Side-Channel Analysis of Cryptographic Processor CEC 1702
Autoři
Horníčková, T.; Přeučil, T.; Novotný, M.; Martinásek, Z.
Rok
2023
Publikováno
Proceedings of 2023 12th Mediterranean Conference on Embedded Computing (MECO). Piscataway: IEEE, 2023. ISSN 2637-9511. ISBN 979-8-3503-2291-0.
Typ
Stať ve sborníku
Pracoviště
Anotace
Cryptography is omnipresent in our daily life, as we need it for trusted authentication (e.g., in access systems), secure communication, ensuring data integrity and confidentiality, and many more. However, even if mathematically secure ciphers are used, the device running the cryptographic algorithms is still vul-nerable to side-channel attacks that may reveal the secrets. These attacks exploit the fact that power consumption or electromagnetic emanation of the device depends on processed data. To prevent such an attack, the designer must employ countermeasures, such as masking, hiding, or shuffling. In this paper, we focus on Microchip CEC1702 microcontroller that supports common cryptographic operations in hardware. We analyze the resistance of its AES accelerator against correlation power analysis (CPA). We analyzed 100 million power traces by first-order CPA and univariate second-order CPA. In neither case did we find any vulnerability.
Surveying the security of access systems in Uppsala, Sweden
Autoři
Rok
2023
Publikováno
Proceedings of 2023 12th Mediterranean Conference on Embedded Computing (MECO). Piscataway: IEEE, 2023. ISSN 2637-9511. ISBN 979-8-3503-2291-0.
Typ
Stať ve sborníku
Pracoviště
Anotace
Today, many people use several access systems on a daily basis without paying attention to the fact that many of the technologies in use are obsolete and insecure. For example, there are published attacks against all generations of MIFARE Classic cards and cloning a MIFARE Ultralight card is trivial. In this paper, we look into the security of several access systems in a student town Uppsala in Sweden. We evaluate the security of the cards or tags used for access as well as some of the security of the systems themselves. We present a detailed report on the configurations, including any vulnerabilities, while also presenting attacks exploiting these vulnerabilities, as well as real-life examples of how these attacks can be dangerous to the end user. We compare these systems to a well-designed system in the same city and suggest fixes for all vulnerabilities we found. When presenting the potential fixes, we pay attention to the ease and cost of the fixes.
Evaluation of power saving methods for low-power WiFi environment sensors
Autoři
Rok
2022
Publikováno
Proceedings of the 11th Mediterranean Conference on Embedded Computing (MECO 2022). Institute of Electrical and Electronics Engineers, Inc., 2022. p. 114-118. ISSN 2377-5475. ISBN 978-1-6654-6828-2.
Typ
Stať ve sborníku
Pracoviště
Anotace
Environment sensing devices are all around us and the instruction cycle of these devices is usually simple: wake up, measure data, send them to a central unit or to the cloud and enter deep sleep. These devices also need to last as long as possible on a single charge and when we say single charge, we mean months at least. This leads to one common problem-these devices usually use low data rate networks like ZigBee or LoRa and therefore are not easy to deploy for a common user. There are several ways of achieving low power consumption when using WiFi. This paper describes and evaluates these methods and recommends power-saving methods for the WiFi module ESP8266. This paper also describes the development of a reference low-power device that can sense the environment (temperature, humidity and pressure in this case) and uses 2.4 GHz WiFi. Therefore, this device does not need any sort of gateway and can connect directly to the network most users already have deployed. Current programming allows for quick and easy transmission of the data to an MQTT server. It is easy to quicks tart usage and mass production of the presented prototype. The system is based on the popular ESP8266 as a base for measurement, processing and WiFi communication. For power management, more circuitry is used. The paper presents a full reference schematics of the developed device.
Implementation of the Rainbow signature scheme on SoC FPGA
Autoři
Rok
2022
Publikováno
Proceedings of the 2022 25th Euromicro Conference on Digital System Design. Los Alamitos: IEEE Computer Society, 2022. p. 513-519. ISBN 978-1-6654-7404-7.
Typ
Stať ve sborníku
Pracoviště
Anotace
Thanks to the research progress, quantum computers are slowly becoming a reality and some companies already have their working prototypes. While this is great news for some, it also means that some of the encryption algorithms used today will be rendered unsafe and obsolete. Due to this fact, NIST (US National Institute of Standards and Technology) has been running a standardization process for quantum-resistant key exchange algorithms and digital signatures. One of these is Rainbow—a signature scheme based on the fact that solving a set of random multivariate quadratic system is an NP-hard problem.
This work aims to develop an AXI-connected accelerator for the Rainbow signature scheme, specifically the Ia variant. The accelerator is highly parameterizable, allowing to choose the data bus width, directly affecting the FPGA area used. It is also possible to swap components to use the design for other variants of Rainbow. This allows for a comprehensive experimental evaluation of our design.
The developed accelerator provides significant speedup compared to CPU-based computation. This paper includes detailed documentation of the design as well as performance and resource utilisation evaluation.
Low-Cost Portable ECG
Autoři
Rok
2019
Publikováno
Proceedings of the 8th Mediterranean Conference on Embedded Computing - MECO'2019. Institute of Electrical and Electronics Engineers, Inc., 2019. p. 660-663. ISSN 2377-5475. ISBN 978-1-7281-1739-3.
Typ
Stať ve sborníku
Pracoviště
Anotace
Common contemporary ECG units are computer-based devices that can be connected to the computer network to enable simultaneous monitoring of several patients in, e.g., intensive care units. Typically, these devices are relatively large, heavy, and powered from the wall socket. As a result, the movement of a patient is limited, even in cases when the patient’s physical condition does not bind him/her to the bed. This paper describes proof-of-concept portable device for electrocardiography which can measure three elemental ECG leads, is battery powered and transmits measured data into a central data collection unit via WiFi. Therefore, the patient can leave the bed for a reasonable distance, while the physician can continue monitoring the patient’s health condition. It is easy to quickstart usage and mass production of the presented prototype. We have tested the hardware and developed the necessary software. The system is based on ADAS1000 from Analog Devices as an ECG analogue front-end. Measured data are processed by STM32L0 MCU and sent to the data collection unit using the ESP8266 WiFi module.