High-speed Side-channel-protected Encryption and Authentication in Hardware

This paper describes two FPGA implementations for the encryption and authentication of data, based on the AES algorithm running in Galois/Counter mode (AES-GCM). Both architectures are protected against side-channel analysis attacks through the use of a threshold implementation (TI). The first architecture is fully unrolled and optimized for throughput. The second architecture uses a round-based structure, fits on a relatively small FPGA board, and is evaluated for side-channel attack resistance. We perform a Test Vector Leakage Assessment (TVLA), which shows no first-order leakage in the power consumption of the FPGA. To the best of our knowledge, our work is (1) the first to describe a throughput-optimized FPGA architecture of AES-GCM, protected against first-order side-channel information leakage, and (2) the first to evaluate the side-channel attack resistance of a TI-protected AES-GCM implementation

Face-off between the CAESAR Lightweight Finalists: ACORN vs. Ascon

Authenticated ciphers potentially provide resource savings and security improvements over the joint use of secret-key ciphers and message authentication codes. The CAESAR competition has aimed to choose the most suitable authenticated ciphers for several categories of applications, including a lightweight use case, for which the primary criteria are performance in resource-constrained devices, and ease of protection against side channel attacks (SCA). In March 2018, two of the candidates from this category, ACORN and Ascon, were selected as CAESAR contest finalists. In this research, we compare two SCA-resistant FPGA implementations of ACORN and Ascon, where one set of implementations has area consumption nearly equivalent to the defacto standard AES-GCM, and the other set has throughput (TP) close to that of AES-GCM. The results show that protected implementations of ACORN and Ascon, with area consumption less than but close to AES-GCM, have 23.3 and 2.5 times, respectively, the TP of AES-GCM. Likewise, implementations of ACORN and Ascon with TP greater than but close to AES-GCM, consume 18 percent and 74 percent of the area, respectively, of AES-GCM

Energy Efficient Hardware Design for Securing the Internet-of-Things

The Internet of Things (IoT) is a rapidly growing field that holds potential to transform our everyday lives by placing tiny devices and sensors everywhere. The ubiquity and scale of IoT devices require them to be extremely energy efficient. Given the physical exposure to malicious agents, security is a critical challenge within the constrained resources. This dissertation presents energy-efficient hardware designs for IoT security. First, this dissertation presents a lightweight Advanced Encryption Standard (AES) accelerator design. By analyzing the algorithm, a novel method to manipulate two internal steps to eliminate storage registers and replace flip-flops with latches to save area is discovered. The proposed AES accelerator achieves state-of-art area and energy efficiency. Second, the inflexibility and high Non-Recurring Engineering (NRE) costs of Application-Specific-Integrated-Circuits (ASICs) motivate a more flexible solution. This dissertation presents a reconfigurable cryptographic processor, called Recryptor, which achieves performance and energy improvements for a wide range of security algorithms across public key/secret key cryptography and hash functions. The proposed design employs circuit techniques in-memory and near-memory computing and is more resilient to power analysis attack. In addition, a simulator for in-memory computation is proposed. It is of high cost to design and evaluate new-architecture like in-memory computing in Register-transfer level (RTL). A C-based simulator is designed to enable fast design space exploration and large workload simulations. Elliptic curve arithmetic and Galois counter mode are evaluated in this work. Lastly, an error resilient register circuit, called iRazor, is designed to tolerate unpredictable variations in manufacturing process operating temperature and voltage of VLSI systems. When integrated into an ARM processor, this adaptive approach outperforms competing industrial techniques such as frequency binning and canary circuits in performance and energy.PHDElectrical EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttps://deepblue.lib.umich.edu/bitstream/2027.42/147546/1/zhyiqun_1.pd

An Optimized Hybrid Encryption Framework for Smart Home Healthcare: Ensuring Data Confidentiality and Security

This study proposes an optimized hybrid encryption framework combining ECC-256r1 with AES-128 in EAX mode, tailored for smart home healthcare environments, and conducts a comprehensive investigation to validate its performance. Our framework addresses current limitations in securing sensitive health data and demonstrates resilience against emerging quantum computing threats. Through rigorous experimental evaluation, we show that the proposed configuration outperforms existing solutions by delivering unmatched security, processing speed, and energy efficiency. It employs a robust yet streamlined approach, meticulously designed to ensure simplicity and practicality, facilitating seamless integration into existing systems without imposing undue complexity. Our investigation affirms the framework's capability to resist common cybersecurity threats like MITM, replay, and Sybil attacks while proactively considering quantum resilience. The proposed method excels in processing speed (0.006 seconds for client and server) and energy efficiency (3.65W client, 95.4W server), offering a quantum-resistant security level comparable to AES-128. This represents a security-efficiency ratio of 21.33 bits per millisecond, a 25.6% improvement in client-side processing speed, and up to 44% reduction in server-side energy consumption compared to conventional RSA-2048 methods. These improvements enable real-time encryption of continuous health data streams in IoT environments, making it ideal for IoT devices where AES-128′s smaller footprint is advantageous. By prioritizing high-grade encryption alongside ease of use and implementation, the proposed framework presents a future-proof solution that anticipates the trajectory of cryptographic standards amid advancing quantum computing technologies, signifying a pivotal advancement in safeguarding IoT-driven healthcare data

A Survey on Data Plane Programming with P4: Fundamentals, Advances, and Applied Research

With traditional networking, users can configure control plane protocols to match the specific network configuration, but without the ability to fundamentally change the underlying algorithms. With SDN, the users may provide their own control plane, that can control network devices through their data plane APIs. Programmable data planes allow users to define their own data plane algorithms for network devices including appropriate data plane APIs which may be leveraged by user-defined SDN control. Thus, programmable data planes and SDN offer great flexibility for network customization, be it for specialized, commercial appliances, e.g., in 5G or data center networks, or for rapid prototyping in industrial and academic research. Programming protocol-independent packet processors (P4) has emerged as the currently most widespread abstraction, programming language, and concept for data plane programming. It is developed and standardized by an open community and it is supported by various software and hardware platforms. In this paper, we survey the literature from 2015 to 2020 on data plane programming with P4. Our survey covers 497 references of which 367 are scientific publications. We organize our work into two parts. In the first part, we give an overview of data plane programming models, the programming language, architectures, compilers, targets, and data plane APIs. We also consider research efforts to advance P4 technology. In the second part, we analyze a large body of literature considering P4-based applied research. We categorize 241 research papers into different application domains, summarize their contributions, and extract prototypes, target platforms, and source code availability.Comment: Submitted to IEEE Communications Surveys and Tutorials (COMS) on 2021-01-2

Implantation sur circuit SoC-FPGA d'un système de chiffrement/déchiffrement AES-128 bits en utilisant deux approches de différents niveaux d'abstraction

RÉSUMÉ : La sécurité des données est une priorité absolue dans le monde technologique. Pour garantir la sécurité et la confidentialité des données, l'usage des systèmes de chiffrement/déchiffrement devient une nécessité dans plusieurs domaines. Dans ce mémoire nous présentons une architecture simple de système de chiffrement avancé à 128 bits en mode compteur (AES-CTR-128 bit), implantée sur une carte PYNQ-Z2 pour chiffrer/déchiffrer des signaux d'électrocardiogramme ECG (ElectroCardioGram) de la base de données MIT-BIH. Le système n'utilise que 13% des ressources matérielles du circuit Xilinx ZYNQ XC7Z020. Il consomme une puissance de 43 mW et opère à une fréquence maximale de 109.43 MHz, qui correspond à un débit maximal de 14 Gbps. Le temps d'exécution de chiffrement et de déchiffrement d'un fichier de valeurs séparée par des virgules CSV (Comma Separated Value) par rapport d'un fichier texte TXT (Text) est environ deux fois plus court dans les deux plateformes utilisant deux approches ayant des niveaux d'abstraction différents. La première utilise la programmation bas-niveaux via la plateforme Xilinx Vitis alors que la seconde utilise l'outil Jupyter/Python. L'architecture matérielle proposée est environ quatre fois plus rapide que l'implantation logicielle et il y a une légère différence au niveau du temps d'exécution pour l'implantation de notre architecture sur les deux plateformes présentées (Vivado/Vitis ou Jupyter/Python). Nous avons aussi testé notre architecture matérielle avec d'autres types de données tels que les signaux audio et des images. Nous avons utilisé la plateforme Jupyter/Python pour sa simplicité de manipulation. Le chiffrement/déchiffrement d'un signal audio d'une durée de 7 secondes et d'une fréquence d'échantillonnage de 8 kHz est réduit respectivement à 4.6 ms et 4.87 ms, par rapport à 16.18 ms et 15.8 ms pour le chiffrement/déchiffrement d'un signal audio par l'implantation logicielle. De même pour l'image couleur et l'image en niveau de gris. Ainsi que le temps de chiffrement d'une image couleur prend entre trois à quatre fois le temps de chiffrement d'une image en niveau de gris dans les deux implantations logicielle et matérielle. L'architecture matérielle présentée peut être utilisée dans un large éventail d'applications embarquées. Les résultats présentés ont montré que l'architecture proposée a surpassé toutes les autres implantations existantes sur FPGA. -- Mot(s) clé(s) en français : Cryptographie, AES, Circuit FPGA, Signal ECG, Circuit ZYNQ, Chiffrement/Déchiffrement, Cryptage/Décryptage. -- ABSTRACT : Data security is a top priority in the technological world. To ensure data security and privacy, the use of encryption/decryption systems becomes a necessity in several areas. In this dissertation, we present a simple architecture of advanced 128-bit counter mode encryption systems (AES-CTR-128 bit), implemented on a PYNQ-Z2 board to encrypt/decrypt electrocardiogram (ECG) signals from the MIT-BIH database. The system uses only 13% of the hardware resources of the Xilinx ZYNQ XC7Z020 chip. It consumes 43 mW of power and operates at a maximum frequency of 109.43 MHz, which corresponds to a maximum through of 14 Gbps. The execution time of encryption and decryption of the comma-separated value (CSV) file compared to the text file (TXT) is about twice as short in both platforms using two approaches with different abstraction levels. The first use low-level programming via the Xilinx Vitis platform while the second uses the Jupyter/Python tool. The proposed hardware architecture is about four times faster than the software implementation and there is a slight difference in execution time for the implementation of our architecture on the two platforms presented (Vivado/Vitis or Jupyter/Python). We also tested our hardware architecture with other types of data such as audio signals and images. We used the Jupyter/Python platform for its simplicity of handling. The encryption/decryption of an audio signal with a duration of 7 seconds and a sampling rate of 8 kHz are reduced to 4.6 ms and 4.87 ms, respectively, compared to 16.18 ms and 15.8 ms for the encryption/decryption of an audio signal by the software implementation. The same applies to the color and grayscale image. Thus, the encryption time of a color image takes between three and four times the encryption time of a grayscale image in both software and hardware implementations. The presented hardware architecture can be used in a wide range of embedded applications. The presented results showed that the proposed architecture outperformed all other existing FPGA-based implementations. -- Mot(s) clé(s) en anglais : Cryptography, AES, FPGA circuit, ECG signal, ZYNQ circuit, Encryption/Decryption

Efficient and Side-Channel Resistant Implementations of Next-Generation Cryptography

The rapid development of emerging information technologies, such as quantum computing and the Internet of Things (IoT), will have or have already had a huge impact on the world. These technologies can not only improve industrial productivity but they could also bring more convenience to people’s daily lives. However, these techniques have “side effects” in the world of cryptography – they pose new difficulties and challenges from theory to practice. Specifically, when quantum computing capability (i.e., logical qubits) reaches a certain level, Shor’s algorithm will be able to break almost all public-key cryptosystems currently in use. On the other hand, a great number of devices deployed in IoT environments have very constrained computing and storage resources, so the current widely-used cryptographic algorithms may not run efficiently on those devices. A new generation of cryptography has thus emerged, including Post-Quantum Cryptography (PQC), which remains secure under both classical and quantum attacks, and LightWeight Cryptography (LWC), which is tailored for resource-constrained devices. Research on next-generation cryptography is of importance and utmost urgency, and the US National Institute of Standards and Technology in particular has initiated the standardization process for PQC and LWC in 2016 and in 2018 respectively. Since next-generation cryptography is in a premature state and has developed rapidly in recent years, its theoretical security and practical deployment are not very well explored and are in significant need of evaluation. This thesis aims to look into the engineering aspects of next-generation cryptography, i.e., the problems concerning implementation efficiency (e.g., execution time and memory consumption) and security (e.g., countermeasures against timing attacks and power side-channel attacks). In more detail, we first explore efficient software implementation approaches for lattice-based PQC on constrained devices. Then, we study how to speed up isogeny-based PQC on modern high-performance processors especially by using their powerful vector units. Moreover, we research how to design sophisticated yet low-area instruction set extensions to further accelerate software implementations of LWC and long-integer-arithmetic-based PQC. Finally, to address the threats from potential power side-channel attacks, we present a concept of using special leakage-aware instructions to eliminate overwriting leakage for masked software implementations (of next-generation cryptography)

Recent Advances in Embedded Computing, Intelligence and Applications

The latest proliferation of Internet of Things deployments and edge computing combined with artificial intelligence has led to new exciting application scenarios, where embedded digital devices are essential enablers. Moreover, new powerful and efficient devices are appearing to cope with workloads formerly reserved for the cloud, such as deep learning. These devices allow processing close to where data are generated, avoiding bottlenecks due to communication limitations. The efficient integration of hardware, software and artificial intelligence capabilities deployed in real sensing contexts empowers the edge intelligence paradigm, which will ultimately contribute to the fostering of the offloading processing functionalities to the edge. In this Special Issue, researchers have contributed nine peer-reviewed papers covering a wide range of topics in the area of edge intelligence. Among them are hardware-accelerated implementations of deep neural networks, IoT platforms for extreme edge computing, neuro-evolvable and neuromorphic machine learning, and embedded recommender systems

Analyse et Conception d'Algorithmes de Chiffrement Légers

The work presented in this thesis has been completed as part of the FUI Paclido project, whose aim is to provide new security protocols and algorithms for the Internet of Things, and more specifically wireless sensor networks. As a result, this thesis investigates so-called lightweight authenticated encryption algorithms, which are designed to fit into the limited resources of constrained environments. The first main contribution focuses on the design of a lightweight cipher called Lilliput-AE, which is based on the extended generalized Feistel network (EGFN) structure and was submitted to the Lightweight Cryptography (LWC) standardization project initiated by NIST (National Institute of Standards and Technology). Another part of the work concerns theoretical attacks against existing solutions, including some candidates of the nist lwc standardization process. Therefore, some specific analyses of the Skinny and Spook algorithms are presented, along with a more general study of boomerang attacks against ciphers following a Feistel construction.Les travaux présentés dans cette thèse s’inscrivent dans le cadre du projet FUI Paclido, qui a pour but de définir de nouveaux protocoles et algorithmes de sécurité pour l’Internet des Objets, et plus particulièrement les réseaux de capteurs sans fil. Cette thèse s’intéresse donc aux algorithmes de chiffrements authentifiés dits à bas coût ou également, légers, pouvant être implémentés sur des systèmes très limités en ressources. Une première partie des contributions porte sur la conception de l’algorithme léger Lilliput-AE, basé sur un schéma de Feistel généralisé étendu (EGFN) et soumis au projet de standardisation international Lightweight Cryptography (LWC) organisé par le NIST (National Institute of Standards and Technology). Une autre partie des travaux se concentre sur des attaques théoriques menées contre des solutions déjà existantes, notamment un certain nombre de candidats à la compétition LWC du NIST. Elle présente donc des analyses spécifiques des algorithmes Skinny et Spook ainsi qu’une étude plus générale des attaques de type boomerang contre les schémas de Feistel