On the importance of eliminating errors in cryptographic computations

Abstract. We present a model for attacking various cryptographic schemes by taking advantage of random hardware faults. The model consists of a black-box containing some cryptographic secret. The box interacts with the outside world by following a cryptographic protocol. The model supposes that from time to time the box is affected by a random hardware fault causing it to output incorrect values. For example, the hardware fault flips an internal register bit at some point during the computation. We show that for many digital signature and identification schemes these incorrect outputs completely expose the secrets stored in the box. We present the following results: (1) The secret signing key used in an implementation of RSA based on the Chinese Remainder Theorem (CRT) is completely exposed from a single erroneous RSA signature, (2) for non-CRT implementations of RSA the secret key is exposed given a large number (e.g. 1000) of erroneous signatures, (3) the secret key used in Fiat-Shamir identification is exposed after a small number (e.g. 10) of faulty executions of the protocol, and (4) the secret key used in Schnorr's identification protocol is exposed after a much larger number (e.g. 10,000) of faulty executions. Our estimates for the number of necessary faults are based on standard security parameters such as a 1024-bit modulus, and a 2 −40 identification error probability. Our results demonstrate the importance of preventing * This is an expanded version of an earlier paper that appeared in Proc. of Eurocrypt '97. 101 102 D. Boneh, R. A. DeMillo, and R. J. Lipton errors in cryptographic computations. We conclude the paper with various methods for preventing these attacks

Goal-Oriented Mutation Testing with Focal Methods

Mutation testing is the state-of-the-art technique for assessing the fault-detection capacity of a test suite. Unfortunately, mutation testing consumes enormous computing resources because it runs the whole test suite for each and every injected mutant. In this paper we explore fine-grained traceability links at method level (named focal methods), to reduce the execution time of mutation testing and to verify the quality of the test cases for each individual method, instead of the usually verified overall test suite quality. Validation of our approach on the open source Apache Ant project shows a speed-up of 573.5x for the mutants located in focal methods with a quality score of 80%.Comment: A-TEST 201

Towards Symbolic Model-Based Mutation Testing: Combining Reachability and Refinement Checking

Model-based mutation testing uses altered test models to derive test cases that are able to reveal whether a modelled fault has been implemented. This requires conformance checking between the original and the mutated model. This paper presents an approach for symbolic conformance checking of action systems, which are well-suited to specify reactive systems. We also consider nondeterminism in our models. Hence, we do not check for equivalence, but for refinement. We encode the transition relation as well as the conformance relation as a constraint satisfaction problem and use a constraint solver in our reachability and refinement checking algorithms. Explicit conformance checking techniques often face state space explosion. First experimental evaluations show that our approach has potential to outperform explicit conformance checkers.Comment: In Proceedings MBT 2012, arXiv:1202.582

Software testing and evaluation

Californiaxiii, 537 p.: illus.; 21 c

Usability, Privacy, Cybersecurity And The Right To Vote: Why Elections Are Not As Simple As They Seem

Presented on September 5, 2019 at 11:30 a.m.-1:00 p.m. in the Technology Square Research Building (TSRB), 1st Floor Ballroom, Georgia Institute of Technology.Richard DeMillo is the Charlotte B. and Roger C. Warren Professor of Computing and Professor of Management, former John P. Imlay Dean of Computing, and Director of the Center for 21st Century Universities at the Georgia Institute of Technology. Author of over 100 articles, books, and patents, he has held academic positions at Purdue University, the University of Wisconsin, and the University of Padua. He directed the Computer and Computation Research Division of the National Science Foundation and was Hewlett-Packard's first Chief Technology Officer. He is the 2013 Lumina Foundation Inaugural Fellow which recognized his founding of the Center for 21st Century Universities as a “unique institution.” He is also a Fellow of both the American Association for the Advancement of Science and the Association for Computing Machinery. He is the author of the influential 2011 book “Abelard to Apple: The Fate of American Colleges and Universities” and an award-winning 2015 sequel entitled “Revolution in Higher Education: How a Small Band of Innovators will Make College Accessible and Affordable.” Both books were published by MIT Press.Runtime: 52:50 minutesAll modern public elections in the United States use computers called voting machines to automate at least part of the voting process. Like all computers, voting machines can be misprogrammed, misconfigured, misused and hacked. Poorly secured data, open networks, and aging computing equipment with known vulnerabilities to malware are all subject to attack. There is substantial evidence that foreign adversaries have infiltrated American election systems and there is growing evidence that election results were affected. Federal agencies, the Intelligence Community, and congressional committees all agree that action is required. This talk will focus on the unique aspects of elections from a computing standpoint: (1) Why are there not national standards? (2) What cybersecurity tools would make elections more secure? (3) How does the right to a secret ballot affect election technology? (4) What is the future of electronic voting in the state of Georgia? In this talk I will pay special attention to usability and privacy problems and point out areas in which improved understanding of cognitive limitations of voters can influence public policy. This work is based in part on a recent paper entitled “Ballot Marking Devices (BMDs) cannot assure the will of the voters,” by Philip Stark, Andrew Appel, and me. This paper can be downloaded here:https://dx.doi.org/10.2139/ssrn.337575