16 research outputs found

    Is Split Manufacturing Secure?

    Get PDF
    Abstract-Split manufacturing of integrated circuits (IC) is being investigated as a way to simultaneously alleviate the cost of owning a trusted foundry and eliminate the security risks associated with outsourcing IC fabrication. In split manufacturing, a design house (with a low-end, in-house, trusted foundry) fabricates the Front End Of Line (FEOL) layers (transistors and lower metal layers) in advanced technology nodes at an untrusted high-end foundry. The Back End Of Line (BEOL) layers (higher metal layers) are then fabricated at the design house's trusted low-end foundry. Split manufacturing is considered secure (prevents reverse engineering and IC piracy) as it hides the BEOL connections from an attacker in the FEOL foundry. We show that an attacker in the FEOL foundry can exploit the heuristics used in typical floorplanning, placement, and routing tools to bypass the security afforded by straightforward split manufacturing. We developed an attack where an attacker in the FEOL foundry can connect 96% of the missing BEOL connections correctly. To overcome this security vulnerability in split manufacturing, we developed a fault analysis-based defense. This defense improves the security of split manufacturing by deceiving the FEOL attacker into making wrong connections

    Towards Practical Privacy-Preserving Protocols

    Get PDF
    Protecting users' privacy in digital systems becomes more complex and challenging over time, as the amount of stored and exchanged data grows steadily and systems become increasingly involved and connected. Two techniques that try to approach this issue are Secure Multi-Party Computation (MPC) and Private Information Retrieval (PIR), which aim to enable practical computation while simultaneously keeping sensitive data private. In this thesis we present results showing how real-world applications can be executed in a privacy-preserving way. This is not only desired by users of such applications, but since 2018 also based on a strong legal foundation with the General Data Protection Regulation (GDPR) in the European Union, that forces companies to protect the privacy of user data by design. This thesis' contributions are split into three parts and can be summarized as follows: MPC Tools Generic MPC requires in-depth background knowledge about a complex research field. To approach this, we provide tools that are efficient and usable at the same time, and serve as a foundation for follow-up work as they allow cryptographers, researchers and developers to implement, test and deploy MPC applications. We provide an implementation framework that abstracts from the underlying protocols, optimized building blocks generated from hardware synthesis tools, and allow the direct processing of Hardware Definition Languages (HDLs). Finally, we present an automated compiler for efficient hybrid protocols from ANSI C. MPC Applications MPC was for a long time deemed too expensive to be used in practice. We show several use cases of real-world applications that can operate in a privacy-preserving, yet practical way when engineered properly and built on top of suitable MPC protocols. Use cases presented in this thesis are from the domain of route computation using BGP on the Internet or at Internet Exchange Points (IXPs). In both cases our protocols protect sensitive business information that is used to determine routing decisions. Another use case focuses on genomics, which is particularly critical as the human genome is connected to everyone during their entire lifespan and cannot be altered. Our system enables federated genomic databases, where several institutions can privately outsource their genome data and where research institutes can query this data in a privacy-preserving manner. PIR and Applications Privately retrieving data from a database is a crucial requirement for user privacy and metadata protection, and is enabled amongst others by a technique called Private Information Retrieval (PIR). We present improvements and a generalization of a well-known multi-server PIR scheme of Chor et al., and an implementation and evaluation thereof. We also design and implement an efficient anonymous messaging system built on top of PIR. Furthermore we provide a scalable solution for private contact discovery that utilizes ideas from efficient two-server PIR built from Distributed Point Functions (DPFs) in combination with Private Set Intersection (PSI)

    The development of the British approach to improvised explosive device disposal in Northern Ireland

    No full text
    When the army deployed to Northern Ireland in 1969 it was unprepared for the intensive bombing campaign that was to follow. Improvised Explosive Device Disposal (IEDD) was conducted in much the same way as it had been since the 19th century – manually, with one or two men pitting themselves against the device, or its creator. The painful experience of the ‘Troubles’ in Northern Ireland - and in particular the Provisional Irish Republican Army (PIRA) bombing campaign - led to the development of the contemporary British approach to IEDD. The army dealt with over 56000 Explosive Ordnance Disposal (EOD) incidents by 2007, rendering safe over 6300 IEDs. These successes came at a heavy price. 17 Ammunition Technical Officers (ATOs) and three other EOD team members were killed in Northern Ireland. Most of these deaths occurred during the early 1970s. It must be asked why the IEDD was more dangerous then and why did it become apparently safer in later years, despite the terrorists’ growing prowess? This thesis argues that EOD changed in the 1970s as a result of the lessons learned when casualties occurred, and that the most important changes were conceptual. Safety and success for the EOD teams came not from out-braving the bombs, but from outthinking the bombers. The lessons learnt were distilled and formalised into a set of principles, philosophies and rules that guided the conduct of IEDD operations. This thesis explains how the EOD experience in Northern Ireland shaped the contemporary British approach to IEDD operations. It begins with an introduction and a historical background. The methodology used is discussed, and the available literature on the subject is reviewed. An overview of the development of IEDs and IED tactics is offered, and the state of IEDD at the start of the Northern Ireland campaign is examined. Each of the incidents resulting in an EOD fatality is discussed and analysed in a case study, and this is followed by a further selection of case studies that scrutinise non fatal incidents that had an influence on the conduct of operations. A chapter is devoted to an analysis of successful attacks on EOD teams and from this a number of theories are offered. The official responses to incidents, in the form of regulatory documents and training publications are then discussed before the roles of equipment and personnel selection are considered

    Vol. 63, no. 2: Full Issue

    Get PDF

    Syringa Networks v. Idaho Department of Administration Clerk\u27s Record v. 3 Dckt. 38735

    Get PDF
    https://digitalcommons.law.uidaho.edu/idaho_supreme_court_record_briefs/1521/thumbnail.jp

    Vol. 75, no. 3: Full Issue

    Get PDF

    Gender, human rights and activisms: proceedings of the Fifth International Congress in Cultural Studies

    Get PDF
    ISBN 978-­989­-99682-­0­-2It is becoming increasingly necessary in contemporary societies to build bridges between activism and academia in both theory and practice regarding gender inequality. From femicide to transphobia, from equal marriage to the adoption of children by same-sex couples and assisted reproduction, the recognition of gender identity of transgender people, the right to pleasure and free expression of affection, gender issues multiply , intersect and, of course, overlap, but without losing their specificities

    2008-2009-UNM CATALOG

    Get PDF
    Course catalog for 2008-2009https://digitalrepository.unm.edu/course_catalogs/1098/thumbnail.jp

    LIPIcs, Volume 251, ITCS 2023, Complete Volume

    Get PDF
    LIPIcs, Volume 251, ITCS 2023, Complete Volum
    corecore