Implementing a protected zone in a reconfigurable processor for isolated execution of cryptographic algorithms

We design and realize a protected zone inside a reconfigurable and extensible embedded RISC processor for isolated execution of cryptographic algorithms. The protected zone is a collection of processor subsystems such as functional units optimized for high-speed execution of integer operations, a small amount of local memory, and general and special-purpose registers. We outline the principles for secure software implementation of cryptographic algorithms in a processor equipped with the protected zone. We also demonstrate the efficiency and effectiveness of the protected zone by implementing major cryptographic algorithms, namely RSA, elliptic curve cryptography, and AES in the protected zone. In terms of time efficiency, software implementations of these three cryptographic algorithms outperform equivalent software implementations on similar processors reported in the literature. The protected zone is designed in such a modular fashion that it can easily be integrated into any RISC processor; its area overhead is considerably moderate in the sense that it can be used in vast majority of embedded processors. The protected zone can also provide the necessary support to implement TPM functionality within the boundary of a processor

Can NSEC5 be practical for DNSSEC deployments?

NSEC5 is proposed modification to DNSSEC that simultaneously guarantees two security properties: (1) privacy against offline zone enumeration, and (2) integrity of zone contents, even if an adversary compromises the authoritative nameserver responsible for responding to DNS queries for the zone. This paper redesigns NSEC5 to make it both practical and performant. Our NSEC5 redesign features a new fast verifiable random function (VRF) based on elliptic curve cryptography (ECC), along with a cryptographic proof of its security. This VRF is also of independent interest, as it is being standardized by the IETF and being used by several other projects. We show how to integrate NSEC5 using our ECC-based VRF into the DNSSEC protocol, leveraging precomputation to improve performance and DNS protocol-level optimizations to shorten responses. Next, we present the first full-fledged implementation of NSEC5—extending widely-used DNS software to present a nameserver and recursive resolver that support NSEC5—and evaluate their performance under aggressive DNS query loads. Our performance results indicate that our redesigned NSEC5 can be viable even for high-throughput scenarioshttps://eprint.iacr.org/2017/099.pdfFirst author draf

Stopping time signatures for some algorithms in cryptography

We consider the normalized distribution of the overall running times of some cryptographic algorithms, and what information they reveal about the algorithms. Recent work of Deift, Menon, Olver, Pfrang, and Trogdon has shown that certain numerical algorithms applied to large random matrices exhibit a characteristic distribution of running times, which depends only on the algorithm but are independent of the choice of probability distributions for the matrices. Different algorithms often exhibit different running time distributions, and so the histograms for these running time distributions provide a time-signature for the algorithms, making it possible, in many cases, to distinguish one algorithm from another. In this paper we extend this analysis to cryptographic algorithms, and present examples of such algorithms with time-signatures that are indistinguishable, and others with time-signatures that are clearly distinct.Comment: 20 page

New vulnerability of RSA modulus type N = p2q

This paper proposes new attacks on modulus of type N = p2q. Given k moduli of the form Ni = p2iqi for k ≥ 2 and i = 1, …, k, the attack works when k public keys (Ni, ei) are such that there exist k relations of the shape eix – Niyi = zi – (ap2i + bq2i)yi or of the shape eixi – Niy = zi – (ap2i + bq2i)y where the parameters x, xi, y, yi and zi are suitably small in terms of the prime factors of the moduli. The proposed attacks utilizing the LLL algorithm enables one to factor the k moduli Ni simultaneously

A new protocol with unbalanced RSA for authentication and key distribution in WLAN.

In wireless network, security concerns have haunted 802.11 deployments since the standardization effort began. IEEE attempts to provide confidentiality by using WEP (Wire Equivalent Privacy), and treats WEP as an option during the authentication. Unfortunately, WEP had been proved that neither authentication nor data confidentiality is reliable. For the short-term solution, IEEE offers TKIP (Temporal Key Integrity Protocol) to address the flaws found in 802.11, combined with 802.1X for authentication. In order to provide solid mutual authentication and key-distribution, TLS (Transport Layer Security) handshake protocol has been used in 802.1X. However, since TLS was not designed specifically for 802.11 in WLAN, there are some redundant steps in TLS which is not necessary if used for 802.11. Furthermore, in WLAN, it is normal that the computation abilities between client and server could be significantly different, which make the client a bottleneck during the handshake process. According to those drawbacks, a new protocol for authentication and key-distribution is proposed in this thesis. This new protocol can not only eliminate the redundant steps in TLS handshake, but also reduce the time consumption for client during the authentication and key-distribution by applying unbalanced RSA . The proposed protocol with the use of unbalanced RSA solves the problems in original 802.11 standard, while offering efficiency and security at the same time.Dept. of Electrical and Computer Engineering. Paper copy at Leddy Library: Theses & Major Papers - Basement, West Bldg. / Call Number: Thesis2004 .Z546. Source: Masters Abstracts International, Volume: 43-05, page: 1761. Advisers: Huapeng Wu; Kemal Tepe. Thesis (M.A.Sc.)--University of Windsor (Canada), 2004