Side-channel Analysis of Subscriber Identity Modules

Subscriber identity modules (SIMs) contain useful forensic data but are often locked with a PIN code that restricts access to this data. If an invalid PIN is entered several times, the card locks and may even destroy its stored data. This presents a challenge to the retrieval of data from the SIM when the PIN is unknown. The field of side-channel analysis (SCA) collects, identifies, and processes information leaked via inadvertent channels. One promising side-channel leakage is that of electromagnetic (EM) emanations; by monitoring the SIM\u27s emissions, it may be possible to determine the correct PIN to unlock the card. This thesis uses EM SCA techniques to attempt to discover the SIM card\u27s PIN. The tested SIM is subjected to simple and differential electromagnetic analysis. No clear data dependency or correlation is apparent. The SIM does reveal information pertaining to its validation routine, but the value of the card\u27s stored PIN does not appear to leak via EM emissions. Two factors contributing to this result are the black-box nature of PIN validation and the hardware and software SCA countermeasures. Further experimentation on SIMs with known operational characteristics is recommended to determine the viability of future SCA attacks on these devices

mixed modulation format for future optical transmission systems

Developing a flexible network to fully utilize the existing spectral resource is a hot topic in the novel paradigm of optical transmission systems. In this thesis, I analysed hybrid modulation formats as an effective technique for the implementation of flexible transponders that are capable of trading-off the delivered data rate by the light path quality of transmission with a finer granularity. The flexible transponder is an enabling technology to introduce the elastic paradigm in the state-of-the-art networks, while maintaining compatibility with the installed equipment, including fibers, mux-demux and ROADMs, as required by telecommunication operators willing to exploit fixed grid WDM transmission. Time division hybrid modulation format (TDHMF) is presented as the first solution. Through combining two modulation formats in the time division, TDHMF can achieve arbitrary bit-per-symbol, and provide a huge amount of flexibilities to the network. A comprehensive theoretical assessment of the back-to-back performances is also introduced. In particular, four different transmitter operation strategies are proposed and evaluated. They are the constant power strategy, the same Euclidean distance strategy, the same BER strategy and the minimum BER strategy. Through the back-to-back performance comparison, the same BER strategy is chosen as the most promising strategy, mainly due to its comparable sensitivity performance and the potential of transponder simplification. This thesis also prepared another solution, which is Flexible M-PAM modulation format (FlexPAM). It is a hybrid of different M-PAMs in all four quadrature of the optical field. Although it providing less flexibility compared to TDHMF, FlexPAM has its unique advantage in two main aspect. Firstly, the inherently time consistent frame structure feature of FlexPAM may require an identical and simple transponder, which is very crucial from the operators point of view. Secondly, from the network perspective, the operators can assign each quadrature of FlexPAM to a specific network tributary and select an M-PAM according to the actual network conditions. Similar to TDHMF, both general characterization and theoretical formulation are discussed in detail. Then, the back-to-back performance of FlexPAM, including the comparison of different transmitter strategies that similar to the one of TDHMF, has been fully studied. The same BER strategy again provided a negligible SNR penalty in contrast to the optimal strategy. At the same time, by using the same FEC code for both M-PAM, the same BER strategy may require a simpler signal processing procedure and reduce the complexity. A subsequent work after the back-to-back analysis is the signal non-linear propagation evaluation of these two novel modulation formats. This thesis provide an extensive simulation analysis on the propagation of a Nyquist-WDM channel comb over an uncompensated and amplified fiber link. Due to the power unbalance in the time division (TDHMF) or in the polarization/quadrature (FlexPAM), the mixed modulation formats normally have some penalty against to the GN-model predictions. To improve their propagation performance, a simple polarization interleaving countermeasure is presented. It works well on TDHMF and has a significant impact on certain case of FlexPAM. Furthermore, the power ratio tuning is also proposed as an easy implemented and effective tool to improve the propagation performance. In the end, the propagation performance of both TDHMF and FlexPAM are compared in terms of the maximum reach versus system net bit rate, in addition, both with and without countermeasures conditions were considered. The results of this investigation showed that TDHMF has almost the same performance as the GN model predictions after the countermeasures employed. FlexPAM can provide a comparable propagation performance in contrast to the GN model predictions. Considering the advantages that mentioned before, the propagation performance of FlexPAM is acceptable

Simultaneous interrogation of multiple fiber bragg grating sensors using an arrayed waveguide grating filter fabricated in SOI platform

A novel fiber Bragg grating (FBG) interrogator is demonstrated based on an optimized arrayed waveguide grating (AWG) filter. The AWG response is optimized to achieve large crosstalk between the output channels, which allows simultaneous detection of multiple FBG peaks, using centroid signal processing techniques, without constraints on the minimum FBG peak spectral width. The measured interrogator resolution is 2.5 pm, and the total measurement range is 50 nm. The device is fabricated in a silicon-on-insulator platform and has a footprint of only 2.2 x 1.5 mm. A novel approach to minimize the polarization dependence of the device is proposed and experimentally demonstrated

Secure Automatic Speaker Verification Systems

The growing number of voice-enabled devices and applications consider automatic speaker verification (ASV) a fundamental component. However, maximum outreach for ASV in critical domains e.g., financial services and health care, is not possible unless we overcome security breaches caused by voice cloning, and replayed audios collectively known as the spoofing attacks. The audio spoofing attacks over ASV systems on one hand strictly limit the usability of voice-enabled applications; and on the other hand, the counterfeiter also remains untraceable. Therefore, to overcome these vulnerabilities, a secure ASV (SASV) system is presented in this dissertation. The proposed SASV system is based on the concept of novel sign modified acoustic local ternary pattern (sm-ALTP) features and asymmetric bagging-based classifier-ensemble. The proposed audio representation approach clusters the high and low-frequency components in audio frames by normally distributing frequency components against a convex function. Then, the neighborhood statistics are applied to capture the user specific vocal tract information. This information is then utilized by the classifier ensemble that is based on the concept of weighted normalized voting rule to detect various spoofing attacks. Contrary to the existing ASV systems, the proposed SASV system not only detects the conventional spoofing attacks (i.e. voice cloning, and replays), but also the new attacks that are still unexplored by the research community and a requirement of the future. In this regard, a concept of cloned replays is presented in this dissertation, where, replayed audios contains the microphone characteristics as well as the voice cloning artifacts. This depicts the scenario when voice cloning is applied in real-time. The voice cloning artifacts suppresses the microphone characteristics thus fails replay detection modules and similarly with the amalgamation of microphone characteristics the voice cloning detection gets deceived. Furthermore, the proposed scheme can be utilized to obtain a possible clue against the counterfeiter through voice cloning algorithm detection module that is also a novel concept proposed in this dissertation. The voice cloning algorithm detection module determines the voice cloning algorithm used to generate the fake audios. Overall, the proposed SASV system simultaneously verifies the bonafide speakers and detects the voice cloning attack, cloning algorithm used to synthesize cloned audio (in the defined settings), and voice-replay attacks over the ASVspoof 2019 dataset. In addition, the proposed method detects the voice replay and cloned voice replay attacks over the VSDC dataset. Rigorous experimentation against state-of-the-art approaches also confirms the robustness of the proposed research