms for fault creation and propagation have been discovered and researched. This paper covers the various methods that can be used to induce faults in semiconductors and exploit such errors maliciously. Several examples of attacks stemming from the exploiting of faults are explained. Finally a series of countermeasures to thwart these attacks are described.
2004
EPRINT
We present an attack on DSA smart-cards which combines physical fault injection and lattice reduction techniques. This seems to be the first (publicly reported) physical experiment allowing to concretely pull-out DSA keys out of smart-cards. We employ a particular type of fault attack known as a glitch attack, which will be used to actively modify the DSA nonce k used for generating the signature: k will be tampered with so that a number of its least significant bytes will flip to zero. Then we apply well-known lattice attacks on El Gamal-type signatures which can recover the private key, given sufficiently many signatures such that a few bits of each corresponding k are known. In practice, when one byte of each k is zeroed, 27 signatures are sufficient to disclose the private key. The more bytes of k we can reset, the fewer signatures will be required. This paper presents the theory, methodology and results of the attack as well as possible countermeasures.
2000
CHES

CHES 2019
CHES 2018
CHES 2017
CHES 2015