Generalized Implicit Factorization Problem

The Implicit Factorization Problem (IFP) was first introduced by May and Ritzenhofen at PKC\u2709, which concerns the factorization of two RSA moduli $N_1=p_1q_1$ and $N_2=p_2q_2$, where $p_1$ and $p_2$ share a certain consecutive number of least significant bits. Since its introduction, many different variants of IFP have been considered, such as the cases where $p_1$ and $p_2$ share most significant bits or middle bits at the same positions. In this paper, we consider a more generalized case of IFP, in which the shared consecutive bits can be located at $any$ positions in each prime, not necessarily required to be located at the same positions as before. We propose a lattice-based algorithm to solve this problem under specific conditions, and also provide some experimental results to verify our analysis

Photonic side channel attacks against RSA

This paper describes the first attack utilizing the photonic side channel against a public-key crypto-system. We evaluated three common implementations of RSA modular exponentiation, all using the Karatsuba multiplication method. We discovered that the key length had marginal impact on resilience to the attack: attacking a 2048-bit key required only 9% more decryption attempts than a 1024-bit key. We found that the most dominant parameter impacting the attacker's effort is the minimal block size at which the Karatsuba method reverts to naive multiplication: even for parameter values as low as 32 or 64 bits our attacks achieve 100% success rate with under 10,000 decryption operations. Somewhat surprisingly, we discovered that Montgomery's Ladder-commonly perceived as the most resilient of the three implementations to side-channel attacks-was actually the most susceptible: for 2048-bit keys, our attack reveals 100% of the secret key bits with as few as 4000 decryptions

Designing, Implementing, and Testing Hardware for Cybersecurity

Cybersecurity is one of the key issues facing the world today. With an ever-increasing number of devices connected across the internet, the need to secure all these different devices against potential attackers is an endless effort. This thesis is focussed on the most promising new developments in the hardware aspect of this battle for security. The first section of the thesis looks at what is the current state of the art when it comes to hardware security primitives, with a focus on random number generators and Physically Unclonable Functions (PUF). The strengths and weakness of the current implementations of these systems are analysed so that the areas which are most in need of improvement can be highlighted. The second major section of this thesis is looking to improve how random numbers are generated, which is essential for many current security systems. True random number generators have been presented as a potential solution to this problem but improvements in output bit rate, power consumption, and design complexity must be made. In this work we present a novel and experimentally verified true random number generator that exclusively uses conventional CMOS technology as well as offering key improvements over previous designs in complexity, output bit rate, and power consumption. It uses the inherent randomness of telegraph noise in the channel current of a single CMOS transistor as an entropy source. For the first time, multi-level and abnormal telegraph noise can be utilised, which greatly reduces device selectivity and offers much greater bit rates. The design is verified using a breadboard and FPGA proof of concept circuit and passes all 15 of the NIST randomness tests without any need for post-processing of the generated bitstream. The design also shows resilience against machine learning attacks performed by an LSTM neural network. The third major section describes the development of a novel PUF concept, which offers a new approach to authentication, allowing low power devices to be included in existing networks without compromising overall security. The new PUF concept introduces time dependence to vastly increase the efficiency of entropy source usage, when compared with a traditional PUF. This new PUF also introduces a probability-based model which greatly reduces the required server memory for Challenge Response Pair (CRP) storage when large numbers of CRPs are used. The concept is verified experimentally on nano-scale CMOS technology as well as through simulation and a proof-of-concept circuit. These combined benefits bring the PUF concept much closer to being a viable solution for widespread cybersecurity applications