A CUBESAT COMPATIBLE ELECTRONICS PLATFORM FOR MINIATURIZED SINGLE PHOTON PAIR SOURCES

Ph.DDOCTOR OF PHILOSOPH

Characterisation of a reconfigurable free space optical interconnect system for parallel computing applications and experimental validation using rapid prototyping technology

Free-space optical interconnects (FSOIs) are widely seen as a potential solution to present and future bandwidth bottlenecks for parallel processing applications. This thesis will be focused on the study of a particular FSOI system called Optical Highway (OH). The OH is a polarised beam routing system which uses Polarising Beam Splitters and Liquid Crystals (PBS/LC) assemblies to perform reconfigurable interconnection networks. The properties of the OH make it suitable for implementing different passive static networks. A technology known as Rapid Prototyping (RP) will be employed for the first time in order to create optomechanical structures at low cost and low production times. Off-theshelf optical components will also be characterised in order to implement the OH. Additionally, properties such as reconfigurability, scalability, tolerance to misalignment and polarisation losses will be analysed. The OH will be modelled at three levels: node, optical stage and architecture. Different designs will be proposed and a particular architecture, Optimised Cut-Through Ring (OCTR), will be experimentally implemented. Finally, based on this architecture, a new set of properties will be defined in order to optimise the efficiency of the optical channels

Constraint satisfaction modules : a methodology for analog circuit design

Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2007.Includes bibliographical references (p. 119-122).This dissertation describes a methodology for solving convex constraint problems using analog circuits. It demonstrates how this methodology can be used to design circuits that solve function-fitting problems through iterated gradient descent. In particular, it shows how to build a small circuit that can model a nonlinearity by observation, and predistort to compensate for this nonlinearity. The system fits into a broader effort to investigate non-traditional approaches to circuit design. First, it breaks the traditional input-output abstraction barrier; all ports are bidirectional. Second, it uses a different methodology for proving system stability with local rather than global properties. Such stability arguments can be scaled to much more complex systems than traditional stability criteria.by Piotr Mitros.Ph.D

Comprehensive Designs of Innovate Secure Hardware Devices against Machine Learning Attacks and Power Analysis Attacks

Hardware security is an innovate subject oriented from growing demands of cybersecurity and new information vulnerabilities from physical leakages on hardware devices. However, the mainstream of hardware manufacturing industry is still taking benefits of products and the performance of chips as priority, restricting the design of hardware secure countermeasures under a compromise to a finite expense of overheads. Consider the development trend of hardware industries and state-of-the-art researches of architecture designs, this dissertation proposes some new physical unclonable function (PUF) designs as countermeasures to side-channel attacks (SCA) and machine learning (ML) attacks simultaneously. Except for the joint consideration of hardware and software vulnerabilities, those designs also take efficiencies and overhead problems into consideration, making the new-style of PUF more possible to be merged into current chips as well as their design concepts. While the growth of artificial intelligence and machine-learning techniques dominate the researching trends of Internet of things (IoT) industry, some mainstream architectures of neural networks are implemented as hypothetical attacking model, whose results are used as references for further lifting the performance, the security level, and the efficiency in lateral studies. In addition, a study of implementation of neural networks on hardware designs is proposed, this realized the initial attempt to introduce AI techniques to the designs of voltage regulation (VR). All aforementioned works are demonstrated to be of robustness to threats with corresponding power attack tests or ML attack tests. Some conceptional models are proposed in the last of the dissertation as future plans so as to realize secure on-chip ML models and hardware countermeasures to hybrid threats

Optically Switched Quantum Key Distribution Network

Encrypted data transmission is becoming increasingly more important as information security is vital to modern communication networks. Quantum Key Distribution (QKD) is a promising method based on the quantum properties of light to generate and distribute unconditionally secure keys for use in classical data encryption. Significant progress has been achieved in the performance of QKD point-to-point transmission over a fibre link between two users. The transmission distance has exceeded several hundred kilometres of optical fibre in recent years, and the secure bit rate achievable has reached megabits per second, making QKD applicable for metro networks. To realize quantum encrypted data transmission over metro networks, quantum keys need to be regularly distributed and shared between multiple end users. Optical switching has been shown to be a promising technique for cost-effective QKD networking, enabling the dynamic reconfiguration of transmission paths with low insertion loss. In this thesis, the performance of optically switched multi-user QKD systems are studied using a mathematical model in terms of transmission distance and secure key rates. The crosstalk and loss limitations are first investigated theoretically and then experimentally. The experiment and simulation both show that negligible system penalties are observed with crosstalk of -20 dB or below. A practical quantum-safe metro network solution is then reported, integrating optically-switched QKD systems with high speed reconfigurability to protect classical network traffic. Quantum signals are routed by rapid optical switches between any two endpoints or network nodes via reconfigurable connections. Proof-of-concept experiments with commercial QKD systems are conducted. Secure keys are continuously shared between virtualised Alice-Bob pairs over effective transmission distances of 30 km, 31.7 km, 33.1 km and 44.6 km. The quantum bit error rates (QBER) for the four paths are proportional to the channel losses with values between 2.6% and 4.1%. Optimising the reconciliation and clock distribution architecture is predicted to result in an estimated maximum system reconfiguration time of 20 s, far shorter than previously demonstrated. In addition, Continuous Variable (CV) QKD has attracted much research interest in recent years, due to its compatibility with standard telecommunication techniques and relatively low cost in practical implementation. A wide band balanced homodyne detection system built from modified off-the-shelf components is experimentally demonstrated. Practical limits and benefits for high speed CVQKD key transmission are demonstrated based on an analysis of noise performance. The feasibility of an optically switched CV-QKD is also experimentally demonstrated using two virtualised Alice-Bob pairs for the first time. This work represents significant advances towards the deployment of CVQKD in a practical quantum-safe metro network. A method of using the classical equalization technique for Inter-symbol-interference mitigation in CVQKD detection is also presented and investigated. This will encourage further research to explore the applications of classical communication tools in quantum communications

Towards Applying Cryptographic Security Models to Real-World Systems

The cryptographic methodology of formal security analysis usually works in three steps: choosing a security model, describing a system and its intended security properties, and creating a formal proof of security. For basic cryptographic primitives and simple protocols this is a well understood process and is performed regularly. For more complex systems, as they are in use in real-world settings it is rarely applied, however. In practice, this often leads to missing or incomplete descriptions of the security properties and requirements of such systems, which in turn can lead to insecure implementations and consequent security breaches. One of the main reasons for the lack of application of formal models in practice is that they are particularly difficult to use and to adapt to new use cases. With this work, we therefore aim to investigate how cryptographic security models can be used to argue about the security of real-world systems. To this end, we perform case studies of three important types of real-world systems: data outsourcing, computer networks and electronic payment. First, we give a unified framework to express and analyze the security of data outsourcing schemes. Within this framework, we define three privacy objectives: \emph{data privacy}, \emph{query privacy}, and \emph{result privacy}. We show that data privacy and query privacy are independent concepts, while result privacy is consequential to them. We then extend our framework to allow the modeling of \emph{integrity} for the specific use case of file systems. To validate our model, we show that existing security notions can be expressed within our framework and we prove the security of CryFS---a cryptographic cloud file system. Second, we introduce a model, based on the Universal Composability (UC) framework, in which computer networks and their security properties can be described We extend it to incorporate time, which cannot be expressed in the basic UC framework, and give formal tools to facilitate its application. For validation, we use this model to argue about the security of architectures of multiple firewalls in the presence of an active adversary. We show that a parallel composition of firewalls exhibits strictly better security properties than other variants. Finally, we introduce a formal model for the security of electronic payment protocols within the UC framework. Using this model, we prove a set of necessary requirements for secure electronic payment. Based on these findings, we discuss the security of current payment protocols and find that most are insecure. We then give a simple payment protocol inspired by chipTAN and photoTAN and prove its security within our model. We conclude that cryptographic security models can indeed be used to describe the security of real-world systems. They are, however, difficult to apply and always need to be adapted to the specific use case

An Approach to Guide Users Towards Less Revealing Internet Browsers

When browsing the Internet, HTTP headers enable both clients and servers send extra data in their requests or responses such as the User-Agent string. This string contains information related to the sender’s device, browser, and operating system. Previous research has shown that there are numerous privacy and security risks result from exposing sensitive information in the User-Agent string. For example, it enables device and browser fingerprinting and user tracking and identification. Our large analysis of thousands of User-Agent strings shows that browsers differ tremendously in the amount of information they include in their User-Agent strings. As such, our work aims at guiding users towards using less exposing browsers. In doing so, we propose to assign an exposure score to browsers based on the information they expose and vulnerability records. Thus, our contribution in this work is as follows: first, provide a full implementation that is ready to be deployed and used by users. Second, conduct a user study to identify the effectiveness and limitations of our proposed approach. Our implementation is based on using more than 52 thousand unique browsers. Our performance and validation analysis show that our solution is accurate and efficient. The source code and data set are publicly available and the solution has been deployed

Journal of Telecommunications and Information Technology, 2017, nr 2

kwartalni

Infrastructure for large-scale tests in marine autonomy

Thesis (S.M.)--Massachusetts Institute of Technology, Dept. of Mechanical Engineering, 2012.Cataloged from PDF version of thesis.Includes bibliographical references (p. 141-147).This thesis focuses on the development of infrastructure for research with large-scale autonomous marine vehicle fleets and the design of sampling trajectories for compressive sensing (CS). The newly developed infrastructure includes a bare-bones acoustic modem and two types of low-cost and scalable vehicles. One vehicle is a holonomic raft designed for station-keeping and precise maneuvering, and the other is a streamlined kayak for traveling longer distances. The acoustic modem, like the vehicles, is inexpensive and scalable, providing the capability of a large-scale, low-cost underwater acoustic network. With these vehicles and modems we utilize compressive sensing, a recently developed framework for sampling sparse signals that offers dramatic reductions in the number of samples required for high fidelity reconstruction of a field. Our novel CS sampling techniques introduce engineering constraints including movement and measurement costs to better apply CS to sampling with mobile agents. The vehicles and modems, along with compressive sensing, strengthen the movement towards large scale autonomy in the ocean environment.by Robert Andrew Hummel.S.M