Efficient and Secure Implementations of Lightweight Symmetric Cryptographic Primitives

This thesis is devoted to efficient and secure implementations of lightweight symmetric cryptographic primitives for resource-constrained devices such as wireless sensors and actuators that are typically deployed in remote locations. In this setting, cryptographic algorithms must consume few computational resources and withstand a large variety of attacks, including side-channel attacks. The first part of this thesis is concerned with efficient software implementations of lightweight symmetric algorithms on 8, 16, and 32-bit microcontrollers. A first contribution of this part is the development of FELICS, an open-source benchmarking framework that facilitates the extraction of comparative performance figures from implementations of lightweight ciphers. Using FELICS, we conducted a fair evaluation of the implementation properties of 19 lightweight block ciphers in the context of two different usage scenarios, which are representatives for common security services in the Internet of Things (IoT). This study gives new insights into the link between the structure of a cryptographic algorithm and the performance it can achieve on embedded microcontrollers. Then, we present the SPARX family of lightweight ciphers and describe the impact of software efficiency in the process of shaping three instances of the family. Finally, we evaluate the cost of the main building blocks of symmetric algorithms to determine which are the most efficient ones. The contributions of this part are particularly valuable for designers of lightweight ciphers, software and security engineers, as well as standardization organizations. In the second part of this work, we focus on side-channel attacks that exploit the power consumption or the electromagnetic emanations of embedded devices executing unprotected implementations of lightweight algorithms. First, we evaluate different selection functions in the context of Correlation Power Analysis (CPA) to infer which operations are easy to attack. Second, we show that most implementations of the AES present in popular open-source cryptographic libraries are vulnerable to side-channel attacks such as CPA, even in a network protocol scenario where the attacker has limited control of the input. Moreover, we describe an optimal algorithm for recovery of the master key using CPA attacks. Third, we perform the first electromagnetic vulnerability analysis of Thread, a networking stack designed to facilitate secure communication between IoT devices. The third part of this thesis lies in the area of side-channel countermeasures against power and electromagnetic analysis attacks. We study efficient and secure expressions that compute simple bitwise functions on Boolean shares. To this end, we describe an algorithm for efficient search of expressions that have an optimal cost in number of elementary operations. Then, we introduce optimal expressions for first-order Boolean masking of bitwise AND and OR operations. Finally, we analyze the performance of three lightweight block ciphers protected using the optimal expressions

The Knowledge Society at Crossroads: The Road Map and Incubating Role of the Competitive Intelligence, Digitalization and Neurosciences

The today human being is part of the technological and scientific development dominated by information as a both raw material and base of knowledge. The easy and open accesses to information thrust forward the frontiers of development and communication, enlarge the development\u27s paths and generate amazing changes, faster than ever happened. The way that data bases increase its volume becomes the most actual and complex problem. The ability to extract and process the knowledge and the speed of its processing represent unknown and provocative challenges for business profit and the intelligent society success. Their extraction from the informational noise and the ability to react and rapidly communicate are also important to be accurately customized and harmonised with the social elements. This paper demonstrates the usefulness of neuroscience, neuro-technologies and cognitive computing in finding innovative and customized solutions for solving complex problems in business. The conclusion of our study is that, in order to have an advanced and competitive European Union, it is absolutely necessary to develop innovative solutions for Competitive Intelligence that would include the fundamental elements of neuro-technologies and advanced Artificial Intelligence as Cognitive Business profitable keys

THE KNOWLEDGE SOCIETY AT CROSSROADS: THE ROAD MAP AND INCUBATING ROLE OF THE COMPETITIVE INTELLIGENCE, DIGITALISATION AND NEUROSCIENCES

The today human being is part of the technological and scientific development dominated by information as a both raw material and base of knowledge.The easy and open accesses to information thrust forward the frontiers of development and communication, enlarge the development's paths and generate amazing changes, faster than ever happened. The way that data bases increase its volume becomes the most actual and complex problem.The ability to extract and process the knowledge and the speed of its processing represent unknown and provocative challenges for business profit and the intelligent society success. Their extraction from the informational noise and the ability to react and rapidly communicate are also important to be accurately customized and harmonised with the social elements.This paper demonstrates the usefulness of neuroscience, neuro-technologies and cognitive computing in finding innovative and customized solutions for solving complex problems in business.The conclusion of our study is that, in order to have an advanced and competitive European Union, it is absolutely necessary to develop innovative solutions for Competitive Intelligence that would include the fundamental elements of neuro-technologies and advanced Artificial Intelligence as Cognitive Business profitable keys

A Lightweight Implementation of NTRU Prime for the Post-Quantum Internet of Things

The dawning era of quantum computing has initiated various initiatives for the standardization of post-quantum cryptosystems with the goal of (eventually) replacing RSA and ECC. NTRU Prime is a variant of the classical NTRU cryptosystem that comes with a couple of tweaks to minimize the attack surface; most notably, it avoids rings with "worrisome" structure. This paper presents, to our knowledge, the first assembler-optimized implementation of Streamlined NTRU Prime for an 8-bit AVR microcontroller and shows that high-security lattice-based cryptography is feasible for small IoT devices. An encapsulation operation using parameters for 128-bit post-quantum security requires 8.2 million clock cycles when executed on an 8-bit ATmega1284 microcontroller. The decapsulation is approximately twice as costly and has an execution time of 15.6 million cycles. We achieved this performance through (i) new low-level software optimization techniques to accelerate Karatsuba-based polynomial multiplication on the 8-bit AVR platform and (ii) an efficient implementation of the coefficient modular reduction written in assembly language. The execution time of encapsulation and decapsulation is independent of secret data, which makes our software resistant against timing attacks. Finally, we assess the performance one could theoretically gain by using a so-called product-form polynomial as part of the secret key and discuss potential security implications

Competitive Intelligence and Neuro-Technologies: The New Strategic Tools to Boost The Digital Economy

Purpose – This paper aims to bridge the conceptual gap between the competitive intelligence domain and the current digital transformation and adaptation to the new values, norms, requests and expectations of Industry 4.0. Starting with the theoretical and chronological background attributed to the current developments, the following pages proceed to developing the argument that the Competitive Intelligence domain has become an imperative for the whole process of decision-making involved in Industry 4.0, applied to all businesses, disregard their status, domain, or turnover. Design/methodology/approach – Adopting a multidisciplinary perspective, the paper uses both a theoretical and practical approach to the main concepts involved: Competitive Intelligence, neuro-technologies, Industry 4.0. While defining those central concepts and presenting the chronological evolution of the economic domain, it also provides examples of key tools and their application in the current Digital Era. Findings – The current times are marked by a process of transition from digital transformation to digitization in almost all global businesses. The transition to digitalization affects the entire organizational ecosystem by integrating with digital solutions the value chain of global business. While the paper limits itself to setting the stage for future research, it still provides a valid range of theoretical knowledge and pragmatic applicability of the discussed concepts in the context of the current developing global reality. Originality/value – Beyond the theoretical and chronological analysis, a valuable content of this paper is the discussion of innovative tools within the domain of competitive intelligence and neuro-technologies to enhance the adaptability to rapidly changing conditions, the agility in decision-making and the flexibility to redesign the existing strategies based on pertinent analysis of a great influx of informatio

Competitive Intelligence and Academic Entrepreneurship as Innovative Vectors of a Resilient, Business-Oriented Education

Purpose – The present paper substantiates that the concepts of competitive intelligence and academic entrepreneurship are genuinely connected to the modern society and, through their perpetual and versatile evolution, have an important role in moving the development on the right way. Design/methodology/approach – Their evolutive is completed by a comparative analysis as appropriate method to point out similarities and differences and identify the way their application may serve innovation as a tool for those activating in the related domains of education, within our highly dynamic world. Findings – The development of the concepts is meant to link and accelerate the technological and operational innovation to a highly competitive academic environment, business-oriented, as a contribution to its wide potential for profit. Originality/value – The correlation between the two concepts provides an innovative tool able to serve as a platform helping the competitive intelligence, as design and functions, for any academic entrepreneurship business-oriented

Argon2: New Generation of Memory-Hard Functions for Password Hashing and Other Applications

We present a new hash function Argon2, which is oriented at protection of low-entropy secrets without secret keys. It requires a certain (but tunable) amount of memory, imposes prohibitive time-memory and computation-memory tradeoffs on memory-saving users, and is exceptionally fast on regular PC. Overall, it can provide ASIC-and botnet-resistance by filling the memory in 0.6 cycles per byte in the non-compressible way

Efficient Implementation of the SHA-512 Hash Function for 8-bit AVR Microcontrollers

SHA-512 is a member of the SHA-2 family of cryptographic hash algorithms that is based on a Davies-Mayer compression function operating on eight 64-bit words to produce a 512-bit digest. It provides strong resistance to collision and preimage attacks, and is assumed to remain secure in the dawning era of quantum computers. However, the compression function of SHA-512 is challenging to implement on small 8 and 16-bit microcontrollers because of their limited register space and the fact that 64-bit rotations are generally slow on such devices. In this paper, we present the first highly-optimized Assembler implementation of SHA-512 for the ATmega family of 8-bit AVR microcontrollers. We introduce a special optimization technique for the compression function based on a duplication of the eight working variables so that they can be more efficiently loaded from RAM via the indirect addressing mode with displacement (using the ldd and std instruction). In this way, we were able to achieve high performance without unrolling the main loop of the compression function, thereby keeping the code size small. When executed on an 8-bit AVR ATmega128 microcontroller, the compression function takes slightly less than 60k clock cycles, which corresponds to a compression rate of roughly 467 cycles per byte. The binary code size of the full SHA-512 implementation providing a standard Init-Update-Final (IUF) interface amounts to approximately 3.5 kB

From Web Based to On-Line Decision Support

The paper tries to identify some causes and implications of the web phenomena into the decision making field. It also includes examples in order to better justify the ideas. The literature and the practice are very rich in examples of Decision Support Systems (DSS) and Business Intelligence products but they are rather considered complex applications made to interact over the internet but not entirely running within the Internet. In order to arrive to this title we have also tested a few on-line products starting with simple office tools (Google docs – spreadsheets) or more specialized ones (Nesstar - analytics). And why this counts in this article? - Partially because when thinking of solvers and trend charts a spreadsheet may be considered a basic form of DSS. The main question is whether or not the on-line applications developers implement such functionalities in their products. Beyond the practical approach and the obvious criticism, the main idea of the paper is to make us realize the trend of many applications that serve decision making. The main implication of the trend-line mentioned in our article is related to the fact that in terms of technology any decision will become easier to be made when thinking of the mobile devices available nowadays. Thus the paper needs to be considered in relation with this topic. The main idea when speaking of originality is basically to show something previously not seen, not tested or not proved. In this case, the originality mostly consists in seeing beyond the traditional approaches of the decision support systems. The on-line category is one belonging to the places beyond these borders

From Web Based to On-Line Decision Support

The paper tries to identify some causes and implications of the web phenomena into the decision making field. It also includes examples in order to better justify the ideas. The literature and the practice are very rich in examples of Decision Support Systems (DSS) and Business Intelligence products but they are rather considered complex applications made to interact over the internet but not entirely running within the Internet. In order to arrive to this title we have also tested a few on-line products starting with simple office tools (Google docs – spreadsheets) or more specialized ones (Nesstar - analytics). And why this counts in this article? - Partially because when thinking of solvers and trend charts a spreadsheet may be considered a basic form of DSS. The main question is whether or not the on-line applications developers implement such functionalities in their products. Beyond the practical approach and the obvious criticism, the main idea of the paper is to make us realize the trend of many applications that serve decision making. The main implication of the trend-line mentioned in our article is related to the fact that in terms of technology any decision will become easier to be made when thinking of the mobile devices available nowadays. Thus the paper needs to be considered in relation with this topic. The main idea when speaking of originality is basically to show something previously not seen, not tested or not proved. In this case, the originality mostly consists in seeing beyond the traditional approaches of the decision support systems. The on-line category is one belonging to the places beyond these borders