Hardware architecture implemented on FPGA for protecting cryptographic keys against side-channel attacks

This paper presents a new hardware architecture designed for protecting the key of cryptographic algorithms against attacks by side-channel analysis (SCA). Unlike previous approaches already published, the fortress of the proposed architecture is based on revealing a false key. Such a false key is obtained when the leakage information, related to either the power consumption or the electromagnetic radiation (EM) emitted by the hardware device, is analysed by means of a classical statistical method. In fact, the trace of power consumption (or the EM) does not reveal any significant sign of protection in its behaviour or shape. Experimental results were obtained by using a Virtex 5 FPGA, on which a 128-bit version of the standard AES encryption algorithm was implemented. The architecture could easily be extrapolated to an ASIC device based on standard cell libraries. The system is capable of concealing the real key when various attacks are performed on the AES algorithm, using two statistical methods which are based on correlation, the Welch’s t-test and the difference of means.Peer ReviewedPostprint (author's final draft

Relationship between problem-based learning experience and self-directed learning readiness

Tun Hussein Onn University of Malaysia (UTHM) has been implementing Problem-Based Learning (PBL) to some degree in various subjects. However, to this day no empirical data has been gathered on the effectiveness of PBL as a methodology to develop self-directed learning (SDL) skills. The purpose of this \ud study is to investigate self-directed learning readiness (SDLR) among UTHM students exposed to vaiying PBL exposure intensity. SDLR was measured using the modified version of Self-Directed Learning Readiness (SDLRS). Participants in this study were first-year undergraduate students at UTHM. The instrument was administrated to students in Electrical and Electronics Engineering, Civil and Environmental Engineering, and Technical Education (N=260). Data were analyzed using descriptive and inferential statistical techniques with analysis of variance (ANOVA) and the independent /'-test for equal variance for hypotheses testing. The results of this study indicate that overall SDLR level increase with PBL exposure up to exposure intensity twice, beyond which no increase in SDLR was observed with increase in PBL exposure. Within the same academic programme, results did not show a statistically significant difference of SDLR level between groups exposed to varying PBL exposure intensity. However, significant difference was found in some dimensions of the SDLR for the Technical Education students. Within the same education background, results did not show a statistically significant difference of SDLR level between groups exposed to varying PBL intensity. However, significant difference was found in some dimensions of the SDLR for students with both Matriculations and STPM background. A statistically significant difference of SDLR level was found between Electrical Engineering and Technical Education students for exposure once and in some SDLR dimensions. No statistically significant difference was found between students from different academic programme for exposure twice or thrice. The data supports the conclusion that SDLR level increases with increase in PBL exposure intensity up to a certain extent only, beyond which no increase of SDLR can be observed. The data also suggest that only certain dimensions of the SDLR improve with increased exposure to PBL

Nutzung kryptographischer Funktionen zur Verbesserung der Systemzuverlässigkeit

Cryptographic techniques deal with securing information against unwanted usage, while coding techniques deals with keeping data error-free and retrieving them reliably. However, both techniques share many tools, bounds and limitations. In this thesis, several novel approaches towards improving system reliability by combining cryptographic and coding techniques in several constellations are presented. The first constellation is deploying pure cryptographic functions to improve reliability issues overshadowed in systems that previously had no reliability-supporting coding mechanisms. Such systems could have just authenticity, secrecy and/or integrity mechanisms for security services. The second constellation deploys a mixture of both cryptographic functions and error correction codes to improve the overall system reliability. The first contribution in this thesis, presents a new practical approach for detection and correction of execution errors for AES cipher. The source of such errors could be natural or as a result of fault injection attacks. The proposed approach is making use of the two linear mappings in the AES round structure for error control. The second contribution is investigating the possibility and ability of deploying pure cryptographic hash functions to detect and correct a class of errors. The error correction is achieved by deploying a part of the hash bits to correct a class of selected unidirectional error class with high probability. The error correction process would degrade the authentication level in a non-significant fashion. In the third and fourth contributions, we propose algorithms to improve system correctability beyond classical limits by combining coding and cryptographic functions. The new algorithms are based mainly on the fundamentals investigated in the second contribution as mechanisms to detect and correct errors. The new algorithms are investigated in terms of collision and attacking complexity, as error correction via hash matching is similar to a successful authentication attack. The resulting performance showed achievable good error correctability, authenticity, and integrity figures.Kryptografische Methoden zielen der Sicherung von Information gegen unerwünschte Nutzung, wobei Codierungstechnik behandelt die Korrektur der Fehler in den Daten und deren zuverlässigen Rückgewinnung. Beide Techniken bedienen sich ähnlich Instrumente und besitzen ähnliche grenzen und Grenzwerte. In diese Dissertation, werden mehrere neue Verfahren zur Verbesserung der Systemzuverlässigkeit durch verschiedene Konstellationen zur Kombination der beiden Fehlerkontrollcodierung und Kryptografische Verfahren. In der ersten Konstellation werden reine kryptologische Funktionen verwendet, die zur Verbesserung der Zuverlässigkeitsaspekte in den Systemen die keine Zuverlässigkeitsfördernde Codierungs-Maßnahme enthalten dienen. Solche Systeme besitzen z. B. nur Authentifikation, Geheimhaltung oder Integritäts-Mechanismen in den Sicherheitsdiensten. Die zweite Konstellation verwendet eine Kombination von Fehlerkorrigierende Codes und Krypto-Mechanismen für die Verbesserung der Zuverlässigkeit des Systems. Der erste Beitrag in diese Arbeit präsentiert ein neues praktisches Verfahren zur Erkennung und Korrektur von Verarbeitungsfehler in AES Chiffre. Die Ursachen solche Fehler konnten natürlich oder als Resultat eines beabsichtigten „Fault Injection“ Angriff sein. Das Verfahren nutzt die linearen Abbildungen im AES Runden-Funktion für Fehlerkontrolle. Der zweite Beitrag untersucht die Möglichkeit und Fähigkeit zur Einsatz von Hashfunktionen zur Erkennung und Korrektur vom Fehler. Die Fehlerkorrektur ist erreicht durch die Nutzung eines Anteil des Hash Bits um eine Klasse von ausgewähltem Unidirektionalen-Fehler mit höhe Wahrscheinlichkeit zu korrigieren. Dabei wird der Fehlerkorrekturprozess die Authentifikationsgrad des Hashfunktion nicht signifikant reduzieren. In den dritten und vierten Beitrag werden Algorithmen vorgeschlagen um die Zuverlässigkeit des System über die klassischen grenzen verbessert. Das wird durch Kombination von Kryptologischen und Codierung Funktionen erreicht. Die neuen Algorithmen sind auf die fundamentale Untersuchungen des zweiten Beitrag als Mechanismen für Fehlererkennung und Fehlerkorrektur basiert. Die neuen Algorithmen sind auf deren Kollision und Angriffskomplexität Verhalten untersucht worden, da Fehlerkorrektur durch Hashwert-Anpassung eines erfolgreichen Authentifikationsangriff ähnlich ist. Die resultierenden Verhalten zeigen gute Werte für erreichbare Fehlerkorrekturfähigkeit, Authentifikations-Grad und Integrität