Combining Private and Public Key Encryption Techniques for Providing Extreme Secure Environment for an Academic Institution Application

This paper presents the implementation of a secure application for an academic institution that offers numerous services to both students and the faculty. The primary focus of this paper is to provide a technical implementation of a new architecture for encrypting the database. The scope of this paper mainly includes but is not limited to symmetric and public-key cryptography, authentication, key management, and digital signatures. The final results of this paper demonstrate that what security features one should implement in order to achieve a highly secured application. This paper presents the implementation of a stand alone system that can be implemented on any legacy systems, and still operates effectively. In other words, it is self sufficient in terms of the data that it stores

A Secure Method For Digital Signature Generation for Tamperproof Devices

In the information age the security of information is one of the primary issues and any vulnerability in this regards can have devastating effects. Implementation of cryptographic algorithms to protect identification, authentication or data storage has been the prime focus in cryptographic arena specially for smaller handheld devices. This Project deals with implementation of efficient CRT-RSA algorithm for digital signature generation in smart cards and new scheme to make it secure against Bellcore attacks. Generally smartcards have very limited computational power so RSA-CRT is widely used in order to generate digital signature with a reasonably large key with reasonable speed. but despite being fairly tamperproof ,smartcards are vulnerable to side channel attacks like fault attacks, timing attacks etc. One of the simplest fault attacks is named Bellcore attack, which seriously compromises the security of the system because of it revealing the secret factorization of RSA modulus and nature of fault induced doesn’t matter. This project aims at implementing algorithm using RSA and Chinese remainder theorem which is secure against bellcore attack and alerts in case of fault

Evaluation of the Ability to Transform SIM Applications into Hostile Applications

Part 1: Smart Cards System SecurityInternational audienceThe ability of Java Cards to withstand attacks is based on software and hardware countermeasures, and on the ability of the Java platform to check the correct behavior of Java code (by using byte code verification). Recently, the idea of combining logical attacks with a physical attack in order to bypass byte code verification has emerged. For instance, correct and legitimate Java Card applications can be dynamically modified on-card using a laser beam. Such applications become mutant applications, with a different control flow from the original expected behaviour. This internal change could lead to bypass controls and protections and thus offer illegal access to secret data and operations inside the chip. This paper presents an evaluation of the application ability to become mutant and a new countermeasure based on the runtime checks of the application control flow to detect the deviant mutations

A New Exponentiation Algorithm Resistant to Combined Side Channel Attack

Abstract Since two different types of side channel attacks based on passive information leakage and active fault injection are independently considered as implementation threats on cryptographic modules, most countermeasures have been separately developed according to each attack type. But then, Amiel et al. proposed a combined side channel attack in which an attacker combines these two methods to recover the secret key in an RSA implementation. In this paper, we show that the BNP (Boscher, Naciri, and Prouff) algorithm for RSA, which is an SPA/FA-resistant exponentiation method, is also vulnerable to the combined attack. In addition, we propose a new exponentiation algorithm resistant to power analysis and fault attack as well as the combined attack. The proposed secure exponentiation algorithm can be employed to strengthen the security of CRT-RSA

Lazart: A Symbolic Approach for Evaluation the Robustness of Secured Codes against Control Flow Injections

International audienceIn the domain of smart cards, secured devices must be protected against high level attack potential [1]. According to norms such as the Common Criteria [2], the vulnerability analysis must cover the current state-of-the-art in term of attacks. Nowadays, a very classical type of attack is fault injection, conducted by means of laser based techniques. We propose a global approach, called Lazart, to evaluate code robustness against fault injections targeting control flow modifications. The originality of Lazart is twofolds. First, we encompass the evaluation process as a whole: starting from a fault model, we produce (or establish the absence of) attacks, taking into consideration software countermeasures. Furthermore, according to the near state-of-the-art, our methodology takes into account multiple transient fault injections and their combinatory. The proposed approach is supported by an effective tool suite based on the LLVM format [3] and the KLEE symbolic test generator [4]

Using Modular Extension to Provably Protect Edwards Curves Against Fault Attacks

International audienceFault injection attacks are a real-world threat to cryptosystems, in particular asymmetric cryptography. In this paper, we focus on countermeasures which guarantee the integrity of the computation result, hence covering most existing and future fault attacks. Namely, we study the modular extension protection scheme in previously existing and newly contributed variants of the countermeasure on elliptic curve scalar multiplication (ECSM) algorithms. We find that an existing countermeasure is incorrect and we propose new " test-free " variant of the modular extension scheme that fixes it. We then formally prove the correctness and security of modular extension: specifically, the fault non-detection probability is inversely proportional to the security parameter. Finally, we implement an ECSM protected with test-free modular extension during the elliptic curve operation to evaluate the efficient of this method on Edwards and twisted Edwards curves

A new CRT-RSA algorithm secure against bellcore attacks

In this paper we describe a new algorithm to prevent fault attacks on RSA signature algorithms using the Chinese Remainder Theorem (CRT-RSA). This variant of the RSA signature algorithm is widely used on smartcards. Smartcards on the other hand are particularly susceptible to fault attacks like the one described in [7]. Recent results have shown that fault attacks are practical and easy to accomplish ([21], [17]). Therefore, they establish a practical need for fault attack protected CRT-RSA schemes. Starting from a careful derivation and classification of fault models, we describe a new variant of the CRT-RSA algorithm. For the most realistic fault model described, we rigorously analyze the success probability of an adversary. Thereby, we prove that our new algorithm is secure against the Bellcore attack. Only once in the analysis do we need to refer to a plausible number theoretic assumption. Categories and Subject Descriptors B.8.1 [Reliability, Testing, and Fault-Tolerance]: fault attacks; C.3 [Special-Purpose and Application-base