Stochastic heuristic approach to addition chain problem in PKC for efficiency and security effectiveness

This paper shows that stochastic heuristic approach for implicitly solving addition chain problem (ACP) in public-key cryptosystem (PKC) enhances the efficiency of the PKC and improves the security by blinding the multiplications/squaring operations involved against side-channel attack (SCA). We show that while the current practical heuristic approaches being deterministic expose the fixed pattern of the operations, using stochastic method blinds the pattern by being unpredictable and generating diffident pattern of operation for the same exponent at a different time. Thus, if the addition chain (AC) is generated implicitly every time the exponentiation operation is being made, needless for such approaches as padding by insertion of dummy operations and the operation is still totally secured against the SCA. Furthermore, we also show that the stochastic approaches, when carefully designed, further reduces the length of the operation than state-of-the-art practical methods for improving the efficiency. We demonstrated our investigation by implementing RSA cryptosystem using the stochastic approach and the results benchmarked with the existing current methods

Architecture for the Secret-Key BC3 Cryptography Algorithm

Cryptography is a very important aspect in data security. The focus of research in this field is shifting from merely security aspect to consider as well the  implementation  aspect.  This  paper  aims  to  introduce  BC3  algorithm  with focus  on  its  hardware  implementation.  It  proposes  an  architecture  for  the hardware  implementation  for  this  algorithm.  BC3  algorithm  is  a  secret-key cryptography  algorithm  developed  with  two  considerations:  robustness  and implementation  efficiency.  This  algorithm  has  been  implemented  on  software and has good performance compared to AES algorithm. BC3 is improvement of BC2 and AE cryptographic algorithm and it is expected to have the same level of robustness and to gain competitive advantages in the implementation aspect. The development of the architecture gives much attention on (1) resource sharing and (2)  having  single  clock  for  each  round.  It  exploits  regularity  of  the  algorithm. This architecture is then implemented on an FPGA. This implementation is three times smaller area than AES, but about five times faster. Furthermore, this BC3 hardware  implementation  has  better  performance  compared  to  BC3  software both in key expansion stage and randomizing stage. For the future, the security of this implementation must be reviewed especially against side channel attack

IPcore implementation susceptibility: A case study of Low latency ciphers

Security evaluation of third-party cryptographic IP (Intellectual Property) cores is often ignored due to several reasons including, lack of awareness about its adversity, lack of trust validation methodology otherwise view security as a byproduct. Particularly, the validation of low latency cipher IP core on Internet of Things (IoT) devices is crucial as they may otherwise become vulnerable for information theft. In this paper, we share an (Un)intentional way of cipher implementation as IP core(hard) become susceptible against side channel attack and show how the susceptible implementation can be experimentally exploited to reveal secret key in FPGA using power analysis. In this paper our contributions are: First, we present Look-Up Table (LUT) based unrolled implementation of PRINCE block cipher with place and route constraints in FPGA. Second, using power analysis attack we recover 128-bit key of PRINCE with complexity of 2^9. Finally, we conclude the paper with the experimental results

Implementation of AES with Time Complexity Measurement for Various Input

Network Security has a major role in the development of data communication system, where more randomization in the secret keys increases the security as well as the complexity of the cryptography algorithms. In the recent years network security has become an important issue. Cryptography has come up as a solution which plays a vital role in the information security system against various attacks. This security mechanism uses the AES algorithm to scramble data into unreadable text which can only be decrypted with the associated key. The AES algorithm is limited only for text as an input. It also has, the more time complexity. So it suffers from vulnerabilities associated with another type of input and time constraints. So its challenge to implement the AES algorithm for various types of input and require less decryption time. The propose work demonstrate implementation of a 128-bit Advanced Encryption Standard (AES), which consists of both symmetric key encryption and decryption algorithms for input as a text, image and audio. It also gives less time complexity as compared to existing one. At the last stage comparing the time complexity for encryption and decryption process for all three types of input. This paper also demonstrates a side channel attack on the standard software implementation of the AES cryptographic algorithm.d

Explicit MDS Codes with Complementary Duals

In 1964, Massey introduced a class of codes with complementary duals which are called Linear Complimentary Dual (LCD for short) codes. He showed that LCD codes have applications in communication system, side-channel attack (SCA) and so on. LCD codes have been extensively studied in literature. On the other hand, MDS codes form an optimal family of classical codes which have wide applications in both theory and practice. The main purpose of this paper is to give an explicit construction of several classes of LCD MDS codes, using tools from algebraic function fields. We exemplify this construction and obtain several classes of explicit LCD MDS codes for the odd characteristic case

Electromagnetic analysis

Tato práce se zabývá problematikou elektromagnetické analýzy a aplikací elektromagnetického postranního kanálu. První a druhá část práce popisují základy kryptografie, funkci kryptografického modulu a útoky vedené postranními kanály. Třetí část práce rozebírá možnosti elektromagnetické analýzy, konstrukci sondy, popis laboratorního pracoviště, elektromagnetickou emisi PIC16F84A, algoritmus AES a přípravu na laboratorní měření. Čtvrtá část práce popisuje konkrétní laboratorní měření a extrakci užitečného signálu. V páté části práce jsou uvedeny výsledky zpracování naměřených hodnot, výstupy vytvořených skriptů a zjištěné souvislosti mezi naměřenými průběhy a šifrovacím klíčem algoritmu AES. V šesté části práce jsou rozebrány základní možnosti obrany proti útoku postranním kanálem.This thesis deals with electromagnetic analysis and applications of electromagnetic side channel. The first and second part describes the basics of cryptography, function of cryptographic module and side-channel attacks. The third part discusses the electromagnetic analysis, construction of probe, a description of the laboratory workplace, the electromagnetic emission of PIC16F84A, AES and preparation for laboratory measurements. The fourth part describes specific laboratory measurements and extracting the useful signal. In the fifth part of the thesis presents the results of processing the measured values, the outputs generated by scripts and found the link between measured curves and AES encryption key. In the sixth part of the thesis are analyzed the basics of defense against side channel attack.

EVALUATION OF RESISTANCE TO SCA FOR DIFFERENT ARCHITECTURES OF ENCRYPTED CELL

This paper deals with a top down design of an example multiplexer cell that exhibits high immunity to Side Channel Attack (SCA). Four different solutions of the encrypted multiplexer cell are revised, and the best design adopted. The post-layout simulations prove resistance of the multiplexer logic cell to the SCA. Since the physical layout structure and the functionality of this kind of design is based on symmetry, concerns were expressed as to what will be the effectiveness of the method under real production conditions. To get a proper answer to that, the adequacy of the chosen design for the multiplexer cell, which uses the "No Short-circuit Current Dynamic Differential Logic" (NSDDL) method, is confirmed by observing a Normalized Standard Deviation (NSD)

Countermeasures of power analysis

Postranní kanály ovlivňují razantně bezpečnost kryptografických systémů, proto je nutné jim věnovat pozornost při implementaci šifrovacího algoritmu. V této práci jsou v počátku uvedeny základní typy postraních kanálu a jaké útoky se pomocí nich provádí. V následující část jsou popsány druhy ochran proti útoku postranními kanály, z kterých je nejvíce kladen důraz na maskování, z důvodu možné implementace i na stávající kryptografické systémy. Poté jsou představeny maskovací techniky pro šifru AES, kde je popsán jejich způsob maskování, úprava šifrovacího algoritmu a především vůči kterým útokům odolají. V praktické části je popsáno měření, které se snaží zaznamenat proudovou spotřebu mikrokontroleru. Měření mělo za účel zkoumat především na únik informací pomocí proudového postranního kanálu.Side channels affect a security of the cryptographic systems, due to it is necessary to focus on implementation of the algorithm. There are mention basic classification of side channels in the beginning of the work. The following chapter describes types of countermeasures against side channel attack, which the most emphasis on masking, because of possible implementations on existing cryptosystems. Masking techniques are introduces in the following chapter, where is a description of their method of masking, treatment of cipher and their resistance against attack. The practical part describes the measurements that are trying to record the power consumption of the microcontroller. Measurement was designed to examine primarily on information leakage through power side channel.

Completely Automated Public Physical test to tell Computers and Humans Apart: A usability study on mobile devices

A very common approach adopted to fight the increasing sophistication and dangerousness of malware and hacking is to introduce more complex authentication mechanisms. This approach, however, introduces additional cognitive burdens for users and lowers the whole authentication mechanism acceptability to the point of making it unusable. On the contrary, what is really needed to fight the onslaught of automated attacks to users data and privacy is to first tell human and computers apart and then distinguish among humans to guarantee correct authentication. Such an approach is capable of completely thwarting any automated attempt to achieve unwarranted access while it allows keeping simple the mechanism dedicated to recognizing the legitimate user. This kind of approach is behind the concept of Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA), yet CAPTCHA leverages cognitive capabilities, thus the increasing sophistication of computers calls for more and more difficult cognitive tasks that make them either very long to solve or very prone to false negatives. We argue that this problem can be overcome by substituting the cognitive component of CAPTCHA with a different property that programs cannot mimic: the physical nature. In past work we have introduced the Completely Automated Public Physical test to tell Computer and Humans Apart (CAPPCHA) as a way to enhance the PIN authentication method for mobile devices and we have provided a proof of concept implementation. Similarly to CAPTCHA, this mechanism can also be used to prevent automated programs from abusing online services. However, to evaluate the real efficacy of the proposed scheme, an extended empirical assessment of CAPPCHA is required as well as a comparison of CAPPCHA performance with the existing state of the art. To this aim, in this paper we carry out an extensive experimental study on both the performance and the usability of CAPPCHA involving a high number of physical users, and we provide comparisons of CAPPCHA with existing flavors of CAPTCHA