Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
157 tokens/sec
GPT-4o
43 tokens/sec
Gemini 2.5 Pro Pro
43 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
47 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Cybersecurity in the Quantum Era: Assessing the Impact of Quantum Computing on Infrastructure (2404.10659v1)

Published 16 Apr 2024 in cs.CR

Abstract: The emergence of quantum computing presents a double-edged sword for cybersecurity. While its immense power holds promise for advancements in various fields, it also threatens to crack the foundation of current encryption methods. This analysis explores the impact of quantum computing on critical infrastructure and cloud services, meticulously evaluating potential vulnerabilities across various layers, including applications, data, runtime, middleware, operating systems, virtualization, hardware, storage, and networks. We advocate for proactive security strategies and collaboration between sectors to develop and implement quantum-resistant cryptography. This crucial shift necessitates a comprehensive approach, and the paper introduces a tailored security blueprint encompassing nine critical infrastructure components. This blueprint strengthens each area's defenses against potential quantum-induced cyber threats. Our strategic vulnerability and risk assessment equips stakeholders with the knowledge to navigate the complex quantum threat landscape. This empowers them to make informed decisions about design, implementation, and policy formulation, ultimately bolstering the resilience of critical infrastructure. In essence, this analysis not only forecasts quantum threats but also offers a sophisticated, actionable framework for fortifying infrastructure and cloud environments against the multifaceted challenges of the quantum era. This proactive approach will ensure continued data security and a thriving digital landscape in the years to come

Definition Search Book Streamline Icon: https://streamlinehq.com
References (165)
  1. P. W. Shor, “Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer,” SIAM Review, vol. 41, no. 2, pp. 303–332, 1999.
  2. D. J. Bernstein, J. Buchmann, and E. Dahmen, “Introduction to post-quantum cryptography,” 2009.
  3. P. N. N. Laboratory, “Inventory of public key cryptography in us electric vehicle charging infrastructure,” https://www.pnnl.gov, Tech. Rep., 2023.
  4. P. Lipman, “How quantum computing will transform cybersecurity,” https://www.forbes.com/sites/forbestechcouncil/2021/01/04/how-quantum-computing-will-transform-cybersecurity/?sh=604540237d3f, 2023, accessed: 2023-11-08.
  5. M. Lee, “Quantum computing and cybersecurity,” https://www.belfercenter.org/publication/quantum-computing-and-cybersecurity, 2023, accessed: 2023-11-08.
  6. M. Mosca, “Cybersecurity in an era with quantum computers: will we be ready?” IEEE Security & Privacy, vol. 16, no. 5, pp. 38–41, 2018.
  7. C. Gidney and M. Ekerå, “How to factor 2048 bit rsa integers in 8 hours using 20 million noisy qubits,” arXiv preprint arXiv:1905.09749, 2019.
  8. N. I. of Standards and Technology, “Nist to standardize encryption algorithms that can resist attack by quantum computers,” https://www.nist.gov, NIST, Tech. Rep., 2023.
  9. Nature, “Keeping secrets in a quantum world,” Nature, 2023.
  10. Cybersecurity and I. S. Agency, “Post-quantum cryptography initiative,” https://www.cisa.gov, CISA, Tech. Rep., 2023.
  11. TechTarget, “Explore the impact of quantum computing on cryptography,” https://www.techtarget.com, TechTarget, Tech. Rep., 2023.
  12. ISACA, “The quantum computing threat: Risks and responses,” https://www.isaca.org, ISACA, Tech. Rep., 2023.
  13. D. Bernstein and T. Lange, “Post-quantum cryptography,” Nature, vol. 549, pp. 188–194, 09 2017.
  14. R. Khan, K. McLaughlin, D. Laverty, and S. Sezer, “Stride-based threat modeling for cyber-physical systems,” in 2017 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe).   IEEE, 2017, pp. 1–6.
  15. S. M. Khalil, H. Bahsi, and T. Korõtko, “Threat modeling of industrial control systems: A systematic literature review,” Computers & Security, p. 103543, 2023.
  16. A. Mashatan, “A look at quantum resistant encryption & why it’s critical,” The SSL Store, 2022.
  17. W. Barker, M. Souppaya, and W. Newhouse, “Migration to post-quantum cryptography,” NIST National Institute of, Standards and Technology and National Cybersecurity, Center of Excellence, pp. 1–15, 2021.
  18. M. Shapna Akter, “Quantum cryptography for enhanced network security: A comprehensive survey of research, developments, and future directions,” arXiv e-prints, pp. arXiv–2306, 2023.
  19. P. W. Shor, “Algorithms for quantum computation: discrete logarithms and factoring,” Proceedings 35th annual symposium on foundations of computer science, pp. 124–134, 1994.
  20. F. Arute et al., “Quantum supremacy using a programmable superconducting processor,” Nature, vol. 574, no. 7779, pp. 505–510, 2019.
  21. D. Castelvecchi, “Quantum computers ready to leap out of the lab in 2017,” Nature, vol. 541, no. 7635, 2017.
  22. NIST, “Status report on the third round of the nist post-quantum cryptography standardization process,” https://csrc.nist.gov/publications/detail/nistir/8413/final, 2022, [Online; accessed 28-07-2022].
  23. N. I. of Standards and T. (NIST), “Post-quantum cryptography,” https://csrc.nist.gov/projects/post-quantum-cryptography, 2023.
  24. ——, “Post-quantum cryptography-selected algorithms 2022,” https://csrc.nist.gov/Projects/post-quantum-cryptography/selected-algorithms-2022, 2022.
  25. A. Kumar and S. Garhwal, “State-of-the-art survey of quantum cryptography,” Archives of Computational Methods in Engineering, vol. 28, pp. 3831–3868, 2021.
  26. J. R. Lindsay, “Demystifying the quantum threat: infrastructure, institutions, and intelligence advantage,” Security Studies, vol. 29, no. 2, pp. 335–361, 2020.
  27. C. Mangla, S. Rani, N. M. F. Qureshi, and A. Singh, “Mitigating 5g security challenges for next-gen industry using quantum computing,” Journal of King Saud University-Computer and Information Sciences, vol. 35, no. 6, p. 101334, 2023.
  28. M. Mosca and M. Piani, “2022 quantum threat timeline report,” Global Risk Insitute, 2022.
  29. M. J. H. Faruk, S. Tahora, M. Tasnim, H. Shahriar, and N. Sakib, “A review of quantum cybersecurity: threats, risks and opportunities,” in 2022 1st International Conference on AI in Cybersecurity (ICAIC).   IEEE, 2022, pp. 1–8.
  30. “Quantum technologies at aws,” https://aws.amazon.com/products/quantum/, 2023, accessed: 2023-11-27.
  31. “Azure quantum cloud service,” https://azure.microsoft.com/en-us/products/quantum/, 2023, accessed: 2023-11-17.
  32. “Google cloud quantum computing service,” https://quantumai.google/cirq/google/concepts, 2023, accessed: 2023-10-31.
  33. F. D, “Terminology for Post-Quantum Traditional Hybrid Schemes,” https://datatracker.ietf.org/doc/draft-driscoll-pqt-hybrid-terminology/02/, Internet Engineering Task Force, Internet-Draft draft-driscoll-pqt-hybrid-terminology-02, Mar. 2023, work in Progress.
  34. I. Rosenberg, “Post-quantum cryptography and quantum-safe security,” IBM Research Blog, 2019.
  35. L. Chen, S. Jordan, Y.-K. Liu, D. Moody, R. Peralta, R. Perlner, and D. Smith-Tone, “Report on post-quantum cryptography,” US Department of Commerce, National Institute of Standards and Technology, 2016.
  36. J. P. Mattsson, B. Smeets, and E. Thormarker, “Quantum-resistant cryptography,” arXiv preprint arXiv:2112.00399, 2021.
  37. TechTarget, “A cloud services cheat sheet for aws, azure and google cloud,” TechTarget, 2021.
  38. Crypto4A, “Quantum safe hardware security modules,” https://crypto4a.com/hardware-security-modules/, 2023, accessed: 2023-12-09.
  39. Entrust, “A comprehensive guide to quantum-resistant encryption,” https://www.entrust.com/resources/learn/post-quantum-cryptography-and-encryption, 2023.
  40. IBM, “Make the world quantum safe,” https://www.ibm.com/quantum/quantum-safe, 2023, accessed: 2023-12-09.
  41. L. Gyongyosi and S. Imre, “A survey on quantum computing technology,” Computer Science Review, vol. 31, pp. 51–71, 2019.
  42. N. I. of Standards and T. (NIST), “Preparing for post-quantum cryptography,” https://www.nist.gov/pqcrypto, National Institute of Standards and Technology, Tech. Rep., 2023, accessed: 2023-10-31.
  43. C. Gidney and M. Ekerå, “Quantum computing, postselection, and probabilistic polynomial-time,” Physical Review A, vol. 103, no. 3, p. 032414, 2021.
  44. S. Turner and D. Brown, “Use of elliptic curve cryptography (ecc) algorithms in cryptographic message syntax (cms),” Tech. Rep., 2010.
  45. D. Gillmor, “Negotiated finite field diffie-hellman ephemeral parameters for transport layer security (tls),” Tech. Rep., 2016.
  46. K. Moriarty, B. Kaliski, J. Jonsson, and A. Rusch, “Pkcs# 1: Rsa cryptography specifications version 2.2,” Tech. Rep., 2016.
  47. J. Schaad, “Use of the advanced encryption standard (aes) encryption algorithm in cryptographic message syntax (cms),” Tech. Rep., 2003.
  48. L. K. Grover, “A fast quantum mechanical algorithm for database search,” in Proceedings of the twenty-eighth annual ACM symposium on Theory of computing, 1996, pp. 212–219.
  49. D. Eastlake 3rd and T. Hansen, “Us secure hash algorithms (sha and sha-based hmac and hkdf),” Tech. Rep., 2011.
  50. G. Brassard, P. Hoyer, and A. Tapp, “Quantum algorithm for the collision problem,” arXiv preprint quant-ph/9705002, 1997.
  51. T. Oder, T. Schneider, T. Pöppelmann, and T. Güneysu, “Practical cca2-secure and masked ring-lwe implementation,” Cryptology ePrint Archive, 2016.
  52. P. Ravi, S. Bhasin, S. S. Roy, and A. Chattopadhyay, “Drop by drop you break the rock-exploiting generic vulnerabilities in lattice-based pke/kems using em-based physical attacks,” Cryptology ePrint Archive, 2020.
  53. P. Ravi, D. B. Roy, S. Bhasin, A. Chattopadhyay, and D. Mukhopadhyay, “Number “not used” once-practical fault attack on pqm4 implementations of nist candidates,” in International Workshop on Constructive Side-Channel Analysis and Secure Design.   Springer, 2019, pp. 232–250.
  54. M. Hamburg, J. Hermelink, R. Primas, S. Samardjiska, T. Schamberger, S. Streit, E. Strieder, and C. van Vredendaal, “Chosen ciphertext k-trace attacks on masked cca2 secure kyber,” IACR Transactions on Cryptographic Hardware and Embedded Systems, pp. 88–113, 2021.
  55. P. Pessl and R. Primas, “More practical single-trace attacks on the number theoretic transform,” in International Conference on Cryptology and Information Security in Latin America.   Springer, 2019, pp. 130–149.
  56. E. Dubrova, K. Ngo, and J. Gärtner, “Breaking a fifth-order masked implementation of crystals-kyber by copy-paste,” Cryptology ePrint Archive, 2022.
  57. P. Ravi, S. S. Roy, A. Chattopadhyay, and S. Bhasin, “Generic side-channel attacks on cca-secure lattice-based pke and kems.” IACR Trans. Cryptogr. Hardw. Embed. Syst., vol. 2020, no. 3, pp. 307–335, 2020.
  58. Z. Xu, O. Pemberton, S. S. Roy, D. Oswald, W. Yao, and Z. Zheng, “Magnifying side-channel leakage of lattice-based cryptosystems with chosen ciphertexts: the case study of kyber,” IEEE Transactions on Computers, vol. 71, no. 9, pp. 2163–2176, 2021.
  59. P. Ravi, S. Bhasin, S. S. Roy, and A. Chattopadhyay, “On exploiting message leakage in (few) nist pqc candidates for practical message recovery attacks,” IEEE Transactions on Information Forensics and Security, vol. 17, pp. 684–699, 2021.
  60. M. R. Albrecht, A. Deo, and K. G. Paterson, “Cold boot attacks on ring and module lwe keys under the ntt,” Cryptology ePrint Archive, 2018.
  61. L. G. Bruinderink and P. Pessl, “Differential fault attacks on deterministic lattice signatures,” IACR Transactions on Cryptographic Hardware and Embedded Systems, pp. 21–43, 2018.
  62. V. Migliore, B. Gérard, M. Tibouchi, and P.-A. Fouque, “Masking dilithium,” in International Conference on Applied Cryptography and Network Security.   Springer, 2019, pp. 344–362.
  63. S. Marzougui, V. Ulitzsch, M. Tibouchi, and J.-P. Seifert, “Profiling side-channel attacks on dilithium: A small bit-fiddling leak breaks it all,” Cryptology ePrint Archive, 2022.
  64. P. Ravi, M. P. Jhanwar, J. Howe, A. Chattopadhyay, and S. Bhasin, “Exploiting determinism in lattice-based signatures: practical fault attacks on pqm4 implementations of nist candidates,” in Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security, 2019, pp. 427–440.
  65. R. Singh, S. Islam, B. Sunar, and P. Schaumont, “An end-to-end analysis of emfi on bit-sliced post-quantum implementations,” arXiv preprint arXiv:2204.06153, 2022.
  66. S. McCarthy, J. Howe, N. Smyth, S. Brannigan, and M. O’Neill, “Bearz attack falcon: implementation attacks with countermeasures on the falcon signature scheme,” Cryptology ePrint Archive, 2019.
  67. E. Karabulut and A. Aysu, “Falcon down: Breaking falcon post-quantum signature scheme through side-channel attacks,” in 2021 58th ACM/IEEE Design Automation Conference (DAC).   IEEE, 2021, pp. 691–696.
  68. D. J. Bernstein, T. Lange, and C. Peters, “Attacking and defending the mceliece cryptosystem,” in International Workshop on Post-Quantum Cryptography.   Springer, 2008, pp. 31–46.
  69. F. Strenzke, E. Tews, H. G. Molter, R. Overbeck, and A. Shoufan, “Side channels in the mceliece pkc,” in International Workshop on Post-Quantum Cryptography.   Springer, 2008, pp. 216–229.
  70. M. Kreuzer and J. Danner, “A fault attack on the niederreiter cryptosystem using binary irreducible goppa codes,” journal of Groups, complexity, cryptology, vol. 12, 2020.
  71. P.-L. Cayrel, B. Colombier, V.-F. Dragoi, A. Menu, and L. Bossuet, “Message-recovery laser fault injection attack on code-based cryptosystems.” IACR Cryptol. ePrint Arch., vol. 2020, p. 900, 2020.
  72. M. Petrvalsky, T. Richmond, M. Drutarovsky, P.-L. Cayrel, and V. a. Fischer, “Countermeasure against the spa attack on an embedded mceliece cryptosystem,” in 2015 25th International Conference Radioelektronika (RADIOELEKTRONIKA).   IEEE, 2015, pp. 462–466.
  73. Q. Guo, A. Johansson, and T. Johansson, “A key-recovery side-channel attack on classic mceliece,” Cryptology ePrint Archive, 2022.
  74. P. Jedlicka, L. Malina, P. Socha, T. Gerlich, Z. Martinasek, and J. Hajny, “On secure and side-channel resistant hardware implementations of post-quantum cryptography,” in Proceedings of the 17th International Conference on Availability, Reliability and Security, 2022, pp. 1–9.
  75. C. Chen, T. Eisenbarth, I. von Maurich, and R. Steinwandt, “Horizontal and vertical side channel analysis of a mceliece cryptosystem,” IEEE Transactions on Information Forensics and Security, vol. 11, no. 6, pp. 1093–1105, 2015.
  76. M. Petrvalsky, T. Richmond, M. Drutarovsky, P.-L. Cayrel, and V. Fischer, “Differential power analysis attack on the secure bit permutation in the mceliece cryptosystem,” in 2016 26th International Conference Radioelektronika (RADIOELEKTRONIKA).   IEEE, 2016, pp. 132–137.
  77. N. Lahr, R. Niederhagen, R. Petri, and S. Samardjiska, “Side channel information set decoding using iterative chunking,” in International Conference on the Theory and Application of Cryptology and Information Security.   Springer, 2020, pp. 881–910.
  78. R. V. Polanco, “Cold boot attacks on post-quantum schemes,” Ph.D. dissertation, Royal Holloway, University of London, 2019.
  79. Q. Guo, C. Hlauschek, T. Johansson, N. Lahr, A. Nilsson, and R. L. Schröder, “Don’t reject this: Key-recovery timing attacks due to rejection-sampling in hqc and bike,” IACR Transactions on Cryptographic Hardware and Embedded Systems, pp. 223–263, 2022.
  80. K. Xagawa, A. Ito, R. Ueno, J. Takahashi, and N. Homma, “Fault-injection attacks against nist’s post-quantum cryptography round 3 kem candidates,” in International Conference on the Theory and Application of Cryptology and Information Security.   Springer, 2021, pp. 33–61.
  81. G. Wafo-Tapa, S. Bettaieb, L. Bidoux, P. Gaborit, and E. Marcatel, “A practicable timing attack against hqc and its countermeasure,” Advances in Mathematics of Communications, 2020.
  82. Q. Guo, T. Johansson, and A. Nilsson, “A key-recovery timing attack on post-quantum primitives using the fujisaki-okamoto transformation and its application on frodokem,” in Annual International Cryptology Conference.   Springer, 2020, pp. 359–386.
  83. T. Schamberger, J. Renner, G. Sigl, and A. Wachter-Zeh, “A power side-channel attack on the cca2-secure hqc kem,” in International Conference on Smart Card Research and Advanced Applications.   Springer, 2020, pp. 119–134.
  84. G. Goy, A. Loiseau, and P. Gaborit, “A new key recovery side-channel attack on hqc with chosen ciphertext,” in International Conference on Post-Quantum Cryptography.   Springer, 2022, pp. 353–371.
  85. L. Castelnovi, A. Martinelli, and T. Prest, “Grafting trees: a fault attack against the sphincs framework,” in International Conference on Post-Quantum Cryptography.   Springer, 2018, pp. 165–184.
  86. A. Genêt, M. J. Kannwischer, H. Pelletier, and A. McLauchlan, “Practical fault injection attacks on sphincs,” Cryptology ePrint Archive, 2018.
  87. M. J. Kannwischer, A. Genêt, D. Butin, J. Krämer, and J. Buchmann, “Differential power analysis of xmss and sphincs,” in International Workshop on Constructive Side-Channel Analysis and Secure Design.   Springer, 2018, pp. 168–188.
  88. W. Castryck and T. Decru, “An efficient key recovery attack on sidh (preliminary version),” Cryptology ePrint Archive, 2022.
  89. É. Tasso, L. De Feo, N. El Mrabet, and S. Pontié, “Resistance of isogeny-based cryptographic implementations to a fault attack,” in International Workshop on Constructive Side-Channel Analysis and Secure Design.   Springer, 2021, pp. 255–276.
  90. L. De Feo, N. El Mrabet, A. Genet, N. Kaluderovic, N. Linard de Guertechin, S. Pontié, and É. Tasso, “Sike channels-zero-value side-channel attacks on sike,” Tech. Rep., 2022.
  91. R. Villanueva-Polanco and E. Angulo-Madrid, “Cold boot attacks on the supersingular isogeny key encapsulation (sike) mechanism,” Applied Sciences, vol. 11, no. 1, p. 193, 2020.
  92. J. Bos, L. Ducas, E. Kiltz, T. Lepoint, V. Lyubashevsky, J. M. Schanck, P. Schwabe, G. Seiler, and D. Stehlé, “Crystals-kyber: a cca-secure module-lattice-based kem,” in 2018 IEEE European Symposium on Security and Privacy (EuroS&P).   IEEE, 2018, pp. 353–367.
  93. L. Ducas, E. Kiltz, T. Lepoint, V. Lyubashevsky, P. Schwabe, G. Seiler, and D. Stehlé, “Crystals-dilithium: A lattice-based digital signature scheme,” IACR Transactions on Cryptographic Hardware and Embedded Systems, pp. 238–268, 2018.
  94. P.-A. Fouque, J. Hoffstein, P. Kirchner, V. Lyubashevsky, T. Pornin, T. Prest, T. Ricosset, G. Seiler, W. Whyte, and Z. Zhang, “Falcon: Fast-fourier lattice-based compact signatures over ntru,” Submission to the NIST’s post-quantum cryptography standardization process, vol. 36, no. 5, 2018.
  95. D. J. Bernstein, T. Chou, T. Lange, I. von Maurich, R. Misoczki, R. Niederhagen, E. Persichetti, C. Peters, P. Schwabe, N. Sendrier et al., “Classic mceliece: conservative code-based cryptography,” NIST submissions, 2017.
  96. C. A. Melchor, N. Aragon, S. Bettaieb, L. Bidoux, O. Blazy, J.-C. Deneuville, P. Gaborit, E. Persichetti, G. Zémor, and I. Bourges, “Hamming quasi-cyclic (hqc),” NIST PQC Round, vol. 2, pp. 4–13, 2018.
  97. N. Aragon, P. Barreto, S. Bettaieb, L. Bidoux, O. Blazy, J.-C. Deneuville, P. Gaborit, S. Gueron, T. Guneysu, C. A. Melchor et al., “Bike: bit flipping key encapsulation,” 2017.
  98. D. J. Bernstein, A. Hülsing, S. Kölbl, R. Niederhagen, J. Rijneveld, and P. Schwabe, “The sphincs+ signature framework,” in Proceedings of the 2019 ACM SIGSAC conference on computer and communications security, 2019, pp. 2129–2146.
  99. D. Jao and L. D. Feo, “Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies,” in International Workshop on Post-Quantum Cryptography.   Springer, 2011, pp. 19–34.
  100. National Institute of Standards and Technology (NIST), “NIST Special Publication 800-30, Revision 1,” https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-30r1.pdf, U.S. Department of Commerce, Special Publication 800-30, 2012.
  101. M. Compastié, R. Badonnel, O. Festor, and R. He, “From virtualization security issues to cloud protection opportunities: An in-depth analysis of system virtualization models,” Computers & Security, vol. 97, p. 101905, 2020.
  102. OWASP, “Code injection - owasp,” https://owasp.org/www-community/attacks/Code_Injection, 2023, accessed: 2023-11-27.
  103. K. Baker, “The 12 most common types of malware,” https://www.crowdstrike.com/cybersecurity-101/malware/types-of-malware/, 2023, accessed: 2022-09-23.
  104. T. Sharma, “Protection and security in operating system,” https://www.scaler.com/topics/protection-and-security-in-operating-system/, accessed: 2023-11-14.
  105. B. S. Rawal, G. Manogaran, and A. Peter, “Malware,” in Cybersecurity and Identity Access Management.   Springer, 2023, pp. 103–116.
  106. A. Kumar, “Trap doors in softwares (trapdoor virus),” https://arunkumarhn.wordpress.com/2011/12/12/trap-doors-in-softwares-trapdoor-virus/, accessed: 2022-09-14.
  107. E. System, “Insider threat: Definition, types & countermeasures,” https://www.ekransystem.com/en/blog/insider-threat-definition, 2021, accessed: 2023-11-26.
  108. J. Oberheide, E. Cooke, and F. Jahanian, “Empirical exploitation of live virtual machine migration,” in Proc. of BlackHat DC convention.   Citeseer, 2008, pp. 1–6.
  109. G. Cuozzo, “Critical infrastructure cyber-attack through firmware exploitation.” 2016.
  110. V. Grover et al., “An efficient brute force attack handling techniques for server virtualization,” in Proceedings of the International Conference on Innovative Computing & Communications (ICICC), 2020.
  111. N. Chakraborty and E. Kalaimannan, “Minimum cost security measurements for attack tree based threat models in smart grid,” in 2017 IEEE 8th Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON).   IEEE, 2017, pp. 614–618.
  112. D. Gruss, E. Kraft, T. Tiwari, M. Schwarz, A. Trachtenberg, J. Hennessey, A. Ionescu, and A. Fogh, “Page cache attacks,” in Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, 2019, pp. 167–180.
  113. M. Esfahani, H. Soleimany, and M. R. Aref, “Enhanced cache attack on aes applicable on arm-based devices with new operating systems,” Computer Networks, vol. 198, p. 108407, 2021.
  114. J. Krautter, D. R. Gnad, and M. B. Tahoori, “FPGAhammer: Remote voltage fault attacks on shared fpgas, suitable for DFA on AES,” IACR Transactions on Cryptographic Hardware and Embedded Systems, pp. 44–68, 2018.
  115. M. L. P. Gort, M. Olliaro, and A. Cortesi, “Relational data watermarking resilience to brute force attacks in untrusted environments,” Expert Systems with Applications, p. 118713, 2022.
  116. M. Jangjou and M. K. Sohrabi, “A comprehensive survey on security challenges in different network layers in cloud computing,” Archives of Computational Methods in Engineering, pp. 1–22, 2022.
  117. J. Smith and J. Doe, “Understanding post request collision and web security,” Journal of Web Security, vol. 27, no. 3, pp. 101–115, 2019.
  118. V. C. Craciun, A. Mogage, and E. Simion, “Trends in design of ransomware viruses,” in Innovative Security Solutions for Information Technology and Communications: 11th International Conference, SecITC 2018, Bucharest, Romania, November 8–9, 2018, Revised Selected Papers 11.   Springer, 2019, pp. 259–272.
  119. N. Kilber, D. Kaestle, and S. Wagner, “Cybersecurity for quantum computing,” arXiv preprint arXiv:2110.14701, 2021.
  120. K. Lounis and M. Zulkernine, “Attacks and defenses in short-range wireless technologies for iot,” IEEE Access, vol. 8, pp. 88 892–88 932, 2020.
  121. Y.-L. Huang, B. Chen, M.-W. Shih, and C.-Y. Lai, “Security impacts of virtualization on a network testbed,” in 2012 IEEE Sixth International Conference on Software Security and Reliability.   IEEE, 2012, pp. 71–77.
  122. N. Merhav and A. Cohen, “Universal randomized guessing with application to asynchronous decentralized brute–force attacks,” IEEE Transactions on Information Theory, vol. 66, no. 1, pp. 114–129, 2019.
  123. P. Grassi, M. Garcia, and J. Fenton, “Digital identity guidelines,” National Institute of Standards and Technology, Tech. Rep., 2020.
  124. R. Aldeco Perez, “Secure provenance-based auditing of personal data use,” Ph.D. dissertation, University of Southampton, 2012.
  125. M. Masdari and M. Jalali, “A survey and taxonomy of dos attacks in cloud computing,” Security and Communication Networks, vol. 9, no. 16, pp. 3724–3751, 2016.
  126. E. Tirado, B. Turpin, C. Beltz, P. Roshon, R. Judge, and K. Gagneja, “A new distributed brute-force password cracking technique,” in International conference on future network systems and security.   Springer, 2018, pp. 117–127.
  127. A. Bates, B. Mood, J. Pletcher, H. Pruse, M. Valafar, and K. Butler, “Detecting co-residency with active traffic analysis techniques,” in Proceedings of the 2012 ACM Workshop on Cloud computing security workshop, 2012, pp. 1–12.
  128. A. Shahzad and A. Litchfield, “Virtualization technology: Cross-vm cache side channel attacks make it vulnerable,” 2015.
  129. S. Anwar, Z. Inayat, M. F. Zolkipli, J. M. Zain, A. Gani, N. B. Anuar, M. K. Khan, and V. Chang, “Cross-vm cache-based side channel attacks and proposed prevention mechanisms: A survey,” Journal of Network and Computer Applications, vol. 93, pp. 259–279, 2017.
  130. A. Saeed, S. A. Hussain, and P. Garraghan, “Cross-vm network channel attacks and countermeasures within cloud computing environments,” IEEE Transactions on Dependable and Secure Computing, 2020.
  131. G. Irazoqui, T. Eisenbarth, and B. Sunar, “S $ a: A shared cache attack that works across cores and defies vm sandboxing–and its application to aes,” in 2015 IEEE Symposium on Security and Privacy.   IEEE, 2015, pp. 591–604.
  132. Y. Lu, “Attacking hardware aes with dfa,” arXiv preprint arXiv:1902.08693, 2019.
  133. W. Shen, Y. Su, and R. Hao, “Lightweight cloud storage auditing with deduplication supporting strong privacy protection,” IEEE Access, vol. 8, pp. 44 359–44 372, 2020.
  134. M. Idhom, H. E. Wahanani, and A. Fauzi, “Network security system on multiple servers against brute force attacks,” in 2020 6th Information Technology International Seminar (ITIS).   IEEE, 2020, pp. 258–262.
  135. Z. Zhang, Y. Wang, and L. Xie, “A novel data integrity attack detection algorithm based on improved grey relational analysis,” IEEE Access, vol. 6, pp. 73 423–73 433, 2018.
  136. M. Shibly and B. G. De Soto, “Threat modeling in construction: An example of a 3d concrete printing system,” in ISARC. Proceedings of the International Symposium on Automation and Robotics in Construction, vol. 37.   IAARC Publications, 2020, pp. 625–632.
  137. C. Shen, C. Chen, and J. Zhang, “Micro-architectural cache side-channel attacks and countermeasures,” in 2021 26th Asia and South Pacific Design Automation Conference (ASP-DAC).   IEEE, 2021, pp. 441–448.
  138. J. Blömer, P. Günther, and G. Liske, “Tampering attacks in pairing-based cryptography,” in 2014 Workshop on Fault Diagnosis and Tolerance in Cryptography.   IEEE, 2014, pp. 1–7.
  139. J.-y. Kim and H.-Y. Kwon, “Threat classification model for security information event management focusing on model efficiency,” Computers & Security, p. 102789, 2022.
  140. M. Mushtaq, A. Akram, M. K. Bhatti, R. N. B. Rais, V. Lapotre, and G. Gogniat, “Run-time detection of prime+ probe side-channel attack on aes encryption algorithm,” in 2018 Global Information Infrastructure and Networking Symposium.   IEEE, 2018, pp. 1–5.
  141. N. M. Almutairy, K. H. Al-Shqeerat, and H. A. Al Hamad, “A taxonomy of virtualization security issues in cloud computing environments,” Indian Journal of Science and Technology, vol. 12, no. 3, pp. 1–19, 2019.
  142. P. Kedia, R. Nagpal, and T. P. Singh, “A survey on virtualization service providers, security issues, tools and future trends,” International Journal of Computer Applications, vol. 69, no. 24, 2013.
  143. N. Gruschka and N. Luttenberger, “Protecting web services from dos attacks by soap message validation,” in IFIP International Information Security Conference.   Springer, 2006, pp. 171–182.
  144. X. Wang and J. Backer, “Sigdrop: Signature-based rop detection using hardware performance counters,” arXiv preprint arXiv:1609.02667, 2016.
  145. G. Poulios, C. Ntantogian, and C. Xenakis, “Ropinjector: Using return oriented programming for polymorphism and antivirus evasion,” Blackhat USA, 2015.
  146. A. Otmani, J.-P. Tillich, and L. Dallot, “Cryptanalysis of two mceliece cryptosystems based on quasi-cyclic codes,” Mathematics in Computer Science, vol. 3, no. 2, pp. 129–140, 2010.
  147. S. Chen, R. Wang, X. Wang, and K. Zhang, “Side-channel leaks in web applications: a reality today, a challenge tomorrow,” in Proceedings of the IEEE Symposium on Security and Privacy (Oakland).   IEEE Computer Society, May 2010.
  148. S. Roy, T. Farheen, S. Tajik, and D. Forte, “Self-timed sensors for detecting static optical side channel attacks,” in 2022 23rd International Symposium on Quality Electronic Design (ISQED).   IEEE, 2022, pp. 1–6.
  149. G. Joy Persial, M. Prabhu, and R. Shanmugalakshmi, “Side channel attack-survey,” Int. J. Adv. Sci. Res. Rev, vol. 1, no. 4, pp. 54–57, 2011.
  150. X. Lou, T. Zhang, J. Jiang, and Y. Zhang, “A survey of microarchitectural side-channel vulnerabilities, attacks, and defenses in cryptography,” ACM Computing Surveys (CSUR), vol. 54, no. 6, pp. 1–37, 2021.
  151. F. Schellenberg, D. R. Gnad, A. Moradi, and M. B. Tahoori, “Remote inter-chip power analysis side-channel attacks at board-level,” in 2018 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).   IEEE, 2018, pp. 1–7.
  152. A. Sayakkara, N.-A. Le-Khac, and M. Scanlon, “A survey of electromagnetic side-channel attacks and discussion on their case-progressing potential for digital forensics,” Digital Investigation, vol. 29, pp. 43–54, 2019.
  153. M. Ş. Açikkapi, F. Özkaynak, and A. B. Özer, “Side-channel analysis of chaos-based substitution box structures,” IEEE Access, vol. 7, pp. 79 030–79 043, 2019.
  154. D. Genkin, A. Shamir, and E. Tromer, “Acoustic cryptanalysis,” Journal of Cryptology, vol. 30, no. 2, pp. 392–443, 2017.
  155. D.-P. Le, S. L. Yeo, and K. Khoo, “Algebraic differential fault analysis on simon block cipher,” IEEE Transactions on Computers, vol. 68, no. 11, pp. 1561–1572, 2019.
  156. J. Breier, M. Khairallah, X. Hou, and Y. Liu, “A countermeasure against statistical ineffective fault analysis,” IEEE Transactions on Circuits and Systems II: Express Briefs, vol. 67, no. 12, pp. 3322–3326, 2020.
  157. B. B. Brumley, “Cache storage attacks,” in Cryptographers’ Track at the RSA Conference.   Springer, 2015, pp. 22–34.
  158. S. B. Joshi, “Standards and techniques to remove data remanence in cloud storage,” in 2018 IEEE Punecon.   IEEE, 2018, pp. 1–4.
  159. P. Naik and U. Chatterjee, “Network data remanence side channel attack on spread, h-spread and reverse aodv,” in International Conference on Security, Privacy, and Applied Cryptography Engineering.   Springer, 2021, pp. 129–147.
  160. D. Jafarigiv, K. Sheshyekani, H. Karimi, and J. Mahseredjian, “A scalable fmi-compatible cosimulation platform for synchrophasor network studies,” IEEE Transactions on Industrial Informatics, vol. 17, no. 1, pp. 270–279, 2020.
  161. M. Müller, J. de Jong, M. van Heesch, B. Overeinder, and R. van Rijswijk-Deij, “Retrofitting post-quantum cryptography in internet protocols: a case study of dnssec,” ACM SIGCOMM Computer Communication Review, vol. 50, no. 4, pp. 49–57, 2020.
  162. G. Beernink, “Taking the quantum leap: Preparing dnssec for post quantum cryptography,” http://essay.utwente.nl/89509/, February 2022.
  163. Q. Zhou, H. Dai, L. Liu, K. Shi, J. Chen, and H. Jiang, “The final security problem in iot: Don’t count on the canary!” in 2022 7th IEEE International Conference on Data Science in Cyberspace (DSC).   IEEE, 2022, pp. 599–604.
  164. S. Nicula and R. D. Zota, “Exploiting stack-based buffer overflow using modern day techniques,” Procedia Computer Science, vol. 160, pp. 9–14, 2019.
  165. Microsoft, “Data execution prevention,” Microsoft Learn, May 2023, https://learn.microsoft.com/en-us/windows/win32/memory/data-execution-prevention.
Citations (4)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets