Information Security Theory vs. Reality
|
|
- Arlene Harrell
- 5 years ago
- Views:
Transcription
1 Information Security Theory vs. Reality , Winter Lecture 6: Physical Side Channel Attacks on PCs Guest lecturer: Lev Pachmanov 1
2 Side channel attacks probing CPU architecture optical power 2 electromagnetic chassis potential acoustic
3 Traditional side channel attacks methodology 1. Grab/borrow/steal device 2. Find key-dependent instruction 3. Record emanations using high-bandwidth equipment (> clock rate, PC: >2GHz) 4. Obtain traces 5. Signal and cryptanalytic analysis 6. Recover key for i= sqr( ) if key[i]=1 mul( ) Hard for PCs 3
4 Traditional side channel attacks methodology 1. Grab/borrow/steal device 2. Find key-dependent instruction 3. Record emanations using high-bandwidth equipment (> clock rate, PC: >2GHz) 4. Obtain traces 5. Signal and cryptanalytic analysis 6. Recover key Hard for PCs 4
5 Traditional side channel attacks methodology 1. Grab/borrow/steal device 2. Find key-dependent instruction 3. Record emanations using high-bandwidth equipment (> clock rate, PC: >2GHz) 4. Obtain traces 5. Signal and cryptanalytic analysis 6. Recover key Complex electronics running complicated software Hard for (in PCs parallel) 5 vs. Not handed out vs. Measuring a 2GHz PC requires expansive and bulky equipment (compared to a 100 MHz smart card) 100,000$ vs. 1,000$
6 Our results Channels for attacking PCs 6 Ground potential (chassis and others) Power Electromagnetic Acoustic Exploited via low-bandwidth cryptanalytic attacks Adaptive attack (50 khz bandwidth) [Genkin Shamir Tromer 14] Non-adaptive attacks (1.5 MHz bandwidth) [Genkin Pipman Tromer 14] [Genkin Pachmanov Pipman Tromer 15] Common cryptographic software GnuPG (CVE , , ) RSA and ElGamal, various implementations Worked with GnuPG developers to mitigate the attacks Applicable to various laptop models
7 7 Chassis-potential channel
8 Ground-potential analysis Attenuating EMI emanations Unwanted currents or electromagnetic fields? Dump them to the circuit ground! (Bypass capacitors, RF shields, ) Device is grounded, but its ground potential fluctuates relative to the mains earth ground. affects dumped to connected to Computation currents and EM fields device ground conductive chassis Key =
9 Connecting to the chassis 9
10 Demo: distinguishing instructions Key =
11 Distinguishing various CPU operations 11 frequency (2-2.3 MHz) time (10 sec)
12 12 Low-bandwidth leakage of RSA
13 13 Definitions (RSA) Key setup sk: random primes pp, qq, private exponent dd pk: nn = pppp, public exponent ee Encryption cc = mm ee mod nn Decryption mm = cc dd mod nn A quicker way used by most implementations mm pp = cc dd pp mod pp mm qq = cc dd qq mod qq Obtain mm using Chinese Remainder Theorem
14 GnuPG RSA key distinguishability 14 frequency ( MHz) time (0.8 sec) mod pp mod qq Can distinguish between: 1. Decryptions and other operations 2. Two exponentiations (mod pp, mod qq) 3. Different keys 4. Different primes
15 15 Key extraction
16 GnuPG modular exponentiation modular_exponentiation(c,d,p){ m=1 for i=n to 1 do m = m 2 mod p t = m*c mod p //always mult if d[i]==1 then m=t return m m = cc dd nn dd ii+1 mmmmmm pp m = cc dd nn dd ii+1 0 mmmmmm pp tt = cc dd nn dd ii+1 1 mmmmmm pp m = cc dd nn dd ii mmmmmm pp Q: Why always compute tt mm cc then conditionally copy? A: This is a side channel countermeasure meant to protect dd 16 } no key dependent operation to measure
17 GnuPG modular exponentiation 17 modular_exponentiation(c,d,p){ m=1 for i=n to 1 do m = m 2 mod p t = m*c mod p //always mult } if d[i]==1 then m=t return m 2GHz CPU speed vs. 1.5MHz measurements can only see drastic changes inside squaring operation mm depends on both dd[ii] and cc Idea: leakage self-amplification abuse algorithm s own code to amplify its own leakage! 1. Craft suitable cipher-text to affect the inner-most loop 2. Small differences in repeated inner-most loops cause a big overall difference in code behavior mm is squard in next iteration of the main loop craft cc to affect the squaring in the next loop iteration, based on dd[ii] measure changes inside squaring operation and obtain dd[ii]
18 Non-adaptive key extraction (similar to [Yen, Lien, Moon and Ha 05]) 18 modular_exponentiation(c,d,p){ } m=1 for i=n to 1 do m = m 2 mod p t = m*c mod p //always mult if d[i]==1 then ±1 m=t return m mm ±1 Many zeros or random looking, based on dd[ii] karatsuba_sqr( m ){ } 0/$ basic_sqr( x ) basic_sqr( x ){ if( x[j]==0) y = 0 else y = x[j]*x } cc 1 (mod pp) mm 1 (mod pp) tt 1 (mod pp) If dd ii == 11 then mm 1 (mod pp) so bits of mm are random. If dd ii == 00 then mmmm 1(mod pp) so bits of mm have many zeros. x7 x27 repeated 189 times per bit of dd ~0.2ms of measurement per bit of dd
19 A chosen ciphertext attack 19 Non-adaptive ciphertext choice cc 1 mod pp (similar to [YLMH05]): RSA: cc = NN 1 ElGamal: cc = pp 1 Overall attack performance: Algorithm Attack type # ciphertexts Time BW Cipher Ref Sqr-andalways-mlt Non-adaptive chosen ciphertext 1 3 sec 2 MHz ElGamal, RSA [GPT14]
20 A chosen ciphertext attack 20 Non-adaptive ciphertext choice cc 1 mod pp (similar to [YLMH05]): RSA: cc = NN 1 ElGamal: cc = pp 1 Overall attack performance: Algorithm Attack type # ciphertexts Time BW Cipher Ref Sqr-andalways-mlt Sliding / fixed window Non-adaptive chosen ciphertext Non-adaptive chosen ciphertext 1 3 sec 2 MHz ElGamal, RSA 2 ww 1 (usually 8 or 16) 30 sec 2 MHz ElGamal, RSA [GPT14] [GPPT15]
21 A chosen ciphertext attack 21 Non-adaptive ciphertext choice cc 1 mod pp (similar to [YLMH05]): RSA: cc = NN 1 ElGamal: cc = pp 1 Overall attack performance: Algorithm Attack type # ciphertexts Time BW Cipher Ref Sqr-andalways-mlt Sliding / fixed window Non-adaptive chosen ciphertext Non-adaptive chosen ciphertext 1 3 sec 2 MHz ElGamal, RSA 2 ww 1 (usually 8 or 16) 30 sec 2 MHz ElGamal, RSA [GPT14] [GPPT15] Sqr-andalways-mlt Adaptive chosen ciphertext KKKKKK ssssssss 4 1 hour 50 khz RSA [GST14]
22 A chosen ciphertext attack Non-adaptive ciphertext choice cc 1 mod pp (similar to [YLMH05]): RSA: cc = NN 1 ElGamal: cc = pp 1 Overall attack performance: Algorithm Attack type # ciphertexts Time BW Cipher Ref Sqr-andalways-mlt Sliding / fixed window Non-adaptive chosen ciphertext Non-adaptive chosen ciphertext 1 3 sec 2 MHz ElGamal, RSA 2 ww 1 (usually 8 or 16) 30 sec 2 MHz ElGamal, RSA [GPT14] [GPPT15] Sqr-andalways-mlt Adaptive chosen ciphertext KKKKKK ssssssss 4 1 hour 50 khz RSA [GST14] 22 Ciphertext injection Send chosen ciphertexts via (PGP/MIME). Decrypted by client (e.g., Enigmail) automatically.
23 23 Empirical results: ground-potential attacks
24 24 Demo: RSA key extraction from chassis potential
25 Reading the secret key (non-adaptive attack) 25 carrier FM-modulated key due to squaring of a random-looking / mostly zero limb value of mm Key =
26 Reading the secret key (non-adaptive attack) Acquire trace Filter around carrier (1.7 MHz) FM demodulation Read out bits ( simple ground analysis ) interrupt 26
27 RSA and ElGamal key extraction in a few seconds using human touch (non-adaptive attack) 27 Key =
28 Ground-potential analysis Attenuating EMI emanations Unwanted currents or electromagnetic fields? Dump them to the circuit ground! (Bypass capacitors, RF shields, ) Device is grounded, but its ground potential fluctuates relative to the mains earth ground. affects dumped to connected to Computation currents and EM fields device ground conductive chassis 28
29 Ground-potential analysis Attenuating EMI emanations Unwanted currents or electromagnetic fields? Dump them to the circuit ground! (Bypass capacitors, RF shields, ) Device is grounded, but its ground potential fluctuates relative to the mains earth ground. affects dumped to connected to connected to Key = Computation currents and EM fields device ground conductive chassis Even when no data, or shielded cables port is turned off. 29
30 RSA and ElGamal key extraction in a few seconds using the far end of 10 meter network cable 30 works even if a firewall is present, or port is turned off key=
31 31 Empirical results: electromagnetic attacks
32 Electromagnetic key extraction Currents inside the target create electromagnetic waves. Can be detected using an electromagnetic probe (e.g., a loop of cable). target attacker 32
33 33 Portable Instrument for Trace Acquisition Cost to build: ~300$
34 Key extraction via commodity radio receiver 34
35 35 Acoustic cryptanalysis
36 Acoustic emanations from PCs 36 Noisy electrical components in the voltage regulator Bzzzzzz Commonly known as coil-whine but also originates from capacitors
37 Experimental setup (example) 37 attacker amplifier microphone target digitizer
38 Adaptive key extraction Severe attenuation of high frequency signals. Effective bandwidth of 50 khz Cannot observe a single squaring Make the entire decryption depend on a single attacked bit Extreme version of self-amplification Extract the prime qq bit-by-bit (adaptive chosen ciphertext) Total #measurements: 2048 decryptions for RSA-4096 (~1 hour) 38
39 39 An adaptive chosen-ciphertext attack qq = 11?????? qq cc = qq = 110????? qq = 1??????? cc = Bit-distinguisher oracle cc = iiii cc > qq 1 iiii cc qq
40 An adaptive chosen-ciphertext attack Total #measurements: KKKKKK ssssssss Error correction Bit distinguisher oracle cc = Just q Coppersmith lattice reduction: half the bits suffice Overall: 2048 decryptions for RSA-4096 (~1 hour) 0 iiii cc > qq 1 iiii cc qq 40
41 GnuPG RSA decryption - mm qq = cc dd qq mmmmmm qq 41 modular_exponentiation(c,d,q){ karatsuba_mult(m,c) } karatsuba_mult(m,c){ basic_mult(x,y) } basic_mult(x,y){ if (y[j]==0) return 0 else return y[j]*x } x7 Grand total: times ~0.5 sec of measurements x19 x2048 craft c such that qq ii = 1 yy[jj] = 0 qq ii = 0 yy jj 0 (for most jj s)
42 Extracting qq ii (simplified) cc ii = qq 2048 qq ii If qq ii = 11 then cc ii < qq, thus cc = cc ii. That is, cc has special structure. If qq ii = 00 then 2q > cc ii > qq, thus cc = cc ii qq. That is, cc is random looking. and we now multiply by cc causing the bit-dependent leakage. 42
43 Extracting qq ii cc ii = qq 2048 qq ii nn If qq ii = 11 then cc ii nn < qq, thus cc = cc ii nn. That is, cc has special structure. If qq ii = 00 then 2q > cc ii nn > qq, thus cc = cc ii qq nn. That is, cc is random looking. and we now multiply by cc causing the bit-dependent leakage. 43
44 Extracting qq ii (problem) 44 Multiplication is repeated 2048 times (0.5 sec of data) Single multiplication is way too fast for us to measure
45 45 Empirical results: acoustic attacks
46 Distinguishing a key bit by a spectral signature 46 frequency frequency mod p mod p time time mod q mod q
47 47 Demo: key extraction
48 Acoustic: results 48 RSA 4096-bit key extraction from 1 meter away using a microphone
49 Acoustic: results RSA 4096-bit key extraction from 10 meters away using a parabolic microphone 49
50 Acoustic: results 50 RSA 4096-bit key extraction from 30cm away using a smartphone
51 51 Countermeasures
52 Countermeasures Common suggestions 1. Shielding EM (Faraday cages), ground difficult and expensive Acoustic? Vents! 2. Add analog noise (expensive, correlations remain) 3. Parallel software load (inadequate, may help attacker) Attacks rely on decryption of chosen ciphertexts. Solution: ciphertext randomization use equivalent but random-looking ciphertexts Negligible slowdown for RSA x2 slowdown for ElGamal 52
53 53 Effective countermeasure: ciphertext randomization (added in GnuPG ) Given a ciphertext cc: 1. Generate a random number rr and compute rr ee 2. Decrypt rr ee cc and obtain mmm 3. Output mm rr 1 Works since eeee = 1 mmmmmm φφ(nn) thus: rr ee cc dd rr 1 mmmmmm nn = rr eeee rr 1 cc dd mmmmmm nn = rr rr 1 cc dd mmmmmm nn = cc dd mmmmmm nn = mm
54 tau.ac.il/~tromer/acoustic CRYPTO 14 CVE tau.ac.il/~tromer/handsoff CHES 14 CVE tau.ac.il/~tromer/radioexp CHES 15 CVE
אני יודע מה עשית בפענוח האחרון: התקפות ערוצי צד על מחשבים אישיים
אני יודע מה עשית בפענוח האחרון: התקפות ערוצי צד על מחשבים אישיים I Know What You Did Last Decryption: Side Channel Attacks on PCs Lev Pachmanov Tel Aviv University Daniel Genkin Technion and Tel Aviv University
More informationאני יודע מה עשית בפענוח האחרון : התקפות ערוצי צד על מחשבים אישיים
אני יודע מה עשית בפענוח האחרון : התקפות ערוצי צד על מחשבים אישיים I Know What You Did Last Decryption: Side Channel Attacks on PCs Lev Pachmanov Tel Aviv University Daniel Genkin Technion and Tel Aviv
More informationStealing Keys from PCs by Radio: Cheap Electromagnetic Attacks on Windowed Exponentiation
Stealing Keys from PCs by Radio: Cheap Electromagnetic Attacks on Windowed Exponentiation (extended version) Daniel Genkin Technion and Tel Aviv University danielg3@cs.technion.ac.il Lev Pachmanov Tel
More informationDUBLIN CITY UNIVERSITY
DUBLIN CITY UNIVERSITY SEMESTER ONE EXAMINATIONS 2013 MODULE: (Title & Code) CA642 Cryptography and Number Theory COURSE: M.Sc. in Security and Forensic Computing YEAR: 1 EXAMINERS: (Including Telephone
More informationSide Channel Attacks on Smartphones and Embedded Devices using Standard Radio Equipment
Side Channel Attacks on Smartphones and Embedded Devices using Standard Radio Equipment Gabriel Goller & Georg Sigl 144215 Introduction Device Under Test Sensor Radio Receiver Front End Software Defined
More informationElectromagnetic-based Side Channel Attacks
Electromagnetic-based Side Channel Attacks Yasmine Badr 10/28/2015 What is Side Channel Attack Any attack based on information gained from the physical implementation of a cryptosystem, rather than brute
More informationLocal and Direct EM Injection of Power into CMOS Integrated Circuits.
Local and Direct EM Injection of Power into CMOS Integrated Circuits. F. Poucheret 1,4, K.Tobich 2, M.Lisart 2,L.Chusseau 3, B.Robisson 4, P. Maurine 1 LIRMM Montpellier 1 ST Microelectronics Rousset 2
More informationChapter-15. Communication systems -1 mark Questions
Chapter-15 Communication systems -1 mark Questions 1) What are the three main units of a Communication System? 2) What is meant by Bandwidth of transmission? 3) What is a transducer? Give an example. 4)
More informationThe number theory behind cryptography
The University of Vermont May 16, 2017 What is cryptography? Cryptography is the practice and study of techniques for secure communication in the presence of adverse third parties. What is cryptography?
More informationIs Your Mobile Device Radiating Keys?
Is Your Mobile Device Radiating Keys? Benjamin Jun Gary Kenworthy Session ID: MBS-401 Session Classification: Intermediate Radiated Leakage You have probably heard of this before App Example of receiving
More informationCurrent Probe. Inspector Data Sheet. Low-noise, high quality measurement signal for side channel acquisition on embedded devices.
Inspector Data Sheet Low-noise, high quality measurement signal for side channel acquisition on embedded devices. Riscure Version 1c.1 1/5 Introduction Measuring the power consumption of embedded technology
More informationEvaluation of On-chip Decoupling Capacitor s Effect on AES Cryptographic Circuit
R1-3 SASIMI 2013 Proceedings Evaluation of On-chip Decoupling Capacitor s Effect on AES Cryptographic Circuit Tsunato Nakai Mitsuru Shiozaki Takaya Kubota Takeshi Fujino Graduate School of Science and
More informationData security (Cryptography) exercise book
University of Debrecen Faculty of Informatics Data security (Cryptography) exercise book 1 Contents 1 RSA 4 1.1 RSA in general.................................. 4 1.2 RSA background.................................
More informationLinear Congruences. The solutions to a linear congruence ax b (mod m) are all integers x that satisfy the congruence.
Section 4.4 Linear Congruences Definition: A congruence of the form ax b (mod m), where m is a positive integer, a and b are integers, and x is a variable, is called a linear congruence. The solutions
More informationInvestigation of a Voltage Probe in Microstrip Technology
Investigation of a Voltage Probe in Microstrip Technology (Specifically in 7-tesla MRI System) By : Mona ParsaMoghadam Supervisor : Prof. Dr. Ing- Klaus Solbach April 2015 Introduction - Thesis work scope
More informationOne&Done: A Single-Decryption EM-Based Attack on OpenSSL s Constant-Time Blinded RSA
One&Done: A Single-Decryption EM-Based Attack on OpenSSL s Constant-Time Blinded RSA Monjur Alam, Haider Adnan Khan, Moumita Dey, Nishith Sinha, Robert Callan, Alenka Zajic, and Milos Prvulovic, Georgia
More informationTesting Upstream and Downstream DOCSIS 3.1 Devices
Testing Upstream and Downstream DOCSIS 3.1 Devices April 2015 Steve Hall DOCSIS 3.1 Business Development Manager Agenda 1. Decoding and demodulating a real downstream DOCSIS 3.1 signal and reporting key
More informationDiffie-Hellman key-exchange protocol
Diffie-Hellman key-exchange protocol This protocol allows two users to choose a common secret key, for DES or AES, say, while communicating over an insecure channel (with eavesdroppers). The two users
More informationHigh-Speed RSA Crypto-Processor with Radix-4 4 Modular Multiplication and Chinese Remainder Theorem
High-Speed RSA Crypto-Processor with Radix-4 4 Modular Multiplication and Chinese Remainder Theorem Bonseok Koo 1, Dongwook Lee 1, Gwonho Ryu 1, Taejoo Chang 1 and Sangjin Lee 2 1 Nat (NSRI), Korea 2 Center
More informationAn on-chip glitchy-clock generator and its application to safe-error attack
An on-chip glitchy-clock generator and its application to safe-error attack Sho Endo, Takeshi Sugawara, Naofumi Homma, Takafumi Aoki and Akashi Satoh Graduate School of Information Sciences, Tohoku University
More informationWhen Electromagnetic Side Channels Meet Radio Transceivers
Screaming Channels When Electromagnetic Side Channels Meet Radio Transceivers Giovanni Camurati, Sebastian Poeplau, Marius Muench, Tom Hayes, Aurélien Francillon What s this all about? - A novel attack
More informationElGamal Public-Key Encryption and Signature
ElGamal Public-Key Encryption and Signature Çetin Kaya Koç koc@cs.ucsb.edu Çetin Kaya Koç http://koclab.org Winter 2017 1 / 10 ElGamal Cryptosystem and Signature Scheme Taher ElGamal, originally from Egypt,
More informationCryptography, Number Theory, and RSA
Cryptography, Number Theory, and RSA Joan Boyar, IMADA, University of Southern Denmark November 2015 Outline Symmetric key cryptography Public key cryptography Introduction to number theory RSA Modular
More informationDebugging EMI Using a Digital Oscilloscope. Dave Rishavy Product Manager - Oscilloscopes
Debugging EMI Using a Digital Oscilloscope Dave Rishavy Product Manager - Oscilloscopes 06/2009 Nov 2010 Fundamentals Scope Seminar of DSOs Signal Fidelity 1 1 1 Debugging EMI Using a Digital Oscilloscope
More informationNUMERICAL METHODOLOGY FOR THE EMI RISK ASSESSMENT OF VEHICULAR ANTENNAS
NUMERICAL METHODOLOGY FOR THE EMI RISK ASSESSMENT OF VEHICULAR ANTENNAS Alberto Buttiglieri EMEA Product Development Electrical Electronics Unit Audio & Telematics Darmstadt, Germany Content Automotive
More informationA Design for Modular Exponentiation Coprocessor in Mobile Telecommunication Terminals
A Design for Modular Exponentiation Coprocessor in Mobile Telecommunication Terminals Takehiko Kato, Satoru Ito, Jun Anzai, and Natsume Matsuzaki Advanced Mobile Telecommunications Security Technology
More informationMicrophonics. T. Powers
Microphonics T. Powers What is microphonics? Microphonics is the time domain variation in cavity frequency driven by external vibrational sources. A 1.5 GHz structure 0.5 m long will change in frequency
More informationEMC Seminar Series All about EMC Testing and Measurement Seminar 1
EMC Seminar Series All about EMC Testing and Measurement Seminar 1 Introduction to EMC Conducted Immunity Jeffrey Tsang Organized by : Department of Electronic Engineering 1 Basic Immunity Standards: IEC
More informationDiscrete Mathematics & Mathematical Reasoning Multiplicative Inverses and Some Cryptography
Discrete Mathematics & Mathematical Reasoning Multiplicative Inverses and Some Cryptography Colin Stirling Informatics Some slides based on ones by Myrto Arapinis Colin Stirling (Informatics) Discrete
More informationPublic-Key Cryptosystem Based on Composite Degree Residuosity Classes. Paillier Cryptosystem. Harmeet Singh
Public-Key Cryptosystem Based on Composite Degree Residuosity Classes aka Paillier Cryptosystem Harmeet Singh Harmeet Singh Winter 2018 1 / 26 Background s Background Foundation of public-key encryption
More informationLecture 6. Angle Modulation and Demodulation
Lecture 6 and Demodulation Agenda Introduction to and Demodulation Frequency and Phase Modulation Angle Demodulation FM Applications Introduction The other two parameters (frequency and phase) of the carrier
More informationExercise 2: FM Detection With a PLL
Phase-Locked Loop Analog Communications Exercise 2: FM Detection With a PLL EXERCISE OBJECTIVE When you have completed this exercise, you will be able to explain how the phase detector s input frequencies
More informationDUBLIN CITY UNIVERSITY
DUBLIN CITY UNIVERSITY SEMESTER ONE EXAMINATIONS 2013/2014 MODULE: CA642/A Cryptography and Number Theory PROGRAMME(S): MSSF MCM ECSA ECSAO MSc in Security & Forensic Computing M.Sc. in Computing Study
More informationAnnouncements : Wireless Networks Lecture 3: Physical Layer. Bird s Eye View. Outline. Page 1
Announcements 18-759: Wireless Networks Lecture 3: Physical Layer Please start to form project teams» Updated project handout is available on the web site Also start to form teams for surveys» Send mail
More informationPower Analysis Attacks on SASEBO January 6, 2010
Power Analysis Attacks on SASEBO January 6, 2010 Research Center for Information Security, National Institute of Advanced Industrial Science and Technology Table of Contents Page 1. OVERVIEW... 1 2. POWER
More informationCHAPTER -15. Communication Systems
CHAPTER -15 Communication Systems COMMUNICATION Communication is the act of transmission and reception of information. COMMUNICATION SYSTEM: A system comprises of transmitter, communication channel and
More informationLecture 32. Handout or Document Camera or Class Exercise. Which of the following is equal to [53] [5] 1 in Z 7? (Do not use a calculator.
Lecture 32 Instructor s Comments: This is a make up lecture. You can choose to cover many extra problems if you wish or head towards cryptography. I will probably include the square and multiply algorithm
More informationMeasurement of the THz comb with a spectrum analyzer
Measurement of the THz comb with a spectrum analyzer In addition to the time domain measurements reported in the main manuscript, we also measured the tooth width with a spectrum analyzer. The experimental
More informationSpecial-Purpose Operational Amplifier Circuits
Special-Purpose Operational Amplifier Circuits Instrumentation Amplifier An instrumentation amplifier (IA) is a differential voltagegain device that amplifies the difference between the voltages existing
More informationLock in Amplifier. Introduction. Motivation. Liz Schell and Allan Sadun Project Proposal
Liz Schell and Allan Sadun 6.101 Project Proposal Lock in Amplifier Introduction A lock in amplifier is an analog circuit that picks out and amplifies a particular frequency of oscillation and rejects
More informationInvestigation of Electromagnetic Field Coupling from DC-DC Buck Converters to Automobile AM/FM Antennas
CST North American Automotive Workshop Investigation of Electromagnetic Field Coupling from DC-DC Buck Converters to Automobile AM/FM Antennas Patrick DeRoy, CST of America, Framingham, Massachusetts,
More informationRelated Ideas: DHM Key Mechanics
Related Ideas: DHM Key Mechanics Example (DHM Key Mechanics) Two parties, Alice and Bob, calculate a key that a third person Carl will never know, even if Carl intercepts all communication between Alice
More informationEMC Simulation of Consumer Electronic Devices
of Consumer Electronic Devices By Andreas Barchanski Describing a workflow for the EMC simulation of a wireless router, using techniques that can be applied to a wide range of consumer electronic devices.
More informationTodd Hubing. Clemson Vehicular Electronics Laboratory Clemson University
Todd Hubing Clemson Vehicular Electronics Laboratory Clemson University FCC Emissions Test Radiation from a shielded commercial product with attached cables May 28 2 Typical Field Strengths FCC Class A
More informationQUICK START GUIDE FOR DEMONSTRATION CIRCUIT 678A 40MHZ TO 900MHZ DIRECT CONVERSION QUADRATURE DEMODULATOR
DESCRIPTION QUICK START GUIDE FOR DEMONSTRATION CIRCUIT 678A LT5517 Demonstration circuit 678A is a 40MHz to 900MHz Direct Conversion Quadrature Demodulator featuring the LT5517. The LT 5517 is a direct
More informationThe EM Side Channel(s)
The EM Side Channel(s) Dakshi Agrawal, Bruce Archambeault, Josyula R. Rao, and Pankaj Rohatgi IBM T.J. Watson Research Center P.O. Box 74 Yorktown Heights, NY 1598 {agrawal,barch,jrrao,rohatgi}@us.ibm.com
More informationClassical Cryptography
Classical Cryptography CS 6750 Lecture 1 September 10, 2009 Riccardo Pucella Goals of Classical Cryptography Alice wants to send message X to Bob Oscar is on the wire, listening to all communications Alice
More informationGilbert Cell Multiplier Measurements from GHz II: Sample of Eight Multipliers
Gilbert Cell Multiplier Measurements from 2-18.5 GHz II: Sample of Eight Multipliers A.I. Harris 26 February 2002, 7 June 2002 1 Overview and summary This note summarizes a set of measurements of eight
More informationAntenna Measurements using Modulated Signals
Antenna Measurements using Modulated Signals Roger Dygert MI Technologies, 1125 Satellite Boulevard, Suite 100 Suwanee, GA 30024-4629 Abstract Antenna test engineers are faced with testing increasingly
More informationCryptanalysis on short messages encrypted with M-138 cipher machine
Cryptanalysis on short messages encrypted with M-138 cipher machine Tsonka Baicheva Miroslav Dimitrov Institute of Mathematics and Informatics Bulgarian Academy of Sciences 10-14 July, 2017 Sofia Introduction
More informationGreen ADVANTAGES. Spectrum Analyzer Two models available: 24 GHz and 8 GHz SPECTRUM ANALYZER. Antenna Panel Inputs. Auxiliary Antenna Inputs OSCOR
Whip antenna extension connector Auto Switching (utilizes 5 independent antennas) Green ADVANTAGES OSCOR FULL 24 GHz COVERAGE Headphone Jack SWEEPS FROM 10 khz TO 24 GHz AT 12.2 khz STEPS IN LESS THAN
More informationOverview. Lecture 3. Terminology. Terminology. Background. Background. Transmission basics. Transmission basics. Two signal types
Lecture 3 Transmission basics Chapter 3, pages 75-96 Dave Novak School of Business University of Vermont Overview Transmission basics Terminology Signal Channel Electromagnetic spectrum Two signal types
More informationSEMS SHIELDING EFFECTIVENESS MEASUREMENT SYSTEM IN MRI AND SHIELDED ENVIRONMENT. ELECTRIC AND MAGNETIC FIELD FROM 10 khz TO 300 MHz*
SEMS SHIELDING EFFECTIVENESS MEASUREMENT SYSTEM IN MRI AND SHIELDED ENVIRONMENT ELECTRIC AND MAGNETIC FIELD FROM 10 khz TO 300 MHz* MRI Shielding Environment (Magnetic Resonance Imaging) Shielded and anechoic
More informationMassachusetts Institute of Technology Dept. of Electrical Engineering and Computer Science Fall Semester, Introduction to EECS 2
Massachusetts Institute of Technology Dept. of Electrical Engineering and Computer Science Fall Semester, 2006 6.082 Introduction to EECS 2 Modulation and Demodulation Introduction A communication system
More informationEE 418: Network Security and Cryptography
EE 418: Network Security and Cryptography Homework 3 Solutions Assigned: Wednesday, November 2, 2016, Due: Thursday, November 10, 2016 Instructor: Tamara Bonaci Department of Electrical Engineering University
More informationRFID Systems: Radio Architecture
RFID Systems: Radio Architecture 1 A discussion of radio architecture and RFID. What are the critical pieces? Familiarity with how radio and especially RFID radios are designed will allow you to make correct
More informationComparison of Electromagnetic Side-Channel Energy Available to the Attacker from Different Computer Systems
Comparison of Electromagnetic Side-Channel Energy Available to the Attacker from Different Computer Systems Abstract This paper evaluates electromagnetic (EM) sidechannel energy (ESE) available to the
More informationCOMMUNICATION SYSTEMS -I
COMMUNICATION SYSTEMS -I Communication : It is the act of transmission of information. ELEMENTS OF A COMMUNICATION SYSTEM TRANSMITTER MEDIUM/CHANNEL: The physical medium that connects transmitter to receiver
More informationSuppression Techniques using X2Y as a Broadband EMI Filter IEEE International Symposium on EMC, Boston, MA
Suppression Techniques using X2Y as a Broadband EMI Filter Jim Muccioli Tony Anthony Dave Anthony Dale Sanders X2Y Attenuators, LLC Erie, PA 16506-2972 www.x2y.com Email: x2y@x2y.com Bart Bouma Yageo/Phycomp
More informationOptoelectronic Components Testing with a VNA(Vector Network Analyzer) VNA Roadshow Budapest 17/05/2016
Optoelectronic Components Testing with a VNA(Vector Network Analyzer) VNA Roadshow Budapest 17/05/2016 Content Introduction Photonics & Optoelectronics components Optical Measurements VNA (Vector Network
More informationExample Enemy agents are trying to invent a new type of cipher. They decide on the following encryption scheme: Plaintext converts to Ciphertext
Cryptography Codes Lecture 3: The Times Cipher, Factors, Zero Divisors, and Multiplicative Inverses Spring 2015 Morgan Schreffler Office: POT 902 http://www.ms.uky.edu/~mschreffler New Cipher Times Enemy
More informationAnalog front-end electronics
FYS3240 PC-based instrumentation and microcontrollers Analog front-end electronics Spring 2017 Lecture #6 Bekkeng, 30.1.2017 Considerations for analog signals Signal source - grounded or floating Source
More informationOverview of the ATLAS Electromagnetic Compatibility Policy
Overview of the ATLAS Electromagnetic Compatibility Policy G. Blanchot CERN, CH-1211 Geneva 23, Switzerland Georges.Blanchot@cern.ch Abstract The electromagnetic compatibility of ATLAS electronic equipments
More informationOutline / Wireless Networks and Applications Lecture 3: Physical Layer Signals, Modulation, Multiplexing. Cartoon View 1 A Wave of Energy
Outline 18-452/18-750 Wireless Networks and Applications Lecture 3: Physical Layer Signals, Modulation, Multiplexing Peter Steenkiste Carnegie Mellon University Spring Semester 2017 http://www.cs.cmu.edu/~prs/wirelesss17/
More informationUniversity of Portland EE 271 Electrical Circuits Laboratory. Experiment: Inductors
University of Portland EE 271 Electrical Circuits Laboratory Experiment: Inductors I. Objective The objective of this experiment is to verify the relationship between voltage and current in an inductor,
More informationSEMS SHIELDING EFFECTIVENESS MEASUREMENT SYSTEM IN MRI AND SHIELDED ENVIRONMENT. ELECTRIC AND MAGNETIC FIELD FROM 10 khz TO 300 MHz*
SEMS SHIELDING EFFECTIVENESS MEASUREMENT SYSTEM IN MRI AND SHIELDED ENVIRONMENT ELECTRIC AND MAGNETIC FIELD FROM 10 khz TO 300 MHz* SEMS SHIELDING EFFECTIVENESS MEASUREMENT SYSTEM MRI Shielding Environment
More informationDESIGN AND PERFORMANCE OF A SATELLITE TT&C RECEIVER CARD
DESIGN AND PERFORMANCE OF A SATELLITE TT&C RECEIVER CARD Douglas C. O Cull Microdyne Corporation Aerospace Telemetry Division Ocala, Florida USA ABSTRACT Today s increased satellite usage has placed an
More informationLNS ultra low phase noise Synthesizer 8 MHz to 18 GHz
LNS ultra low phase noise Synthesizer 8 MHz to 18 GHz Datasheet The LNS is an easy to use 18 GHz synthesizer that exhibits outstanding phase noise and jitter performance in a 3U rack mountable chassis.
More informationMAT 302: ALGEBRAIC CRYPTOGRAPHY. Department of Mathematical and Computational Sciences University of Toronto, Mississauga.
MAT 302: ALGEBRAIC CRYPTOGRAPHY Department of Mathematical and Computational Sciences University of Toronto, Mississauga February 27, 2013 Mid-term Exam INSTRUCTIONS: The duration of the exam is 100 minutes.
More informationAPPLICATION NOTE 6206 SIMPLE, EFFECTIVE METHOD AND CIRCUIT TO MEASURE VERY-LOW 1/F VOLTAGE REFERENCE NOISE (< 1ΜV P-P, 0.
Keywords: 0.1 to 10 Hz noise of voltage reference, low frequency noise or flicker noise of voltage reference, ultra low noise measurement of voltage reference APPLICATION NOTE 606 SIMPLE, EFFECTIVE METHOD
More informationEM Noise Mitigation in Electronic Circuit Boards and Enclosures
EM Noise Mitigation in Electronic Circuit Boards and Enclosures Omar M. Ramahi, Lin Li, Xin Wu, Vijaya Chebolu, Vinay Subramanian, Telesphor Kamgaing, Tom Antonsen, Ed Ott, and Steve Anlage A. James Clark
More informationSETTING UP A WIRELESS LINK USING ME1000 RF TRAINER KIT
SETTING UP A WIRELESS LINK USING ME1000 RF TRAINER KIT Introduction S Kumar Reddy Naru ME Signal Processing S. R. No - 05812 The aim of the project was to try and set up a point to point wireless link.
More informationCryptography CS 555. Topic 20: Other Public Key Encryption Schemes. CS555 Topic 20 1
Cryptography CS 555 Topic 20: Other Public Key Encryption Schemes Topic 20 1 Outline and Readings Outline Quadratic Residue Rabin encryption Goldwasser-Micali Commutative encryption Homomorphic encryption
More informationCollision-based Power Analysis of Modular Exponentiation Using Chosen-message Pairs
Collision-based Analysis of Modular Exponentiation Using Chosen-message Pairs Naofumi Homma 1, Atsushi Miyamoto 1, Takafumi Aoki 1, Akashi atoh 2, and Adi hamir 3 1 Graduate chool of Information ciences,
More informationSpectrum Analyzer Two models available: OGR-24 (24 GHz) and OGR-8 (8 GHz)
TM Spectrum Analyzer Two models available: OGR-24 (24 GHz) and OGR-8 (8 GHz) U.S. PATENTS: 6,397,154; 7,058,530 Additional Patents Pending Whip antenna extension connector Auto Switching Antenna Panel
More informationHIFAS: Wide-band spectrometer ASIC
HIFAS: Wide-band spectrometer ASIC Anders Emrich, Stefan Andersson, Johan Dahlberg, Magnus Hjorth, Omnisys Instruments AB Torgil Kjellberg, Chalmers University Of Technology Microelectronics Presentation
More informationTSEK02: Radio Electronics Lecture 6: Propagation and Noise. Ted Johansson, EKS, ISY
TSEK02: Radio Electronics Lecture 6: Propagation and Noise Ted Johansson, EKS, ISY 2 Propagation and Noise - Channel and antenna: not in the Razavi book - Noise: 2.3 The wireless channel The antenna Signal
More informationSecurity Enhancement and Speed Monitoring of RSA Algorithm
Security Enhancement and Speed Monitoring of RSA Algorithm Sarthak R Patel 1, Prof. Khushbu Shah 2 1 PG Scholar, 2 Assistant Professor Computer Engineering Department, LJIET, Gujarat Technological University,
More informationBlock Ciphers Security of block ciphers. Symmetric Ciphers
Lecturers: Mark D. Ryan and David Galindo. Cryptography 2016. Slide: 26 Assume encryption and decryption use the same key. Will discuss how to distribute key to all parties later Symmetric ciphers unusable
More informationDevice Pairing at the Touch of an Electrode
Device Pairing at the Touch of an Electrode Marc Roeschlin, Ivan Martinovic, Kasper B. Rasmussen NDSS, 19 February 2018 NDSS 2018 (slide 1) Device Pairing (I) Bootstrap secure communication Two un-associated
More informationHow EMxpert Diagnoses Board-Level EMC Design Issues
Application Report EMxpert July 2011 - Cédric Caudron How EMxpert Diagnoses Board-Level EMC Design Issues ABSTRACT EMxpert provides board-level design teams with world-leading fast magnetic very-near-field
More informationSynthesis and Analysis of 32-Bit RSA Algorithm Using VHDL
Synthesis and Analysis of 32-Bit RSA Algorithm Using VHDL Sandeep Singh 1,a, Parminder Singh Jassal 2,b 1M.Tech Student, ECE section, Yadavindra collage of engineering, Talwandi Sabo, India 2Assistant
More informationCourse Introduction Purpose Objectives Content Learning Time
Course Introduction Purpose This course discusses techniques for analyzing and eliminating noise in microcontroller (MCU) and microprocessor (MPU) based embedded systems. Objectives Learn about a method
More informationRecommendations for Secure IC s and ASIC s
Recommendations for Secure IC s and ASIC s F. Mace, F.-X. Standaert, J.D. Legat, J.-J. Quisquater UCL Crypto Group, Microelectronics laboratory(dice), Universite Catholique de Louvain(UCL), Belgium email:
More informationCommunication Channels
Communication Channels wires (PCB trace or conductor on IC) optical fiber (attenuation 4dB/km) broadcast TV (50 kw transmit) voice telephone line (under -9 dbm or 110 µw) walkie-talkie: 500 mw, 467 MHz
More informationChanging the sampling rate
Noise Lecture 3 Finally you should be aware of the Nyquist rate when you re designing systems. First of all you must know your system and the limitations, e.g. decreasing sampling rate in the speech transfer
More informationAdvanced Test Equipment Rentals ATEC (2832)
Established 1981 Advanced Test Equipment Rentals www.atecorp.com 800-404-ATEC (2832) R3000 EMI TEST RECEIVERS Fully IF digital EMI Receivers family for measurement of electromagnetic interference from
More informationTop Ten EMC Problems
Top Ten EMC Problems presented by: Kenneth Wyatt Sr. EMC Consultant EMC & RF Design, Troubleshooting, Consulting & Training 10 Northern Boulevard, Suite 1 Amherst, New Hampshire 03031 +1 603 578 1842 www.silent-solutions.com
More informationUnclassified Distribution A: Unlimited Public Release
IMPACT OF INADVERTENT ELECTROMAGNETIC EMISSIONS ON ORGANIC VEHICLES THAT AFFECT THE TACTICAL COMMUNICATIONS OPERATING BANDS By Erick Ortiz and Frank A. Bohn US ARMY CERDEC Antennas & Spectrum Analysis
More informationPublic Key Cryptography Great Ideas in Theoretical Computer Science Saarland University, Summer 2014
7 Public Key Cryptography Great Ideas in Theoretical Computer Science Saarland University, Summer 2014 Cryptography studies techniques for secure communication in the presence of third parties. A typical
More informationCourse Introduction. Content 16 pages. Learning Time 30 minutes
Course Introduction Purpose This course discusses techniques for analyzing and eliminating noise in microcontroller (MCU) and microprocessor (MPU) based embedded systems. Objectives Learn what EMI is and
More informationSpectrum Analyzer. Spectrum Analyzer. Antenna Panel Inputs. Auxiliary Antenna Inputs. Two models available: 24 GHz and 8 GHz OSCOR
Whip antenna extension connector Auto Switching (utilizes 5 independent antennas) OSCOR ADVANTAGES FULL 24 GHz COVERAGE Headphone Jack SWEEPS FROM 10 khz TO 24 GHz AT 12.2 khz STEPS IN LESS THAN 1 SECOND
More informationNoise Temperature. Concept of a Black Body
Noise emperature In the last lecture, we introduced the Link Equation, which allows us to determine the amount of received power in terms of the transmitted power, the gains of the transmitting and receiving
More informationInterface to the Analog World
Interface to the Analog World Liyuan Liu and Zhihua Wang 1 Sensoring the World Sensors or detectors are ubiquitous in the world. Everyday millions of them are produced and integrated into various kinds
More informationMeasurement & Control of energy systems. Teppo Myllys National Instruments
Measurement & Control of energy systems Teppo Myllys National Instruments National Instruments Direct operations in over 50 Countries More than 1,000 products, 7000+ employees, and 700 Alliance Program
More informationni.com Sensor Measurement Fundamentals Series
Sensor Measurement Fundamentals Series Introduction to Data Acquisition Basics and Terminology Litkei Márton District Sales Manager National Instruments What Is Data Acquisition (DAQ)? 3 Why Measure? Engineers
More informationSpectrum Analyzer Two models available: OBL-24 (24 GHz) and OBL-8 (8 GHz)
TM Spectrum Analyzer Two models available: OBL-24 (24 GHz) and OBL-8 (8 GHz) U.S. PATENTS: 6,397,154; 7,058,530 Additional Patents Pending Whip antenna extension connector Auto Switching Antenna Panel
More informationExample Enemy agents are trying to invent a new type of cipher. They decide on the following encryption scheme: Plaintext converts to Ciphertext
Cryptography Codes Lecture 4: The Times Cipher, Factors, Zero Divisors, and Multiplicative Inverses Spring 2014 Morgan Schreffler Office: POT 902 http://www.ms.uky.edu/~mschreffler New Cipher Times Enemy
More informationComparison of IC Conducted Emission Measurement Methods
IEEE TRANSACTIONS ON INSTRUMENTATION AND MEASUREMENT, VOL. 52, NO. 3, JUNE 2003 839 Comparison of IC Conducted Emission Measurement Methods Franco Fiori, Member, IEEE, and Francesco Musolino, Member, IEEE
More informationAlgorithmic Number Theory and Cryptography (CS 303)
Algorithmic Number Theory and Cryptography (CS 303) Modular Arithmetic and the RSA Public Key Cryptosystem Jeremy R. Johnson 1 Introduction Objective: To understand what a public key cryptosystem is and
More information