|
|
|
 |
Search published articles |
 |
|
Showing 5 results for Alizadeh
Javad Alizadeh, Mohsen Seddighi, Hadi Soleimany,
Volume 8, Issue 2 (2-2020)
Abstract
Advances in information and communication technologies lead to use of some new devices such as smart phones. The new devices provide more advantages for the adversaries hence with respect to them, one can define with-box cryptography. In this new model of cryptography, designers try to hide the key using as a kind of implementation. The Differential Computation Analysis (DCA) is a side channel attack on the with-box cryptography. The mentioned method influenced all with-box cryptography schemes when it was introduced. This attack is based on the software implementation of cryptography algorithms and is similar to the differential power analysis (DPA). In this paper, we introduce the principles of the DCA and also describe how one can use this attack to find the key of a with-box cryptography scheme.
Fatemeh Khormizi, Bijan Alizadeh,
Volume 11, Issue 1 (9-2022)
Abstract
Hardware Trojan is a hardware security threat that attempts to insert in the circuit and modifies the hardware stealthy. Trojan detection and design-for-trust are the main defensive strategies against hardware Trojan. The target of Trojan detection is to verify hardware Trojan and in design-for-security, the security techniques are presented for facilitating detection or preventing hardware Trojan insertion. In this work, we introduce a capacitor-based timing hardware Trojan (THT) model and then discuss how to analyze the vulnerability of gate-level circuits against such THT model. For THT that violates timing constraints in the circuit, the susceptible nets are recognized. Susceptible nets to THT are vulnerable nets in path-delay analysis and logic testing detection approaches and they are not detectable easily. The experimental results show that the number of vulnerable nets to the capacitor-based THT model is small enough so that a design-for-trust approach can be proposed.
Amir Allahdadi Ghiyasabadi , Javad Alizadeh,
Volume 11, Issue 1 (9-2022)
Abstract
With the development of new information and communication technologies such as developments related to Internet of Things applications, the importance of information and maintaining its security is more and more considered. Key agreement and authentication protocols play an important role in ensuring information security. One of the important components used in many applications of the Internet of Things is wireless sensor networks, whose security is ensured by using appropriate protocols of these networks. In 2020, Sikarwar and Das presented a key agreement protocol with authentication for wireless sensor networks and claimed that this protocol is secure against well-known attacks such as feedback attacks, password discovery, and man-in-the-middle attacks. In this paper, it is shown that the Sikarvar and DOS protocol is not secure and an attacker can easily obtain this key. In addition, it is shown that the protocol cannot be secure against password discovery and spoofing attacks.
Javad Alizadeh, Seyyed Hadi Noorani Asl,
Volume 12, Issue 2 (2-2024)
Abstract
The Internet of Drones (IoD) refers to the use of unmanned aerial vehicles (UAVs) connected to the Internet. This concept is a specific application of IoT. The IoD may offer opportunities, but it also poses security vulnerabilities. It is necessary to use authentication and key agreement protocols in drone communications to prevent these vulnerabilities. In 2020, Alladi et al presented an authentication and key agreement protocol based on physical unclonable functions called SecAutUAV. They analyzed the security of their scheme through both formal and informal methods. In this paper, we demonstrate the vulnerability of the SecAuthUAV protocol to a key recovery attack. An adversary can obtain a session key between a drone and a ground station by intercepting and analyzing the session data. In addition, we present a secret value recovery attack with complexity  , which is lower than the complexity of brute force attacks. An adversary could spoof and track the drone by using these values. In order to improve the security and efficiency of SecAuthUAV, we present a new version and compare it to the original. We utilize both the informal method and formal-based ProVerif to analyze the
security of the latest protocol. To compare the efficiency of the new protocol and SecAuthUAV, we counted their number of operators and functions. The new protocol is more secure and efficient than SecAutUAV.
Keivan Khoormehr, Javad Alizadeh, Mohsen Jahanbani,
Volume 13, Issue 2 (12-2024)
Abstract
Side-channel attacks, particularly power analysis attacks, pose a significant threat to the security of block cipher applications in hardware. These attacks can be executed using three primary methods: Simple Power Analysis (SPA), Differential Power Analysis (DPA), and Correlation Power Analysis (CPA). This paper examines the vulnerability of the SPEEDY block cipher to such power analysis attacks. In the first section, we demonstrate that the non-linear layer of the SPEEDY block cipher is susceptible to information leakage when subjected to power analysis attacks. By implementing the cipher in hardware and utilizing 1000 input samples, we establish that key-recovery attacks are feasible. The second section focuses on countermeasures to enhance the security of the SPEEDY block cipher against power analysis attacks. We propose a secure implementation method that employs Domain-Oriented Masking (DOM). Using the SILVER tool and the T-test method, we show that the secured version of the SPEEDY block cipher effectively mitigates the vulnerabilities and information leakages present in the original version when exposed to power analysis attacks.
|
|
