1,847 research outputs found

    Authentication enhancement in command and control networks: (a study in Vehicular Ad-Hoc Networks)

    Get PDF
    Intelligent transportation systems contribute to improved traffic safety by facilitating real time communication between vehicles. By using wireless channels for communication, vehicular networks are susceptible to a wide range of attacks, such as impersonation, modification, and replay. In this context, securing data exchange between intercommunicating terminals, e.g., vehicle-to-everything (V2X) communication, constitutes a technological challenge that needs to be addressed. Hence, message authentication is crucial to safeguard vehicular ad-hoc networks (VANETs) from malicious attacks. The current state-of-the-art for authentication in VANETs relies on conventional cryptographic primitives, introducing significant computation and communication overheads. In this challenging scenario, physical (PHY)-layer authentication has gained popularity, which involves leveraging the inherent characteristics of wireless channels and the hardware imperfections to discriminate between wireless devices. However, PHY-layerbased authentication cannot be an alternative to crypto-based methods as the initial legitimacy detection must be conducted using cryptographic methods to extract the communicating terminal secret features. Nevertheless, it can be a promising complementary solution for the reauthentication problem in VANETs, introducing what is known as “cross-layer authentication.” This thesis focuses on designing efficient cross-layer authentication schemes for VANETs, reducing the communication and computation overheads associated with transmitting and verifying a crypto-based signature for each transmission. The following provides an overview of the proposed methodologies employed in various contributions presented in this thesis. 1. The first cross-layer authentication scheme: A four-step process represents this approach: initial crypto-based authentication, shared key extraction, re-authentication via a PHY challenge-response algorithm, and adaptive adjustments based on channel conditions. Simulation results validate its efficacy, especially in low signal-to-noise ratio (SNR) scenarios while proving its resilience against active and passive attacks. 2. The second cross-layer authentication scheme: Leveraging the spatially and temporally correlated wireless channel features, this scheme extracts high entropy shared keys that can be used to create dynamic PHY-layer signatures for authentication. A 3-Dimensional (3D) scattering Doppler emulator is designed to investigate the scheme’s performance at different speeds of a moving vehicle and SNRs. Theoretical and hardware implementation analyses prove the scheme’s capability to support high detection probability for an acceptable false alarm value ≤ 0.1 at SNR ≥ 0 dB and speed ≤ 45 m/s. 3. The third proposal: Reconfigurable intelligent surfaces (RIS) integration for improved authentication: Focusing on enhancing PHY-layer re-authentication, this proposal explores integrating RIS technology to improve SNR directed at designated vehicles. Theoretical analysis and practical implementation of the proposed scheme are conducted using a 1-bit RIS, consisting of 64 × 64 reflective units. Experimental results show a significant improvement in the Pd, increasing from 0.82 to 0.96 at SNR = − 6 dB for multicarrier communications. 4. The fourth proposal: RIS-enhanced vehicular communication security: Tailored for challenging SNR in non-line-of-sight (NLoS) scenarios, this proposal optimises key extraction and defends against denial-of-service (DoS) attacks through selective signal strengthening. Hardware implementation studies prove its effectiveness, showcasing improved key extraction performance and resilience against potential threats. 5. The fifth cross-layer authentication scheme: Integrating PKI-based initial legitimacy detection and blockchain-based reconciliation techniques, this scheme ensures secure data exchange. Rigorous security analyses and performance evaluations using network simulators and computation metrics showcase its effectiveness, ensuring its resistance against common attacks and time efficiency in message verification. 6. The final proposal: Group key distribution: Employing smart contract-based blockchain technology alongside PKI-based authentication, this proposal distributes group session keys securely. Its lightweight symmetric key cryptography-based method maintains privacy in VANETs, validated via Ethereum’s main network (MainNet) and comprehensive computation and communication evaluations. The analysis shows that the proposed methods yield a noteworthy reduction, approximately ranging from 70% to 99%, in both computation and communication overheads, as compared to the conventional approaches. This reduction pertains to the verification and transmission of 1000 messages in total

    Quantum-secured time transfer between precise timing facilities: a field trial with simulated satellite links

    Get PDF
    Global Navigation Satellite Systems (GNSSs), such as GPS and Galileo, provide precise time and space coordinates globally and constitute part of the critical infrastructure of modern society. To reliably operate GNSS, a highly accurate and stable system time is required, such as the one provided by several independent clocks hosted in Precise Timing Facilities (PTFs) around the world. The relative clock offset between PTFs is periodically measured to have a fallback system to synchronize the GNSS satellite clocks. The security and integrity of the communication between PTFs is of paramount importance: if compromised, it could lead to disruptions to the GNSS service. Therefore, securing the communication between PTFs is a compelling use-case for protection via Quantum Key Distribution (QKD), since this technology provides information-theoretic security. We have performed a field trial demonstration of such a use-case by sharing encrypted time synchronization information between two PTFs, one located in Oberpfaffenhofen (Germany) and one in Matera (Italy)—more than 900 km apart. To bridge this large distance, a satellite-QKD system is required, plus a “last-mile” terrestrial link to connect the optical ground station (OGS) to the actual location of the PTF. In our demonstration, we have deployed two full QKD systems to protect the last-mile connection at both locations and have shown via simulation that upcoming QKD satellites will be able to distribute keys between Oberpfaffenhofen and Matera, exploiting already existing OGSs

    Investigation into Photon Emissions as a Side-Channel Leakage in Two Microcontrollers: A Focus on SRAM Blocks

    Get PDF
    Microcontrollers are extensively utilized across a diverse range of applications. However, with the escalating usage of these devices, the risk to their security and the valuable data they process correspondingly intensifies. These devices could potentially be susceptible to various security threats, with side channel leakage standing out as a notable concern. Among the numerous types of side-channel leakages, photon emissions from active devices emerge as a potentially significant concern. These emissions, a characteristic of all semiconductor devices including microcontrollers, occur during their operation. Depending on the operating point and the internal state of the chip, these emissions can reflect the device’s internal operations. Therefore, a malicious individual could potentially exploit these emissions to gain insights into the computations being performed within the device. This dissertation delves into the investigation of photon emissions from the SRAM blocks of two distinct microcontrollers, utilizing a cost-effective setup. The aim is to extract information from these emissions, analyzing them as potential side-channel leakage points. In the first segment of the study, a PIC microcontroller variant is investigated. The quiescent photon emissions from the SRAM are examined. A correlation attack was successfully executed on these emissions, which led to the recovery of the AES encryption key. Furthermore, differential analysis was used to examine the location of SRAM bits. The combination of this information with the application of an image processing method, namely the Structural Similarity Index (SSIM), assisted in revealing the content of SRAM cells from photon emission images. The second segment of this study, for the first time, emphasizes on a RISC-V chip, examining the photon emissions of the SRAM during continuous reading. Probing the photon emissions from the row and column detectors led to the identification of a target word location, which is capable of revealing the AES key. Also, the content of target row was retrieved through the photon emissions originating from the drivers and the SRAM cells themselves. Additionally, the SSIM technique was utilized to determine the address of a targeted word in RISC-V photon emissions which cannot be analyzed through visual inspection. The insights gained from this research contribute to a deeper understanding of side-channel leakage via photon emissions and demonstrate its potential potency in extracting critical information from digital devices. Moreover, this information significantly contributes to the development of innovative security measures, an aspect becoming increasingly crucial in our progressively digitized world

    SCALING UP TASK EXECUTION ON RESOURCE-CONSTRAINED SYSTEMS

    Get PDF
    The ubiquity of executing machine learning tasks on embedded systems with constrained resources has made efficient execution of neural networks on these systems under the CPU, memory, and energy constraints increasingly important. Different from high-end computing systems where resources are abundant and reliable, resource-constrained systems only have limited computational capability, limited memory, and limited energy supply. This dissertation focuses on how to take full advantage of the limited resources of these systems in order to improve task execution efficiency from different aspects of the execution pipeline. While the existing literature primarily aims at solving the problem by shrinking the model size according to the resource constraints, this dissertation aims to improve the execution efficiency for a given set of tasks from the following two aspects. Firstly, we propose SmartON, which is the first batteryless active event detection system that considers both the event arrival pattern as well as the harvested energy to determine when the system should wake up and what the duty cycle should be. Secondly, we propose Antler, which exploits the affinity between all pairs of tasks in a multitask inference system to construct a compact graph representation of the task set for a given overall size budget. To achieve the aforementioned algorithmic proposals, we propose the following hardware solutions. One is a controllable capacitor array that can expand the system’s energy storage on-the-fly. The other is a FRAM array that can accommodate multiple neural networks running on one system.Doctor of Philosoph

    A Literature Review of Fault Diagnosis Based on Ensemble Learning

    Get PDF
    The accuracy of fault diagnosis is an important indicator to ensure the reliability of key equipment systems. Ensemble learning integrates different weak learning methods to obtain stronger learning and has achieved remarkable results in the field of fault diagnosis. This paper reviews the recent research on ensemble learning from both technical and field application perspectives. The paper summarizes 87 journals in recent web of science and other academic resources, with a total of 209 papers. It summarizes 78 different ensemble learning based fault diagnosis methods, involving 18 public datasets and more than 20 different equipment systems. In detail, the paper summarizes the accuracy rates, fault classification types, fault datasets, used data signals, learners (traditional machine learning or deep learning-based learners), ensemble learning methods (bagging, boosting, stacking and other ensemble models) of these fault diagnosis models. The paper uses accuracy of fault diagnosis as the main evaluation metrics supplemented by generalization and imbalanced data processing ability to evaluate the performance of those ensemble learning methods. The discussion and evaluation of these methods lead to valuable research references in identifying and developing appropriate intelligent fault diagnosis models for various equipment. This paper also discusses and explores the technical challenges, lessons learned from the review and future development directions in the field of ensemble learning based fault diagnosis and intelligent maintenance

    A survey on run-time power monitors at the edge

    Get PDF
    Effectively managing energy and power consumption is crucial to the success of the design of any computing system, helping mitigate the efficiency obstacles given by the downsizing of the systems while also being a valuable step towards achieving green and sustainable computing. The quality of energy and power management is strongly affected by the prompt availability of reliable and accurate information regarding the power consumption for the different parts composing the target monitored system. At the same time, effective energy and power management are even more critical within the field of devices at the edge, which exponentially proliferated within the past decade with the digital revolution brought by the Internet of things. This manuscript aims to provide a comprehensive conceptual framework to classify the different approaches to implementing run-time power monitors for edge devices that appeared in literature, leading the reader toward the solutions that best fit their application needs and the requirements and constraints of their target computing platforms. Run-time power monitors at the edge are analyzed according to both the power modeling and monitoring implementation aspects, identifying specific quality metrics for both in order to create a consistent and detailed taxonomy that encompasses the vast existing literature and provides a sound reference to the interested reader

    BASALISC: Programmable Hardware Accelerator for BGV Fully Homomorphic Encryption

    Get PDF
    Fully Homomorphic Encryption (FHE) allows for secure computation on encrypted data. Unfortunately, huge memory size, computational cost and bandwidth requirements limit its practicality. We present BASALISC, an architecture family of hardware accelerators that aims to substantially accelerate FHE computations in the cloud. BASALISC is the first to implement the BGV scheme with fully-packed bootstrapping – the noise removal capability necessary for arbitrary-depth computation. It supports a customized version of bootstrapping that can be instantiated with hardware multipliers optimized for area and power. BASALISC is a three-abstraction-layer RISC architecture, designed for a 1 GHz ASIC implementation and underway toward 150mm2 die tape-out in a 12nm GF process. BASALISC\u27s four-layer memory hierarchy includes a two-dimensional conflict-free inner memory layer that enables 32 Tb/s radix-256 NTT computations without pipeline stalls. Its conflict-resolution permutation hardware is generalized and re-used to compute BGV automorphisms without throughput penalty. BASALISC also has a custom multiply-accumulate unit to accelerate BGV key switching. The BASALISC toolchain comprises a custom compiler and a joint performance and correctness simulator. To evaluate BASALISC, we study its physical realizability, emulate and formally verify its core functional units, and we study its performance on a set of benchmarks. Simulation results show a speedup of more than 5,000× over HElib – a popular software FHE library

    Envisioning the Future of Cyber Security in Post-Quantum Era: A Survey on PQ Standardization, Applications, Challenges and Opportunities

    Full text link
    The rise of quantum computers exposes vulnerabilities in current public key cryptographic protocols, necessitating the development of secure post-quantum (PQ) schemes. Hence, we conduct a comprehensive study on various PQ approaches, covering the constructional design, structural vulnerabilities, and offer security assessments, implementation evaluations, and a particular focus on side-channel attacks. We analyze global standardization processes, evaluate their metrics in relation to real-world applications, and primarily focus on standardized PQ schemes, selected additional signature competition candidates, and PQ-secure cutting-edge schemes beyond standardization. Finally, we present visions and potential future directions for a seamless transition to the PQ era

    An Efficient Authentication Protocol for Smart Grid Communication Based on On-Chip-Error-Correcting Physical Unclonable Function

    Full text link
    Security has become a main concern for the smart grid to move from research and development to industry. The concept of security has usually referred to resistance to threats by an active or passive attacker. However, since smart meters (SMs) are often placed in unprotected areas, physical security has become one of the important security goals in the smart grid. Physical unclonable functions (PUFs) have been largely utilized for ensuring physical security in recent years, though their reliability has remained a major problem to be practically used in cryptographic applications. Although fuzzy extractors have been considered as a solution to solve the reliability problem of PUFs, they put a considerable computational cost to the resource-constrained SMs. To that end, we first propose an on-chip-error-correcting (OCEC) PUF that efficiently generates stable digits for the authentication process. Afterward, we introduce a lightweight authentication protocol between the SMs and neighborhood gateway (NG) based on the proposed PUF. The provable security analysis shows that not only the proposed protocol can stand secure in the Canetti-Krawczyk (CK) adversary model but also provides additional security features. Also, the performance evaluation demonstrates the significant improvement of the proposed scheme in comparison with the state-of-the-art
    corecore