Physical attacks focus on extracting information from internal parts of IC's. One way to achieve this is by means of connecting probes to wires, so that the content of internal buses and registers can be revealed. Protection against this type of attacks exists, but usually is bulky and expensive, e.g. the shielding of secured areas. This paper presents a novel in-circuit countermeasure that is cheap and can easily be integrated in existing designs to detect probing attempts. It is based on a ring oscillator that operates over coupled lines in a differential mode. When the loading of one of the lines is unbalanced over a tolerance margin, an impulse is generated and integrated over time. If the integration surpasses a given threshold an alarm signal is activated. Simulations show the stability of the detector over a range of temperature and supply voltage variations
In this paper, we present a new scan-path structure for improving the security of systems including scan paths, which normally introduce a security critical information leak channel into a design. Our structure, named differential scan path (DiSP), divides the internal state of the scan path in two sections. During the shift-out operation, only subtraction of the two sections is provided. Inferring the internal state from this subtraction requires much guesswork that increases exponen-tially with scan path length while the resulting fault coverage is only marginally altered. Subtraction does not preserve parity, thus avoiding attacks using parity information. The structure is simple, needs little area and does not require unlocking keys. Through implementing the DiSP in an elliptic curve crypto-graphic coprocessor, we demonstrate how easily it can be inte-grated into existing design tools. Simulations show that test effectiveness is preserved and that the internal state is effec-tively hidden.Postprint (published version
The recent trend to connect a plethora of sensors, embedded and ubiquitous systems with low computing power, in short the rise of the Internet of Things, has created a great demand for compact, lightweight and cheap to produce implementations of cryptographic primitives. One approach to meet this demand is the development and standardisation of new tailored primitives, most prominently PRESENT. Yet, the wide proliferation of the Advanced Encryption Standard and the trust it earned through its long history of withstanding cryptanalysis spurred anew the search for small, lightweight implementations of AES. Among the smallest published architectures is the AtomicAES design by Banik et al. , who reported a design size of just over 2000 GE.Here we present a new 8-bit serial architecture that has been designed from careful observation of the minimum required connections between storage elements to support all dataflows required for execution of the algorithm. While we reach similar conclusions to previous publications, the new architecture enables us to push the area requirement for a fully featured AES primitive further down by more than 8% from the area requirement of AtomicAES while offering more functionality. Along the way we also answer in the affirmative the open question whether the AES reverse keyschedule can be implemented with negligible hardware overhead based on the forward keyschedule. Our design sets a new record for an 8-bit serial architecture with full functionality for encryption and decryption including the keyschedule, as well as for a sole encryption architecture. Furthermore our design is flexible enough to allow scaling the S-Box architecture from single-cycle to multi-stage pipelined approaches as are required for high operation frequencies or for protection against side-channel attacks. We demonstrate this by instantiating the design with a serial version of the S-Box to reduce the area requirement even further.
Evaluating arbitrary functions on encrypted data is one of the holy grails of cryptography, with Fully Homomorphic Encryption (FHE) being probably the most prominent and powerful example. FHE, in its current state is, however, not efficient enough for practical applications. On the other hand, simple homomorphic and somewhat homomorphic approaches are not powerful enough to support arbitrary computations. We propose a new approach towards a practicable system for evaluating functions on encrypted data. Our approach allows to chain an arbitrary number of computations, which makes it more powerful than existing efficient schemes. As with basic FHE we do not encrypt or in any way hide the function, that is evaluated on the encrypted data. It is, however, sufficient that the function description is known only to the evaluator. This situation arises in practice for software as a Software as a Service (SaaS)-scenarios, where an evaluator provides a function only known to him and the user wants to protect his data. Another application might be the analysis of sensitive data, such as medical records. In this paper we restrict ourselves to functions with only one input parameter, which allow arbitrary transformations on encrypted data.
The recent trend to connect a plethora of sensors, embedded and ubiquitous systems with low computing power, in short the rise of the Internet of Things, has created a great demand for compact, lightweight and cheap to produce implementations of cryptographic primitives. One approach to meet this demand is the development and standardisation of new tailored primitives, most prominently PRESENT. Yet, the wide proliferation of the Advanced Encryption Standard and the trust it earned through its long history of withstanding cryptanalysis spurred anew the search for small, lightweight implementations of AES. Among the smallest published architectures is the AtomicAES design by Banik et al. , who reported a design size of just over 2000 GE.Here we present a new 8-bit serial architecture that has been designed from careful observation of the minimum required connections between storage elements to support all dataflows required for execution of the algorithm. While we reach similar conclusions to previous publications, the new architecture enables us to push the area requirement for a fully featured AES primitive further down by more than 8% from the area requirement of AtomicAES while offering more functionality. Along the way we also answer in the affirmative the open question whether the AES reverse keyschedule can be implemented with negligible hardware overhead based on the forward keyschedule. Our design sets a new record for an 8-bit serial architecture with full functionality for encryption and decryption including the keyschedule, as well as for a sole encryption architecture. Furthermore our design is flexible enough to allow scaling the S-Box architecture from single-cycle to multi-stage pipelined approaches as are required for high operation frequencies or for protection against side-channel attacks. We demonstrate this by instantiating the design with a serial version of the S-Box to reduce the area requirement even further.
We consider the following question: given a group-homomorphic public-key encryption E, a ciphertext c = E(x, pk) hiding a value x using a key pk, and a "suitable" description of a function f , can we evaluate E(f (x), pk) without decrypting c? We call this an oblivious lookup table and show the existence of such a primitive. To this end, we describe a concrete construction, discuss its security and relations to other cryptographic primitives, and point out directions of future investigations towards generalizations.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.