Spelling suggestions: "subject:"elliptic curve cryptography"" "subject:"elliptic curve ryptography""
31 |
Amélioration d'attaques par canaux auxiliaires sur la cryptographie asymétrique / Improvement of side-channel attack on asymmetric cryptographyDugardin, Margaux 11 July 2017 (has links)
Depuis les années 90, les attaques par canaux auxiliaires ont remis en cause le niveau de sécurité des algorithmes cryptographiques sur des composants embarqués. En effet, tout composant électronique produit des émanations physiques, telles que le rayonnement électromagnétique, la consommation de courant ou encore le temps d’exécution du calcul. Or il se trouve que ces émanations portent de l’information sur l’évolution de l’état interne. On parle donc de canal auxiliaire, car celui-ci permet à un attaquant avisé de retrouver des secrets cachés dans le composant par l’analyse de la « fuite » involontaire. Cette thèse présente d’une part deux nouvelles attaques ciblant la multiplication modulaire permettant d’attaquer des algorithmes cryptographiques protégés et d’autre part une démonstration formelle du niveau de sécurité d’une contre-mesure. La première attaque vise la multiplication scalaire sur les courbes elliptiques implémentée de façon régulière avec un masquage du scalaire. Cette attaque utilise une unique acquisition sur le composant visé et quelques acquisitions sur un composant similaire pour retrouver le scalaire entier. Une fuite horizontale durant la multiplication de grands nombres a été découverte et permet la détection et la correction d’erreurs afin de retrouver tous les bits du scalaire. La seconde attaque exploite une fuite due à la soustraction conditionnelle finale dans la multiplication modulaire de Montgomery. Une étude statistique de ces soustractions permet de remonter à l’enchaînement des multiplications ce qui met en échec un algorithme régulier dont les données d’entrée sont inconnues et masquées. Pour finir, nous avons prouvé formellement le niveau de sécurité de la contre-mesure contre les attaques par fautes du premier ordre nommée extension modulaire appliquée aux courbes elliptiques. / : Since the 1990s, side channel attacks have challenged the security level of cryptographic algorithms on embedded devices. Indeed, each electronic component produces physical emanations, such as the electromagnetic radiation, the power consumption or the execution time. Besides, these emanations reveal some information on the internal state of the computation. A wise attacker can retrieve secret data in the embedded device using the analyzes of the involuntary “leakage”, that is side channel attacks. This thesis focuses on the security evaluation of asymmetric cryptographic algorithm such as RSA and ECC. In these algorithms, the main leakages are observed on the modular multiplication. This thesis presents two attacks targeting the modular multiplication in protected algorithms, and a formal demonstration of security level of a countermeasure named modular extension. A first attack is against scalar multiplication on elliptic curve implemented with a regular algorithm and scalar blinding. This attack uses a unique acquisition on the targeted device and few acquisitionson another similar device to retrieve the whole scalar. A horizontal leakage during the modular multiplication over large numbers allows to detect and correct easily an error bit in the scalar. A second attack exploits the final subtraction at the end of Montgomery modular multiplication. By studying the dependency of consecutive multiplications, we can exploit the information of presence or absence of final subtraction in order to defeat two protections : regular algorithm and blinding input values. Finally, we prove formally the security level of modular extension against first order fault attacks applied on elliptic curves cryptography.
|
32 |
Secure and Efficient Implementations of Cryptographic PrimitivesGuo, Xu 30 May 2012 (has links)
Nowadays pervasive computing opens up many new challenges. Personal and sensitive data and computations are distributed over a wide range of computing devices. This presents great challenges in cryptographic system designs: how to protect privacy, authentication, and integrity in this distributed and connected computing world, and how to satisfy the requirements of different platforms, ranging from resource constrained embedded devices to high-end servers. Moreover, once mathematically strong cryptographic algorithms are implemented in either software or hardware, they are known to be vulnerable to various implementation attacks. Although many countermeasures have been proposed, selecting and integrating a set of countermeasures thwarting multiple attacks into a single design is far from trivial. Security, performance and cost need to be considered together.
The research presented in this dissertation deals with the secure and efficient implementation of cryptographic primitives. We focus on how to integrate cryptographic coprocessors in an efficient and secure way. The outcome of this research leads to four contributions to hardware security research. First, we propose a programmable and parallel Elliptic Curve Cryptography (ECC) coprocessor architecture. We use a systematic way of analyzing the impact of System-on-Chip (SoC) integration to the cryptographic coprocessor performance and optimize the hardware/software codesign of cryptographic coprocessors. Second, we provide a hardware evaluation methodology to the NIST SHA-3 standardization process. Our research efforts cover both of the SHA-3 fourteen Second Round candidates and five Third Round finalists. We design the first SHA-3 benchmark chip and discuss the technology impact to the SHA-3 hardware evaluation process. Third, we discuss two technology dependent issues in the fair comparison of cryptographic hardware. We provide a systematic approach to do a cross-platform comparison between SHA-3 FPGA and ASIC benchmarking results and propose a methodology for lightweight hash designs. Finally, we provide guidelines to select implementation attack countermeasures in ECC cryptosystem designs. We discuss how to integrate a set of countermeasures to resist a collection of side-channel analysis (SCA) attacks and fault attacks.
The first part of the dissertation discusses how system integration can affect the efficiency of the cryptographic primitives. We focus on the SoC integration of cryptographic coprocessors and analyze the system profile in a co-simulation environment and then on an actual FPGA-based SoC platform. We use this system-level design flow to analyze the SoC integration issues of two block ciphers: the existing Advanced Encryption Standard (AES) and a newly proposed lightweight cipher PRESENT. Next, we use hardware/software codesign techniques to design a programmable ECC coprocessor architecture which is highly flexible and scalable for system integration into a SoC architecture.
The second part of the dissertation describes our efforts in designing a hardware evaluation methodology applied to the NIST SHA-3 standardization process. Our Application Specific Integrated Circuit (ASIC) implementation results of five SHA-3 finalists are the first ASIC real measurement results reported in the literature. As a contribution to the NIST SHA-3 competition, we provide timely ASIC implementation cost and performance results of the five SHA-3 finalists in the SHA-3 standard final round evaluation process. We define a consistent and comprehensive hardware evaluation methodology to the NIST SHA-3 standardization process from Field Programmable Gate Array (FPGA) prototyping to ASIC implementation.
The third part of the dissertation extends the discussion on hardware benchmarking of NIST SHA-3 candidates by analyzing the impact of technology to the fair comparison of cryptographic hardware. First, a cross-platform comparison between the FPGA and ASIC results of SHA-3 designs demonstrates the gap between two sets of benchmarking results. We describe a systematic approach to analyze a SHA-3 hardware benchmark process for both FPGAs and ASICs. Next, by observing the interaction of hash algorithm design, architecture design, and technology mapping, we propose a methodology for lightweight hash implementation and apply it to CubeHash optimizations. Our ultra-lightweight design of the CubeHash algorithm represents the smallest ASIC implementation of this algorithm reported in the literature. Then, we introduced a cost model for analyzing the hardware cost of lightweight hash implementations.
The fourth part of the dissertation discusses SCA attacks and fault attacks resistant cryptosystem designs. We complete a comprehensive survey of state-of-the-art of secure ECC implementations and propose a methodology on selecting countermeasures to thwart multiple side-channel attacks and fault attacks. We focus on a systematic way of organizing and understanding known attacks and countermeasures. / Ph. D.
|
33 |
Lightweight Cryptographic Group Key Management Protocols for the Internet of ThingsGebremichael, Teklay January 2019 (has links)
The Internet of Things (IoT) is increasingly becoming an integral component of many applications in consumer, industrial and other areas. Notions such as smart industry, smart transport, and smart world are, in large part, enabled by IoT. At its core, the IoT is underpinned by a group of devices, such as sensors and actuators, working collaboratively to provide a required service. One of the important requirements most IoT applications are expected to satisfy is ensuring the security and privacy of users. Security is an umbrella term that encompasses notions such as confidentiality, integrity and privacy, that are typically achieved using cryptographic encryption techniques. A special form of communication common in many IoT applications is group communication, where there are two or more recipients of a given message. In or-der to encrypt a message broadcast to a group, it is required that the participating parties agree on a group key a priori. Establishing and managing a group key in IoT environments, where devices are resources-constrained and groups are dynamic, is a non-trivial problem. The problem presents unique challenges with regard to con-structing protocols from lightweight and secure primitives commensurate with the resource-constrained nature of devices and maintaining security as devices dynamically leave or join a group. This thesis presents lightweight group key management protocols proposed to address the aforementioned problem, in a widely adopted model of a generic IoT network consisting of a gateway with reasonable computational power and a set of resource-constrained nodes. The aim of the group key management protocols is to enable the gateway and the set of resource-constrained devices to establish and manage a group key, which is then used to encrypt group messages. The main problems the protocols attempt to solve are establishing a group key among participating IoT devices in a secure and computationally feasible manner; enabling additionor removal of a device to the group in a security preserving manner; and enabling generation of a group session key in an efficient manner without re-running the protocol from scratch. The main challenge in designing such protocols is ensuring that the computations that a given IoT device performs as part of participating in the protocol are computationally feasible during initial group establishment, group keyupdate, and adding or removing a node from the group. The work presented in this thesis shows that the challenge can be overcome by designing protocols from lightweight cryptographic primitives. Specifically, protocols that exploit the lightweight nature of crypto-systems based on elliptic curves and the perfect secrecy of the One Time Pad (OTP) are presented. The protocols are designed in such a way that a resource-constrained member node performs a constant number of computationally easy computations during all stages of the group key management process. To demonstrate that the protocols are practically feasible, implementation resultof one of the protocols is also presented, showing that the protocol outperforms similar state-of-the-art protocols with regard to energy consumption, execution time, memory usage and number of messages generated. / <p>Vid tidpunkten för framläggningen av avhandlingen var följande delarbete opublicerat: delarbete 3 (manuskript).</p><p>At the time of the defence the following paper was unpublished: paper 3 (manuscript).</p> / SMART (Smarta system och tjänster för ett effektivt och innovativt samhälle)
|
34 |
Efficient Algorithms for Finite Fields, with Applications in Elliptic Curve CryptographyBaktir, Selcuk 01 May 2003 (has links)
This thesis introduces a new tower field representation, optimal tower fields (OTFs), that facilitates efficient finite field operations. The recursive direct inversion method presented for OTFs has significantly lower complexity than the known best method for inversion in optimal extension fields (OEFs), i.e., Itoh-Tsujii's inversion technique. The complexity of OTF inversion algorithm is shown to be O(m^2), significantly better than that of the Itoh-Tsujii algorithm, i.e. O(m^2(log_2 m)). This complexity is further improved to O(m^(log_2 3)) by utilizing the Karatsuba-Ofman algorithm. In addition, it is shown that OTFs are in fact a special class of OEFs and OTF elements may be converted to OEF representation via a simple permutation of the coefficients. Hence, OTF operations may be utilized to achieve the OEF arithmetic operations whenever a corresponding OTF representation exists. While the original OTF multiplication and squaring operations require slightly more additions than their OEF counterparts, due to the free conversion, both OTF operations may be achieved with the complexity of OEF operations. Furthermore, efficient finite field algorithms are introduced which significantly improve OTF multiplication and squaring operations. The OTF inversion algorithm was implemented on the ARM family of processors for a medium and a large sized field whose elements can be represented with 192 and 320 bits, respectively. In the implementation, the new OTF inversion algorithm ran at least six to eight times faster than the known best method for inversion in OEFs, i.e., Itoh-Tsujii inversion technique. According to the implementation results obtained, it is indicated that using the OTF inversion method an elliptic curve scalar point multiplication operation can be performed at least two to three times faster than the known best implementation for the selected fields.
|
35 |
On Efficient Polynomial Multiplication and Its Impact on Curve based CryptosystemsAlrefai, Ahmad Salam 05 December 2013 (has links)
Secure communication is critical to many applications. To this end, various security goals can be achieved using elliptic/hyperelliptic curve and pairing based cryptography. Polynomial multiplication is used in the underlying operations of these protocols. Therefore, as part of this thesis different recursive algorithms are studied; these algorithms include Karatsuba, Toom, and Bernstein. In this thesis, we investigate algorithms and implementation techniques to improve the performance of the cryptographic protocols. Common factors present in explicit formulae in elliptic curves operations are utilized such that two multiplications are replaced by a single multiplication in a higher field. Moreover, we utilize the idea based on common factor used in elliptic curves and generate new explicit formulae for hyperelliptic curves and pairing. In the case of hyperelliptic curves, the common factor method is applied to the fastest known even characteristic hyperelliptic curve operations, i.e. divisor addition and divisor doubling. Similarly, in pairing we observe the presence of common factors inside the Miller loop of Eta pairing and the theoretical results show significant improvement when applying the idea based on common factor method. This has a great advantage for applications that require higher speed.
|
36 |
Increasing the Robustness of Point Operations in Co-Z Arithmetic against Side-Channel AttacksAlmohaimeed, Ziyad Mohammed 08 August 2013 (has links)
Elliptic curve cryptography (ECC) has played a significant role on secure devices since it was introduced by Koblitz and Miller more than three decades ago. The great demand for ECC is created by its shorter key length while it provides an equivalent security level in comparison to previously introduced public-key cryptosystems (e.g.RSA). From an implementation point of view a shorter key length means a higher
processing speed, smaller power consumption, and silicon area requirement. Scalar multiplication is the main operation in Elliptic Curve Diffie-Hellman (ECDH), which is a key-agreement protocol using ECC. As shown in the prior literature, this operation is both vulnerable to Power Analysis attack and requires a large amount of time. Therefore, a lot of research has focused on enhancing the performance and security of scalar multiplication. In this work, we describe three schemes to counter power analysis cryptographic attacks. The first scheme provides improved security
at the expense of a very small cost of additional hardware overhead; its basic idea is to randomize independent field operations in order to have multiple power consumption traces for each point operation. In the second scheme, we introduce an atomic block that consists of addition, multiplication and addition [A-M-A]. This technique provides a very good scalar multiplication protection but with increased computation cost. The third scheme provides both security and speed by adopting the second tech-
nique and enhancing the instruction-level parallelism at the atomic level. As a result, the last scheme also provides a reduction in computing time. With these schemes the users can optimize the trade-off between speed, cost, and security level according to their needs and resources. / Graduate / 0544 / 0984 / z.mohaimeed@gmail.com
|
37 |
Kryptografické protokoly pro ochranu soukromí / Cryptographic protocols for privacy protectionHanzlíček, Martin January 2018 (has links)
This work focuses on cryptographic protocol with privacy protection. The work solves the question of the elliptic curves and use in cryptography in conjunction with authentication protocols. The outputs of the work are two applications. The first application serves as a user and will replace the ID card. The second application is authentication and serves as a user authentication terminal. Both applications are designed for the Android operating system. Applications are used to select user attributes, confirm registration, user verification and show the result of verification.
|
38 |
Software Implementations and Applications of Elliptic Curve CryptographyKultinov, Kirill 06 June 2019 (has links)
No description available.
|
39 |
A Computational Introduction to Elliptic and Hyperelliptic Curve CryptographyWilcox, Nicholas 20 December 2018 (has links)
No description available.
|
40 |
A Portable and Improved Implementation of the Diffie-Hellman Protocol for Wireless Sensor NetworksShoaib, Naveed 22 September 2009 (has links)
No description available.
|
Page generated in 0.0599 seconds