A multi-threading approach to secure VERIFYPIN
- Frieslaar, Ibraheem, Irwin, Barry V W
- Authors: Frieslaar, Ibraheem , Irwin, Barry V W
- Date: 2016
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/429244 , vital:72570 , https://ieeexplore.ieee.org/abstract/document/7802952
- Description: This research investigates the use of a multi-threaded framework as a software countermeasure mechanism to prevent attacks on the verifypin process in a pin-acceptance program. The implementation comprises of using various mathematical operations along side a pin-acceptance program in a multi-threaded environment. These threads are inserted randomly on each execution of the program to create confusion for the attacker. Moreover, the research proposes a more improved version of the pin-acceptance program by segmenting the pro-gram. The conventional approach is to check each character one at a time. This research takes the verifying process and separates each character check into its individual thread. Furthermore, the order of each verified thread is randomised. This further assists in the obfuscation of the process where the system checks for a correct character. Finally, the research demonstrates it is able to be more secure than the conventional countermeasures of random time delays and insertion of dummy code.
- Full Text:
- Date Issued: 2016
- Authors: Frieslaar, Ibraheem , Irwin, Barry V W
- Date: 2016
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/429244 , vital:72570 , https://ieeexplore.ieee.org/abstract/document/7802952
- Description: This research investigates the use of a multi-threaded framework as a software countermeasure mechanism to prevent attacks on the verifypin process in a pin-acceptance program. The implementation comprises of using various mathematical operations along side a pin-acceptance program in a multi-threaded environment. These threads are inserted randomly on each execution of the program to create confusion for the attacker. Moreover, the research proposes a more improved version of the pin-acceptance program by segmenting the pro-gram. The conventional approach is to check each character one at a time. This research takes the verifying process and separates each character check into its individual thread. Furthermore, the order of each verified thread is randomised. This further assists in the obfuscation of the process where the system checks for a correct character. Finally, the research demonstrates it is able to be more secure than the conventional countermeasures of random time delays and insertion of dummy code.
- Full Text:
- Date Issued: 2016
Developing a Multi Platform Countermeasure to Ensure a Secure Home
- Frieslaar, Ibraheem, Irwin, Barry V W
- Authors: Frieslaar, Ibraheem , Irwin, Barry V W
- Date: 2016
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/427772 , vital:72461 , https://www.researchgate.net/profile/Ibraheem-Fries-laar/publication/312219190_Developing_a_Multi_Platform_Countermeasure_to_Ensure_a_Secure_Home/links/587747d508ae8fce492fb5e2/Developing-a-Multi-Platform-Countermeasure-to-Ensure-a-Secure-Home.pdf
- Description: This research proposes an investigation into the side channel analysis attacks against the AES algorithm on high powered devices. Currently the research field into this aspect is fairly new and there is room for more information to be discovered. This research proposes using a Raspberry Pi in conjunction with a Software Defined Radio to capture electromagnetic emanations in the low and high frequency domains. Two well-known side channel attacks will be used to recover the secret information based on the electromagnetic emanations. Furthermore, this research proposes investigating into a possible software countermeasure by using the high-powered devices features such as multi-threading.
- Full Text:
- Date Issued: 2016
- Authors: Frieslaar, Ibraheem , Irwin, Barry V W
- Date: 2016
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/427772 , vital:72461 , https://www.researchgate.net/profile/Ibraheem-Fries-laar/publication/312219190_Developing_a_Multi_Platform_Countermeasure_to_Ensure_a_Secure_Home/links/587747d508ae8fce492fb5e2/Developing-a-Multi-Platform-Countermeasure-to-Ensure-a-Secure-Home.pdf
- Description: This research proposes an investigation into the side channel analysis attacks against the AES algorithm on high powered devices. Currently the research field into this aspect is fairly new and there is room for more information to be discovered. This research proposes using a Raspberry Pi in conjunction with a Software Defined Radio to capture electromagnetic emanations in the low and high frequency domains. Two well-known side channel attacks will be used to recover the secret information based on the electromagnetic emanations. Furthermore, this research proposes investigating into a possible software countermeasure by using the high-powered devices features such as multi-threading.
- Full Text:
- Date Issued: 2016
Investigating multi-thread utilization as a software defence mechanism against side channel attacks
- Frieslaar, Ibraheem, Irwin, Barry V W
- Authors: Frieslaar, Ibraheem , Irwin, Barry V W
- Date: 2016
- Subjects: To be catalogued
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/430190 , vital:72672 , https://doi.org/10.1145/3015166.3015176
- Description: A state-of-the-art software countermeasure to defend against side channel attacks is investigated in this work. The implementation of this novel approach consists of using multi-threads and a task scheduler on a microcontroller to purposefully leak out information at critical points in the cryptographic algorithm and confuse the attacker. This research demonstrates it is capable of outperforming the known countermeasure of hiding and shuffling in terms of preventing the secret information from being leaked out. Furthermore, the proposed countermeasure mitigates the side channel attacks, such as correlation power analysis and template attacks.
- Full Text:
- Date Issued: 2016
- Authors: Frieslaar, Ibraheem , Irwin, Barry V W
- Date: 2016
- Subjects: To be catalogued
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/430190 , vital:72672 , https://doi.org/10.1145/3015166.3015176
- Description: A state-of-the-art software countermeasure to defend against side channel attacks is investigated in this work. The implementation of this novel approach consists of using multi-threads and a task scheduler on a microcontroller to purposefully leak out information at critical points in the cryptographic algorithm and confuse the attacker. This research demonstrates it is capable of outperforming the known countermeasure of hiding and shuffling in terms of preventing the secret information from being leaked out. Furthermore, the proposed countermeasure mitigates the side channel attacks, such as correlation power analysis and template attacks.
- Full Text:
- Date Issued: 2016
- «
- ‹
- 1
- ›
- »