Card-based cryptographic protocols provide secure multi-party computations using a deck of physical cards. The most important primitive of those protocols is the shuffling operation, and most of the existing protocols rely on uniform cyclic shuffles (such as the random cut and random bisection cut) in which each possible outcome is equally likely and all possible outcomes constitute a cyclic subgroup. However, a couple of protocols with non-uniform and/or non-cyclic shuffles were proposed by Koch, Walzer, and Härtel at Asiacrypt 2015. Compared to the previous protocols, their protocols require fewer cards to securely produce a hidden AND value, although to implement of such unconventional shuffles appearing in their protocols remains an open problem. This paper introduces “pile-shifting scramble,” which can be a secure implementation of those shuffles. To implement such unconventional shuffles, we utilize physical cases that can store piles of cards, such as boxes and envelopes. Therefore, humans are able to perform the shuffles using these everyday objects. Furthermore, we show that a certain class of non-uniform and/or non-cyclic shuffles having two possible outcomes can be implemented by the pile-shifting scramble. This also implies that we can improve upon the known COPY protocol using three card cases so that the number of cases required can be reduced to two.

Assume that Alice, Bob, and Carol, each of whom privately holds a one-bit input, want to learn the output of some Boolean function, say the majority function, of their inputs without revealing more of their own secret inputs than necessary. In this paper, we show that such a secure three-input function evaluation can be performed with a deck of real cards; specifically, the three players can learn only the output of the function using eight physical cards — four black and four red cards — with identical backs.

Recently, it has been shown that electromagnetic radiation from electrical devices leaks internal information. Some investigations have shown that information leaks through the clock frequency and higher harmonic waves. Thus, previous studies have focused on the information leakage from information processing circuits. However, there has been little discussion about information leaks from peripheral circuits. In this paper, we focus on the oscillation frequency of the integrated RC oscillators. In this paper, we use a keyboard as a device that includes a RC oscillator. Then experiments observed information leaks caused by key inputs. Our experiments show that frequency fluctuations cause information leakages and clarify what information can be acquired from the fluctuation. Then, we investigate the possibility of information leaking from peripheral circuits through modulated signals which are radiated by the peripheral circuits.

Increased inductance values and contact resistance in connector contact surfaces due to degradation of connector contact performance have been reported. In particular, inductance increases while degradation remains minimal. We focus on slight loosening in which increased inductance values are observed without increased resistance values, and investigate the effect of loose connectors on transmission line coupling noise under such circumstances. We find a proportional relation between coupled noise current and frequency. Moreover, we find a proportional relation between the increased inductance value, which depends on the change in connector contact distribution, and the coupled noise current in the transmission line.

This paper proposes a multiple-fault injection attack based on adaptive control of fault injection timing in embedded microcontrollers. The proposed method can be conducted under the black-box condition that the detailed cryptographic software running on the target device is not known to attackers. In addition, the proposed method is non-invasive, without the depackaging required in previous works, since such adaptive fault injection is performed by precisely generating a clock glitch. We first describe the proposed method which injects two kinds of faults to obtain a faulty output available for differential fault analysis while avoiding a conditional branch in a typical recalculation-based countermeasure. We then show that the faulty output can be obtained by the proposed method without using information from the detailed instruction sequence. In particular, the validity of the proposed method is demonstrated through experiments on Advanced Encryption Standard (AES) software with a recalculation-based countermeasure on 8-bit and 32-bit microcontrollers. We also present a countermeasure resistant to the proposed method.

With the rising importance of information security, the necessity of implementing better security measures in the physical layer as well as the upper layers is becoming increasing apparent. Given the development of more accurate and less expensive measurement devices, high-performance computers, and larger storage devices, the threat of advanced attacks at the physical level has expanded from the military and governmental spheres to commercial products. In this paper, we review the issue of information security degradation through electromagnetic (EM)-based compromising of security measures in the physical layer (i.e., EM information security). Owing to the invisibility of EM radiation, such attacks can be serious threats. We first introduce the mechanism of information leakage through EM radiation and interference and then present possible countermeasures. Finally, we explain the latest research and standardization trends related to EM information security.

This paper presents a possibility of Electromagnetic (EM) analysis against cryptographic modules outside their security boundaries. The mechanism behind the information leakage is explained from the view point of Electromagnetic Compatibility: electric fluctuation released from cryptographic modules can conduct to peripheral circuits based on ground bounce, resulting in radiation. We demonstrate the consequence of the mechanism through experiments where the ISO/IEC standard block cipher AES (Advanced Encryption Standard) is implemented on an FPGA board and EM radiations from power and communication cables are measured. Correlation Electromagnetic Analysis (CEMA) is conducted in order to evaluate the information leakage. The experimental results show that secret keys are revealed even though there are various disturbing factors such as voltage regulators and AC/DC converters between the target module and the measurement points. We also discuss information-suppression techniques as electrical-level countermeasures against such CEMAs.

A loosened connector between interconnected electric devices causes an increase in electromagnetic radiation when the devices operate in high-frequency bands. To develop a high-frequency circuit equivalent to a connector with contact failure, we previously investigated the parasitic elements caused by failure at the contact boundary. From the results of that study, the inductance and resistance at a connection contact boundary are increased by the loosening of a connector. Furthermore, the increase in inductance is the dominant factor in increasing the intensity of the electromagnetic radiation. In this paper, to suppress electromagnetic radiation resulting from a loose contact, we formulate the contact performance requirement needed to maintain a good contact condition when a small loosening has occurred at the interconnection. To this end, we investigate the mechanism of increase in the inductance by loosening the connector.

When contact failure occurs in a connector in a coaxial high-frequency (HF) signal transmission line, it is well known that common-mode (CM) radiation occurs on the line. We focus on contact conditions in a connector causing such CM radiation. Experiments and simulations verify that CM radiation increases as the contact resistance increases. While the CM current strongly depends on the distribution pattern of contact resistances at a low resistance, the CM current does not depend on these pattern at a high resistance. Our results indicate that it is important to maintain a symmetrical distribution of contact spots whenever the number of such spots is four or more.

Under the condition of inadequate torque management, contact failure could occur in the interconnecting connector. Contact failure reduces the local immunity and degrades the electromagnetic properties of the equipment. It has been shown in previous reports that connector contact failure causes the parasitic inductance and radiated electromagnetic noise to increase. However, there is not enough discussion about the effects of connector torque fluctuation on the surrounding electromagnetic environment. Thus, in this study, the effects of a changing connector torque value on the circuit response and near field at the contact boundary were investigated. Based on these results, we discuss the influence of torque fluctuation on the electromagnetic environment surrounding the connector.

When contact failure occurs in a connector in a coaxial HF signal transmission line, an electromagnetic field is radiated around the line. We have measured the electromagnetic field and examined the characteristics of such radiation. The results show that the radiation is related to the contact resistance and the symmetry of the distribution of contact points at the connector. When contact resistance is low, radiation is observed at resonant frequencies related to the length of the transmission line. If a connector has axially asymmetric contact points, its radiation is higher than that when the contact points are symmetric. We show that if contact points in a connector are axially symmetrical with resistance lower than 0.25 Ω, the electromagnetic interference caused by the connector contact failure is as low as the background noise.

Recently, for electronic devices operating at high frequencies, the suppression of a high-frequency electromagnetic field of 1 GHz or more has become necessary. We focus on a loose connector between a pair of electrical devices operating in the high-frequency band. Many electronic devices are used in living spaces, most of which are connected to one another. When a user connects two devices, achieving good contact only by finger tightening can be difficult. Accordingly, in this paper, considering the case where the tightening torque of a coaxial connector is insufficient, we analyze the effect of loose contact on electromagnetic field radiation from a transmission line.

A transmission line created by cables adjoined by connectors is influenced by noise from connectors with contact failure, and such noise degrades communication quality. The authors used a model of a connector with increased contact resistance in a coaxial cable and measured the electromagnetic near-field around a cable while changing positions of the model. In this paper, the result shows that the radiated electromagnetic field has no relationship with the position along the cable of a connector with increased contact resistance, when the contact condition of connector, contact resistance value, measurement position, and length of a transmission line are constant.

The contact surface of a loose connector has both contact resistance and low inductance, and the inductance depends on the distribution of the true contacts. The contact resistance and inductance were measured by time-domain reflectometry (TDR) for seven contact distribution models. The resistance was approximately constant, while the maximum inductance varied more than twofold depending on the distribution model.

Electromagnetic analysis (EMA) against public-key cryptographic software on an embedded OS is presented in this paper. First, we propose a method for finding an observation point for EMA, where the EM radiation caused by cryptographic operations can be observed with low noise. The basic idea is to find specific EM radiation patterns produced by cryptographic operations given specific input pattern. During the operations, we scan the surface of the target device(s) with a micro magnetic probe. The scan is optimized in advanced using another compatible device that has the same central processing unit (CPU) and OS as the target device. We demonstrate the validity of the proposed EMAs through some EMA experiments with two types of RSA software on an embedded OS platform. The two types of RSA software have different implementations for modular multiplication algorithms: one is a typical and ready-made implementation using BigInteger class on Java standard library, and another is a custom-made implementation based on the Montgomery multiplication algorithm. We conduct experiments of chosen-message EMA using our scanning method, and show such EMAs successfully reveal the secret key of RSA software even under the noisy condition of the embedded OS platform. We also discuss some countermeasures against the above EMAs.