PapersCut A shortcut to recent security papers

Estimating the Circuit Deobfuscating Runtime based on Graph Deep Learning

Authors: Zhiqian Chen, Gaurav Kolhe, Setareh Rafatirad, Sai Manoj P. D., Houman Homayoun, Liang Zhao, Chang-Tien Lu

Abstract: Circuit obfuscation is a recently proposed defense mechanism to protect digital integrated circuits (ICs) from reverse engineering by using camouflaged gates i.e., logic gates whose functionality cannot be precisely determined by the attacker. There have been effective schemes such as satisfiability-checking (SAT)-based attacks that can potentially decrypt obfuscated circuits, called deobfuscation. Deobfuscation runtime could have a large span ranging from few milliseconds to thousands of years or more, depending on the number and layouts of the ICs and camouflaged gates. And hence accurately pre-estimating the deobfuscation runtime is highly crucial for the defenders to maximize it and optimize their defense. However, estimating the deobfuscation runtime is a challenging task due to 1) the complexity and heterogeneity of graph-structured circuit, 2) the unknown and sophisticated mechanisms of the attackers for deobfuscation. To address the above mentioned challenges, this work proposes the first machine-learning framework that predicts the deobfuscation runtime based on graph deep learning techniques. Specifically, we design a new model, ICNet with new input and convolution layers to characterize and extract graph frequencies from ICs, which are then integrated by heterogeneous deep fully-connected layers to obtain final output. ICNet is an end-to-end framework which can automatically extract the determinant features for deobfuscation runtime. Extensive experiments demonstrate its effectiveness and efficiency.

Date: 14 Feb 2019

PDF »Main page »


Security and Privacy Preserving Data Aggregation in Cloud Computing

Authors: Leandro Ventura Silva, Rodolfo Marinho, Jose Luis Vivas, Andrey Brito

Abstract: Smart metering is an essential feature of smart grids, allowing residential customers to monitor and reduce electricity costs. Devices called smart meters allows residential customers to monitor and reduce electricity costs, promoting energy saving, demand management, and energy efficiency. However, monitoring a households' energy consumption through smart meters poses serious privacy threats, and have thus become a major privacy issue. Hence, a significant amount of research has appeared recently with the purpose of providing methods and mechanisms to reconcile smart metering technologies and privacy requirements. However, most current approaches fall short in meeting one of several of the requirements for privacy preserving smart metering systems. In this paper we show how Intel SGX technology can be used to provide a simple and general solution for the smart metering privacy problem that meets all these requirements in a satisfactory way. Moreover, we present also an implementation of the proposed architecture as well as a series of experiments that have been carried out in order to assess how the proposed solution performs in comparison to a second implementation of the architecture that completely disregards privacy issues.

Date: 14 Feb 2019

PDF »Main page »


Protect Your Chip Design Intellectual Property: An Overview

Authors: Johann Knechtel, Satwik Patnaik, Ozgur Sinanoglu

Abstract: The increasing cost of integrated circuit (IC) fabrication has driven most companies to "go fabless" over time. The corresponding outsourcing trend gave rise to various attack vectors, e.g., illegal overproduction of ICs, piracy of the design intellectual property (IP), or insertion of hardware Trojans (HTs). These attacks are possibly conducted by untrusted entities residing all over the supply chain, ranging from untrusted foundries, test facilities, even to end-users. To overcome this multitude of threats, various techniques have been proposed over the past decade. In this paper, we review the landscape of IP protection techniques, which can be classified into logic locking, layout camouflaging, and split manufacturing. We discuss the history of these techniques, followed by state-of-the-art advancements, relevant limitations, and scope for future work.

Comment: INTERNATIONAL CONFERENCE ON OMNI-LAYER INTELLIGENT SYSTEMS (COINS), May 5--7, 2019, Crete, Greece 6 pages, 3 figures, 1 table

Date: 14 Feb 2019

PDF »Main page »


Spy the little Spies - Security and Privacy issues of Smart GPS trackers

Authors: Pierre Barre, Chaouki Kasmi, Eiman Al Shehhi

Abstract: Tracking expensive goods and/or targeted individuals with high-tech devices has been of high interest for the last 30 years. More recently, other use cases such as parents tracking their children have become popular. One primary functionality of these devices has been the collection of GPS coordinates of the location of the trackers, and to send these to remote servers through a cellular modem and a SIM card. Reviewing existing devices, it has been observed that beyond simple GPS trackers many devices intend to enclose additional features such as microphones, cameras, or Wi-Fi interfaces enabling advanced spying activities. In this study, we propose to describe the methodology applied to evaluate the security level of GPS trackers with different capabilities. Several security flaws have been discovered during our security assessment highlighting the need of a proper hardening of these devices when used in critical environments.

Comment: 13 pages, 10 figures

Date: 14 Feb 2019

PDF »Main page »


Smart contracts meet quantum cryptography

Authors: Andrea Coladangelo

Abstract: We put forward the idea that classical blockchains and smart contracts are potentially useful primitives not only for classical cryptography, but for quantum cryptography as well. Abstractly, a smart contract is a functionality that allows parties to deposit funds, and release them upon fulfillment of algorithmically checkable conditions, and can thus be employed as a formal tool to enforce monetary incentives. In this work, we give the first example of the use of smart contracts in a quantum setting. We describe a hybrid classical-quantum payment system whose main ingredients are a classical blockchain capable of handling stateful smart contracts, and quantum lightning, a strengthening of public-key quantum money introduced by Zhandry [Cryptology ePrint Archive, Report 2017/1080, 2017]. The resulting hybrid payment system uses quantum states as banknotes and a classical blockchain to settle disputes and to keep track of the valid serial numbers. It has several desirable properties: it is decentralized, requiring no trust in any single entity; payments are as quick as quantum communication, regardless of the total number of users; when a quantum banknote is damaged or lost, the rightful owner can recover the lost value.

Comment: 23 pages

Date: 14 Feb 2019

PDF »Main page »


Potentially Information-theoretic Secure Y00 Quantum Stream Cipher with Limited Key Lengths beyond One-Time Pad

Authors: Takehisa Iwakoshi

Abstract: The previous work showed that the Y00 protocol could stay secure with the eavesdropper's guessing probability on the secret keys being strictly less than one under an unlimitedly long known-plaintext attack with quantum memory. However, an assumption that at least a fast correlation attack is completely disabled by irregular mapping. The present study shows that the Y00 protocol can be information-theoretic secure under any quantum-computational crypto-analyses if the Y00 system is well designed. The Y00 protocol directly encrypts messages with short secret keys expanded into pseudo-random running keys unlike One-Time Pad. However, it may offer information-theoretic security beyond the Shannon limit of cryptography.

Comment: Comments are appreciated

Date: 14 Feb 2019

PDF »Main page »


Spectre is here to stay: An analysis of side-channels and speculative execution

Authors: Ross Mcilroy, Jaroslav Sevcik, Tobias Tebbi, Ben L. Titzer, Toon Verwaest

Abstract: The recent discovery of the Spectre and Meltdown attacks represents a watershed moment not just for the field of Computer Security, but also of Programming Languages. This paper explores speculative side-channel attacks and their implications for programming languages. These attacks leak information through micro-architectural side-channels which we show are not mere bugs, but in fact lie at the foundation of optimization. We identify three open problems, (1) finding side-channels, (2) understanding speculative vulnerabilities, and (3) mitigating them. For (1) we introduce a mathematical meta-model that clarifies the source of side-channels in simulations and CPUs. For (2) we introduce an architectural model with speculative semantics to study recently-discovered vulnerabilities. For (3) we explore and evaluate software mitigations and prove one correct for this model. Our analysis is informed by extensive offensive research and defensive implementation work for V8, the production JavaScript virtual machine in Chrome. Straightforward extensions to model real hardware suggest these vulnerabilities present formidable challenges for effective, efficient mitigation. As a result of our work, we now believe that speculative vulnerabilities on today's hardware defeat all language-enforced confidentiality with no known comprehensive software mitigations, as we have discovered that untrusted code can construct a universal read gadget to read all memory in the same address space through side-channels. In the face of this reality, we have shifted the security model of the Chrome web browser and V8 to process isolation.

Comment: 26 pages

Date: 14 Feb 2019

PDF »Main page »


SoK: Transparent Dishonesty: front-running attacks on Blockchain

Authors: Shayan Eskandari, Seyedehmahsa Moosavi, Jeremy Clark

Abstract: We consider front-running to be a course of action where an entity benefits from prior access to privileged market information about upcoming transactions and trades. Front-running has been an issue in financial instrument markets since the 1970s. With the advent of the blockchain technology, front-running has resurfaced in new forms we explore here, instigated by blockchains decentralized and transparent nature. In this paper, we draw from a scattered body of knowledge and instances of front-running across the top 25 most active decentral applications (DApps) deployed on Ethereum blockchain. Additionally, we carry out a detailed analysis of Status.im initial coin offering (ICO) and show evidence of abnormal miners behavior indicative of front-running token purchases. Finally, we map the proposed solutions to front-running into useful categories.

Date: 13 Feb 2019

PDF »Main page »


A Low-overhead Kernel Object Monitoring Approach for Virtual Machine Introspection

Authors: Dongyang Zhan, Huhua Li, Lin Ye, Hongli Zhang, Binxing Fang, Xiaojiang Du

Abstract: Monitoring kernel object modification of virtual machine is widely used by virtual-machine-introspection-based security monitors to protect virtual machines in cloud computing, such as monitoring dentry objects to intercept file operations, etc. However, most of the current virtual machine monitors, such as KVM and Xen, only support page-level monitoring, because the Intel EPT technology can only monitor page privilege. If the out-of-virtual-machine security tools want to monitor some kernel objects, they need to intercept the operation of the whole memory page. Since there are some other objects stored in the monitored pages, the modification of them will also trigger the monitor. Therefore, page-level memory monitor usually introduces overhead to related kernel services of the target virtual machine. In this paper, we propose a low-overhead kernel object monitoring approach to reduce the overhead caused by page-level monitor. The core idea is to migrate the target kernel objects to a protected memory area and then to monitor the corresponding new memory pages. Since the new pages only contain the kernel objects to be monitored, other kernel objects will not trigger our monitor. Therefore, our monitor will not introduce runtime overhead to the related kernel service. The experimental results show that our system can monitor target kernel objects effectively only with very low overhead.

Date: 13 Feb 2019

PDF »Main page »


Business Process Privacy Analysis in Pleak

Authors: Aivo Toots, Reedik Tuuling, Maksym Yerokhin, Marlon Dumas, Luciano García-Bañuelos, Peeter Laud, Raimundas Matulevičius, Alisa Pankova, Martin Pettai, Pille Pullonen, Jake Tom

Abstract: Pleak is a tool to capture and analyze privacy-enhanced business process models to characterize and quantify to what extent the outputs of a process leak information about its inputs. Pleak incorporates an extensible set of analysis plugins, which enable users to inspect potential leakages at multiple levels of detail.

Comment: Appears at 22nd International Conference on Fundamental Approaches to Software Engineering (FASE), April 2019

Date: 13 Feb 2019

PDF »Main page »


Loading ...