A Formal Theory of Key Conjuring

Key conjuring is the process by which an attacker obtains an unknown, encrypted key by repeatedly calling a cryptographic API function with random values in place of keys. We propose a formalism for detecting computationally feasible key conjuring operations, incorporated into a Dolev-Yao style model of the security API. We show that security in the presence of key conjuring operations is decidable for a particular class of APIs, which includes the key management API of IBM’s Common Cryptographic Architecture (CCA)

Power Profile Obfuscation using RRAMs to Counter DPA Attacks

Side channel attacks, such as Differential Power Analysis (DPA), denote a special class of attacks in which sensitive key information is unveiled through information extracted from the physical device executing a cryptographic algorithm. This information leakage, known as side channel information, occurs from computations in a non-ideal system composed of electronic devices such as transistors. Power dissipation is one classic side channel source, which relays information of the data being processed. DPA uses statistical analysis to identify data-dependent correlations in sets of power measurements. Countermeasures against DPA focus on hiding or masking techniques at different levels of design abstraction and are typically associated with high power and area cost. Emerging technologies such as Resistive Random Access Memory (RRAM), offer unique opportunities to mitigate DPAs with their inherent memristor device characteristics such as variability in write time, ultra low power (0.1-3 pJ/bit), and high density (4F2). In this research, an RRAM based architecture is proposed to mitigate the DPA attacks by obfuscating the power profile. Specifically, a dual RRAM based memory module masks the power dissipation of the actual transaction by accessing both the data and its complement from the memory in tandem. DPA attack resiliency for a 128-bit AES cryptoprocessor using RRAM and CMOS memory modules is compared against baseline CMOS only technology. In the proposed AES architecture, four single port RRAM memory units store the intermediate state of the encryption. The correlation between the state data and sets of power measurement is masked due to power dissipated from inverse data access on dual RRAM memory. A customized simulation framework is developed to design the attack scenarios using Synopsys and Cadence tool suites, along with a Hamming weight DPA attack module. The attack mounted on a baseline CMOS architecture is successful and the full key is recovered. However, DPA attacks mounted on the dual CMOS and RRAM based AES cryptoprocessor yielded unsuccessful results with no keys recovered, demonstrating the resiliency of the proposed architecture against DPA attacks

Deduction with XOR Constraints in Security API Modelling

We introduce XOR constraints, and show how they enable a theorem prover to reason effectively about security critical subsystems which employ bitwise XOR. Our primary case study is the API of the IBM 4758 hardware security module. We also show how our technique can be applied to standard security protocols

Secure execution environments through reconfigurable lightweight cryptographic components

Software protection is one of the most important problems in the area of computing as it affects a multitude of players like software vendors, digital content providers, users, and government agencies. There are multiple dimensions to this broad problem of software protection. The most important ones are: (1) protecting software from reverse engineering. (2) protecting software from tamper (or modification). (3) preventing software piracy. (4) verification of integrity of the software;In this thesis we focus on these areas of software protection. The basic requirement to achieve these goals is to provide a secure execution environment, which ensures that the programs behave in the same way as it was designed, and the execution platforms respect certain types of wishes specified by the program;We take the approach of providing secure execution environment through architecture support. We exploit the power of reconfigurable components in achieving this. The first problem we consider is to provide architecture support for obfuscation. This also achieves the goals of tamper resistance, copy protection, and IP protection indirectly. Our approach is based on the intuition that the software is a sequence of instructions (and data) and if the sequence as well the contents are obfuscated then all the required goals can be achieved;The second problem we solve is integrity verification of the software particularly in embedded devices. Our solution is based on the intuition that an obfuscated (permuted) binary image without any dynamic traces reveals very little information about the IP of the program. Moreover, if this obfuscation function becomes a shared secret between the verifier and the embedded device then verification can be performed in a trustworthy manner;Cryptographic components form the underlying building blocks/primitives of any secure execution environment. Our use of reconfigurable components to provide software protection in both Arc 3 D and TIVA led us to an interesting observation about the power of reconfigurable components. Reconfigurable components provide the ability to use the secret (or key) in a much stronger way than the conventional cryptographic designs. This opened up an opportunity for us to explore the use of reconfigurable gates to build cryptographic functions

Improved Related-Key Attacks on DESX and DESX+

In this paper, we present improved related-key attacks on the original DESX, and DESX+, a variant of the DESX with its pre- and post-whitening XOR operations replaced with addition modulo $2^{64}$. Compared to previous results, our attack on DESX has reduced text complexity, while our best attack on DESX+ eliminates the memory requirements at the same processing complexity

Run-time analysis of PKCS#11 attacks

The goal of this paper is to report on the development of a tool aimed at the automatic detection of attacks against PKCS#11 devices. Instead of modifying or configuring the API, we propose a stateful run-time monitor which is able to track key usage over time, for the identification of operations that might result in the leakage of sensitive keys. We briefly report on the components developed for implementing the monitor and discuss new challenges and open issues

Design and Verification of an RSA Encryption Core

Cryptoprocessors are becoming a standard to make the data-usage more discrete. A wellknown elector-mechanical cipher machine called the “enigma machine” was used in early 20th century to encrypt all confidential military and diplomatic information. With the advent of microprocessors in late 20th century the world of cryptography revolutionized. A cryptosystem is system on chip which contains cryptography algorithms used for encryption and decryption of data. These cryptoprocessors are used in ATM’s and highly portable communication systems. Encryption and decryption are the fundamental processes behind any cryptosystem. There are many encryption and decryption algorithms available; one such algorithm is known as the RSA (Rivest-Shamir-Adlean) algorithm. This project focuses on development of an encryption cryptoprocessor which will deal with key generation, key distribution, and encryption parts of the RSA algorithm and also discusses the verification environment required to verify this core

Towards Multidimensional Verification: Where Functional Meets Non-Functional

Trends in advanced electronic systems' design have a notable impact on design verification technologies. The recent paradigms of Internet-of-Things (IoT) and Cyber-Physical Systems (CPS) assume devices immersed in physical environments, significantly constrained in resources and expected to provide levels of security, privacy, reliability, performance and low power features. In recent years, numerous extra-functional aspects of electronic systems were brought to the front and imply verification of hardware design models in multidimensional space along with the functional concerns of the target system. However, different from the software domain such a holistic approach remains underdeveloped. The contributions of this paper are a taxonomy for multidimensional hardware verification aspects, a state-of-the-art survey of related research works and trends towards the multidimensional verification concept. The concept is motivated by an example for the functional and power verification dimensions.Comment: 2018 IEEE Nordic Circuits and Systems Conference (NORCAS): NORCHIP and International Symposium of System-on-Chip (SoC