Design of a High-Throughput Match Search Unit for Lossless Compression Algorithms
Autoři
Bartík, M.; Beneš, T.; Kubalík, P.
Rok
2019
Publikováno
The 9th IEEE Annual Computing and Communication Workshop and Conference (CCWC). Piscataway: IEEE, 2019. p. 732-738. ISBN 9781728105543.
Typ
Stať ve sborníku
Pracoviště
Anotace
This paper presents an attempt to combine recent research in fields of hardware- and software-based high throughput universal lossless compression algorithms and their
implementations, resulting into a case study focusing on one of the most critical parts of compression algorithms – a Match Search Unit (MSU) and its parallelization. The presented FPGA design combines ideas of the LZ4 algorithm (which is derived
from the most common LZ77) with the state of the art hardware architectures for lossless compression also based on LZ77. This approach might lead to a smaller, better organized or more efficient ”building block” for modern implementations of hardware driven lossless compression algorithms. The presented design focuses on optimization of the main problem of the LZ77 family, namely the construction of and searching in a compression dictionary. Particularly, we combine a Live Value Table (LVT) with multi-ported memory in order to improve the bandwidth of the dictionary and the Fibonacci hashing principle originating from LZ4 algorithm to decrease latency of the MSU and to
achieve overall higher throughput rate. For the design synthesis an FPGA of the Xilinx Virtex-7 family was used.
Using Voters May Lead to Secret Leakage
Autoři
Rok
2019
Publikováno
Proceedings of the 22nd International Symposium on Design and Diagnostics of Electronic Circuits and Systems. Piscataway, NJ: IEEE, 2019. p. 1-4. ISBN 978-1-7281-0073-9.
Typ
Stať ve sborníku
Pracoviště
Anotace
The security of many digital devices strongly depends
on a secret value stored in them. To mitigate security
threats, high protection of such a value must be provided.
Many attacks against (cryptographic) hardware as well as attack
countermeasures were presented recently. As new attacks are
invented continuously, it is important to analyze even potential
threats to mitigate device vulnerability during its lifetime. In this
paper, we report a novel voter-related vulnerability, which can
be potentially misused to compromise the secret value stored in
an embedded device.
CMOS Illumination Discloses Processed Data
Autoři
Rok
2019
Publikováno
Proceedings of the 22nd Euromicro Conference on Digital Systems Design. Los Alamitos, CA: IEEE Computer Soc., 2019. p. 381-388. ISBN 978-1-7281-2861-0.
Typ
Stať ve sborníku
Pracoviště
Anotace
As digital devices penetrate to many areas important
for the present society, it is important to analyze even
potential threats to mitigate vulnerabilities during their lifetime.
In this paper, we analyze the data dependency of the photocurrent
induced by a laser beam in the illuminated CMOS circuit. The
data dependency may introduce potential threat(s) originating
in the nature of the CMOS technology. The data dependency
can be potentially misused to compromise the data processed by
an embedded device. We show that also the devices employing
dual-rail encoding to hide data-dependency are not safe.
High Throughput and Low Latency LZ4 Compressor on FPGA
Autoři
Beneš, T.; Bartík, M.; Kubalík, P.
Rok
2019
Publikováno
2019 International Conference on ReConFigurable Computing and FPGAs. Piscataway, NJ: IEEE, 2019. ISSN 2640-0472. ISBN 978-1-7281-1957-1.
Typ
Stať ve sborníku
Pracoviště
Anotace
This paper presents an FPGA design implementing a single LZ4 lossless compression IP block, providing a throughput
of 6 Gbps combined with extremely low latency, while still
retaining full binary compatibility with the original LZ4 format.
The best-known competitor is capable of processing up to 2 Gbps
per block/engine with unknown latency. The presented design
uses two key features: a low-latency 8-way match search unit
and consequently a match buffer which allows encoding LZ4
sequences independently to reduce stalls in the data processing
pipeline. The design was evaluated on several compression
corpora with an average compression ratio of 1.7.
L7 capable flow exporter described in P4
Autoři
Havránek, J.; Čejka, T.; Benáček, P.
Rok
2019
Publikováno
Proceedings of the 7th Prague Embedded Systems Workshop. Praha: ČVUT FIT, Katedra číslicového návrhu, 2019. p. 29-32. ISBN 978-80-01-06607-2.
Typ
Stať ve sborníku
Pracoviště
Anotace
Current flow exporters are the essential source of information for monitoring systems. They usually cre-ate aggregated information as flow data and, additionally, it is possible to extract headers from higherlayer protocols (L7). Due to requirements on high throughput, the flow exporters use hardware accel-eration to handle high packet rate at link speed (aiming at least 100 Gb/s). However, manually createddesign of such high-performance devices is very complex and complicated. Therefore, we propose touse a high-level P4 language for description of network traffic processing device that will be capable ofhandling L7 information. As our recent works show, it is possible to generate high-performance firmwaredesign automatically based on P4 description. Since P4 is not primarily intended for processing L7 data,this paper proposes a feasible way to overcome limits of P4.
Ultra High Resolution Jitter Measurement Method for Ethernet Based Networks
Autoři
Hynek, K.; Beneš, T.; Bartík, M.; Kubalík, P.
Rok
2019
Publikováno
The 9th IEEE Annual Computing and Communication Workshop and Conference (CCWC). Piscataway: IEEE, 2019. p. 847-851. ISBN 9781728105543.
Typ
Stať ve sborníku
Pracoviště
Anotace
This document presents a new approach to network jitter measurement and analysis in asynchronous data networks such as Ethernet. The developed monitoring device is capable to analyze an incoming stream speed of 1 Gb/s with the resolution up to 8 ns. The system architecture supports speeds up to 100 Gb/s networks. The presented architecture can provide several statistical functions such as measuring a network jitter by Interarrival Histograms method providing the mean value and peak-to-peak value as well. The architecture was implemented and tested on Xilinx Kintex UltraScale FPGA chip using Avnet AES-KU040-DB-G development board.
Future approaches to monitoring in high-speed backbone networks
Autoři
Rok
2019
Publikováno
Proceedings of the 7th Prague Embedded Systems Workshop. Praha: ČVUT FIT, Katedra číslicového návrhu, 2019. p. 27-28. ISBN 978-80-01-06607-2.
Typ
Stať ve sborníku
Pracoviště
Anotace
Network monitoring features has been always a challenge in high-speed networks. Some of themlike detailed traffic analysis and packet inspection are not suited or simply not feasible even on modernhardware. The challenges are becoming even greater with an uprise of encrypted traffic. This leaves largeopportunity for threat actors to take advantage of. Therefore, it is necessary to develop a new generationof monitoring tools that can deal with the current issues for security purposes. This research aims toimprove traffic analysis techniques to handle encrypted traffic, and also to adapt hardware acceleratedmonitoring components for processing.
ENERGY CONTROL PRINCIPLES IN AN AUTOMOTIVE ACTIVE SUSPENSION SYSTEM
Autoři
Rok
2019
Publikováno
international scientific journal tran&MOTAUTO WORLD. 2019, 4/2019(3), 107-110. ISSN 2367-8399.
Typ
Článek
Pracoviště
Anotace
In the paper, energy recuperation and management in automotive suspension systems with linear electric motors controlled
using a proposed H∞ controller to obtain a variable mechanical force for a car damper is presented. Vehicle suspensions in which forces
are generated in response to feedback signals by active elements obviously offer increased design flexibility compared to the conventional
suspensions using passive elements such as springs and dampers. The main advantage of the proposed solution using a linear AC motor is
the possibility to generate desired forces acting between the unsprung and sprung masses of the car, providing good insulation of the car
sprung mass from the road surface disturbances. In addition, under certain circumstances using linear motors as actuators enables to
transform mechanical energy of the vertical car vibrations to electrical energy, accumulate it, and use it when needed. Energy flow control
(management) enables to reduce or even eliminate the demands concerning the external power source.
LIMITATIONS TO SUSPENSION PERFORMANCE IN A TWO-DEGREE-OF-FREEDOM CAR ACTIVE SUSPENSION
Autoři
Rok
2019
Publikováno
Proceedings of the V. International Scientific Congress Innovations 2019. Sofija: Scientific-technical union of mechanical engineering, 2019. p. 28-32. III. vol. 3. ISSN 2603-3763.
Typ
Stať ve sborníku
Pracoviště
Anotace
: It is often assumed that if practical difficulties are neglected, active systems could produce in principle arbitrary ideal behavior. This paper presents the factorization approach that is taken to derive limitations of achievable frequency responses for active vehicle suspension systems in terms of invariant frequency points and restricted rate of decay at high frequencies. The factorization approach enables us to determine complete sets of such constraints on various transfer functions from the load and road disturbance inputs for typical choices of measured outputs and then choose the “most advantageous” vector of the measurements from the point of view of the widest class of the achievable frequency responses. Using a simple linear two degree-of-freedom car suspension system model it will be shown that even using complete state feedback and in the case of in which the system is controllable in the control theory sense, there still are limitations to suspension performance in the fully active state.
LIMITATIONS TO SUSPENSION PERFORMANCE IN A TWO-DEGREE-OF-FREEDOM CAR ACTIVE SUSPENSION
Typ
Článek
Pracoviště
Anotace
It is often assumed that if practical difficulties are neglected, active systems could produce in principle arbitrary ideal behavior.
This paper presents the factorization approach that is taken to derive limitations of achievable frequency responses for active vehicle
suspension systems in terms of invariant frequency points and restricted rate of decay at high frequencies. The factorization approach
enables us to determine complete sets of such constraints on various transfer functions from the load and road disturbance inputs for typical
choices of measured outputs and then choose the “most advantageous” vector of the measurements from the point of view of the widest class
of the achievable frequency responses. Using a simple linear two degree-of-freedom car suspension system model it will be shown that even
using complete state feedback and in the case of in which the system is controllable in the control theory sense, there still are limitations to
suspension performance in the fully active state.
ON CONTROL OF ENERGY FLOW IN THE AUTOMOTIVE ACTIVE SUSPENSION SYSTEM
Autoři
Rok
2019
Publikováno
International Journal of Mechanical and Production Engineering. 2019, 7(11), 5-9. ISSN 2320-2092.
Typ
Článek
Pracoviště
Anotace
In the paper, energy recuperation and energy flow distribution in automotive suspension systems with linear
electric motors controlled using a designed H∞ controller to obtain a variable mechanical force for a car active damper is
presented. Vehicle suspensions in which forces are generated in response to feedback signals by active elements obviously
offer increased design flexibility compared to the conventional suspensions using passive elements such as springs and
dampers. The main advantage of the specified new solution using a linear AC motor is the possibility to generate desired forces
acting between the unsprung and sprung masses of the car, providing good insulation of the car sprung mass from the road
surface and load disturbances. In addition, under certain circumstances, the application of linear motors as actuators enables to
transform mechanical energy of the vertical car vibrations to electrical energy, accumulate it, and use it when needed. Energy
flow control enables to reduce or even eliminate the demands concerning the external power source.
Analýza Dummy Rounds jako opatření proti DPA v hardwaru
Autoři
Rok
2019
Publikováno
Sborník příspěvků PAD 2019 – elektronická verze. Praha: AMCA spol. s r.o., 2019. ISBN 978-80-88214-20-5.
Typ
Stať ve sborníku
Pracoviště
Anotace
V předchozí práci bylo představeno ochranné schéma Dummy rounds, které vzniklo za účelem ochrany implementace Substitučně-permutačních a Feistelových šifer před útoky postranními kanály. Jeho experimentální vyhodnocení odhalilo slabiny, především v první a poslední rundě. V tomto článku ukazujeme, jak může být situace vylepšena na základě pravděpodobností přechodů ve stavovém prostoru algoritmu. Odvodili jsme nutné a dostačující podmínky pro dosažení rovnoměrného rozložení pravděpodobností přechodů a tedy jejich minimálních hodnot. Optimální průchody stavovým prostorem jsou pravidelné a snadno implementovatelné.
Analyzing and Optimizing the Dummy Rounds Scheme
Autoři
Rok
2019
Publikováno
Proceedings of the 22nd International Symposium on Design and Diagnostics of Electronic Circuits and Systems. Piscataway, NJ: IEEE, 2019. p. 1-4. ISBN 978-1-7281-0073-9.
Typ
Stať ve sborníku
Pracoviště
Anotace
The dummy rounds protection scheme, intendedto offer resistance against Side Channel Attacks to Feisteland SP ciphers, has been introduced in earlier work. Itsexperimental evaluation revealed weaknesses, most notablyin the first and last round. In this contribution, we showthat the situation can be greatly improved by controllingthe transition probabilities in the state space of the algo-rithm. We derived necessary and sufficient conditions forthe round execution probabilities to be uniform and hencethe minimum possible. The optimum trajectories over thestate space are regular and easy to implement.
High-Performance Spiking Neural Network Simulator
Autoři
Khun, J.; Novotný, M.; Skrbek, M.
Rok
2019
Publikováno
Proceedings of the 8th Mediterranean Conference on Embedded Computing - MECO'2019. Institute of Electrical and Electronics Engineers, Inc., 2019. p. 88-91. ISSN 2377-5475. ISBN 978-1-7281-1739-3.
Typ
Stať ve sborníku
Pracoviště
Anotace
Simulation of neural networks is a significant task for contemporary artificial intelligence research. Despite the availability of modern processing hardware, the task is still too demanding to be done in a sequential way. Therefore, a parallel computation approach is almost always necessary. Modern graphical accelerators (GPUs) represent highly parallel machines with a significant computational performance that can be unleashed only under certain conditions including threads scheduling, proper sources occupation, aligned data access, communication management, etc. We have proposed a novel acceleration approach for large neural networks. It is using a GPU and incorporating biologically highly precise spiking neurons that can imitate real biological neurons. The simulator can be, for example, used for research of communication dynamics of large neural networks with tens of thousands of spiking neurons.
SAT Modulo Differential Equation Simulations
Autoři
Kolárik, T.; Ratschan, S.
Rok
2020
Publikováno
Tests and Proofs. Cham: Springer, 2020. p. 80-99. ISSN 0302-9743. ISBN 978-3-030-50994-1.
Typ
Stať ve sborníku
Pracoviště
Anotace
Differential equations are of immense importance for modeling physical phenomena, often in combination with discrete modeling formalisms. In current industrial practice, properties of the resulting models are checked by testing, using simulation tools. Research on SAT solvers that are able to handle differential equations has aimed at replacing tests by correctness proofs. However, there are fundamental limitations to such approaches in the form of undecidability, and moreover, the resulting solvers do not scale to problems of the size commonly handled by simulation tools. Also, in many applications, classical mathematical semantics of differential equations often does not correspond well to the actual intended semantics, and hence a correctness proof wrt. mathematical semantics does not ensure correctness of the intended system.
In this paper, we head at overcoming those limitations by an alternative approach to handling differential equations within SAT solvers. This approach is usually based on the semantics used by tests in simulation tools, but still may result in mathematically precise correctness proofs wrt. that semantics. Experiments with a prototype implementation confirm the promise of such an approach.
Dependability Problems in Interconnected World
Autoři
Rok
2019
Publikováno
Proceedings of the 8th Mediterranean Conference on Embedded Computing - MECO'2019. Institute of Electrical and Electronics Engineers, Inc., 2019. p. 9. ISSN 2377-5475. ISBN 978-1-7281-1739-3.
Typ
Stať ve sborníku vyzvaná či oceněná
Pracoviště
Anotace
Development of new technologies and especially the basic principles of Industry 4.0 (interconnection, IoT, information transparency, technical assistance, cyber physical systems and decentralization) means not only standard improvements, e.g. increasing of performance, but also some negative issues. Everybody must be on-line 24 hours, there are more and more small things with their own intelligence. The proper trade-off between the price and reliability must be solved always with respect to the application. The application-specific systems are used due to possible programmability both hardware and software blocks. It can lead to totally different principles in digital design. Here global overview of problems that must be taken into account in today interconnected world, especially with emphasizing the dependability issues will be presented. There are several basic questions: what does it mean dependability, how to predict proper parameters and how to guarantee them before the final (mostly expensive) production, what model to use and how to validate it and how to verify the final realization, what are and how to overcome the most probable faults, how to combine and express safety and security limits, and finally how to ensure these requirements concurrently both in development and production processes.
Útoky postranními kanály: efektivní implementace a ochrany odolné proti poruchám
Autoři
Rok
2019
Publikováno
Sborník příspěvků PAD 2019 – elektronická verze. Praha: AMCA spol. s r.o., 2019. p. 68-72. ISBN 978-80-88214-20-5.
Typ
Stať ve sborníku
Pracoviště
Anotace
Tato práce se zabývá dosavadními výsledky autora v oblasti výzkumu útoků postranními kanály. Práce se zaměřuje na dvě hlavní oblasti: efektivní implementace pro vyhodnocování útoků a ochrany proti útokům odolné proti poruchám. V textu jsou stručně shrnuty již publikované výsledky autora a podrobněji rozebrán aktuální, zatím nepublikovaný výzkum věnovaný spolehlivým architekturám využívajícím redundanci obsaženou v maskovacích schématech pro snížení režijních nákladů zejména s ohledem na plochu. Struktura této práce kopíruje strukturu chystané dizertační práce.
Low-Cost Portable ECG
Autoři
Rok
2019
Publikováno
Proceedings of the 8th Mediterranean Conference on Embedded Computing - MECO'2019. Institute of Electrical and Electronics Engineers, Inc., 2019. p. 660-663. ISSN 2377-5475. ISBN 978-1-7281-1739-3.
Typ
Stať ve sborníku
Pracoviště
Anotace
Common contemporary ECG units are computer-based devices that can be connected to the computer network to enable simultaneous monitoring of several patients in, e.g., intensive care units. Typically, these devices are relatively large, heavy, and powered from the wall socket. As a result, the movement of a patient is limited, even in cases when the patient’s physical condition does not bind him/her to the bed. This paper describes proof-of-concept portable device for electrocardiography which can measure three elemental ECG leads, is battery powered and transmits measured data into a central data collection unit via WiFi. Therefore, the patient can leave the bed for a reasonable distance, while the physician can continue monitoring the patient’s health condition. It is easy to quickstart usage and mass production of the presented prototype. We have tested the hardware and developed the necessary software. The system is based on ADAS1000 from Analog Devices as an ECG analogue front-end. Measured data are processed by STM32L0 MCU and sent to the data collection unit using the ESP8266 WiFi module.
Hierarchical Dependability Models based on Non-Homogeneous Continuous Time Markov Chains
Autoři
Rok
2019
Publikováno
2019 14th International Conference on Design & Technology of Integrated Systems In Nanoscale Era (DTIS). IEEE, 2019. ISBN 978-1-7281-3424-6.
Typ
Stať ve sborníku
Pracoviště
Anotace
This paper shows a method of calculating the hazard rate of the non-homogeneous Markov chains using different homogeneous probability matrices for several hundreds small time intervals. The proposed method is applied on hierarchical dependability models allowing independent calculations of the hazard rates of multiple cooperating blocks of the system. The independent calculations are significantly faster than the calculation of a single model composed of all models of the blocks and the proposed method is very accurate compared to methods based on homogeneous Markov chains.
Accurate Inexact Calculations of Non-Homogeneous Markov Chains
Autoři
Rok
2019
Publikováno
Proceedings of the 22nd Euromicro Conference on Digital Systems Design. Los Alamitos, CA: IEEE Computer Soc., 2019. p. 470-477. ISBN 978-1-7281-2861-0.
Typ
Stať ve sborníku
Pracoviště
Anotace
Dependability models allow calculating the rate of events leading to a hazard state - a situation, where safety of the modeled dependable system is violated, thus the system may cause material loss, serious injuries or casualties. Hierarchical dependability models allow expressing multiple redundancies made at multiple levels of a system consisting of multiple cooperating blocks. The hazard rates of the blocks are calculated independently and, when combined, they are used to calculate the hazard rate of the whole system. The independent calculations are significantly faster than the calculation of a single model composed of all models of the blocks. The paper shows a method of calculating the hazard rate of the non-homogeneous Markov chains using different homogeneous probability matrices for several hundreds small time intervals. This method will allow us to calculate the hazard rate of the non-homogeneous Markov chain very accurately compared to methods based on homogeneous Markov chains.
Multiprecision ANSI C Library for Implementation of Cryptographic Algorithms on Microcontrollers
Autoři
Říha, J.; Klemsa, J.; Novotný, M.
Rok
2019
Publikováno
Proceedings of the 8th Mediterranean Conference on Embedded Computing - MECO'2019. Institute of Electrical and Electronics Engineers, Inc., 2019. p. 275-278. ISSN 2377-5475. ISBN 978-1-7281-1739-3.
Typ
Stať ve sborníku vyzvaná či oceněná
Pracoviště
Anotace
Current cryptographic algorithms work with operands that are several times wider than the machine word, e.g., the still popular RSA algorithm shall use at least 2 048-bit keys. Such algorithms therefore require libraries that implement multiprecision arithmetic. Existing libraries are either not tailored for microcontrollers, or they implement an incomplete set of multiprecision operations, which limits the implementation of some unusual cryptographic algorithms on microcontrollers.
In this work, we present a novel ANSI C library that implements also some less common operations like, e.g., multiprecision integer division. The library was designed with respect to the use on microcontrollers and has been tested on ARM M4-based microcontroller Microchip CEC1302.
Dynamic Logic Reconfiguration Based Side-Channel Protection of AES and Serpent
Autoři
Rok
2019
Publikováno
Proceedings of the 22nd Euromicro Conference on Digital Systems Design. Los Alamitos, CA: IEEE Computer Soc., 2019. p. 277-282. ISBN 978-1-7281-2861-0.
Typ
Stať ve sborníku
Pracoviště
Anotace
Dynamic logic reconfiguration is a concept which allows for efficient on-the-fly modifications of combinational circuit behaviour in both ASIC and FPGA devices. The reconfiguration of Boolean functions is achieved by modification of their generators (e.g. shift register-based look-up tables) and it can be controlled from within the chip, without the necessity of any external intervention. This hardware polymorphism can be utilized for the implementation of side-channel attack countermeasures, as demonstrated by Sasdrich et al. for the lightweight cipher PRESENT.
In this work we adopt these countermeasures to two of the AES finalists, namely Rijndael and Serpent. Just like PRESENT, both Rijndael and Serpent are block ciphers based on a substitution-permutation network. We describe the countermeasures and adjustments necessary to protect these ciphers using the resources available in modern Xilinx FPGAs. We describe our VHDL implementations and evaluate the side-channel leakage and effectiveness of different countermeasure combinations using a methodology based on Welch’s t-test.
We did not detect any significant leakage from the fully protected versions of our implementations. We show that the countermeasures proposed by Sasdrich et al. are, with some modifications compared to the protected PRESENT implementation, successfully applicable to AES and Serpent.
Efficient algorithmic evaluation of correlation power analysis: Key distinguisher based on the correlation trace derivative
Autoři
Rok
2019
Publikováno
Microprocessors and Microsystems. 2019, 2019(71), 1-8. ISSN 0141-9331.
Typ
Článek
Pracoviště
Anotace
Correlation power analysis (CPA) is one of the most common side-channel attacks today, posing a threat to many modern ciphers, including AES. In the final step of this attack, the cipher key is usually extracted by the attacker by visually examining the correlation traces for each key guess. The naïve way to extract the correct key algorithmically is selecting the key guess with the maximum Pearson correlation coefficient.
We propose another key distinguisher based on a significant change in the correlation trace rather than on the absolute value of the coefficient. Our approach performs better than the standard maximization, especially in the noisy environment, and it allows to significantly reduce the number of acquired power traces necessary to successfully mount an attack in noisy environment, and in some cases make the attack even feasible.
First-Order and Higher-Order Power Analysis: Computational Approaches and Aspects
Autoři
Rok
2019
Publikováno
Proceedings of the 8th Mediterranean Conference on Embedded Computing - MECO'2019. Institute of Electrical and Electronics Engineers, Inc., 2019. p. 83-87. ISSN 2377-5475. ISBN 978-1-7281-1739-3.
Typ
Stať ve sborníku
Pracoviště
Anotace
Side-channel analysis pose a serious threat to many modern cryptosystems. Using Correlation power analysis, attacker may be able to recover the cipher key and therefore jeopardize the whole cryptosystem, which is why many countermeasures are being developed. These countermeasures are typically effective against first-order attacks. However, protected implementations may still be vulnerable to higher-order analysis. In this paper, we compare different approaches to the higher-order analysis regarding their mathematical and performance properties. We focus on Correlation power analysis attack and the test vector leakage assesment using Welch’s t-test, we optimize and accelerate discussed algorithms using CPU and GPU, and we present our experimental results and remarks
SICAK: An open-source SIde-Channel Analysis toolKit
Autoři
Rok
2019
Publikováno
8th Workshop on Trustworthy Manufacturing and Utilization of Secure Devices (TRUDEVICE 2019). Karlsruhe Institute of Technology, 2019.
Typ
Stať ve sborníku
Pracoviště
Anotace
Side-channel cryptanalysis pose a serious threat to many modern cryptographic systems. Typical scenario of a side-channel attack consists of an active phase, where data are acquired, and of an analytical phase, where the data get examined and evaluated. This work presents a software toolkit which includes support for both phases of the side-channel attack. The toolkit consists of non-interactive text-based utilities with modular plug-in architecture. The measurement utility supports different oscilloscopes, target interfaces and measurement scenarios. The evaluation utilities include support for the test vector leakage assessment and the CPA attack. Different approaches to the algorithmical evaluation of the attack are implemented in order to extract the cipher key. The visualisation utility allows for the visual examination of the attack results by the user. The toolkit aims to be multiplatform and it is written using C/C++ with performance in mind. Time-demanding operations (such as the statistical analysis) are accelerated using OpenMP and OpenCL for an efficient computation on both CPU and GPU devices.