Volatile memory like SDRAM, forms an integral part of any computer system. It stores variety of data including sensitive data like passwords and PIN. The data stored in SDRAM is wiped off on power-off. However, by bringing the RAM to freezing cold temperature before power off, the data can persist for several seconds, allowing recovery through cold boot attacks. In this work, we investigate the vulnerability of IoT device such as Raspberry Pi against cold boot attack for the first time. Our study found that even though the boot sequence is different from laptop, personal computer, and smartphone, we demonstrate that it is still possible to steal the RAM data, even when the bootloader is not public. The net cost of the attack was under 10 dollars and 99.99% of the RAM data was successfully recovered.
Over the years, deep learning algorithms have advanced a lot and any innovation in the algorithms are demonstrated and benchmarked for image classification. Several other field including sidechannel analysis (SCA) have recently adopted deep learning with great success. In SCA, the deep learning algorithms are typically working with 1-dimensional (1-D) data. In this work, we propose a unique method to improve deep learning based side-channel analysis by converting the measurements from raw-trace of 1-dimension data based on float or byte data into picture-formatted trace that has information based on the data position. We demonstrate why "Picturization" is more suitable for deep learning and compare how input and hidden layers interact for each raw (1-D) and picture form. As one potential application, we use a Binarized Neural Network (BNN) learning method that relies on a BNN's natural properties to improve variables. In addition, we propose a novel criterion for attack success or failure based on statistical confidence level rather than determination of a correct key using a ranking system.
INDEX TERMSBinarized neural network, Deep learning, Multi-layer perceptron, Non-profiled sidechannel attack
This paper investigates the security of constant weight countermeasures, which aim to produce indistinguishable leakage from sensitive variables and intermediate variables, assuming a constant Hamming distance and/or Hamming weight leakages. To investigate the security of recent countermeasures, contrary to many related studies, we assume that the coefficients of the simulated leakage models follow a normal distribution so that we may construct a model with approximately realistic leakages. First, using our simulated leakage model, we demonstrate security holes in these previous countermeasures. Subsequently, in contrast to the hypotheses presented in previous studies, we confirm the resistance of these countermeasures to a standard correlation power analysis (CPA). However, these countermeasures can allow a bitwise CPA to leak a sensitive variable with only a few thousand traces.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.