CERG Seminars are held in the Engineering Building on the GMU Fairfax campus unless noted otherwise. Parking is available in the Sandy Creek parking deck near the Engineering Building. Directions to the campus can be found here. The seminar talks are usually 45 to 60 minutes long and are open to the public. If you wish to be notified about future seminars, please send an e-mail to Jens-Peter Kaps.

[Current] [2020] [2019] [2018] [2017] [2016] [2015] [2014] [2013] [2012] [2011] [2010] [2009] [2008] [2007]


Investigation of DPA Resistance of Block RAMs in Cryptographic Implementations on FPGAs

Shaunak S. Shah, Corsec Security, Inc. and CERG
Date: Thursday, December 9th, 12:00 PM, Location: Engineering Building, Room 3507


Security at low cost is an important factor for cryptographic hardware implemen- tations. Unfortunately, the security of cryptographic implementations is threatened by Side Channel Analysis (SCA). SCA attempts to discover the secret key of a device by exploiting implementation characteristics and bypassing the algorithm's mathematical security. Di erential Power Analysis (DPA) is a type of SCA, which exploits the de- vice's power consumption characteristics. Several countermeasures to DPA have been proposed, however, all of them increase security at the cost of increased area which in-turn leads to increased power consumption and reduced throughput. FPGAs are popular due to their recon gurability, lower development cost, o -the-shelf availability and shorter time to market. Block RAMs (BRAM) are large memories in FPGAs that are commonly used as ROM, FIFO, Look-up tables, etc. In this paper we explore the DPA resistance of BRAMs in Xilinx FPGAs and verify if their usage can improve the security. The results of our Advanced Encryption Standard (AES) implementations show that using BRAMs alone can improve the security over a look-up table (LUT) only design 9 times. Applying Separated Dynamic Di erential Logic (SDDL) for FP- GAs, a countermeasure against DPA, to this design doubles the security again leading to an 18 fold increase over the unprotected LUT design.

Crypto Night

ECE 646 Cryptography and Computer-Network Security, Project Presentations
Date: Wednesday, December 8th, 7:20 PM - 11:00 PM, Location: Engineering Building, Room 3507

Join us for a night of exciting presentations by ECE 646 students on implementations of candidates for the next Secure Hash Algorithm Standard and other exciting topics. The exact schedule is posted on the Program Page. Bilal Habib, Kishore Kumar Surapathi, Smriti Gurung, Susheel Vadlamudi, Rabia Shahid, Malik Umar Sharif, John Pham, and Kinjal Shah of our research group will be presenting. Please come over to cheer them on!

Novel Configurable Ring Oscillator based PUF on FPGAs

Xin Xin, MS CpE Scholarly Paper Presentation
Date: Wednesday, July 28th, 11:00 AM, Location: Engineering Building, Room 3507


The concept of a Physical Unclonable Function (PUF) has been considered as one of the most significant technology breakthroughs in cryptography in recent years. PUFs utilize manufacturing variations to uniquely identify semiconductor devices, and thus are able to authenticate them to a program or user. The idea behind this method is that no two chips are exactly identical, even if they use the same layout and the same production line. In 2002, Professor Srini Devadas has first proposed the notion of Silicon PUF (sPUF), which takes advantage of delay variations of wires and gates. A Ring-Oscillator-Based PUF (RO PUF) is one possible implementation of sPUF. One disadvantage of RO PUF is that it requires one pair of ring oscillators per bit of output. Therefore, in order to collect enough output bits, one needs a large number of Ring Oscillators. In this paper I have proposed a novel configurable Ring-Oscilltor-Based PUF, which can generate more output bits using the same amount of area than basic RO PUF. The obtained results demonstrate an increase in information redundancy.

Fair and Comprehensive Comparison of Hardware Performance of SHA-3 Round 2 Candidates using FPGAs

Ekawat Homsirikamol, MS CpE Master's Thesis Presentation
Date: Tuesday, July 27th, 4:00 PM, Location: Engineering Building, Room 2901


In 2007, National Institute of Standards and Technology has announced a contest for a new American cryptographic hash function standard, called SHA-3. At the time of writing, after eliminating 37 algorithms in Round 1 due to security and performance weaknesses, only 14 Round 2 candidate algorithms remain in the competition. A comprehensive methodology for fair comparison of hash algorithms competing in the SHA-3 contest from the point of view of hardware performance in FPGAs has been proposed in this thesis. Based on this methodology, hardware designs optimized for the maximum throughput to area ratio have been developed for all Round 2 SHA-3 candidates. The obtained results have been compared with results from other groups. In our study, only three candidates, namely CubeHash, Keccak and Luffa, have consistently outperformed the current standard, SHA-2, in terms of the throughput to area ratio for both 256 and 512 bits variants of the hash algorithms.

ATHENa - Automated Tool for Hardware EvaluatioN: Software Environment for Fair and Comprehensive Performance Evaluation of Cryptographic Hardware using FPGAs

Venkata Amirineni, MS CpE Master's Thesis Presentation
Date: Tuesday, July 27th, 2:30 PM, Location: Engineering Building, Room 2901


Fair comparison of the hardware efficiency of cryptographic algorithms, modeled in Hardware Description Languages and implemented using FPGAs, is a complex task. The results of the comparison depend on the inherent properties of competing algorithms, as well as on selected hardware architectures, implementation techniques, FPGA families, languages and tools.

The development of new cryptographic standards through contests, such as AES, eSTREAM, and SHA-3 competitions, requires fair comparison of multiple cryptographic algorithms in terms of their hardware efficiency. To address this issue and to provide a comprehensive environment for an efficient evaluation of multiple algorithms, ATHENa, Automated Tool for Hardware EvaluatioN, has been developed.

ATHENa facilitates fair, comprehensive, reliable, and automated comparison of cryptographic algorithms, hardware architectures, FPGA families, as well as FPGA tools and HDL languages. In this seminar, we present the common pitfalls and difficulties involved with the fair comparisons and demonstrate the capabilities of ATHENa through several case studies.

Parameter Selection Refinement and Software Implementations of Sprectral Modular Exponentiation

Matthew Allen Estes, MS CpE Master's Thesis Presentation
Date: Friday, July 23rd, 11:00 AM, Location: Engineering Building, Room 3507


A consistent challenge to the widespread use public key cryptosystems, such as RSA, is the computational difficulty of performing arithmetic operations with large operands. There are many branches of mathematics and algorithms devoted to the exploration of different aspects of computer arithmetic on large integers. In this thesis, we outline several parameter selection techniques and software implementations that apply to a new technique of exponentiation, referred to as spectral modular exponentiation, which attempts to address computational efficiency of public key cryptosystems, such as RSA and Elliptic Curve Cryptosystems.

Spectral modular exponentiation (SME) is a method by which numbers are converted into spectral representations through a process known as Discrete Fourier Transform (DFT), at some initial cost in doing the transformations. The spectral domain has the advantage of greatly reduced multiplication cost during the most costly portions of exponentiation. This seminar will describe the different algorithms that have been proposed independently by two different research groups, compare and contrast these algorithms, and describe various parameter selection techniques that apply to them. It will also cover lessons learned and some difficulties encountered in the development of a working implementation of spectral modular exponentiation. This seminar will also addresses some of the discovered concerns regarding particular approaches to spectral modular exponentiation in software implementations.

Investigation of DPA Resistance of Block RAMs in FPGAs

Shaunak S. Shah, MS CpE Master's Thesis Presentation
Date: Friday, March 5th, 11:00 AM, Location: Engineering Building, Room 3507


Recent advances in the area of cryptography and cryptanalysis has rendered us to a stage where the security of a cryptosystem no longer depends only on the algorithmic and mathematical strength of the cipher but also its hardware implementation. Side Channel Analysis (SCA) poses a serious threat to modern cryptographic implementations. It attempts to discover the secret key of a device by observing its side channels, such as variations in power consumptions, electro-magnetic emanations, etc. The most powerful attack is Differential Power Analysis (DPA). Several countermeasures to DPA have been proposed, however, almost all of them increase security at the cost of increasing area drastically which in-turn leads to increased power consumption and reduced throughput.

Most countermeasures to DPA are applied at the gate level and hence are targeted towards ASIC implementations and full custom designs. Not much research has been done on countermeasures for off-the shelf FPGAs. FPGAs are very popular for cryptographic applications due to their reconfigurability, low development cost and short time to market. Block RAMs are large memories on FPGAs that can be used as ROM, FIFO, look-up tables (LUT), etc. In this thesis we explore the DPA resistance of Block RAMs and if their usage can improve the security of block ciphers such as the Advanced Encryption Standard (AES). We implemented a small test circuit comprised of elements from AES on Xilinx Spartan 3E series FPGAs and discovered that moving essential parts of AES from look-up tables (LUT) and distributed RAMs to Block RAMs yields about 12 times increase in DPA resistance while at the same time reduces the LUT based area consumption by a factor 4. Subsequently we applied the same techniques to a standard and a TBOX implementation of AES and obtained similar results. The security increased about 8 times and the area got reduced about 4 times.