Ing. Jiří Buček, Ph.D.

Publikace

SPA Attack on NTRU Protected Implementation with Sparse Representation of Private Key

Autoři
Rabas, T.; Buček, J.; Lórencz, R.
Rok
2023
Publikováno
Proceedings of the 9th International Conference on Information Systems Security and Privacy. Madeira: SciTePress, 2023. p. 135-143. ISSN 2184-4356. ISBN 978-989-758-624-8.
Typ
Stať ve sborníku
Anotace
NTRU is a post-quantum public-key, lattice-based cryptosystem. Several suggested implementations claim to be simple-power analysis resistant. One of these implementations was described in (An et al., 2018) using a sparse representation of a private key and a new design of an algorithm for the multiplication of polynomials. We show that it is still vulnerable. We theoretically explain a vulnerability in the algorithm description that could potentially lead to a single-trace attack. We practically perform the attack on two targets with different architectures: an 8-bit microcontroller of the AVR family and a 32-bit microcontroller ARM Cortex-M0. Statistical analysis performed on the second target, measured by the ChipWhisperer platform, shows that with a chance of 91.0% we get the correct key just from one measured trace. Ability to get two measurements raises our probability of a successful attack up to 99.6%.

Symmetric and Asymmetric Schemes for Lightweight Secure Communication

Autoři
Rok
2022
Publikováno
Information Systems Security and Privacy. Basel: Springer Nature Switzerland AG, 2022. p. 97-114. ISSN 1865-0929. ISBN 978-3-030-94899-3.
Typ
Stať ve sborníku
Anotace
The paper deals with the topic of lightweight authentication and secure communication for constrained hardware devices such as IoT or embedded devices. In the paper, protocols based on both symmetric and asymmetric schemes are presented, utilizing a PUF/TRNG combined module, showing it is advantageous to have single module that will allow generation of both TRNG and PUF at the same time. This approach minimizes implementation requirements and operational resource consumption. Moreover, it allows the simplification of the overall key management process as the proposed protocols do not require to store secrets on the devices themselves. This paper is the extended and revised version of the paper entitled "Lightweight Authentication and Secure Communication Suitable for IoT Devices" [1] presented at the 6th International Conference on Information Systems Security and Privacy (ICISSP) 2020.

Three counter value based ROPUFs on FPGA and their properties

Autoři
Kodýtek, F.; Lórencz, R.; Buček, J.
Rok
2022
Publikováno
Microprocessors and Microsystems. 2022, 88 1-10. ISSN 0141-9331.
Typ
Článek
Anotace
This paper investigates the behavior of the Physical Unclonable Function (PUF) design proposed in our previous work that is based ring oscillators (ROs). Our approach is able to extract multiple output bits from each RO pair in contrary to the classical approach, where frequencies of ROs are compared. We study the behavior of our PUF design together with other two similar proposals that are also based on extracting PUF bits from counter values. In this work we compare the behavior of three PUF designs that are based on extracting PUF bits from counter values with one of them being proposed in our previous work. We evaluate these proposals at both stable and varying temperature and voltage in order to determine their robustness. The results show that our proposed technique, the frequency ratio, is the most reliable one. Furthermore, we compare the behavior of all of the three designs when mutually asymmetric and symmetric ROs are used. All of the measurements were performed on Cmod S7 FPGA boards (Xilinx XC7S25-1CSGA225C).

Verification of PUF-based IoT Protocols with AVISPA and Scyther

Autoři
Rabas, T.; Lórencz, R.; Buček, J.
Rok
2022
Publikováno
Proceedings of the 19th International Conference on Security and Cryptography. Madeira: SciTePress, 2022. p. 627-635. ISSN 2184-7711. ISBN 978-989-758-590-6.
Typ
Stať ve sborníku
Anotace
Paper from 2020 (Buchovecká et al., 2020) suggests protocols suitable for lightweight IoT Devices. They are based on physical unclonable functions (PUF) which among others simplify the problem of key management on simple hardware devices and microcontrollers. These protocols are supposed to authenticate a device and distribute keys safely so that only the intended parties can know the key. We analysed suggested protocols using two automated verification tools AVISPA and Scyther. The analysis shows that there are several issues concerning the authentication property. We demonstrate the results from the tools and describe several attacks that exploit this vulnerability. Finally, we provide modified versions of these protocols that are resistant to those attacks and satisfy authentication as desired.

Comparison of three counter value based ROPUFs on FPGA

Autoři
Kodýtek, F.; Lórencz, R.; Buček, J.
Rok
2020
Publikováno
Proceedings of the 23rd Euromicro Conference on Digital Systems Design. Los Alamitos, CA: IEEE Computer Soc., 2020. p. 205-212. ISBN 978-1-7281-9535-3.
Typ
Stať ve sborníku
Anotace
This paper extends our previous work, in which we proposed a Ring Oscillator (RO) based Physical Unclonable Function (PUF) on FPGA. Our approach is able to extract multiple output bits from each RO pair in contrary to the classical approach, where the frequencies of ROs are compared. In this work we investigate the behaviour of our proposed PUF design, together with two other similar proposals that are also based on extracting PUF bits from counter values. We evaluate these proposals under stable operating conditions. Furthermore, we compare the behaviour of all of the three designs when mutually asymmetric and symmetric ROs are used. All of the measurements were performed on Digilent Cmod S7 FPGA boards (Xilinx XC7S25-1CSGA225C).

Lightweight Authentication and Secure Communication Suitable for IoT Devices

Autoři
Rok
2020
Publikováno
Proceedings of the 6th International Conference on Information Systems Security and Privacy. Madeira: SciTePress, 2020. p. 75-83. ISSN 2184-4356. ISBN 978-989-758-399-5.
Typ
Stať ve sborníku
Anotace
In this paper we present the protocols for lightweight authentication and secure communication for IoT and embedded devices. The protocols are using a PUF/TRNG combined circuit as a basic building block. The goal is to show the possibilities of securing communication and authentication of the embedded systems, using PUF and TRNG for secure key generation, without requirement to store secrets on the device itself, thus allowing to significantly simplify the problem of key management on the simple hardware devices and microcontrollers, while allowing secure communication.

Side-Channel Attack on the A5/1 Stream Cipher

Rok
2019
Publikováno
Proceedings of the 22nd Euromicro Conference on Digital Systems Design. Los Alamitos, CA: IEEE Computer Soc., 2019. p. 633-638. ISBN 978-1-7281-2862-7.
Typ
Stať ve sborníku
Anotace
In this paper we present cryptanalysis of the A5/1 stream cipher used in GSM mobile phones. Our attack is based on power analysis where we assume that the power consumption while clocking 3 LFSRs is different than when clocking 2 LFSRs. We demonstrate a simple power analysis (SPA) attack and discuss existing differential power analysis (DPA). We present the attack for recovering secret key based on the information on clocking bits of LFSRs that was deduced from power analysis. The attack has a 100% success rate, requires minimal storage and it does not requires any single bit of a keystream. An average time complexity of our attack based on SPA is around 233 where the computation unit is a resolution of system of linear equations over the Z2. Recovering the secret key using information from the DPA has a constant complexity.

Design of a Residue Number System Based Linear System Solver in Hardware

Autoři
Buček, J.; Kubalík, P.; Lórencz, R.; Zahradnický, T.
Rok
2017
Publikováno
Journal of Signal Processing Systems. 2017, 87(3), 343-356. ISSN 1939-8018.
Typ
Článek
Anotace
This paper is focused on error-free solution of dense linear systems using residual arithmetic in hardware. The designed Modular System uses hardware identical Residual Processors (RP)s for solving independent systems of linear congruences and combines their solutions into the solution of the given linear system. This approach uses the residue number system which is based on the Chinese remainder theorem. In order to efficiently exploit parallel processing and cooperation of the individual components, a hardware architecture of the Modular System with several RPs is designed. In order to verify the proposed architecture, a Xilinx FPGA with a MicroBlaze processor was used. Experimental results are obtained for an evaluation FPGA board with Virtex 6. Results from implementation serve for subsequent theoretical analysis of the system performance for various linear system sizes and further improvement of the system. The proposed system can be useful as a special hardware peripheral or a part of an embedded system for solving large nonsingular systems of linear equations with integer, rational or floating-point coefficients with arbitrary precision.

Emulator of Contactless Smart Cards in FPGA

Rok
2017
Publikováno
Proceedings of the 6th Mediterranean Conference on Embedded Computing (MECO 2017). IEEE (Institute of Electrical and Electronics Engineers), 2017. p. 96-99. ISBN 978-1-5090-6741-1.
Typ
Stať ve sborníku
Anotace
This paper describes implementation of contactless smart card emulator compliant with ISO/IEC 14443 in Field Programmable Gate Array (FPGA). Systems using contactless smart cards are widely used and some of these systems are not secured properly. For example in many such systems smart card Unique Identifier (UID) is used as the only one authentication mean. As the UID is not encrypted and is read from the card in plain, it is easy to make a copy of the smart card and use the clone as the original card. In this work we describe emulator of a smart card implemented in FPGA which is able to spoof some genuine smart card. Emulator described in this work emulates protocol described in ISO/IEC 14443 standard, which in detail describes all aspects of RFID smart cards (from physical attributes of both - cards and readers - to communication by digital signals). The emulator is able to come through the whole card selection process and to spoof the real smart card with given UID. Moreover emulator can be selected also for higher application layer protocol communication. If we know the proprietary application layer protocol, emulator is able to spoof communication on this protocol with data recorded in it. This functionality was successfully tested on systems used at Czech Technical University in Prague, where the weak implementation of UID as the only one authentication mean is used. Emulator is responding faster than most of other existing smart card emulators thanks to high efficient implementation in hardware.

Practical Session: Differential Power Analysis for Beginners

Autoři
Buček, J.; Novotný, M.; Štěpánek, F.
Rok
2017
Publikováno
Hardware Security and Trust. Springer International Publishing, 2017. p. 77-91. ISBN 978-3-319-44316-4.
Typ
Kapitola v knize
Anotace
This tutorial will introduce you to the basics of the DPA (Differential Power Analysis) – a technique that exploits the dependency of the processed data on the power trace of the device to extract some secret information that would not be otherwise available. During the session you will learn how to process the power trace of the implementation of the AES encryption algorithm using an algebraic system (in our case Matlab), create the power hypothesis, extract the secret information and also how to measure the power consumption of the embedded system (smart card) in order to obtain the power traces. The first part of the tutorial Differential Power Analysis – Key Recovery is aimed at explaining the creation of the power hypothesis and the use of algebraic systems. The second part of the tutorial DPA – measurement with an oscilloscope covers the practical part of the exercise - the measurement of the power consumption using the PicoScope.

True random number generator based on ring oscillator PUF circuit

Autoři
Rok
2017
Publikováno
Microprocessors and Microsystems. 2017, 53 33-41. ISSN 0141-9331.
Typ
Článek
Anotace
In this paper we propose the method of generating true random numbers utilizing the circuit primarily designed as Physically Unclonable Function (PUF) based on ring oscillators. The goal is to show that it is possible to design the universal crypto system, that can be used for various applications – the PUF can be utilized for asymmetric cryptography and generating asymmetric keys, True Random Number Generator (TRNG) for symmetric cryptography (generating session and ephemeral keys), nonces and salts. In the paper the results of evaluation of such a circuit utilized for TRNG purpose are presented.

A Low-Cost Multi-Purpose Experimental FPGA Board for Cryptography Applications

Autoři
Bartík, M.; Buček, J.
Rok
2016
Publikováno
2016 IEEE 4th Workshop on Advances in Information, Electronic and Electrical Engineering (AIEEE). Piscataway, NJ: IEEE, 2016. ISBN 978-1-5090-4473-3.
Typ
Stať ve sborníku
Anotace
This paper describes the evaluation of available experimental boards, the comparison of their supported set of experiments and other aspects. The second part of this evaluation is focused on the design process of the PCB (Printed Circuit Board) for an FPGA (Field Programmable Gate Array) based cryptography environment suitable for evaluating the latest trends in the IC (Integrated Circuit) security like Side–Channel Attacks (SCA) or Physically Unclonable Function (PUF). It leads to many criteria affecting the design process and of course, the suitability for evaluating and measuring results of the attacks and their countermeasures. The developed system should be open, versatile and unrestricted by the U.S. law.

A Low-Cost Unified Experimental FPGA Board for Cryptography Applications

Autoři
Bartík, M.; Buček, J.
Rok
2016
Publikováno
TRUDEVICE 2016 Final Conference. The Universitat Politècnica de Catalunya, 2016. pp. 75-80.
Typ
Stať ve sborníku
Anotace
This paper describes the evaluation of available experimental boards, the comparison of their supported set of experiments and other aspects. The second part of this evaluation is focused on the design process of the PCB (Printed Circuit Board) for an FPGA (Field Programmable Gate Array) based cryptography environment suitable for evaluating the latest trends in the IC (Integrated Circuit) security like Side–Channel Attacks (SCA) or Physically Unclonable Function (PUF). It leads to many criteria affecting the design process and also the suitability for evaluating and measuring results of the attacks and their countermeasures. The developed system should be open, versatile and unrestricted by the U.S. law.

Improved ring oscillator PUF on FPGA and its properties

Autoři
Kodýtek, F.; Lórencz, R.; Buček, J.
Rok
2016
Publikováno
Microprocessors and Microsystems. 2016, 47 55-63. ISSN 0141-9331.
Typ
Článek
Anotace
PUFs (Physical Unclonable Function) are increasingly used in proposals of security architectures for device identification and cryptographic key generation. Many PUF designs for FPGAs proposed up to this day are based on ring oscillators (RO). The classical approach is to compare frequencies of ROs and produce a single output bit from each pair of ROs based on the result of comparison of their frequencies. This ROPUF design requires all ROs to be mutually symmetric and also the number of pairs of ROs is limited in order to preserve the independence of bits in the PUF response. This led us to design a new ROPUF on FPGA which is capable of generating multiple output bits from each pair of ROs and is also allowing to create higher number of pairs of ROs, thereby making the use of ROs more efficient than the classical approach. Our PUF design is based on selecting a particular part of a counter value and using it for the PUF output. By applying Gray code on the counter values, we have considerably improved the PUF's statistical properties. In principle, this PUF design does not need the ROs to be mutually symmetric, however, it is shown that this ROPUF design has significantly better properties with varying supply voltage when symmetric ROs are used. All of the presented measurements were performed on Digilent Basys 2 FPGA Boards (Xilinx Spartan3E-100 CP132). In this work, we provide a more detailed description of the PUF design on FPGA and the behaviour of ROs with varying supply voltage. Our proposed PUF architecture offers more output bits with required statistical properties from each RO pair than the classical approach, where frequencies of ROs are compared. The presented improvements significantly reduce the dependence on fluctuation of supply voltage.

Temperature Dependence of ROPUF on FPGA

Autoři
Rok
2016
Publikováno
Proceedings of 19th Euromicro Conference on Digital System Design DSD 2016. Los Alamitos, CA: IEEE Computer Soc., 2016. p. 698-702. ISBN 978-1-5090-2816-0.
Typ
Stať ve sborníku
Anotace
This paper continues and extends our previous work introduced in [3], [4], in which we proposed a ring oscillator (RO) based Physical Unclonable Function (PUF) on FPGA. Our approach is able to extract multiple output bits from each RO pair in contrary to the classical approach, where frequencies of ROs are compared. Our original design used asymmetric ROs, i.e. without constrained placement of gates. In this paper, we investigate the behaviour of the proposed ROPUF using symmetric ROs, and compare them against the original approach with asymmetric ROs. The measurement results showed that the ROPUF with symmetric ROs is approximately two times more stable with varying temperature. We have also compared three different methods of information extraction from ROPUF based on frequency measurement. The measured results show that out of these three methods, our one is the most stable against change of temperature. The measurements were performed on Digilent Basys 2 FPGA boards (Xilinx Spartan3E-100 CP132).

True Random Number Generator Based on ROPUF Circuit

Autoři
Rok
2016
Publikováno
Proceedings of 19th Euromicro Conference on Digital System Design DSD 2016. Los Alamitos, CA: IEEE Computer Soc., 2016. p. 519-523. ISBN 978-1-5090-2816-0.
Typ
Stať ve sborníku
Anotace
In this paper we propose the method of generating true random numbers utilizing the circuit primarily designed as PUF based on ring oscillators. The goal is to prove that it is possible to design the universal crypto system, that can be used for various applications - the PUF can be utilized for asymmetric cryptography and generating asymmetric keys, TRNG for symmetric cryptography (generating session and ephemeral keys), nonces and salts. In the paper the results of evaluation of such a circuit utilized for TRNG purpose are presented.

An ASIC Linear Congruence Solver Synthesized with Three Cell Libraries

Autoři
Buček, J.; Kubalík, P.; Lórencz, R.; Zahradnický, T.
Rok
2014
Publikováno
Proceedings of the 21st IEEE International Conference on Electronics Circuits and Systems. Monterey: IEEE Circuits and Systems Society, 2014. pp. 706-709. ISBN 978-1-4799-4242-8.
Typ
Stať ve sborníku
Anotace
The paper describes an ASIC implementation of a linear congruence solver, part of a parallel system for solution of linear equations, and presents synthesis results for three different standard cell libraries. The previous VHDL design was adapted to three ASIC technologies (130 nm, 110 nm, and 55 nm) from two different vendors and the synthesized results were mutually compared. The comparison results were further used to obtain a view of design properties in higher density technologies.

System Design of an FPGA Linear Solver

Autoři
Buček, J.; Kubalík, P.; Lórencz, R.; Zahradnický, T.
Rok
2014
Publikováno
Proceedings of the Work in Progress Session held in connection with the 40th EUROMICRO Conference on Software Engineering and Advanced Applications and the 17th EUROMICRO Conference on Digital System Design. Linz: Johannes Kepler University, 2014, ISBN 978-3-902457-40-0.
Typ
Stať ve sborníku
Anotace
The work is focused on design of a Modular System performing error-free solution of dense linear systems using residue arithmetic in Xilinx FPGA. The designed system shall use a set of Residual Processors (RP)s for linear system solution in Residue Number System and reconstruct the set's solution afterwards. The currently proposed system's architecture has a single RP, a large DDR memory used for data transfer in between a PC and the system, and a built-in MicroBlaze processor. Future work will focus on extending the architecture to implement the entire Modular System consisting of multiple RPs and performing the backward transformation from residue representation into the rational number set.

System on Chip Design of a Linear System Solver

Autoři
Buček, J.; Kubalík, P.; Lórencz, R.; Zahradnický, T.
Rok
2014
Publikováno
2014 International Symposium on System-on-Chip Proceedings. Piscataway: IEEE, 2014. ISBN 9781479968909.
Typ
Stať ve sborníku
Anotace
This paper is focused on hardware error-free solution of dense linear systems using residual arithmetic on a System on Chip Modular System. The designed Modular System uses Residual Processors (RP)s for solving independent linear systems in residue arithmetic and combines RP solutions into solution of the linear system. A System on Chip architecture of the Modular System with several RPs is designed, each with a large memory unit used for data transfer and storage. A Xilinx FPGA architecture with a MicroBlaze processor is used to verify the proposed architecture. The experimental results are obtained for an evaluation FPGA board with Virtex 6 and a 1GiB DDR memory and serve for further theoretical analysis of the system performance for various linear system sizes and the architecture of the system.

Comparison of FPGA and ASIC Implementation of a Linear Congruence Solver

Autoři
Buček, J.; Kubalík, P.; Lórencz, R.; Zahradnický, T.
Rok
2013
Publikováno
Proceedings of 16th Euromicro Conference on Digital System Design. Piscataway: IEEE Service Center, 2013. p. 284-287. ISBN 978-0-7695-5074-9.
Typ
Stať ve sborníku
Anotace
Residual processor (RP) is a dedicated hardware for solution of sets of linear congruences. RPs are parts of a larger modular system for error-free solution of linear equations in residue arithmetic. We present new FPGA and ASIC RP implementations, focusing mainly on their memory units being a bottleneck of the calculation and therefore determining the efficiency of the system. First, we choose an FPGA to easily test the functionality of our implementation, then we do the same in ASIC, and finally we compare both implementations together. The experimental FPGA results are obtained for Xilinx Virtex 6, while the ASIC results are obtained from Synopsys tools with a 130 nm standard cell library. Results also present a maximum matrix dimension fitting directly into the FPGA and achieved speed as a function of the dimension.

Differential Power Analysis under Constrained Budget: Low Cost Education of Hackers

Autoři
Štěpánek, F.; Buček, J.; Novotný, M.
Rok
2013
Publikováno
Proceedings of 16th Euromicro Conference on Digital System Design. Piscataway: IEEE Service Center, 2013. p. 645-648. ISBN 978-0-7695-5074-9.
Typ
Stať ve sborníku
Anotace
The differential power analysis is popular technique in exploiting weaknesses of the embedded systems — mostly of the smart cards. This approach is understandable as the DPA does not require expensive equipment or strong theoretical background on the device under attack. Therefore it is ideal for education of beginners or students in the field of computer security. The aim of this paper is to describe the economy of obtaining the basic equipment for the education of the differential power analysis and to share the experience with its teaching.

Dedicated Hardware Implementation of a Linear Congruence Solver in FPGA

Autoři
Buček, J.; Kubalík, P.; Lórencz, R.; Zahradnický, T.
Rok
2012
Publikováno
The 19th IEEE International Conference on Electronics, Circuits, and Systems, ICECS 2012. Monterey: IEEE Circuits and Systems Society, 2012. p. 689-692. ISBN 978-1-4673-1261-5.
Typ
Stať ve sborníku
Anotace
The residual processor is a dedicated hardware for solving sets of linear congruences. It is a part of the modular system for solving sets of linear equations without rounding errors using Residue Number System. We present a new FPGA implementation of the residual processor, focusing mainly on the memory unit that forms a bottleneck of the calculation, and therefore determines the effectivity of the system. FPGA has been chosen, as it allows us to optimally implement the designed architecture depending on the size of the problem. The proposed memory architecture of the modular system is implemented using the internal FPGA block RAM. Experimental results are obtained for the Xilinx Virtex 6 family. Results present the maximum matrix dimension fitting directly into the FPGA, and achieved speed as a function of the dimension.