Malicious Keccak

In this paper, we investigate Keccak --- the cryptographic hash function adopted as the SHA-3 standard. We propose a malicious variant of the function, where new round constants are introduced. We show that for such the variant, collision and preimage attacks are possible. We also identify a class of weak keys for the malicious Keccak working in the MAC mode. Ideas presented in the paper were verified by implementing the attacks on the function with the 128-bit hash

PDFS: Practical Data Feed Service for Smart Contracts

Smart contracts are a new paradigm that emerged with the rise of the blockchain technology. They allow untrusting parties to arrange agreements. These agreements are encoded as a programming language code and deployed on a blockchain platform, where all participants execute them and maintain their state. Smart contracts are promising since they are automated and decentralized, thus limiting the involvement of third trusted parties, and can contain monetary transfers. Due to these features, many people believe that smart contracts will revolutionize the way we think of distributed applications, information sharing, financial services, and infrastructures. To release the potential of smart contracts, it is necessary to connect the contracts with the outside world, such that they can understand and use information from other infrastructures. For instance, smart contracts would greatly benefit when they have access to web content. However, there are many challenges associated with realizing such a system, and despite the existence of many proposals, no solution is secure, provides easily-parsable data, introduces small overheads, and is easy to deploy. In this paper we propose PDFS, a practical system for data feeds that combines the advantages of the previous schemes and introduces new functionalities. PDFS extends content providers by including new features for data transparency and consistency validations. This combination provides multiple benefits like content which is easy to parse and efficient authenticity verification without breaking natural trust chains. PDFS keeps content providers auditable, mitigates their malicious activities (like data modification or censorship), and allows them to create a new business model. We show how PDFS is integrated with existing web services, report on a PDFS implementation and present results from conducted case studies and experiments.Comment: Blockchain; Smart Contracts; Data Authentication; Ethereu

An IoT Endpoint System-on-Chip for Secure and Energy-Efficient Near-Sensor Analytics

Near-sensor data analytics is a promising direction for IoT endpoints, as it minimizes energy spent on communication and reduces network load - but it also poses security concerns, as valuable data is stored or sent over the network at various stages of the analytics pipeline. Using encryption to protect sensitive data at the boundary of the on-chip analytics engine is a way to address data security issues. To cope with the combined workload of analytics and encryption in a tight power envelope, we propose Fulmine, a System-on-Chip based on a tightly-coupled multi-core cluster augmented with specialized blocks for compute-intensive data processing and encryption functions, supporting software programmability for regular computing tasks. The Fulmine SoC, fabricated in 65nm technology, consumes less than 20mW on average at 0.8V achieving an efficiency of up to 70pJ/B in encryption, 50pJ/px in convolution, or up to 25MIPS/mW in software. As a strong argument for real-life flexible application of our platform, we show experimental results for three secure analytics use cases: secure autonomous aerial surveillance with a state-of-the-art deep CNN consuming 3.16pJ per equivalent RISC op; local CNN-based face detection with secured remote recognition in 5.74pJ/op; and seizure detection with encrypted data collection from EEG within 12.7pJ/op.Comment: 15 pages, 12 figures, accepted for publication to the IEEE Transactions on Circuits and Systems - I: Regular Paper

Adding Security to Control Area Network of Vehicles by Using SHA-3

The lack of security in the vehicles on the road is real and should be taken seriously. Since the lifespan of vehicles has average of eleven years, this means if we start to implement new changes to vehicles today, it would takes eleven years to make sure most vehicles on the road support our implementation. This is important as the number of lines of codes in vehicles are ever increasing and becoming more autonomous with the ability for vehicles to drive themselves. But there is no security implemented in their low level systems such as the Control Area Network which is being used to transfer real time critical information and commands such as engine speed and the brake control. This project attempts to solve the lack of secruity by using SHA3 hashing algorithm based on the Keceak algorithm. The reason Keceak was chosen to be the SHA3 algorithm because it is hardware friendly and fast. Vehicle\u27s manufacturers do not share information about the electrical parts used in the vehicles and their specification, this project presents the lowest hardware specification required to use SHA3 on the Control Area Network which is a process with a clock frequency of approximately 400 MHz. It is important to have a real-time communication network for the Control Area Network which also known as CAN. SHA3 is used to create a hash of the CAN message along with a node specific key and an IV to provide authentication and semantic security respectively; The digest will be transferred along with the message. To use the mechanism proposed in this project, all CAN nodes communicate with each other required to support CAN FD and also have the minimum hardware specification

Blockchain-Based Application for Certification Management

Blockchain technology will bring a disruption in plenty of industries and businesses. Recently it proved the robustness, immutability, auditability, in many crucial practical applications. The blockchain structure offers traceability of actions, alterations, alerts, which is an important property of a system needed for development of sustainable technologies. A crucial part of the blockchain technology regarding the optimization of the processes is the smart contract. It is a self-executable computer code, open and transparent, encoding the terms of a regular contract. It is able to automate the processes, thus decreasing the human-factor mistakes or counterfeits. In this paper, we are presenting the feasibility of the blockchain technology in the certification processes, with an application developed for university diploma certification. The example is easily transferable in other areas and business models such as logistics, supply chain management, or other segments where certification is essential

A comparative study of hash algorithms with the prospect of developing a CAN bus authentication technique

In this paper, the performances of SHA-3 final round candidates along with new versions of other hash algorithms are analyzed and compared. An ARM-Cortex A9 microcontroller and a Spartan -3 FPGA circuit are involved in the study, with emphasis placed on the number of cycles and the authentication speed. These hash functions are implemented and tested resulting in a set of ranked algorithms in terms of the specified metrics. Taking into account the performances of the most efficient algorithms and the proposed hardware platform components, an authentication technique can be developed as a possible solution to the limitations and weaknesses of automotive CAN (Controlled Area Network) bus – based embedded systems in terms of security, privacy and integrity. From there, the main elements of such a potential structure are set forth