Efficient and Secure Implementations of Lightweight Symmetric Cryptographic Primitives

This thesis is devoted to efficient and secure implementations of lightweight symmetric cryptographic primitives for resource-constrained devices such as wireless sensors and actuators that are typically deployed in remote locations. In this setting, cryptographic algorithms must consume few computational resources and withstand a large variety of attacks, including side-channel attacks. The first part of this thesis is concerned with efficient software implementations of lightweight symmetric algorithms on 8, 16, and 32-bit microcontrollers. A first contribution of this part is the development of FELICS, an open-source benchmarking framework that facilitates the extraction of comparative performance figures from implementations of lightweight ciphers. Using FELICS, we conducted a fair evaluation of the implementation properties of 19 lightweight block ciphers in the context of two different usage scenarios, which are representatives for common security services in the Internet of Things (IoT). This study gives new insights into the link between the structure of a cryptographic algorithm and the performance it can achieve on embedded microcontrollers. Then, we present the SPARX family of lightweight ciphers and describe the impact of software efficiency in the process of shaping three instances of the family. Finally, we evaluate the cost of the main building blocks of symmetric algorithms to determine which are the most efficient ones. The contributions of this part are particularly valuable for designers of lightweight ciphers, software and security engineers, as well as standardization organizations. In the second part of this work, we focus on side-channel attacks that exploit the power consumption or the electromagnetic emanations of embedded devices executing unprotected implementations of lightweight algorithms. First, we evaluate different selection functions in the context of Correlation Power Analysis (CPA) to infer which operations are easy to attack. Second, we show that most implementations of the AES present in popular open-source cryptographic libraries are vulnerable to side-channel attacks such as CPA, even in a network protocol scenario where the attacker has limited control of the input. Moreover, we describe an optimal algorithm for recovery of the master key using CPA attacks. Third, we perform the first electromagnetic vulnerability analysis of Thread, a networking stack designed to facilitate secure communication between IoT devices. The third part of this thesis lies in the area of side-channel countermeasures against power and electromagnetic analysis attacks. We study efficient and secure expressions that compute simple bitwise functions on Boolean shares. To this end, we describe an algorithm for efficient search of expressions that have an optimal cost in number of elementary operations. Then, we introduce optimal expressions for first-order Boolean masking of bitwise AND and OR operations. Finally, we analyze the performance of three lightweight block ciphers protected using the optimal expressions

Security of Ubiquitous Computing Systems

The chapters in this open access book arise out of the EU Cost Action project Cryptacus, the objective of which was to improve and adapt existent cryptanalysis methodologies and tools to the ubiquitous computing framework. The cryptanalysis implemented lies along four axes: cryptographic models, cryptanalysis of building blocks, hardware and software security engineering, and security assessment of real-world systems. The authors are top-class researchers in security and cryptography, and the contributions are of value to researchers and practitioners in these domains. This book is open access under a CC BY license

Cryptanalysis, Reverse-Engineering and Design of Symmetric Cryptographic Algorithms

In this thesis, I present the research I did with my co-authors on several aspects of symmetric cryptography from May 2013 to December 2016, that is, when I was a PhD student at the university of Luxembourg under the supervision of Alex Biryukov. My research has spanned three different areas of symmetric cryptography. In Part I of this thesis, I present my work on lightweight cryptography. This field of study investigates the cryptographic algorithms that are suitable for very constrained devices with little computing power such as RFID tags and small embedded processors such as those used in sensor networks. Many such algorithms have been proposed recently, as evidenced by the survey I co-authored on this topic. I present this survey along with attacks against three of those algorithms, namely GLUON, PRINCE and TWINE. I also introduce a new lightweight block cipher called SPARX which was designed using a new method to justify its security: the Long Trail Strategy. Part II is devoted to S-Box reverse-engineering, a field of study investigating the methods recovering the hidden structure or the design criteria used to build an S-Box. I co-invented several such methods: a statistical analysis of the differential and linear properties which was applied successfully to the S-Box of the NSA block cipher Skipjack, a structural attack against Feistel networks called the yoyo game and the TU-decomposition. This last technique allowed us to decompose the S-Box of the last Russian standard block cipher and hash function as well as the only known solution to the APN problem, a long-standing open question in mathematics. Finally, Part III presents a unifying view of several fields of symmetric cryptography by interpreting them as purposefully hard. Indeed, several cryptographic algorithms are designed so as to maximize the code size, RAM consumption or time taken by their implementations. By providing a unique framework describing all such design goals, we could design modes of operations for building any symmetric primitive with any form of hardness by combining secure cryptographic building blocks with simple functions with the desired form of hardness called plugs. Alex Biryukov and I also showed that it is possible to build plugs with an asymmetric hardness whereby the knowledge of a secret key allows the privileged user to bypass the hardness of the primitive

Distributed Computing with the Cell Broadband Engine

The rapid improvements in the availability of commodity high-performance components has resulted in a proliferation of networked devices, making scalable computing clusters the standard platform for many high-performance and large-scale applications. However, the process of parallelizing applications for such distributed environments is a challenging task, requiring explicit management of concurrency and data locality. While there exists many frameworks and platforms to assist with this process, like Google’s MapReduce, Microsoft’s Dryad and Azure, Yahoo’s Pig Latin programming language, and the Condor framework, they are usually targeted towards off-line batch processing of large quantities of data, contrary to real-time offloading of compute intensive tasks. Moreover, MapReduce, Dryad, and Pig Latin may not be suitable for all application domains, due to their inability to model branching and iterative algorithms. In this thesis, we present a design for a framework able to accelerate applications by offloading compute intensive tasks to a heterogeneous distributed environment, and provide a prototype implementation for the Cell Broadband Engine. We evaluate the framework performance and scalability, and propose several future enhancements to further increase performance. Our results show that compute intensive applications that allow for high numbers of concurrent jobs fits well to our framework, and shows good scalability

Security of Ubiquitous Computing Systems

The chapters in this open access book arise out of the EU Cost Action project Cryptacus, the objective of which was to improve and adapt existent cryptanalysis methodologies and tools to the ubiquitous computing framework. The cryptanalysis implemented lies along four axes: cryptographic models, cryptanalysis of building blocks, hardware and software security engineering, and security assessment of real-world systems. The authors are top-class researchers in security and cryptography, and the contributions are of value to researchers and practitioners in these domains. This book is open access under a CC BY license

Electromagnetic Side-Channel Resilience against Lightweight Cryptography

Side-channel attacks are an unpredictable risk factor in cryptography. Therefore, observations of leakages through physical parameters, i.e., power and electromagnetic (EM) radiation, etc., of digital devices are essential to minimise vulnerabilities associated with cryptographic functions. Compared to costs in the past, performing side-channel attacks using inexpensive test equipment is becoming a reality. Internet-of-Things (IoT) devices are resource-constrained, and lightweight cryptography is a novel approach in progress towards IoT security. Thus, it would provide sufficient data and privacy protection in such a constrained ecosystem. Therefore, cryptanalysis of physical leakages regarding these emerging ciphers is crucial. EM side-channel attacks seem to cause a significant impact on digital forensics nowadays. Within existing literature, power analysis seems to have considerable attention in research whereas other phenomena, such as EM, should continue to be appropriately evaluated in playing a role in forensic analysis.The emphasis of this thesis is on lightweight cryptanalysis. The preliminary investigations showed no Correlation EManalysis (CEMA) of PRESENT lightweight algorithm. The PRESENT is a block cipher that promises to be adequate for IoT devices, and is expected to be used commercially in the future. In an effort to fill in this research gap, this work examines the capabilities of a correlation EM side-channel attack against the PRESENT. For that, Substitution box (S-box) of the PRESENT was targeted for its 1st round with the use of a minimum number of EM waveforms compared to other work in literature, which was 256. The attack indicates the possibility of retrieving 8 bytes of the secret key out of 10 bytes. The experimental process started from a Simple EMA (SEMA) and gradually enhanced up to a CEMA. The thesis presents the methodology of the attack modelling and the observations followed by a critical analysis. Also, a technical review of the IoT technology and a comprehensive literature review on lightweight cryptology are included

Annual Report of the University, 2001-2002, Volumes 1-4

VITAL ACADEMIC CLIMATE* by Brian Foster, Provost/Vice President of Academic Affairs A great university engages students and faculty fully in important ideas and issues ... not just to learn about them, but to take them apart and put them back together, to debate, deconstruct, resist, reconstruct and build upon them. Engagement of this sort takes concentration and commitment, and it produces the kind of discipline and passion that leads to student and faculty success and satisfaction in their studies, research, performance, artistic activity and service. It is also the kind of activity that creates a solid, nurturing spirit of community. This is what we mean when we talk about a vital academic climate. We are striving for an environment that will enrich the social, cultural and intellectual lives of all who come in contact with the University. Many things interconnect to make this happen: curriculum, co-curricular activities, conferences, symposia, cultural events, community service, research and social activity. Our goal is to create the highest possible level of academic commitment and excitement at UNM. This is what characterizes a truly great university. *Strategic Direction 2 New Mexico native Andres C. Salazar, a Ph.D. in electrical engineering from Michigan State University, has been named the PNM Chair in Microsystems, Commercialization and Technology. Carrying the title of professor, the PNM Chair is a joint appointment between the School of Engineering and the Anderson Schools of Management. Spring 2002 graduate John Probasco was selected a 2002 Rhodes Scholar, the second UNM student to be so honored in the past four years. The biochemistry major from Alamogordo previously had been awarded the Goldwater Scholarship and the Truman Scholarship. Andres c. Salazar Biology student Sophie Peterson of Albuquerque was one of 30 students nationwide to receive a 2002-2003 Award of Excellence from Phi Kappa Phi, the oldest and largest national honor society. Regents\\u27 Professor of Communication and Journalism Everett M. Rogers was selected the University\\u27s 4 71h Annual Research Lecturer, the highest honor UNM bestows upon members of its faculty. John Probasco honored by Student Activities Director Debbie Morris. New Mexico resident, author and poet Simon}. Ortiz received an Honorary Doctorate of Letters at Spring Commencement ceremonies. Child advocate Angela Angie Vachio, founder and executive director of Peanut Butter and Jelly Family Services, Inc., was awarded an Honorary Doctorate of Humane Letters. American Studies Assistant Professor Amanda}. Cobb won the 22 d annual American Book Award for listening to Our Grandmothers\\u27 Stories: The Bloomfield Academy for Chickasaw Females, 1852-1949