-
Exploiting structural nonlinearity of a reconfigurable multiple-scattering system
Authors:
Yaniv Eliezer,
Ulrich Ruhrmair,
Nils Wisiol,
Stefan Bittner,
Hui Cao
Abstract:
Nonlinear optics is a rapidly growing field that has found a wide range of applications. A major limitation, however, is the demand of high power, especially for high-order nonlinearities. Here, by reconfiguring a multiple-scattering system, we introduce 'structural nonlinearity' via a nonlinear map** between the scattering potential and the output light. Experimentally we demonstrate high-order…
▽ More
Nonlinear optics is a rapidly growing field that has found a wide range of applications. A major limitation, however, is the demand of high power, especially for high-order nonlinearities. Here, by reconfiguring a multiple-scattering system, we introduce 'structural nonlinearity' via a nonlinear map** between the scattering potential and the output light. Experimentally we demonstrate high-order, tunable nonlinearities at low power. The multiply-scattered light features enhanced intensity fluctuations and long-range spatial correlations. The flexibility, robustness and energy efficiency of our approach provides a versatile platform for exploring structural nonlinearities for various applications.
△ Less
Submitted 18 August, 2022;
originally announced August 2022.
-
Oh SSH-it, what's my fingerprint? A Large-Scale Analysis of SSH Host Key Fingerprint Verification Records in the DNS
Authors:
Sebastian Neef,
Nils Wisiol
Abstract:
The SSH protocol is commonly used to access remote systems on the Internet, as it provides an encrypted and authenticated channel for communication. If upon establishing a new connection, the presented server key is unknown to the client, the user is asked to verify the key fingerprint manually, which is prone to errors and often blindly trusted. The SSH standard describes an alternative to such m…
▽ More
The SSH protocol is commonly used to access remote systems on the Internet, as it provides an encrypted and authenticated channel for communication. If upon establishing a new connection, the presented server key is unknown to the client, the user is asked to verify the key fingerprint manually, which is prone to errors and often blindly trusted. The SSH standard describes an alternative to such manual key verification: using the Domain Name System (DNS) to publish the server key information in SSHFP records.
In this paper, we conduct a large-scale Internet study to measure the prevalence of SSHFP records among DNS domain names. We scan the Tranco 1M list and over 500 million names from the certificate transparency log over the course of 26 days. The results show that in two studied populations, about 1 in 10,000 domains has SSHFP records, with more than half of them deployed without using DNSSEC, drastically reducing security benefits.
△ Less
Submitted 23 November, 2022; v1 submitted 18 August, 2022;
originally announced August 2022.
-
Machine-Learning Side-Channel Attacks on the GALACTICS Constant-Time Implementation of BLISS
Authors:
Soundes Marzougui,
Nils Wisiol,
Patrick Gersch,
Juliane Krämer,
Jean-Pierre Seifert
Abstract:
Due to the advancing development of quantum computers, practical attacks on conventional public-key cryptography may become feasible in the next few decades. To address this risk, post-quantum schemes that are secure against quantum attacks are being developed.
Lattice-based algorithms are promising replacements for conventional schemes, with BLISS being one of the earliest post-quantum signatur…
▽ More
Due to the advancing development of quantum computers, practical attacks on conventional public-key cryptography may become feasible in the next few decades. To address this risk, post-quantum schemes that are secure against quantum attacks are being developed.
Lattice-based algorithms are promising replacements for conventional schemes, with BLISS being one of the earliest post-quantum signature schemes in this family. However, required subroutines such as Gaussian sampling have been demonstrated to be a risk for the security of BLISS, since implementing Gaussian sampling both efficient and secure with respect to physical attacks is highly challenging.
This paper presents three related power side-channel attacks on GALACTICS, the latest constant-time implementation of BLISS. All attacks are based on leakages we identified in the Gaussian sampling and signing algorithm of GALACTICS.
To run the attack, a profiling phase on a device identical to the device under attack is required to train machine learning classifiers.
In the attack phase, the leakages of GALACTICS enable the trained classifiers to predict sensitive internal information with high accuracy, paving the road for three different key recovery attacks.
We demonstrate the leakages by running GALACTICS on a Cortex-M4 and provide proof-of-concept data and implementation for all our attacks.
△ Less
Submitted 8 June, 2022; v1 submitted 20 September, 2021;
originally announced September 2021.