3,535 research outputs found
Null Convention Logic applications of asynchronous design in nanotechnology and cryptographic security
This dissertation presents two Null Convention Logic (NCL) applications of asynchronous logic circuit design in nanotechnology and cryptographic security. The first application is the Asynchronous Nanowire Reconfigurable Crossbar Architecture (ANRCA); the second one is an asynchronous S-Box design for cryptographic system against Side-Channel Attacks (SCA). The following are the contributions of the first application: 1) Proposed a diode- and resistor-based ANRCA (DR-ANRCA). Three configurable logic block (CLB) structures were designed to efficiently reconfigure a given DR-PGMB as one of the 27 arbitrary NCL threshold gates. A hierarchical architecture was also proposed to implement the higher level logic that requires a large number of DR-PGMBs, such as multiple-bit NCL registers. 2) Proposed a memristor look-up-table based ANRCA (MLUT-ANRCA). An equivalent circuit simulation model has been presented in VHDL and simulated in Quartus II. Meanwhile, the comparison between these two ANRCAs have been analyzed numerically. 3) Presented the defect-tolerance and repair strategies for both DR-ANRCA and MLUT-ANRCA. The following are the contributions of the second application: 1) Designed an NCL based S-Box for Advanced Encryption Standard (AES). Functional verification has been done using Modelsim and Field-Programmable Gate Array (FPGA). 2) Implemented two different power analysis attacks on both NCL S-Box and conventional synchronous S-Box. 3) Developed a novel approach based on stochastic logics to enhance the resistance against DPA and CPA attacks. The functionality of the proposed design has been verified using an 8-bit AES S-box design. The effects of decision weight, bitstream length, and input repetition times on error rates have been also studied. Experimental results shows that the proposed approach enhances the resistance to against the CPA attack by successfully protecting the hidden key --Abstract, page iii
Keeping Authorities "Honest or Bust" with Decentralized Witness Cosigning
The secret keys of critical network authorities - such as time, name,
certificate, and software update services - represent high-value targets for
hackers, criminals, and spy agencies wishing to use these keys secretly to
compromise other hosts. To protect authorities and their clients proactively
from undetected exploits and misuse, we introduce CoSi, a scalable witness
cosigning protocol ensuring that every authoritative statement is validated and
publicly logged by a diverse group of witnesses before any client will accept
it. A statement S collectively signed by W witnesses assures clients that S has
been seen, and not immediately found erroneous, by those W observers. Even if S
is compromised in a fashion not readily detectable by the witnesses, CoSi still
guarantees S's exposure to public scrutiny, forcing secrecy-minded attackers to
risk that the compromise will soon be detected by one of the W witnesses.
Because clients can verify collective signatures efficiently without
communication, CoSi protects clients' privacy, and offers the first
transparency mechanism effective against persistent man-in-the-middle attackers
who control a victim's Internet access, the authority's secret key, and several
witnesses' secret keys. CoSi builds on existing cryptographic multisignature
methods, scaling them to support thousands of witnesses via signature
aggregation over efficient communication trees. A working prototype
demonstrates CoSi in the context of timestamping and logging authorities,
enabling groups of over 8,000 distributed witnesses to cosign authoritative
statements in under two seconds.Comment: 20 pages, 7 figure
On the Deployment of Healthcare Applications over Fog Computing Infrastructure
Fog computing is considered as the most promising enhancement of the traditional cloud computing paradigm in order to handle potential issues introduced by the emerging Interned of Things (IoT) framework at the network edge. The heterogeneous nature, the extensive distribution and the hefty number of deployed IoT nodes will disrupt existing functional models, creating confusion. However, IoT will facilitate the rise of new applications, with automated healthcare monitoring platforms being amongst them. This paper presents the pillars of design for such applications, along with the evaluation of a working prototype that collects ECG traces from a tailor-made device and utilizes the patient's smartphone as a Fog gateway for securely sharing them to other authorized entities. This prototype will allow patients to share information to their physicians, monitor their health status independently and notify the authorities rapidly in emergency situations. Historical data will also be available for further analysis, towards identifying patterns that may improve medical diagnoses in the foreseeable future
Backscatter from the Data Plane --- Threats to Stability and Security in Information-Centric Networking
Information-centric networking proposals attract much attention in the
ongoing search for a future communication paradigm of the Internet. Replacing
the host-to-host connectivity by a data-oriented publish/subscribe service
eases content distribution and authentication by concept, while eliminating
threats from unwanted traffic at an end host as are common in today's Internet.
However, current approaches to content routing heavily rely on data-driven
protocol events and thereby introduce a strong coupling of the control to the
data plane in the underlying routing infrastructure. In this paper, threats to
the stability and security of the content distribution system are analyzed in
theory and practical experiments. We derive relations between state resources
and the performance of routers and demonstrate how this coupling can be misused
in practice. We discuss new attack vectors present in its current state of
development, as well as possibilities and limitations to mitigate them.Comment: 15 page
A Standalone FPGA-based Miner for Lyra2REv2 Cryptocurrencies
Lyra2REv2 is a hashing algorithm that consists of a chain of individual
hashing algorithms, and it is used as a proof-of-work function in several
cryptocurrencies. The most crucial and exotic hashing algorithm in the
Lyra2REv2 chain is a specific instance of the general Lyra2 algorithm. This
work presents the first hardware implementation of the specific instance of
Lyra2 that is used in Lyra2REv2. Several properties of the aforementioned
algorithm are exploited in order to optimize the design. In addition, an
FPGA-based hardware implementation of a standalone miner for Lyra2REv2 on a
Xilinx Multi-Processor System on Chip is presented. The proposed Lyra2REv2
miner is shown to be significantly more energy efficient than both a GPU and a
commercially available FPGA-based miner. Finally, we also explain how the
simplified Lyra2 and Lyra2REv2 architectures can be modified with minimal
effort to also support the recent Lyra2REv3 chained hashing algorithm.Comment: 13 pages, accepted for publication in IEEE Trans. Circuits Syst. I.
arXiv admin note: substantial text overlap with arXiv:1807.0576
Remote attestation to ensure the security of future Internet of Things services
The Internet of Things (IoT) evolution is gradually reshaping the physical world into smart environments that involve a large number of interconnected resource-constrained devices which collect, process, and exchange enormous amount of (more or less) sensitive information. With the increasing number of interconnected IoT devices and their capabilities to control the environment, IoT systems are becoming a prominent target of sophisticated cyberattacks. To deal with the expanding attack surface, IoT systems require adequate security mechanisms to verify the reliability of IoT devices.
Remote attestation protocols have recently gained wide attention in IoT systems as valuable security mechanisms that detect the adversarial presence and guarantee the legitimate state of IoT devices. Various attestation schemes have been proposed to optimize the effectiveness and efficiency of remote attestation protocols of a single IoT device or a group of IoT devices. Nevertheless, some cyber attacks remain undetected by current attestation methods, and attestation protocols still introduce non-negligible computational overheads for resource-constrained devices.
This thesis presents the following new contributions in the area of remote attestation protocols that verify the trustworthiness of IoT devices.
First, this thesis shows the limitations of existing attestation protocols against runtime attacks which, by compromising a device, may maliciously influence the operation of other genuine devices that interact with the compromised one. To detect such an attack, this thesis introduces the service perspective in remote attestation and presents a synchronous remote attestation protocol for distributed IoT services.
Second, this thesis designs, implements and evaluates a novel remote attestation scheme that releases the constraint of synchronous interaction between devices and enables the attestation of asynchronous distributed IoT services. The proposed scheme also attests asynchronously a group of IoT devices, without interrupting the regular operations of all the devices at the same time.
Third, this thesis proposes a new approach that aims to reduce the interruption time of the regular work that remote attestation introduces in an IoT device. This approach intends to decrease the computational overhead of attestation by allowing an IoT device to securely offload the attestation process to a cloud service, which then performs attestation independently on the cloud, on behalf of the IoT device
- âŠ