291 research outputs found
Secure and user-friendly display of schedule in a meeting room
Meeting and conference rooms in offices are equipped with video conferencing equipment that includes a screen that displays meetings scheduled in the room, e.g., on an idle screen display. The displayed schedules can include meeting titles or codes. If a visitor enters the meeting room, such display can potentially reveal information that is confidential to the organization. This disclosure describes techniques to automatically determine whether display of meeting-related information is appropriate. External meetings are identified based on available contextual information, e.g., meeting attendees, agenda/notes, room location, schedules of adjacent rooms, etc. Ahead of external meetings in a room, schedule information is hidden from the idle screen
An Enhanced Dataflow Analysis to Automatically Tailor Side Channel Attack Countermeasures to Software Block Ciphers
Protecting software implementations of block ciphers from side channel attacks is a significant concern to realize secure embedded computation platforms. The relevance of the issue calls for the automation of the side channel vulnerability assessment of a block cipher implementation, and the automated application of provably secure defenses. The most recent methodology in the field is an application of a specialized data-flow analysis, performed by means of the LLVM compiler framework, detecting in the AES cipher the portions of the code
amenable to key extraction via side channel analysis. The contribution of this work is an enhancement to the existing data-flow analysis which extending it to tackle any block cipher implemented in software. In particular, the extended strategy takes fully into account the data dependencies present in the key schedule of a block cipher, regardless of its complexity, to obtain consistently sound results. This paper details the analysis strategy and presents new results on the tailored application of power and electro-magnetic emission analysis countermeasures, evaluating the performances on both the ARM Cortex-M and the MIPS ISA. The experimental evaluation reports a case study on two block ciphers: the first designed to achieve a high security margin at a non-negligible computational cost, and a lightweight one. The results show that, when side-channel-protected implementations are considered, the high-security block cipher is indeed more efficient than the lightweight one
Constant weight strings in constant time: a building block for code-based post-quantum cryptosystems
Code based cryptosystems often need to encode either a message or a random bitstring into one of fixed length and fixed (Hamming) weight. The lack of an efficient and reliable bijective map presents a problem in building constructions around the said cryptosystems to attain security against active attackers. We present an efficiently computable, bijective function which yields the desired mapping. Furthermore, we delineate how the said function can be computed in constant time. We experimentally validate the effectiveness and efficiency of our approach, comparing it against the current state of the art solutions, achieving three to four orders of magnitude improvements in computation time, and validate its constant runtim
Performance and Efficiency Exploration of Hardware Polynomial Multipliers for Post-Quantum Lattice-Based Cryptosystems
The significant effort in the research and design of large-scale quantum computers has spurred a transition to post-quantum cryptographic primitives worldwide. The post-quantum cryptographic primitive standardization effort led by the US NIST has recently selected the asymmetric encryption primitive Kyber as its candidate for standardization and indicated NTRU, as a valid alternative if intellectual property issues are not solved. Finally, a more conservative alternative to NTRU, NTRUPrime was also considered as an alternate candidate, due to its design choices that remove the possibility for a large set of attacks preemptively. All the aforementioned asymmetric primitives provide good performances, and are prime choices to provide IoT devices with post-quantum confidentiality services. In this work, we present a comprehensive exploration of hardware designs for the computation of polynomial multiplications, the workhorse operation in all the aforementioned cryptosystems, with a thorough analysis of performance, compactness and efficiency. The presented designs cope with the differences in the arithmetics of polynomial rings employed by distinct cryptosystems, benefiting from configurations and optimizations that are applicable at synthesis time and/or run time. In this context, we target a use case scenario where long-term key pairs are used, such as the ones for VPNs (e.g., over IPSec), secure shell protocols and instant messaging applications. Our high-performance design variants exhibit figures of latency comparable to the ones needed for the execution of the symmetric cryptographic primitives also included in the Post-Quantum schemes. Notably, the performance figures of the designs proposed for NTRU and NTRU Prime surpass the ones described in the related literature
A Code-specific Conservative Model for the Failure Rate of Bit-flipping Decoding of LDPC Codes with Cryptographic Applications
Characterizing the decoding failure rate of iteratively decoded Low- and
Moderate-Density Parity Check (LDPC/MDPC) codes is paramount to build
cryptosystems based on them, able to achieve indistinguishability under
adaptive chosen ciphertext attacks. In this paper, we provide a statistical
worst-case analysis of our proposed iterative decoder obtained through a simple
modification of the classic in-place bit-flipping decoder. This worst case
analysis allows both to derive the worst-case behaviour of an LDPC/MDPC code
picked among the family with the same length, rate and number of parity checks,
and a code-specific bound on the decoding failure rate. The former result
allows us to build a code-based cryptosystem enjoying the -correctness
property required by IND-CCA2 constructions, while the latter result allows us
to discard code instances which may have a decoding failure rate significantly
different from the average one (i.e., representing weak keys), should they be
picked during the key generation procedure
Perturbation of Serotonin Homeostasis during Adulthood Affects Serotonergic Neuronal Circuitry
Growing evidence shows that the neurotransmitter serotonin (5-HT) modulates the fine-tuning of neuron development and the establishment of wiring patterns in the brain. However, whether serotonin is involved in the maintenance of neuronal circuitry in the adult brain remains elusive. Here, we use a Tph2(fl)°(x) conditional knockout (cKO) mouse line to assess the impact of serotonin depletion during adulthood on serotonergic system organization. Data show that the density of serotonergic fibers is increased in the hippocampus and decreased in the thalamic paraventricular nucleus (PVN) as a consequence of brain serotonin depletion. Strikingly, these defects are rescued following reestablishment of brain 5-HT signaling via administration of the serotonin precursor 5-hydroxytryptophan (5-HTP). Finally, 3D reconstruction of serotonergic fibers reveals that changes in serotonin homeostasis affect axonal branching complexity. These data demonstrate that maintaining proper serotonin homeostasis in the adult brain is crucial to preserve the correct serotonergic axonal wiring
Analysis of Dual-Band Direction of Arrival Estimation in Multipath Scenarios
The present paper analyzes the performance of localization systems, based on dual-band Direction of Arrival (DoA) approach, in multi-path affected scenarios. The implemented DoA estimation, which belongs to the so-called Space and Frequency Division Multiple Access (SFDMA) technique, takes advantage of the use of two uncorrelated communication carrier frequencies, as already demonstrated by the authors. Starting from these results, this paper provides, first, the methodology followed to describe the localization system in the proposed simulation environment, and, as a second step, describes how multi-path effects may be taken into account through a set of full-wave simulations. The latter follows an approach based on the two-ray model. The validation of the proposed approach is demonstrated by simulations over a wide range of virtual scenarios. The analysis of the results highlights the ability of the proposed approach to describe multi-path effects and confirms enhancements in DoA estimation as experimentally evaluated by the same authors. To further assess the performance of the aforementioned simulation environment, a comparison between simulated and measured results was carried out, confirming the capability to predict DoA performance
challenging the trustworthiness of pgp is the web of trust tear proof
The OpenPGP protocol provides a long time adopted and widespread tool for secure and authenticated asynchronous communications, as well as supplies data integrity and authenticity validation for software distribution. In this work, we analyze the Web-of-Trust on which the OpenPGP public key authentication mechanism is based, and evaluate a threat model where its functionality can be jeopardized. Since the threat model is based on the viability of compromising an OpenPGP keypair, we performed an analysis of the state of health of the global OpenPGP key repository. Despite the detected amount of weak keypairs is rather low, our results show how, under reasonable assumptions, approximately 70i¾ź% of the Web-of-Trust strong set is potentially affected by the described threat. Finally, we propose viable mitigation strategies to cope with the highlighted threat
Automated instantiation of side-channel attacks countermeasures for software cipher implementations
Side Channel Attacks (SCA) have proven to be a practical threat to the security of embedded systems, exploiting the information leakage coming from unintended channels concerning an implementation of a cryptographic primitive. Given the large variety of embedded platforms, and the ubiquity of the need for secure cryptographic implementations, a systematic and automated approach to deploy SCA countermeasures at design time is strongly needed. In this paper, we provide an overview of recent compiler-based techniques to protect software implementations against SCA, making them amenable to automated application in the development of secure-by-design systems
- …