CERG Seminars are held in the Engineering Building on the GMU Fairfax campus unless noted otherwise. Parking is available in the Sandy Creek parking deck near the Engineering Building. Directions to the campus can be found here. The seminar talks are usually 45 to 60 minutes long and are open to the public. If you wish to be notified about future seminars, please send an e-mail to Jens-Peter Kaps.
Differential Power Analysis Attacks on Light Weight Implementations of Block Ciphers
There is a growing interest in light weight implementation of cryptographic algorithms for low-resource ubiquitous computing devices such as a wireless sensor nodes (WSN) or radio frequency identification (RFID) tags. Most light weight cryptographic implementations are targeted to application specific integrated circuits (ASIC). However, ASICs have a high non-recurring engineering cost and longer time to market. Even though field programmable gate arrays (FPGA) are reconfigurable and have low non-recurring engineering cost, they consume more power than ASICs. Power consumption is a primary concern for light weight cryptographic applications. With the development of low-cost, low-power FPGAs for battery powered devices, they are becoming an interesting target for light weight cryptography (LWC). Compact architectures of AES, Camellia, xTEA, HIGHT and Present are implemented on low-cost Xilinx Spartan3 FPGAs. Different optimization techniques are employed to minimize the area consumption by smart use of the Configurable Logic Block (CLB) structure in FPGAs. All the cipher implementations are light weight but with full strength security i.e. not 80-bit but 128-bit key length. Furthermore, differential power analysis (DPA) attacks are performed on these implementations to investigate their "natural", i.e. without any countermeasures resistance to this form of attack.
Securing Light Weight Cryptographic Implementations on FPGAs Using DPL
Recent advances in Field Programmable Gate Array (FPGA) technology are bound to make FPGAs a popular platform for battery powered devices. Many applications of such devices are mission critical and require the use of cryptographic algorithms to provide the desired security. However, Differential Power Analysis (DPA) attacks pose a severe threat against otherwise secure cryptographic implementations.
Current techniques to defend against DPA attacks such as Dual rail with Pre-Charge Logic (DPL) lead to an increase in area consumption of factor 4 or more which is not suitable for Light Weight implementations. Current secure implementations using DPL require ASIC tools and a special ASIC library. In this thesis we show that moderate security against DPA attacks can be achieved for DPL secured implementations using only FPGA CAD tools augmented by some scripts. The resulting circuit has an area increase of not much more than a factor two over standard FPGA implementations. We demonstrate our approach by implementing a cryptographic algorithm on Spartan3E FPGA and assessing the security it provides against DPA. We also study one of the Xilinx FPGA specific intrinsic features - Wide Dedicated Multiplexer (WDM) - with respect to DPA.
Smart Cards: Processors, Applications, Security, and Evolution of the Market
Lisa Timm, MS CpE Scholarly Paper Presentation
Date: Friday, May 1st, 11:00 am, Location: Engineering Building, Room 3507
Smart cards are an extremely effective way of providing secure transactions and identification. Telecommunications has been the driving force behind the growth in the smart card market, and will continue to be, with the advancement of and increased demand for mobile phone technology and Near Field Communication (NFC). It is a rapidly growing market that requires improvements in technology, function, and security. Memory used in smart cards needs to become faster and cheaper. Since new threats are emerging constantly, physical and cryptographic security progress is critical. Cryptographic functions are time intensive, driving the demand for faster and more efficient smart cards. Another motivator for improvement is multi-application smart cards. The corresponding chips and operating systems are more complex, as numerous applications can exist on one card. These trends in the smart card market are likely to continue for years to come.
This presentation will introduce a background in smart cards and help determine where the market and technology is heading. It will explain different types of smart cards, their properties, a history and evolution of the market, and current examples of smart card chips and their cryptographic characteristics. Finally, reliability and security will be presented, describing various attacks that apply to smart cards.
Introduction to Public Key Infrastructure and OpenCA
Ayesha Ghori, MS CpE Scholarly Paper Presentation
Date: Thursday, April 30th, 5:00 pm, Location: Research 1 (RSCH1), Room 162
With the advent of e-commerce, almost all of our monetary transactions are being carried out over the internet. The users of e-commerce and e-banking connect to a network and accomplish transactions in which a lot of sensitive data is exchanged, like credit card details, bank account details, passwords etc. It is very important that the information shared should reach the intended recipient and is not available publicly. The users expect to have integrity, confidentiality, authentication and non-repudiation when they access a public network. To facilitate secure communication between two entities, there is a need of some private information or key to be shared between the two. The fact that the sender and the intended recipient alone share some secret information (key) prior to transmission of the messages between them, requires them to convey the key in an out-of band secure communication before starting the intended communication. The concept of sharing a key that can be publicly revealed without compromising communication security is the basis of Public Key Infrastructure. The PKI provides for services like authentication, integrity, digital signatures, key establishment, and zero knowledge/minimum knowledge protocols. The services are realized by a combination of symmetric and asymmetric cryptographic techniques enabled through a single, easily managed infrastructure/trusted authority. OpenCA is an open source PKI software, among the others available today. It is designed for UNIX/LINUX operating systems, however anyone using other operating systems can request, revoke and obtain their certificate through the web-interface OpenCA offers. It is an economical substitute for the other more expensive Certificate authorities. In this paper we discuss features of OpenCA and how it realizes the standards of the technology of PKI. The goal is to gain knowledge a fully functional PKI and to understand and use digital certificates better.
An Overview of RFID Technology, Application, and Security/Privacy Threats and Solutions
Chia-hung Huang, MS CpE Scholarly Paper Presentation
Date: Tuesday, April 28th, 11:00 am, Location: Johnson Center (JC), Meeting Room C, 3rd floor
Radio Frequency Identification (RFID) has been around for nearly 50 years. RFID was first used during World War II in Friend-or-Foe identification system. Ever since then, RFID has caught the attention of many scientists, academics, and enterprises around the world. In addition, the announcement of requiring its top suppliers to adopt RFID technology made by Wal-Mart Cooperation in June, 2003, has once again heated up the topic of RFID. In this paper, I am going to give a brief overview of RFID technology, application, and security/privacy threats and solutions. In addition to that, I will also briefly introduce the security/privacy issues and solutions in EPCglobal Class 1 Generation 2 (C1G2).
Tiny True Random Number Generator
Random Number Generators (RNGs) play a crucial role in the security of modern-day cryptographic modules. In cryptography they are used to generate initialization vectors for cryptographic primitives and protocols, keys for secret and public-key algorithms, seeds for pseudo-random number generators, challenges, nonces, padding bits, and system parameters in security protocols. A True Random Number Generator (TRNG) is a physical device that generates statistically independent and unbiased bits. A TRNG harvests randomness present in the underlying physical source and the generator will have no internal state kept. Increased research interest in the field of reconfigurable computing is making Field Programmable Gate Arrays (FPGAs) a preferred platform for cryptographic implementations. Hence, a pure digital implementation of a TRNG is highly demanded by modern-day applications. This thesis describes a simple TRNG design based on a single ring oscillator implemented using pure logic gates focusing on low power, and low area cryptographic applications. The randomization technique is based on sampling phase jitter contained in the oscillator ring. The TRNG has a very low area consumption, high area/throughput ratio and generates output bits at an acceptable bit rate. The security of the cryptographic primitives relies on the quality of the generated random bits, hence a TRNG for cryptographic applications must meet stringent requirements and should generate bits that can not be reproduced and are unpredictable in nature. The generator can be tested for its good statistical properties using a statistical test suite, ideally adjusted to a perfect RNG. Our TRNG design have been verified against statistical test suites from DIEHARD, NIST and BSI.
Secure Routing in Wireless Sensor Networks
Srividya Shanmugham, MS EE Scholarly Paper Presentation
Date: Friday, March 20th, 3:00 pm, Location: Science and Technology II (ST-II), Room 230A
Wireless sensor networks (WSN) is an emerging area that has a wide spectrum of critical applications like battlefield surveillance, emergency disaster relief systems. Sensor devices are designed to be limited in their resources. Therefore they are simple to build, economically viable and can be deployed to closely interact with their environment. They perform in-network processing to reduce the load of raw data by aggregating useful information. These characteristics of sensor networks pose unique challenges for routing data securely over wireless communication channels. Traditional security techniques cannot be adopted easily. Security in WSNs can be properly addressed only by integrating secure data transmission into the routing process itself. In this presentation we outline different routing attacks in WSN and discuss how various sensor network routing protocols breakdown in the face of those attacks. Wethen list a set of attributes that would make a routing protocol more secure. Finally we study a new protocol called Secure Sensor Network Routing Protocol that was designed to be resilient to routing attacks and analyze the strength of its security.