This article demonstrates two fundamental techniques of power analysis, differential power analysis (DPA) and correlation power analysis (CPA), against a modern piece of hardware which is widely available to the public: the Arduino Uno microcontroller. The DPA attack we implement is referred to as the Difference of Means attack while the CPA attack is implemented by building a power model of the device using the Hamming Weight Power Model method. The cryptographic algorithm we have chosen to attack is AES-128. In particular, the AddRoundKey and SubBytes functions of this algorithm are implemented on an Arduino Uno and we demonstrate how the full 16-byte cipher key can be deduced using the two techniques by monitoring the power consumption of the device during cryptographic operations. The results of experimentation find that both forms of attack, DPA and CPA, are viable against the Arduino Uno. However, it was found that CPA produces results which are easier to interpret from an analytical perspective. Thus, our contributions in this article is providing a side-by-side comparison on how applicable these two power analysis attack techniques are along with providing a methodology to enable readers to replicate and learn how one may perform such attacks on their own hardware.
Traditional cryptographic techniques have proven to work well on most modern computing devices but they are unsuitable for devices (e.g. IoT devices) where memory, power consumption or processing power is limited. Thus, there has been an increasing amount of work on the design and implementation of lightweight cryptographic algorithms to provide a solution for running cryptography on low resource devices. One particular cryptographic algorithm designed specifically to be used on low resource devices is the PRESENT algorithm. Although the design of PRESENT provides a small memory footprint alongside low power consumption our results show it is susceptible to information leakage when power analysis is performed against a device running this algorithm. In this paper, we present our methodology and results on performing correlation power analysis against this light weight block cipher. Our chosen device under test is an Arduino Uno which was programmed to run the Add Round Key and S-Box functions of PRESENT during the first round of encryptions. Results demonstrate that the Add Round Key function is susceptible to information leakage but a high number of false-positives were observed. Greater success was obtained when targeting the S-Box of the PRESENT algorithm and we were able to derive the first 8 bytes of the key.
Abstract. Apache Spark is a popular framework for large-scale data analytics. Unfortunately, Spark's performance can be difficult to optimise, since queries freely expressed in source code are not amenable to traditional optimisation techniques. This article describes Hylas, a tool for automatically optimising Spark queries embedded in source code via the application of semantics-preserving transformations. The transformation method is inspired by functional programming techniques of "deforestation', which eliminate intermediate data structures from a computation. This contrasts with approaches defined entirely within structured query formats such as Spark SQL. Hylas can identify certain computationally expensive operations and ensure that performing them creates no superfluous data structures. This optimisation leads to significant improvements in execution time, with over 10,000 times improvement observed in some cases.
LEGAL NOTICE This report was prepared as an account of Government sponsored work. Neither the United State3, nor the Commission, nor any person acUng on behalf of the Commission: A. Makes any warranty or representation. expressed or implied. with respect to the acm-1 raey, completenegs. nr usefulness of the information contained in this report, or that the use * ' of any informauon, apparatus, method. or process disclosed in Uds report may not infringe privately owned rights; or B. Assumes any liabl]l Ues with respect to the use of, or for darnages resulting from the use of any tnformatjon. apparatus, method, or process disclosed in this report.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.