152 research outputs found
CoFHEE: A Co-processor for Fully Homomorphic Encryption Execution
The migration of computation to the cloud has raised privacy concerns as
sensitive data becomes vulnerable to attacks since they need to be decrypted
for processing. Fully Homomorphic Encryption (FHE) mitigates this issue as it
enables meaningful computations to be performed directly on encrypted data.
Nevertheless, FHE is orders of magnitude slower than unencrypted computation,
which hinders its practicality and adoption. Therefore, improving FHE
performance is essential for its real world deployment. In this paper, we
present a year-long effort to design, implement, fabricate, and post-silicon
validate a hardware accelerator for Fully Homomorphic Encryption dubbed CoFHEE.
With a design area of , CoFHEE aims to improve performance of
ciphertext multiplications, the most demanding arithmetic FHE operation, by
accelerating several primitive operations on polynomials, such as polynomial
additions and subtractions, Hadamard product, and Number Theoretic Transform.
CoFHEE supports polynomial degrees of up to with a maximum
coefficient sizes of 128 bits, while it is capable of performing ciphertext
multiplications entirely on chip for . CoFHEE is fabricated in
55nm CMOS technology and achieves 250 MHz with our custom-built low-power
digital PLL design. In addition, our chip includes two communication interfaces
to the host machine: UART and SPI. This manuscript presents all steps and
design techniques in the ASIC development process, ranging from RTL design to
fabrication and validation. We evaluate our chip with performance and power
experiments and compare it against state-of-the-art software implementations
and other ASIC designs. Developed RTL files are available in an open-source
repository
Analysis of DPA and DEMA Attacks
Side channel attacks (SCA) are attacks on the implementations of cryptographic algorithms or cryptography devices that do not employ full brute force attack or exploit the weaknesses of the algorithms themselves. There are mant types of side channel attacks, and they include timing, sound, power consumptions, electromag- netic (EM) radiations, and more. A statistical side channel attack technique that uses power consumption and EM readings was developed, and they are called Differential Power Analysis (DPA) and Differential Electromagnetic Analysis respectively. DPA takes the overall power consumption readings from the system of interest, and DEMA takes a localized EM readings from the system of interest. In this project, we will examine the effectiveness of both techniques and compare the results. We will compare the techniques based on the amount of resource and time they needed to perform a successful SCA on the same system. In addition, we will attempt to use a radio receiver to down mix the power consumption readings and the EM readings to reduce the amount of computing resources it takes to perform SCA. We will provide our test results of performing SCA with DPA and DEMA, and we will also compare the results to determine the effectiveness of the two techniques
Elastic Block Ciphers: Method, Security and Instantiations
We introduce the concept of an elastic block cipher which refers to stretching the supported block size of a block cipher to any length up to twice the original block size while incurring a computational workload that is proportional to the block size. Our method uses the round function of an existing block cipher as a black box and inserts it into a substitution- permutation network. Our method is designed to enable us to form a reduction between the elastic and the original versions of the cipher. Using this reduction, we prove that the elastic version of a cipher is secure against key-recovery attacks if the original cipher is secure against such attacks. We note that while reduction-based proofs of security are a cornerstone of cryptographic analysis, they are typical when complete components are used as sub-components in a larger design. We are not aware of the use of such techniques in the case of concrete block cipher designs. We demonstrate the general applicability of the elastic block cipher method by constructing examples from existing block ciphers: AES, Camellia, MISTY1, and RC6. We compare the performance of the elastic versions to that of the original versions and evaluate the elastic versions using statistical tests measuring the randomness of the ciphertext. We also use our examples to demonstrate the concept of a generic key schedule for block ciphers
Terakey - An Encryption Method Whose Security Can Be Analyzed from First Principles
Terakey is an encryption system whose confidentiality can be demonstrated from first principles, without making assumptions about the computational difficulty of certain mathematical problems. It employs a key that is much larger than the anticipated volume of message traffic. It is based on the one-time pad, but addresses the risk of key reuse stochastically. Conventional cryptographic techniques can be used to ameliorate infrequent byte collisions. The large size of the key reduces the risk of key exfiltration and facilitates physical security measures to maintain a secure chain of control for the key. Terakey also serves as a potential alternative for comparison with quantum key distribution technology, arguably providing equivalent security with fewer complications
A holistic approach examining RFID design for security and privacy
This paper adopts a holistic approach to Radio Frequency Identification (RFID) security that considers security and privacy under resource constraints concurrently. In this context, a practical realisation of a secure passive (battery-less) RFID tag is presented. The tag consists of an off the shelf front end combined with a bespoke 0.18 μm Application Specific Integrated Circuit (ASIC) assembled as a -sized prototype. The ASIC integrates the authors’ ultra low power novel Advanced Encryption Standard (AES) design together with a novel random number generator and a novel protocol, which provides both security and privacy. The analysis presented shows a security of 64-bits against many attack methods. Both modelled and measured power results are presented. The measured average core power consumed during continuous normal operation is 1.36 μW
Dynamic block encryption with self-authenticating key exchange
One of the greatest challenges facing cryptographers is the mechanism used
for key exchange. When secret data is transmitted, the chances are that there
may be an attacker who will try to intercept and decrypt the message. Having
done so, he/she might just gain advantage over the information obtained, or
attempt to tamper with the message, and thus, misguiding the recipient.
Both cases are equally fatal and may cause great harm as a consequence.
In cryptography, there are two commonly used methods of exchanging secret
keys between parties. In the first method, symmetric cryptography, the key is
sent in advance, over some secure channel, which only the intended recipient
can read. The second method of key sharing is by using a public key exchange
method, where each party has a private and public key, a public key is shared
and a private key is kept locally. In both cases, keys are exchanged between
two parties.
In this thesis, we propose a method whereby the risk of exchanging keys
is minimised. The key is embedded in the encrypted text using a process
that we call `chirp coding', and recovered by the recipient using a process
that is based on correlation. The `chirp coding parameters' are exchanged
between users by employing a USB flash memory retained by each user. If the
keys are compromised they are still not usable because an attacker can only
have access to part of the key. Alternatively, the software can be configured
to operate in a one time parameter mode, in this mode, the parameters
are agreed upon in advance. There is no parameter exchange during file
transmission, except, of course, the key embedded in ciphertext.
The thesis also introduces a method of encryption which utilises dynamic blocks, where the block size is different for each block. Prime numbers are
used to drive two random number generators: a Linear Congruential Generator
(LCG) which takes in the seed and initialises the system and a Blum-Blum
Shum (BBS) generator which is used to generate random streams to encrypt
messages, images or video clips for example. In each case, the key created is
text dependent and therefore will change as each message is sent.
The scheme presented in this research is composed of five basic modules. The
first module is the key generation module, where the key to be generated is
message dependent. The second module, encryption module, performs data
encryption. The third module, key exchange module, embeds the key into
the encrypted text. Once this is done, the message is transmitted and the
recipient uses the key extraction module to retrieve the key and finally the
decryption module is executed to decrypt the message and authenticate it.
In addition, the message may be compressed before encryption and decompressed
by the recipient after decryption using standard compression tools
Exploiting the Physical Disparity: Side-Channel Attacks on Memory Encryption
Memory and disk encryption is a common measure to protect sensitive information in memory from adversaries with physical access. However, physical access also comes with the risk of physical attacks. As these may pose a threat to memory confidentiality, this paper investigates contemporary memory and disk encryption schemes and their implementations with respect to Differential Power Analysis (DPA) and Differential Fault Analysis (DFA). It shows that DPA and DFA recover the keys of all the investigated schemes, including the tweakable block ciphers XEX and XTS. This paper also verifies the feasibility of such attacks in practice. Using the EM side channel, a DPA on the disk encryption employed within the ext4 file system is shown to reveal the used master key on a Zynq Z-7010 system on chip. The results suggest that memory and disk encryption secure against physical attackers is at least four times more expensive
- …