UNIT-III

Information-theoretic security
A cryptosystem is considered to have information-theoretic security (also called unconditional security) if
the system is secure against adversaries with unlimited computing resources and time. In contrast, a system
which depends on the computational cost of cryptanalysis to be secure (and thus can be broken by an attack
with unlimited computation) is called computationally, or conditionally, secure.

Overview
An encryption protocol with information-theoretic security is impossible to break even with infinite
computational power. Protocols proven to be information-theoretically secure are resistant to future
developments in computing. The concept of information-theoretically secure communication was introduced in
1949 by American mathematician Claude Shannon, one of the founders of classical information theory, who
used it to prove the one-time pad system was secure. Information-theoretically secure cryptosystems have been
used for the most sensitive governmental communications, such as diplomatic cables and high-level military
communications.

There are a variety of cryptographic tasks for which information-theoretic security is a meaningful and useful
requirement. A few of these are:

1. Secret sharing schemes such as information-theoretically secure (and also perfectly secure) in that
having less than the requisite number of shares of the secret provides no information about the secret.
2. More generally, secure multiparty computation protocols often have information-theoretic security.
3. Private information retrieval with multiple databases can be achieved with information-theoretic privacy
for the user's query.
4. Reductions between cryptographic primitives or tasks can often be achieved information-
theoretically.Such reductions are important from a theoretical perspective because they establish that

primitive can be realized if primitive can be realized.

5. Symmetric encryption can be constructed under an information-theoretic notion of security
called entropic security, which assumes that the adversary knows almost nothing about the message
being sent. The goal here is to hide all functions of the plaintext rather than all information about it.
6. Information-theoretic cryptography is quantum-safe.
Information Theoretic Security
Security is one of the most important issues in communications. Security issues arising in communication
networks include confidentiality, integrity, authentication and non-repudiation. Attacks on the security of
communication networks can be divided into two basic types: passive attacks and active attacks. An active
attack corresponds to the situation in which a malicious actor intentionally disrupts the system. A passive attack
corresponds to the situation in which a malicious actor attempts to interpret source information without
injecting any information or trying to modify the information; i.e., passive attackers listen to the transmission
without modifying it.

Information Theoretic Security focuses on confidentiality issues, in which passive attacks are of primary
concern. The information theoretic approach to achieving secure communication opens a promising new
direction toward solving wireless networking security problems. Compared to contemporary cryptosystems,
information theoretic approaches offer advantages such as eliminating the key management issue; are less
vulnerable to the man-in-the-middle and achieve provable security that is robust to powerful eavesdroppers
possessing unlimited computational resources, knowledge of the communication strategy employed including
coding and decoding algorithms, and access to communication systems either through perfect or noisy channels.
Information Theoretic Security surveys the research dating back to the 1970s which forms the basis of applying
this technique in modern systems. It proceeds to provide an overview of how information theoretic approaches
are developed to achieve secrecy for a basic wire-tap channel model as well as for its extensions to multiuser
networks. It is an invaluable resource for students and researchers working in network security, information
theory and communications.

Diffie-Hellman algorithm:
The Diffie-Hellman algorithm is being used to establish a shared secret that can be used for
secret communications while exchanging data over a public network using the elliptic curve to generate points
and get the secret key using the parameters.
 For the sake of simplicity and practical implementation of the algorithm, we will consider only 4
variables, one prime P and G (a primitive root of P) and two private values a and b.
 P and G are both publicly available numbers. Users (say Alice and Bob) pick private values a and b and
they generate a key and exchange it publicly. The opposite person receives the key and that generates a
secret key, after which they have the same secret key to encrypt.

Step-by-Step explanation is as follows:

Alice Bob

Public Keys available = P, G Public Keys available = P, G

Private Key Selected = a Private Key Selected = b

Key generated = Key generated =

Exchange of generated keys takes place

Key received = y key received = x

Generated Secret Key = Generated Secret Key =

Algebraically, it can be shown that

Users now have a symmetric secret key to encrypt

Example:
Step 1: Alice and Bob get public numbers P = 23, G = 9

Step 2: Alice selected a private key a = 4 and

Bob selected a private key b = 3
Step 3: Alice and Bob compute public values
Alice: x =(9^4 mod 23) = (6561 mod 23) = 6
Bob: y = (9^3 mod 23) = (729 mod 23) = 16

Step 4: Alice and Bob exchange public numbers

Step 5: Alice receives public key y =16 and

Bob receives public key x = 6

Step 6: Alice and Bob compute symmetric keys

Alice: ka = y^a mod p = 65536 mod 23 = 9
Bob: kb = x^b mod p = 216 mod 23 = 9

Step 7: 9 is the shared secret.

Implementation:

/* This program calculates the Key for two persons

using the Diffie-Hellman Key exchange algorithm */
#include <math.h>
#include <stdio.h>

// Power function to return value of a ^ b mod P

long long int power(long long int a, long long int b,
long long int P)
{
if (b == 1)
return a;

else
return (((long long int)pow(a, b)) % P);
}

// Driver program
int main()
{
long long int P, G, x, a, y, b, ka, kb;

// Both the persons will be agreed upon the

// public keys G and P
P = 23; // A prime number P is taken
printf("The value of P : %lld\n", P);

G = 9; // A primitive root for P, G is taken

printf("The value of G : %lld\n\n", G);

// Alice will choose the private key a

a = 4; // a is the chosen private key
printf("The private key a for Alice : %lld\n", a);
x = power(G, a, P); // gets the generated key
 // Bob will choose the private key b
b = 3; // b is the chosen private key
printf("The private key b for Bob : %lld\n\n", b);
y = power(G, b, P); // gets the generated key

// Generating the secret key after the exchange

// of keys
ka = power(y, a, P); // Secret key for Alice
kb = power(x, b, P); // Secret key for Bob

printf("Secret key for the Alice is : %lld\n", ka);

printf("Secret Key for the Bob is : %lld\n", kb);

return 0;
}

Output:
The value of P : 23
The value of G : 9

The private key a for Alice : 4

The private key b for Bob : 3

Secret key for the Alice is : 9

Secret Key for the Bob is : 9

Advanced Encryption Standard (AES)

The Advanced Encryption Standard (AES) is a symmetric block cipher chosen by the U.S. government to
protect classified information.
AES is implemented in software and hardware throughout the world to encrypt sensitive data. It is essential for
government computer security, cybersecurity and electronic data protection. Since AES puts data through
multiple encryption rounds and splits a message into smaller blocks of 128 bits, it is more secure and reliable
than older symmetric encryption methods. AES uses 128-, 192- or 256-bit keys to encrypt and decrypt data.

AES is a symmetric encryption algorithm and a block cipher. The former means that it uses the same key to
encrypt and decrypt data. The sender and the receiver must both know -- and use -- the same secret encryption
key. This makes AES different from asymmetric algorithms, where different keys are used for data encryption
and decryption. Block cipher means that AES splits a message into smaller blocks and encrypts those blocks to
convert the plaintext message to an unintelligible form called ciphertext.

AES uses multiple cryptographic keys, each of which undergoes multiple rounds of encryption to better protect
the data and ensure its confidentiality and integrity. All key lengths can be used to protect Confidential and
Secret level information. In general, AES-128 provides adequate security and protection from brute-force
attacks for most consumer applications. Information that's classified as Top Secret -- e.g., government or
military information -- requires the stronger security provided by either 192- or 256-bit key lengths, which also
require more processing power and can take longer to execute.
Where is AES encryption used?
The National Institute of Standards and Technology, or NIST, started development of AES in 1997. In June
2003, AES became the default encryption algorithm for protecting classified information, including government
information. It also became the first publicly accessible and open cipher approved by the National Security
Agency to protect Top Secret information and national security systems.

AES is also included in the International Organization for Standardization's ISO/IEC 18033-3 standard, which
specifies block ciphers for boosting data confidentiality.

Today, AES is one of the most popular symmetric key cryptography algorithms for a wide range of encryption
applications for both government and commercial use. Some examples include the following:

 Data on storage media, including hard drives and USB drives.

 Electronic communication apps.
 Programming libraries.
 Internet browsers.
 File and disk compression.
 Wireless networks.
 Databases.
 Login credentials including passwords.
 Virtual private networking (VPN).
How AES encryption works
AES includes three block ciphers or cryptographic keys:

1. AES-128 uses a 128-bit key length to encrypt and decrypt message blocks.
2. AES-192 uses a 192-bit key length to encrypt and decrypt message blocks.
3. AES-256 uses a 256-bit key length to encrypt and decrypt message blocks.

Each cipher encrypts and decrypts data in blocks of 128 bits using cryptographic keys of 128, 192 and 256 bits,
respectively. The 128-, 192- and 256-bit keys undergo 10, 12 and 14 rounds of encryption, respectively. A
round consists of several processing steps including substitution, transposition and mixing of the plaintext input
to transform it into the final ciphertext output. The more rounds there are, the harder it becomes to crack the
encryption, and the safer the original information.

In AES, numerous transformations are performed on data. First, the data is put into an array, after which the
cipher transformations are repeated over multiple encryption rounds. The first transformation is data
substitution using a substitution table and a predefined cipher. In the second transformation, all data rows are
shifted by one except the first row. The third transformation mixes columns using the Hill cipher. The last
transformation is performed on each column, or data block, using a different part or a small portion of the
encryption key. Longer keys need more rounds to complete.

During decryption, the message recipient uses a copy of the cipher to remove the various layers of encryption
and convert the ciphertext back into plaintext. Post-conversion, they can read the message, knowing that it was
not intercepted or read by anyone else. AES uses a symmetric encryption algorithm, with the same key
encrypting and decrypting data.
Advantages of AES
The AES algorithm provides several advantages over older algorithms such as the Data Encryption Standard
(DES):
 Security. AES offers stronger security since it incorporates multiple rounds of encryption, making it
harder to break, and harder for threat actors to intercept or steal the encrypted information using brute-force
attacks.
 Cost. AES is an open source and ubiquitously available solution, making it cost-effective to adopt and
implement.
 Implementation. AES is a flexible and simple algorithm, making it suitable for both hardware and
software implementation.
Attacks on AES encryption
Research into attacks on AES encryption has continued since the standard was finalized in 2000. Various
researchers have published attacks against reduced-round versions of AES.

Researchers have found a few potential ways to attack AES encryption:

 In 2009, they discovered a possible related-key attack. This cryptanalysis attempted to crack a cipher by
studying how it operates using different keys. The related-key attack proved to be a threat only to AES
systems that are incorrectly configured.
 Also in 2009, there was a known-key attack against AES-128. A known key was used to discern the
structure of the encryption. However, the hack only targeted an eight-round version of AES-128, rather than
the standard 10-round version, making the threat relatively minor.

A major risk to AES encryption comes from side-channel attacks where attackers try to collect data about the
system's cryptographic functions and then use the information to reverse-engineer the cryptography. These
attacks can use timing information, such as how long it takes the computer to perform computations;
electromagnetic leaks; audio clues; and optical information -- for example, from a high-resolution camera -- to
discover extra information about how the system is processing the AES encryption. In one case, a side-channel
attack was used successfully to deduce AES-128 encryption keys by carefully monitoring the cipher's shared
use of the processors' cache tables.

Such attacks can be mitigated by plugging the gaps that can lead to data leaks and by using randomization
techniques that eliminate the relationship between cipher-protected data and leaked data.

Improperly configured AES systems are also vulnerable to related-key attacks and known-key attacks. The
former involves experimenting with the AES cipher using different keys to find a key that works, and the latter
involves a hacker who already knows the cipher keys.

How to prevent attacks on AES encryption

To prevent attacks on AES encryption and ensure the security of AES keys, it's important to take the following
steps:

 Use strong passwords.

 Use password managers.
 Implement and require multifactor authentication.
 Deploy firewalls and antimalware software.
 Conduct security awareness training to prevent employees from falling victim to social
engineering and phishing attacks.

SIDE-CHANNEL ATTACK
An attempt to decode RSA key bits using power analysis. The left peak represents the CPU power
variations during the step of the algorithm without multiplication, the right (broader) peak – step with
multiplication, allowing an attacker to read bits 0, 1.
In computer security, a side-channel attack is any attack based on extra information that can be gathered
because of the fundamental way a computer protocol or algorithm is implemented, rather than flaws in the
design of the protocol or algorithm itself (e.g. flaws found in a cryptanalysis of a cryptographic algorithm) or
minor, but potentially devastating, mistakes or oversights in the implementation. (Cryptanalysis also includes
searching for side-channel attacks.) Timing information, power consumption, electromagnetic leaks,
and sound are examples of extra information which could be exploited to facilitate side-channel attacks.

Some side-channel attacks require technical knowledge of the internal operation of the system, although others
such as differential power analysis are effective as black-box attacks. The rise of Web 2.0 applications
and software-as-a-service has also significantly raised the possibility of side-channel attacks on the web, even
when transmissions between a web browser and server are encrypted (e.g. through HTTPS or WiFi encryption),
according to researchers from Microsoft Research and Indiana University.

Attempts to break a cryptosystem by deceiving or coercing people with legitimate access are not typically
considered side-channel attacks: see social engineering and rubber-hose cryptanalysis.

General classes of side-channel attack include:

 Cache attack — attacks based on attacker's ability to monitor cache accesses made by the victim in a
shared physical system as in virtualized environment or a type of cloud service.
 Timing attack — attacks based on measuring how much time various computations (such as, say,
comparing an attacker's given password with the victim's unknown one) take to perform.
 Power-monitoring attack — attacks that make use of varying power consumption by the hardware
during computation.
 Electromagnetic attack — attacks based on leaked electromagnetic radiation, which can directly provide
plaintexts and other information. Such measurements can be used to infer cryptographic keys using
techniques equivalent to those in power analysis or can be used in non-cryptographic attacks,
e.g. TEMPEST (aka van Eck phreaking or radiation monitoring) attacks.
 Acoustic cryptanalysis — attacks that exploit sound produced during a computation (rather like power
analysis).
 Differential fault analysis — in which secrets are discovered by introducing faults in a computation.
 Data remanence — in which sensitive data are read after supposedly having been deleted. (e.g. Cold
boot attack)
 Software-initiated fault attacks — Currently a rare class of side channels, Row hammer is an example in
which off-limits memory can be changed by accessing adjacent memory too often (causing state retention
loss).
 Allowlist — attacks based on the fact that the allowlisting devices will behave differently when
communicating with allowlisted (sending back the responses) and non-allowlisted (not responding to the
devices at all) devices. Allowlist-based side channel may be used to track Bluetooth MAC addresses.
 Optical - in which secrets and sensitive data can be read by visual recording using a high resolution
camera, or other devices that have such capabilities (see examples below).
In all cases, the underlying principle is that physical effects caused by the operation of a cryptosystem (on the
side) can provide useful extra information about secrets in the system, for example, the cryptographic key,
partial state information, full or partial plaintexts and so forth. The term cryptophthora (secret degradation) is
sometimes used to express the degradation of secret key material resulting from side-channel leakage.

Examples
A cache side-channel attack works by monitoring security critical operations such as AES T-table entry or
modular exponentiation or multiplication or memory accesses. The attacker then is able to recover the secret
key depending on the accesses made (or not made) by the victim, deducing the encryption key. Also, unlike
some of the other side-channel attacks, this method does not create a fault in the ongoing cryptographic
operation and is invisible to the victim.

In 2017, two CPU vulnerabilities (dubbed Meltdown and Spectre) were discovered, which can use a cache-
based side channel to allow an attacker to leak memory contents of other processes and the operating system
itself.

A timing attack watches data movement into and out of the CPU or memory on the hardware running the
cryptosystem or algorithm. Simply by observing variations in how long it takes to perform cryptographic
operations, it might be possible to determine the entire secret key. Such attacks involve statistical analysis of
timing measurements and have been demonstrated across networks.

A power-analysis attack can provide even more detailed information by observing the power consumption of a
hardware device such as CPU or cryptographic circuit. These attacks are roughly categorized into simple power
analysis (SPA) and differential power analysis (DPA). One example is Collide+Power, which affects nearly all
CPUs. Other examples use machine learning approaches.

Fluctuations in current also generate radio waves, enabling attacks that analyze measurements of
electromagnetic (EM) emanations. These attacks typically involve similar statistical techniques as power-
analysis attacks.

A deep-learning-based side-channel attack, using the power and EM information across multiple devices has
been demonstrated with the potential to break the secret key of a different but identical device in as low as a
single trace.

Power consumption of devices causes heating, which is offset by cooling effects. Temperature changes create
thermally induced mechanical stress. This stress can create low level acoustic emissions from operating CPUs
(about 10 kHz in some cases). Recent research by Shamir et al. has suggested that information about the
operation of cryptosystems and algorithms can be obtained in this way as well. This is an acoustic
cryptanalysis attack.

If the surface of the CPU chip, or in some cases the CPU package, can be observed, infrared images can also
provide information about the code being executed on the CPU, known as a thermal-imaging attack.

An optical side-channel attack examples include gleaning information from the hard disk activity indicator to
reading a small number of photons emitted by transistors as they change state.

Allocation-based side channels also exist and refer to the information that leaks from the allocation (as
opposed to the use) of a resource such as network bandwidth to clients that are concurrently requesting the
contended resource.

What is a Side-Channel Attack? How it Works

A side-channel attack is a method used by hackers to exploit unintended signals emitted by electronic devices,
such as power consumption patterns, electromagnetic emissions, or even sound these attacks leverage the
physical characteristics of the devices to gather clandestine data, posing a significant security threat to modern
computer systems.
What is Side-Channel Attack?
Side-Channel Attack: A side-channel attack is a type of cybersecurity threat where the attacker gains
information from the physical implementation of a computer system, rather than exploiting software
vulnerabilities. This is done by analyzing indirect information, such as power consumption,
electromagnetic leaks, or even sound, to uncover sensitive data like cryptographic keys or personal
information.
Also, many side-channel analysis techniques have proven successful in breaking an algorithmically robust
cryptographic operation and extracting the secret key.
How a Side Channel Attack Work?
A side-channel attack doesn’t hit the software or its code head-on. Instead, it sneaks around, collecting data or
messing with the system’s operation by observing the side effects of its hardware actions. In simpler terms, a
side-channel attack cracks security by catching the hints or leaks a system throws off without meaning to.
A famous example is the van Eck phreaking attack, also known as TEMPEST. This method spies on the
electromagnetic signals (EMF) that come off a computer screen, grabbing the information displayed before it
gets encrypted. This kind of attack is a big deal in the world of cybersecurity, exploiting the electromagnetic
leakage from devices to sneak a peek at sensitive data.
Side Channel Attack Example
Meltdown and Spectre vulnerabilities, discovered in 2018 is an example for side channel attack. These
attacks exploit security weaknesses in modern processors to access sensitive data from the memory of other
programs and the operating system.
By analyzing the time it takes to execute certain instructions and access memory, attackers can infer the data
and extract information like passwords or encryption keys from the affected computer. Meltdown and Spectre
showed how even hardware-level features designed to improve performance could become potential avenues
for side-channel attack.
Conclusion
Side-channel attacks are sophisticated cybersecurity threats that exploit indirect information leaks from
computer systems, such as speculative execution in processors. These attacks, including well-known examples
like Meltdown and Spectre, highlight the need for comprehensive security measures that address both software
and hardware vulnerabilities.
To protect against these threats, it’s crucial for organizations and individuals to implement up-to-date security
practices, like regular patching and monitoring system activities. Understanding and mitigating the risks of
side-channel attacks are essential in today’s digital world to safeguard sensitive information and
maintain cybersecurity.
What is a Side-Channel Attack? How it Works? – FAQs
What is meant by side channel?
Side channels allow an attacker to infer information about a secret by observing nonfunctional
characteristics of a program, such as execution time or memory consumed. Recall that a program can be
viewed as a communication channel where information is transmitted from a source H to a sink O.

What is side-channel attack power?

These are cyberattacks in which data is stolen via a detour, the so-called side-channel. Side-channel
attacks exploit information that the Central Processing Unit (CPU) reveals involuntarily during processing,
such as runtime behavior or power consumption.

What are common types of side-channel attacks?

Common types include timing attacks, power analysis attacks, electromagnetic attacks, and acoustic
cryptanalysis.

Can side-channel attacks be detected?

Detecting these attacks is challenging because they do not alter the system’s normal operation but monitoring
for unusual activity patterns and implementing anomaly detection systems can help.