Search CORE

403 research outputs found

Revisiting software protection

Author: A. Herzberg
A. Shamir
A.J. Menezes
B. Barak
B. Horne
D. Aucsmith
D. Boneh
D.M. Chess
E. Biham
F. Cohen
F. Petitcolas
H. Chang
J. Daemen
J. Gosler
J. Wang
M. Jacob
M. Jakobsson
M.R. Garey
O. Goldreich
R.J. Anderson
S. Chow
S. Chow
S. Chow
S. Forrest
T. Sander
Y. Chen
Publication venue: Springer
Publication date: 01/01/2003
Field of study

We provide a selective survey on software protection, including approaches to software tamper resistance, obfuscation, software diversity, and white-box cryptography. We review the early literature in the area plus recent activities related to trusted platforms, and discuss challenges and future directions

CiteSeerX

Crossref

Carleton University's Institutional Repository

Measuring Performances of a White-Box Approach in the IoT Context

Author: A. Shakiba
A. Visconti
D.G.V. Albricci
F. Cioschi
M. Ceria
N. Fornari
Publication venue: 'MDPI AG'
Publication date: 01/08/2019
Field of study

The internet of things (IoT) refers to all the smart objects that are connected to other objects, devices or servers and that are able to collect and share data, in order to "learn" and improve their functionalities. Smart objects suffer from lack of memory and computational power, since they are usually lightweight. Moreover, their security is weakened by the fact that smart objects can be placed in unprotected environments, where adversaries are able to play with the symmetric-key algorithm used and the device on which the cryptographic operations are executed. In this paper, we focus on a family of white-box symmetric ciphers substitution-permutation network (SPN)box, extending and improving our previous paper on the topic presented at WIDECOM2019. We highlight the importance of white-box cryptography in the IoT context, but also the need to have a fast black-box implementation (server-side) of the cipher. We show that, modifying an internal layer of SPNbox, we are able to increase the key length and to improve the performance of the implementation. We measure these improvements (a) on 32/64-bit architectures and (b) in the IoT context by encrypting/decrypting 10,000 payloads of lightweight messaging protocol Message Queuing Telemetry Transport (MQTT)

AIR Universita degli studi di Milano

High-performance AES-128 algorithm implementation by FPGA-based SoC for 5G communications

Author
Publication venue: 'Institute of Advanced Engineering and Science'
Publication date: 24/03/2021
Field of study

none4siIn this research work, a fast and lightweight AES-128 cypher based on the Xilinx ZCU102 FPGA board is presented, suitable for 5G communications. In particular, both encryption and decryption algorithms have been developed using a pipelined approach, so enabling the simultaneous processing of the rounds on multiple data packets at each clock cycle. Both the encryption and decryption systems support an operative frequency up to 220 MHz, reaching 28.16 Gbit/s maximum data throughput; besides, the encryption and decryption phases last both only ten clock periods. To guarantee the interoperability of the developed encryption/decryption system with the other sections of the 5G communication apparatus, synchronization and control signals have been integrated. The encryption system uses only 1631 CLBs, whereas the decryption one only 3464 CLBs, ascribable, mainly, to the Inverse Mix Columns step. The developed cypher shows higher efficiency (8.63 Mbps/slice) than similar solutions present in literature.openP.Visconti, R. Velazquez, S. Capoccia, R. de FazioVisconti, P.; Velazquez, R.; Capoccia, S.; de Fazio, R

Archivio Istituzionale della Ricerca- Università del Salento

High-performance AES-128 algorithm implementation by FPGA-based SoC for 5G communications

Author: Capoccia Stefano
de Fazio Roberto
Velazquez Ramiro
Visconti Paolo
Publication venue: 'Institute of Advanced Engineering and Science'
Publication date: 01/10/2021
Field of study

In this research work, a fast and lightweight AES-128 cypher based on the Xilinx ZCU102 FPGA board is presented, suitable for 5G communications. In particular, both encryption and decryption algorithms have been developed using a pipelined approach, so enabling the simultaneous processing of the rounds on multiple data packets at each clock cycle. Both the encryption and decryption systems support an operative frequency up to 220 MHz, reaching 28.16 Gbit/s maximum data throughput; besides, the encryption and decryption phases last both only ten clock periods. To guarantee the interoperability of the developed encryption/decryption system with the other sections of the 5G communication apparatus, synchronization and control signals have been integrated. The encryption system uses only 1631 CLBs, whereas the decryption one only 3464 CLBs, ascribable, mainly, to the Inverse Mix Columns step. The developed cypher shows higher efficiency (8.63 Mbps/slice) than similar solutions present in literature

ZENODO

Institute of Advanced Engineering and Science

Cross-core Microarchitectural Attacks and Countermeasures

Author: Irazoki Gorka
Publication venue: Digital WPI
Publication date: 24/04/2017
Field of study

In the last decade, multi-threaded systems and resource sharing have brought a number of technologies that facilitate our daily tasks in a way we never imagined. Among others, cloud computing has emerged to offer us powerful computational resources without having to physically acquire and install them, while smartphones have almost acquired the same importance desktop computers had a decade ago. This has only been possible thanks to the ever evolving performance optimization improvements made to modern microarchitectures that efficiently manage concurrent usage of hardware resources. One of the aforementioned optimizations is the usage of shared Last Level Caches (LLCs) to balance different CPU core loads and to maintain coherency between shared memory blocks utilized by different cores. The latter for instance has enabled concurrent execution of several processes in low RAM devices such as smartphones. Although efficient hardware resource sharing has become the de-facto model for several modern technologies, it also poses a major concern with respect to security. Some of the concurrently executed co-resident processes might in fact be malicious and try to take advantage of hardware proximity. New technologies usually claim to be secure by implementing sandboxing techniques and executing processes in isolated software environments, called Virtual Machines (VMs). However, the design of these isolated environments aims at preventing pure software- based attacks and usually does not consider hardware leakages. In fact, the malicious utilization of hardware resources as covert channels might have severe consequences to the privacy of the customers. Our work demonstrates that malicious customers of such technologies can utilize the LLC as the covert channel to obtain sensitive information from a co-resident victim. We show that the LLC is an attractive resource to be targeted by attackers, as it offers high resolution and, unlike previous microarchitectural attacks, does not require core-colocation. Particularly concerning are the cases in which cryptography is compromised, as it is the main component of every security solution. In this sense, the presented work does not only introduce three attack variants that can be applicable in different scenarios, but also demonstrates the ability to recover cryptographic keys (e.g. AES and RSA) and TLS session messages across VMs, bypassing sandboxing techniques. Finally, two countermeasures to prevent microarchitectural attacks in general and LLC attacks in particular from retrieving fine- grain information are presented. Unlike previously proposed countermeasures, ours do not add permanent overheads in the system but can be utilized as preemptive defenses. The first identifies leakages in cryptographic software that can potentially lead to key extraction, and thus, can be utilized by cryptographic code designers to ensure the sanity of their libraries before deployment. The second detects microarchitectural attacks embedded into innocent-looking binaries, preventing them from being posted in official application repositories that usually have the full trust of the customer

DigitalCommons@WPI

The future of Cybersecurity in Italy: Strategic focus area

Author: Anglano C.
Aniello L.
Antinori A.
Armando A.
Aversa R.
Baldi Marco
Baldoni R.
Barili A.
Bartoletti M.
Bellini M.
Bergadano F.
Bernardeschi C.
Bianchi E.
Biancotti C.
Bistarelli S.
Blefari Melazzi N.
Boetti M.
Bondavalli A.
Bonomi .
Buccafurri F.
Cambiaso E.
Caputo B.
Carminati B.
Cataliotti F. S.
Catarci T.
Ceccarelli A.
Cesa Bianchi N.
Chiaraluce F.
Colajanni M.
Conti M.
Conti M.
Coppolino L.
Costa G.
Costamagna V.
Cotroneo D.
Crispo B.
Cucchiara R.
Damiani E.
De Nicola R.
De Nicola R.
De Santis A.
Degiovanni I. P.
Demetrescu C.
Di Battista G.
Di Corinto A.
Di Luna A.
Di Martino B.
Di Natale G.
Dini G.
D’Antonio S.
Evangelisti M.
Falcinelli D.
Ferretti M.
Ficco M.
Figà G.
Flocchini P.
Flottes M.
Focardi R.
Franchina . Furfaro
Girdinio P.
Guida F.
Italiano G. F.
Lain D.
Laurenti N.
Lioy A.
Loreti M.
Malerba D.
Mancini L. V.
Marchetti Spaccamela A.
Marcialis G.
Margheri A.
Marrella A.
Martinelli F.
Martinelli M.
Martino L.
Massacci F.
Mayer M.
Mecella M.
Mensi M.
Merlo A.
Miculan M.
Montanari L.
Morana M.
Mosco G. D.
Mostarda L.
Murino V.
Nardi D.
Navigli R.
Palazzi A.
Palmieri F.
Panetta I. C.
Passarella A.
Pellegrini A.
Pellegrino G.
Pelosi G.
Pirlo G.
Piuri V.
Pizzonia M.
Pogliani M.
Polino M.
Pontil M.
Prinetto P.
Prinetto P.
Quaglia F.
Quattrociocchi W.
Querzoni L.
Rak M.
Ranise S.
Ricci E.
Rossi L.
Rota P.
Russo L. O.
Samarati P.
Santoro N.
Santucci B.
Sassone V.
Scala A.
Scotti F.
Servida A.
Spagnoletti P.
Spalazzi L.
Spidalieri F.
Spoto A.
Squarcina M.
Stefanelli S.
Vecchio A.
Venticinque S.
Villoresi P.
Visaggio A.
Vitaletti A.
Zanero S.
Publication venue
Publication date: 01/01/2018
Field of study

This volume has been created as a continuation of the previous one, with the aim of outlining a set of focus areas and actions that the Italian Nation research community considers essential. The book touches many aspects of cyber security, ranging from the definition of the infrastructure and controls needed to organize cyberdefence to the actions and technologies to be developed to be better protected, from the identification of the main technologies to be defended to the proposal of a set of horizontal actions for training, awareness raising, and risk management

Archivio della ricerca- Università di Roma La Sapienza

Evaluating Security Aspects for Building a Secure Virtual Machine

Author: kandel sudip
Publication venue: The Repository at St. Cloud State
Publication date: 01/12/2019
Field of study

One of the essential characteristics of cloud computing that revolutionized the IT business is the sharing of computing resources. Despite all the benefits, security is a major concern in a cloud virtualization environment. Among those security issues is securely managing the Virtual Machine (VM) images that contain operating systems, configured platforms, and data. Confidentiality, availability, and integrity of such images pose major concerns as it determines the overall security of the virtual machines. This paper identified and discussed the attributes that define the degree of security in VM images. It will address this problem by explaining the different methods and frameworks developed in the past to address implementing secure VM images. Finally, this paper analyses the security issues and attributes and proposes a framework that will include an approach that helps to develop secure VM images. This work aims to enhance the security of cloud environments

St. Cloud State University