A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components

The semiconductor industry is fully globalized and integrated circuits (ICs) are commonly defined, designed and fabricated in different premises across the world. This reduces production costs, but also exposes ICs to supply chain attacks, where insiders introduce malicious circuitry into the final products. Additionally, despite extensive post-fabrication testing, it is not uncommon for ICs with subtle fabrication errors to make it into production systems. While many systems may be able to tolerate a few byzantine components, this is not the case for cryptographic hardware, storing and computing on confidential data. For this reason, many error and backdoor detection techniques have been proposed over the years. So far all attempts have been either quickly circumvented, or come with unrealistically high manufacturing costs and complexity. This paper proposes Myst, a practical high-assurance architecture, that uses commercial off-the-shelf (COTS) hardware, and provides strong security guarantees, even in the presence of multiple malicious or faulty components. The key idea is to combine protective-redundancy with modern threshold cryptographic techniques to build a system tolerant to hardware trojans and errors. To evaluate our design, we build a Hardware Security Module that provides the highest level of assurance possible with COTS components. Specifically, we employ more than a hundred COTS secure crypto-coprocessors, verified to FIPS140-2 Level 4 tamper-resistance standards, and use them to realize high-confidentiality random number generation, key derivation, public key decryption and signing. Our experiments show a reasonable computational overhead (less than 1% for both Decryption and Signing) and an exponential increase in backdoor-tolerance as more ICs are added

Minerva: The curse of ECDSA nonces

We present our discovery of a group of side-channel vulnerabilities in implementations of the ECDSA signature algorithm in a widely used Atmel AT90SC FIPS 140-2 certified smartcard chip and five cryptographic libraries (libgcrypt, wolfSSL, MatrixSSL, SunEC/OpenJDK/Oracle JDK, Crypto++). Vulnerable implementations leak the bit-length of the scalar used in scalar multiplication via timing. Using leaked bit-length, we mount a lattice attack on a 256-bit curve, after observing enough signing operations. We propose two new methods to recover the full private key requiring just 500 signatures for simulated leakage data, 1200 for real cryptographic library data, and 2100 for smartcard data. The number of signatures needed for a successful attack depends on the chosen method and its parameters as well as on the noise profile, influenced by the type of leakage and used computation platform. We use the set of vulnerabilities reported in this paper, together with the recently published TPM-FAIL vulnerability as a basis for real-world benchmark datasets to systematically compare our newly proposed methods and all previously published applicable lattice-based key recovery methods. The resulting exhaustive comparison highlights the methods\u27 sensitivity to its proper parametrization and demonstrates that our methods are more efficient in most cases. For the TPM-FAIL dataset, we decreased the number of required signatures from approximately 40 000 to mere 900

Intergenerational impacts of maternal mortality: Qualitative findings from rural Malawi

Background: Maternal mortality, although largely preventable, remains unacceptably high in developing countries such as Malawi and creates a number of intergenerational impacts. Few studies have investigated the far-reaching impacts of maternal death beyond infant survival. This study demonstrates the short- and long-term impacts of maternal death on children, families, and the community in order to raise awareness of the true costs of maternal mortality and poor maternal health care in Neno, a rural and remote district in Malawi. Methods: Qualitative in-depth interviews were conducted to assess the impact of maternal mortality on child, family, and community well-being. We conducted 20 key informant interviews, 20 stakeholder interviews, and six sex-stratified focus group discussions in the seven health centers that cover the district. Transcripts were translated, coded, and analyzed in NVivo 10. Results: Participants noted a number of far-reaching impacts on orphaned children, their new caretakers, and extended families following a maternal death. Female relatives typically took on caregiving responsibilities for orphaned children, regardless of the accompanying financial hardship and frequent lack of familial or governmental support. Maternal death exacerbated children’s vulnerabilities to long-term health and social impacts related to nutrition, education, employment, early partnership, pregnancy, and caretaking. Impacts were particularly salient for female children who were often forced to take on the majority of the household responsibilities. Participants cited a number of barriers to accessing quality child health care or support services, and many were unaware of programming available to assist them in raising orphaned children or how to access these services. Conclusions: In order to both reduce preventable maternal mortality and diminish the impacts on children, extended families, and communities, our findings highlight the importance of financing and implementing universal access to emergency obstetric and neonatal care, and contraception, as well as social protection programs, including among remote populations

Bezpecnost Elektronickych Pasu, Cast II.

The article discusses additional security features for protection of the sensitive biometric data stored in the electronic passports (i.e. fingerprints and irises). Two possible approaches are discussed - using symmetric and asymetric cryptography. The focus is given to the asymmetric methods as this is what the European proposal of the so called Extended Acess Control is based on.JRC.G.6-Sensors, radar technologies and cybersecurit

Fooling primality tests on smartcards

We analyse whether the smartcards of the JavaCard platform correctly validate primality of domain parameters. The work is inspired by Albrecht et al.[1], where the authors analysed many open-source libraries and constructed pseudoprimes fooling the primality testing functions. However, in the case of smartcards, often there is no way to invoke the primality test directly, so we trigger it by replacing (EC)DSA and (EC)DH prime domain parameters by adversarial composites. Such a replacement results in vulnerability to Pohlig-Hellman[30] style attacks, leading to private key recovery. Out of nine smartcards (produced by five major manufacturers) we tested (See https://crocs.fi.muni.cz/papers/primality_esorics20 for more information), all but one have no primality test in parameter validation. As the JavaCard platform provides no public primality testing API, the problem cannot be fixed by an extra parameter check, making it difficult to mitigate in already deployed smartcards

SHINE: Resilience via Practical Interoperability of Multi-party Schnorr Signature Schemes

19th International Conference on Security and Cryptography (SECRYPT), Lisbon, PORTUGAL, JUL 11-13, 2022International audienceSecure multi-party cryptographic protocols divide the secret key among multiple devices and never reconstruct it in a single place. Such a mechanism protects against malware, code vulnerabilities, and backdoors when different implementations and devices are used. Still, a protocol-level issue may result in a compromise, and up until now, it has been unknown how to combine different unmodified multi-party protocols. We study the interoperability of different multi-party Schnorr signature schemes and classify them based on their approach to the nonce agreement. We identify issues that could hinder in-class interoperability, and we propose a trustless mediator that facilitates interoperability among different classes in certain cases. Besides mitigating the risks, interoperability provides usability and performance benefits, as protocols better suited for special devices can be used together with more general protocols. We make use of these advantages in our new multi-signature scheme SHINE, which is optimized for resourcelimited devices like cryptographic smartcards while being interoperable with popular schemes such as MSDL, MuSig2, or SpeedyMuSig

Crowdsourced Security Reconstitution for Wireless Sensor Networks: Secrecy Amplification

Research in the area of security for Wireless Sensor Networks over the past two decades has yielded many interesting findings. We focus on the topic of (re-)securing link keys between sensor nodes through so-called secrecy amplification (SA) protocols. Crowdsourcing is at the very heart of these SA protocols. Not only do SA protocols work wonders even for low-level constrained nodes with no tamper resistance, they exhibit astonishing performance in networks under significant attacker control. Our work shows that even when 50% of all network links are compromised, SA protocols can re-secure over 90% of the link keys through an intriguingly simple crowdsourcing mechanism. These protocols allow us to re-take control without any broadly coordinated cooperation, without knowledge of the compromised links, with only very limited knowledge of each particular network node and independently of decisions made by other nodes. Our article first outlines the principles of and presents existing approaches to SA, introducing most of the important related concepts, then presents novel conclusive results for a realistic attacker model parametrised by attacker behaviour and capabilities. We undertook this work using two very different simulators, and we present here the results of analyses and detailed comparisons that have not previously been available. Finally, we report the first real, non-simulated network test results for the most attractive SA protocol, our implementations of which are available as open-source code for two platforms: Arduino and TinyOS. This work demonstrates the practical usability (and the attractive performance) of SA, serving as a ripe technology enabler for (among others) networks with many potentially compromised low-level devices