Security validation of smartcard: MCOS

The National Fuel subsidy system planning in Malaysia should it persist would have elevated the Multi-purpose of MyKad. Malaysian government is planning for a new MyID system that can retrieve governmental related documents when dealing with 760 governments and agencies nationwide (The Star, 2010). This move will leverage the existing infrastructure of MyKad. The wider usage of MyKad may raise public concern regarding its security. Thus, there is a need for assessing the security of MyKad by an independent third party.This paper will first discuss vulnerability of smartcard by using the attack potential model (CCDB, 2008), and then the appropriateness of the current methods and tools to test the security of smartcard will be investigated.The study concludes that there is no yet a standard of security testing tool imposed on smartcard in Malaysia.The study promotes the developing of security testing tool for MyKad

Power Side Channels in Security ICs: Hardware Countermeasures

Power side-channel attacks are a very effective cryptanalysis technique that can infer secret keys of security ICs by monitoring the power consumption. Since the emergence of practical attacks in the late 90s, they have been a major threat to many cryptographic-equipped devices including smart cards, encrypted FPGA designs, and mobile phones. Designers and manufacturers of cryptographic devices have in response developed various countermeasures for protection. Attacking methods have also evolved to counteract resistant implementations. This paper reviews foundational power analysis attack techniques and examines a variety of hardware design mitigations. The aim is to highlight exposed vulnerabilities in hardware-based countermeasures for future more secure implementations

Extending Secure Execution Environments Beyond the TPM

This project discusses some of the shortcomings and limitations of secure execution with the current state of the Trusted Computing Group (TCG) specifications. Though we feel that the various industry initiatives taken by the TCG and CPU manufacturers for hardware based platform security are a step in the right direction, the problem of secure isolated code execution and TCB minimization still remains unsolved. This project proposes and implements an alternative architecture for secure code execution. Rather than proposing recommendations for hardware changes or building isolated execution environments inside a Trusted Platform Module (TPM), we use a platform that provides related, yet different services for secure / trusted code execution; couple its functionality and bind it to a TPM using cryptographic primitives. For the purpose of this study we used multi-application programmable SmartCards but similar work can also be implemented on other platforms as long as they meet some pre-requisites described in his report. Though newer hardware platforms such as IntelTXT (Trusted Execution Technology; formerly known as LaGrande) or AMD-V add support for native virtualization and secure interfacing with the TPM, the solution implemented in this project assumes a highly un-trusted environment and works on general purpose commodity hardware. Implementing a solution like this allows application developers to focus exclusively on the functionality and security of just their own code. Hence enabling them to execute their applications in isolation from numerous shortcomings and vulnerabilities that exist both in the form of hardware and software attacks. Furthermore we provide an interface to extend the existing functionality of the TPM by implementing special purpose code modules inside a smart card which can be used for all the functionalities missing in the TPM (for example replace-able cryptographic algorithms) yet required by high assurance and security sensitive applications. Furthermore by making small application closures running inside the secure execution environment of smart cards, we can minimize the TCB that a user needs to trust. We first discuss the challenges we face in the coupling process and the platform differences between the TPM and a Smart Card. We also discuss what solutions are possible and impossible in this scenario. Then we describe our implementation of a secure TPM / Smart Card cryptographic binding that gives us assurances of strong authentication with confidentiality and integrity services for the applications built with the coupled architecture. We move forward to describe our implementations of some of the enhanced TPM / Smart Card coupled services that were not possible with either a TPM or Smart Card alone and we discuss how these enhanced services add value to the current applications. With these enhanced TPM services we implement some applications that change the way conventional TPM or Smart Card applications are perceived. Finally we shed some light on potential future applications and future work

Research on performance enhancement for electromagnetic analysis and power analysis in cryptographic LSI

制度:新 ; 報告番号:甲3785号 ; 学位の種類:博士(工学) ; 授与年月日:2012/11/19 ; 早大学位記番号:新6161Waseda Universit

Оцінка рівня безпеки операцій, виконуваних засобами захисту інформації

Розвинуто методику оцінки рівня безпеки виконуваних засобами захисту інформації базових операцій алгоритмів криптографічних перетворень над даними у маскованому представленні.A methodology for estimation of security level of basic operations execution on masked data for cryptographic transformations algorithms by information protection means was further developed

A Literature Survey on the Cryptographic Encryption Algorithms for Secured Data Communication

Security has become a buzzword over the current years. As per Wikipedia, 55.1% of global population has internet access (June 2018). Hence, it is obvious that huge volume of data is exchanged among the users over the internet. As a result, everybody is worried about data security while transmission of any confidential data. In this proposed paper, several cryptographic algorithms are discussed based on concepts of encryption and decryption. Cryptography algorithms provide the mechanisms necessary to implement accountability, accuracy and confidentiality in secured communication. This is further preceded with the widespread adoption of secure protocols such as secure Internet Protocol and virtual private networks. Efficient cryptographic processing, therefore, will become increasingly vital to good system improvement results. Cryptographic algorithms provide many key building block for network security related services. Cyber attacks (intrusion) were up 44% globally during Q1 2018, and the speed of attacks continues to increase exponentially. 75% of organizations have experienced a breach, but only 25–35% believes they are equipped to deal with these intrusions effectively

Stream ciphers for secure display

In any situation where private, proprietary or highly confidential material is being dealt with, the need to consider aspects of data security has grown ever more important. It is usual to secure such data from its source, over networks and on to the intended recipient. However, data security considerations typically stop at the recipient's processor, leaving connections to a display transmitting raw data which is increasingly in a digital format and of value to an adversary. With a progression to wireless display technologies the prominence of this vulnerability is set to rise, making the implementation of 'secure display' increasingly desirable. Secure display takes aspects of data security right to the display panel itself, potentially minimising the cost, component count and thickness of the final product. Recent developments in display technologies should help make this integration possible. However, the processing of large quantities of time-sensitive data presents a significant challenge in such resource constrained environments. Efficient high- throughput decryption is a crucial aspect of the implementation of secure display and one for which the widely used and well understood block cipher may not be best suited. Stream ciphers present a promising alternative and a number of strong candidate algorithms potentially offer the hardware speed and efficiency required. In the past, similar stream ciphers have suffered from algorithmic vulnerabilities. Although these new-generation designs have done much to respond to this concern, the relatively short 80-bit key lengths of some proposed hardware candidates, when combined with ever-advancing computational power, leads to the thesis identifying exhaustive search of key space as a potential attack vector. To determine the value of protection afforded by such short key lengths a unique hardware key search engine for stream ciphers is developed that makes use of an appropriate data element to improve search efficiency. The simulations from this system indicate that the proposed key lengths may be insufficient for applications where data is of long-term or high value. It is suggested that for the concept of secure display to be accepted, a longer key length should be used