Real-time monitoring of distributed real-time and embedded systems using Web

Puranik, Darshan Gajanan

03 January 2014

Indiana University-Purdue University Indianapolis (IUPUI) / Asynchronous JavaScript and XML (AJAX) is the primary method for enabling asynchronous communication over the Web. Although AJAX is providing warranted real-time capabilities to the Web, it requires unconventional programming methods at the expense of extensive resource usage. WebSockets, which is an emerging protocol, has the potential to address many challenges with implementing asynchronous communication over the Web. There, however, has been no in-depth study that quantitatively compares AJAX and WebSockets. This thesis therefore provides two contributions to Web development. First, it provides an experience report for adding real-time monitoring support over the Web to the Open-source Architecture of Software Instrumentation of Systems(OASIS), which is open-source real-time instrumentation middleware for distributed real-time and embedded (DRE) systems. Secondly, it quantitatively compares using AJAX and WebSockets to stream collected instrumentation data over the Web in real-time. Results from quantitative comparison between WebSockets and AJAX show that a WebSockets server consumes 50% less network bandwidth than an AJAX server; a WebSockets client consumes memory at constant rate, not at an increasing rate; and WebSockets can send up to 215.44% more data samples when consuming the same amount network bandwidth as AJAX.

Real-time instrumentation

WebSockets

AJAX

Monitoring

Comparison

Open source intelligence

OASIS (Computer file) -- Research

Web servers -- Research

Operating systems (Computers)

Embedded computer systems

Middleware -- Research -- Analysis

Ajax (Web site development technology)

JavaScript (Computer program language)

Smart card fault attacks on public key and elliptic curve cryptography

Ling, Jie

January 2014

Indiana University-Purdue University Indianapolis (IUPUI) / Blömmer, Otto, and Seifert presented a fault attack on elliptic curve scalar multiplication called the Sign Change Attack, which causes a fault that changes the sign of the accumulation point. As the use of a sign bit for an extended integer is highly unlikely, this appears to be a highly selective manipulation of the key stream. In this thesis we describe two plausible fault attacks on a smart card implementation of elliptic curve cryptography. King and Wang designed a new attack called counter fault attack by attacking the scalar multiple of discrete-log cryptosystem. They then successfully generalize this approach to a family of attacks. By implementing King and Wang's scheme on RSA, we successfully attacked RSA keys for a variety of sizes. Further, we generalized the attack model to an attack on any implementation that uses NAF and wNAF key.

Smart Card

RSA

ECC

Fault Attack

Smart Card Security

Public Key

NAF

wNAF

Counter Fault Attack

Bit Flip Attack

Doubling Attack

Attack Simulation

Data encryption (Computer science)

Curves, Elliptic -- Data processing

Cryptography -- Mathematics

Public key cryptography -- Research

Data protection -- Research

Computer engineering -- Research

Coding theory

Computer security

Data structures (Computer science)

Embedded computer systems

Smart card industry

Computer networks -- Security measures

Computers -- Access control