Ing. Stanislav Jeřábek

Stať ve sborníku

10.1109/DSD51259.2020.00053

Katedra číslicového návrhu

In our previous work, we developed the Dummy Rounds countermeasure to protect the hardware design against side-channel attacks. The scheme employs hiding in time and hiding in consumption. After several improvements of the datapath, the leakage has been minimized significantly. In this paper, we present the enhancement of the Dummy Rounds controller. This enhancement enables further reduction of the leakage. We tested the method on PRESENT cipher implemented in the Sakura-G board. The design was evaluated using Welch's t-test.

Stať ve sborníku

10.1109/DDECS50862.2020.9095720

Katedra číslicového návrhu

The Dummy Rounds Side-Channel Attacks countermeasure scheme for digital design has been proposed in earlier work. Its experimental evaluation and analysis revealed weaknesses that resulted in the proposal of an enhanced Dummy Rounds scheme. In this paper, we present the implementation of the proposed enhancement of Dummy Rounds scheme in PRESENT cipher and provide its experimental evaluation using Welch’s t-test. We further propose several novel modifications of dummy Rounds scheme as a solution to other security problems we have encountered. Novel Dummy Rounds scheme, namely its modifications proposed in this paper, are superior to earlier proposed schemes in terms of side-channel leakage prevention.

Stať ve sborníku

Katedra číslicového návrhu

V předchozí práci bylo představeno ochranné schéma Dummy rounds, které vzniklo za účelem ochrany implementace Substitučně-permutačních a Feistelových šifer před útoky postranními kanály. Jeho experimentální vyhodnocení odhalilo slabiny, především v první a poslední rundě. V tomto článku ukazujeme, jak může být situace vylepšena na základě pravděpodobností přechodů ve stavovém prostoru algoritmu. Odvodili jsme nutné a dostačující podmínky pro dosažení rovnoměrného rozložení pravděpodobností přechodů a tedy jejich minimálních hodnot. Optimální průchody stavovým prostorem jsou pravidelné a snadno implementovatelné.

Stať ve sborníku

10.1109/DDECS.2019.8724632

Katedra číslicového návrhu

The dummy rounds protection scheme, intendedto offer resistance against Side Channel Attacks to Feisteland SP ciphers, has been introduced in earlier work. Itsexperimental evaluation revealed weaknesses, most notablyin the first and last round. In this contribution, we showthat the situation can be greatly improved by controllingthe transition probabilities in the state space of the algo-rithm. We derived necessary and sufficient conditions forthe round execution probabilities to be uniform and hencethe minimum possible. The optimum trajectories over thestate space are regular and easy to implement.

Stať ve sborníku

10.1109/DSD.2019.00048

Katedra číslicového návrhu

Dynamic logic reconfiguration is a concept which allows for efficient on-the-fly modifications of combinational circuit behaviour in both ASIC and FPGA devices. The reconfiguration of Boolean functions is achieved by modification of their generators (e.g. shift register-based look-up tables) and it can be controlled from within the chip, without the necessity of any external intervention. This hardware polymorphism can be utilized for the implementation of side-channel attack countermeasures, as demonstrated by Sasdrich et al. for the lightweight cipher PRESENT. In this work we adopt these countermeasures to two of the AES finalists, namely Rijndael and Serpent. Just like PRESENT, both Rijndael and Serpent are block ciphers based on a substitution-permutation network. We describe the countermeasures and adjustments necessary to protect these ciphers using the resources available in modern Xilinx FPGAs. We describe our VHDL implementations and evaluate the side-channel leakage and effectiveness of different countermeasure combinations using a methodology based on Welch’s t-test. We did not detect any significant leakage from the fully protected versions of our implementations. We show that the countermeasures proposed by Sasdrich et al. are, with some modifications compared to the protected PRESENT implementation, successfully applicable to AES and Serpent.

Stať ve sborníku

10.1109/DSD.2018.00092

Katedra číslicového návrhu

This paper describes the technique of Dummy Rounds as a countermeasure against DPA in hardware implementation of round-based ciphers. Its principle is inspired by several well-known countermeasures used in hardware as Hiding and Dynamic Reconfiguration as well as countermeasures used in software implementations as Dummy cycles, Random order execution or Hiding in time. Being inspired by countermeasures based on dynamic reconfiguration, this method combines hiding of power consumption with hiding in time. In this work we also discuss the amount of randomness available for the control of the computation.

Stať ve sborníku

Katedra číslicového návrhu

Tato práce popisuje techniku Dummy Rounds jako protiopatření vůči DPA v hardwarových implementacích rundovních šifer. Princip je inspirován dobře známými metodami používaných v hardwaru jako skrývání a dynamická rekonfigurace stejně jako metodami z softwarových implementací jako nadbytečné cykly, náhodné provádění instrukcí nebo skrývání v čase. Tato metoda inspirovaná dynamickou rekonfigurací kombinuje skrývání spotřeby se skrýváním v čase. V této práci také diskutujeme množství náhodnosti dostupné pro kontrolu výpočtu.

Stať ve sborníku

Katedra číslicového návrhu

Reliability and security are critical properties of all hardware designs. However improving of one of the metrics causes very often decrease of the other metric. Our goal is to find novel method of programmable hardware design increasing both, reliability and security, or at least one of them without decreasing the other. We want to use dynamic reconfiguration on FPGA with lightweight cipher PRESENT implemented as countermeasure against differential power analysis. We will implement on our own existing method described in one of the earlier published papers. After that we will investigate influence of some modifications, implement our novel usage of dynamic reconfiguration usage combining it with hiding in time method and also investigate combination of our novel method and the previously published.

Stať ve sborníku

Katedra číslicového návrhu

Tato práce pojednává o směřování výzkumu v rámci tématu dizertační práce věnující se bezpečným a spolehlivým architekturám pro programovatelný hardware, především FPGA. Konkrétně práce pojednává o již existující implementaci šifry PRESENT na FPGA, kde je použita dynamická rekonfigurace jako jedno z opatření proti útoku pomocí rozdílové odběrové analýzy. Poté obsahuje diskusi nových možností pužití dynamické rekonfigurace a jejich vliv na bezpečnost i spolehlivost výsledného obvodu.

Stať ve sborníku

10.1109/MECO.2017.7977169

Katedra číslicového návrhu
Katedra počítačových systémů

This paper describes implementation of contactless smart card emulator compliant with ISO/IEC 14443 in Field Programmable Gate Array (FPGA). Systems using contactless smart cards are widely used and some of these systems are not secured properly. For example in many such systems smart card Unique Identifier (UID) is used as the only one authentication mean. As the UID is not encrypted and is read from the card in plain, it is easy to make a copy of the smart card and use the clone as the original card. In this work we describe emulator of a smart card implemented in FPGA which is able to spoof some genuine smart card. Emulator described in this work emulates protocol described in ISO/IEC 14443 standard, which in detail describes all aspects of RFID smart cards (from physical attributes of both - cards and readers - to communication by digital signals). The emulator is able to come through the whole card selection process and to spoof the real smart card with given UID. Moreover emulator can be selected also for higher application layer protocol communication. If we know the proprietary application layer protocol, emulator is able to spoof communication on this protocol with data recorded in it. This functionality was successfully tested on systems used at Czech Technical University in Prague, where the weak implementation of UID as the only one authentication mean is used. Emulator is responding faster than most of other existing smart card emulators thanks to high efficient implementation in hardware.

Stať ve sborníku

Katedra číslicového návrhu

This paper describes implementation of contactless smart card emulator compliant with ISO/IEC 14443 in FPGA. Systems using contactless smart cards are widely used and some of these systems are not secured properly. For example in many such systems UID (unique identifier) is used as the only one authentication mean. As the UID is not encrypted and is read from the card in plain, it is easy to make a copy of the smart card and use the clone as the original card. In this work we describe emulator of a smart card implemented in FPGA which is able to spoof some genuine smart card Emulator then can be used to spoof some other card successfully. Emulator described in this work emulates protocol described in parts from 1 to 3 of ISO/IEC 14443 standard. So emulator is able to come through whole card selection process and so spoof the real smart card with given UID. This functionality was successfully tested on systems used at CTU in Prague, where the weak implementation of UID as the only one authentication mean is used. If the last part of the standard would be implemented, this device should be used as part of relay attack system. This is possible thanks to high efficient implementation in hardware and thus possibility to overcome proximity–check protection.