Dr.-Ing. Martin Novotný

Research in methods of implementation and acceleration of cryptologic operations and schemes in embedded systems and in reconfigurable hardware, namely in field-programmable gate arrays.

Dr.-Ing. Martin Novotný

Ing. Vojtěch Miškovský, Ph.D.

Department of Digital Design

The goal of this thesis is the creation of a FPGA-based emulator for the computer Tesla PMI-80. The thesis describes the architecture of the computer and methods of emulation that could be used. Then follows the reasoning for the final choice, which is a core for the MiSTer project on the Terasic DE-10 Nano board. Finally, the implementation is documented and some possibilities of its further use are shown.

Thesis on DSpace

Dr.-Ing. Martin Novotný

Ing. Vojtěch Miškovský, Ph.D.

Department of Digital Design

We explored the possibilities of application of Differential Power Analysis (DPA) on the implementation of AES algorithm on the FPGA Spartan-3E by Xilinx. We created two different hardware implementations of the AES cipher in VHDL language, a script implementing the DPA method in the Mathematica software and a wrapper implementing the communication between an AES module and a computer using a serial line. We inserted eight different versions of AES cipher inside the wrapper - five versions with safety measures and three basic versions without any safety measures. We compared the resistance of basic variant with the fault tolerant ones by computing the minimal number of power traces needed for breaking the correct key for each variant. We discovered that the safety measures (hardware redundacy, time redundancy and information redundancy) had minimal influence on the resistance against DPA.

Thesis on DSpace

Dr.-Ing. Martin Novotný

Ing. Vojtěch Miškovský, Ph.D.

Department of Digital Design

This thesis proposes a versatile hardware framework for elliptic curve cryptography. The framework supports modular arithmetics with up to 256-bit general modulus and optimized arithmetic for P-256, Ed25519, and Curve25519 curves, enabling easy implementation of various elliptic curve cryptography algorithms. Full elliptic curve and Edwards curve digital signature algorithms can be performed using this framework as well as the X25519 algorithm for Diffie-Hellman key exchange. Such a framework finds its application area in nowadays rapidly expanding field of hardware wallets or IoT devices. As the design is intended to be implemented in ASIC, it is designed to be area efficient. Individual hardware units are reused for several different calculations. The framework allows to implement several side-channel attack countermeasures, mainly masking techniques, even after the framework is designed.

Thesis on DSpace

Dr.-Ing. Martin Novotný

Ing. Vojtěch Miškovský, Ph.D.

Department of Digital Design

The bachelor thesis deals with the inluence of prevention against fault-injection attacks on the AES cryptographic algorithm implemented on the Spartan 3E FPGA. It is investigated whether these fault detection circuits have any impact on resistance to differential power analysis attacks. In the course of the thesis, hardware implementation of AES in VHDL was developed and a program was written for DPA attack in the Matlab scripting language. Additional 5 variants were derived from the primary desing containing information redundancy for error detection during runtime. The number of patterns of consumption was found to successfully break the cipher and obtain the cipher key for each variation. The results did not reveal any greater impact on the feasibility of the attack.

Thesis on DSpace

Dr.-Ing. Martin Novotný

Ing. Vojtěch Miškovský, Ph.D.

Department of Digital Design

The thesis explores applicability of differential power analysis (DPA) attack against FPGA implementation of AES. We created all necesery tools for DPA on FPGA, i.e. we created several variants of AES in FPGA, we developed scripts for differential power analysis and we modifed programe controling power measurements to cooperate with FPGA kit. DPA tools were verified on SmardCard implementaion of AES. Attack was succesful in these case. DPA was then applied on seven various configurations of AES implementation in FPGA.The configurations vary in VHDL code, modifed schematic of design kit and/or various power supplies. The attack was not succesful in any above configuration. In scope of this work we also propose future work in exploration of DPA applicability on field programmable gate arrays.

Thesis on DSpace

Dr.-Ing. Martin Novotný

Ing. Jakub Klemsa

Department of Digital Design

The bachelor thesis focuses on working with the CEC1702 cryptoprocessor. The first part of the thesis is oriented on programming the cryptoprocessor, modification of existing implementation of the library for operating on large numbers, and implementation of the Paillier cryptosystem for the mentioned cryptoprocessor. The thesis also includes development of firmware that allows the use of the RSA-CRT encryption algorithm and the Paillier cryptosystem with variable key length. The second part of the thesis focuses on fault injection attacks on the RSA-CRT encryption algorithm. Power supply glitches and clock source glitches used are generated using the ChipWhisperer suite. The attacks are first successfully performed on the STM32F3 microcontroller, where RSA-CRT is implemented using the library for operating on large numbers from the first part of the thesis. Using the knowledge from the attacks on the STM32F3, a further set of attacks was designed for the CEC1702 cryptoprocessor, using only power supply glitches, as the CEC1702 does not have the ability to use an external clock source. The attack was performed on two versions of RSA-CRT. The first version corresponds to the implementation for the STM32F3. The second version uses a hardware accelerator for cryptographic operations. The attack was successful on both versions of the implementation. This thesis outlines a possible approach to extend the created implementations and the implemented fault injection attacks. Created manual for programming the cryptoprocessor and the firmware documentation can be found in the appendix of the thesis.

Thesis on DSpace

Dr.-Ing. Martin Novotný

Ing. Vojtěch Miškovský, Ph.D.

Department of Digital Design

Aim of this work is to compare influence of Fault-Tolerance techniques on differential power-analysis (DPA) resistance of AES cipher implemented in Altera FPGA. After attacking simple variant, I attacked fault-tolerant variants of the cipher and compared results with the simple variant. From the comparison follows that the use of informational redundancy at SubBytes operation, spatial and time redundancy at both round and algorithm level had minimal influence on resistance against DPA, as the number of power traces necessary to obtain the key had not changed significantly.

Thesis on DSpace

Dr.-Ing. Martin Novotný

Ing. Ivo Háleček

Department of Digital Design

This bachelor's thesis aims to build a simple, expandable and cheap slider for photographic devices -- so-called camera slider. The mechanical part of the device is in a form of round metal rails, on which a carriage is moved using a toothed belt and a motor, firmly fixed on one side of the rails. Controlling is done by a commonly available and programmable device called Arduino. The user interface is provided by a joystick and a small display. It is possible to configure the slider via the serial interface from a GUI application. The benefits of this work include easy future device-expansion (it is possible to connect and control up to three motors) and affordable price. The slider is suitable for creating timelapses.

Thesis on DSpace

Dr.-Ing. Martin Novotný

Ing. Stanislav Jeřábek

Department of Digital Design

This thesis focuses on securing block ciphers against side-channel attacks that can deduce the secret key from a device's power consumption. Multiple-and dummy-rounds countermeasure was tested because its effectiveness is yet to be proven. To verify previous results and find possible errors in countermeasure design, I created VHDL implementation of PRESENT cipher secured by dummy rounds. This version underwent a series of tests that revealed a leakage at the beginning of the cryptographic operation. Further improvements led to progressively better but still unsatisfying results. The most prominent feature was the insertion of a random number of dummy clock cycles before the first valid operation. I also examined the influence of added dummy registers used as storage for outputs of dummy rounds. Furthermore, as part of my effort, I developed tools useful for future testing of multiple- and dummy-rounds countermeasure.

Thesis on DSpace

Dr.-Ing. Martin Novotný

Ing. Vojtěch Miškovský, Ph.D.

Department of Digital Design

This bachelor thesis looks into the development of a portable device for electrocardiography which can measure three elemental ECG leads, is battery powered and transmits measured data into a central data collection unit via WiFi. The patient is therefore able to move and the physician can see real time information about his/her condition. The core of the system is an ECG analog frontend -- ADAS1000 from Analog Devices. The data are processed by STM32L0 MCU and sent to the data collection unit using ESP8266 WiFi module. The main output of this thesis is a complete prototype design which contains both hardware and software. It is very simple to manufacture a PCB from the presented data and thanks to enclosed source codes of MCU firmware and central unit software (which can be run on any Linux PC) it is possible to quick start the usage of the prototype. The enclosed DVD contains prototype photos, PCB design and source codes.

Thesis on DSpace

Dr.-Ing. Martin Novotný

Ing. Jaroslav Jedlinský

Department of Software Engineering

Dr.-Ing. Martin Novotný

Ing. Petr Pulc

Department of Digital Design

The goal of this work is to implement a pitch shifter of a stereophonic audio signal in real time with a requirement of low distortion and low latency. Basic principles of audio processing are explained. Various pitch shifting algorithms are described and considered, resulting in selection of the Ocean algorithm based on Short time Fourier transform bin shifting. An erroneous equation in the algorithm description is fixed. The algorithm is implemented in real-time on a digital signal processor kit ADSP BF548 EZ-KIT and its outputs are compared to other pitch shifters. The implementation is found to perform almost as well as a commercial pitch shifter. It is concluded that further drastic improvements of Short time Fourier transform based pitch shifters are impossible as they are approaching the fundamental limits of the transform.

Thesis on DSpace

Dr.-Ing. Martin Novotný

Ing. Petr Bulena

Department of Digital Design

Dr.-Ing. Martin Novotný

Ing. Jan Pospíšil, Ph.D.

Department of Digital Design

Dr.-Ing. Martin Novotný

Ing. Vojtěch Miškovský, Ph.D.

Department of Digital Design

We explored the possibilities of the Differential Power Analysis (DPA) on the Field Programmable Gate Array (FPGA). We have modified the application for measuring a power consumption, created scripts for performing DPA, and created different implementations of AES algorithm for FPGA. Developed scripts and applications for DPA were verified against AES implementation for smart cards. Once those applications successfully broke the implementation for smart cards, we continued with the application of DPA against AES implementation for an FPGA board. DPA against FPGA was performed in six different configurations. Those configurations differed in AES implementation for FPGA, in board configuration, in oscilloscope setup, and in method of the attack. We found variants that could be successfully broken. We found out that an oscilloscope and measuring environment setups has major impact on the feasibility of the DPA on FPGA. The implementation is less important for the success of the attack. The most important aspect of the implementation was the clock frequency. We have also found out that using different power sources and removing capacitors on the FPGA board have significant impact on the feasibility of the DPA.

Thesis on DSpace

Dr.-Ing. Martin Novotný

Ing. Jakub Klemsa

Department of Digital Design

The goal of this work is provide a development flow for CEC1702 Cryptographic Microcontroller and to assess its robustness against Power Analysis side-channel attacks. Attacks mounted were Correlational Power Analysis and Higher-Order Power Analysis targeting first round of encryption. After successfully attacking firmware implementation of AES on another ARM controller -- STM32F3, several other -- also successful -- attacks were mounted on corresponding implementation on CEC1702. Final attacks were mounted on the AES implementation using hardware accelerator, where all failed. Platforms for attack used were ChipWhisperer toolchain and SICAK toolkit.

Thesis on DSpace

Dr.-Ing. Martin Novotný

Ing. Tomáš Vaňát, Ph.D.

Department of Digital Design

Dr.-Ing. Martin Novotný

prof. Ing. Róbert Lórencz, CSc.

Department of Computer Systems

This thesis attempts to use the GPU to speed up one step of Index Calculus, an algorithm for finding the discrete logarithm. The step consists of solving a large sparse system of linear congruences. The thesis describes three methods of solving sparse linear systems, investigating the viability of their modification for modular arithmetic and for the specific characteristics of the problem. An implementation and documentation of a multifrontal LU factorization follows, utilizing in part the GPU. Finally, performance measurements show that great speedup cannot be achieved using the GPU in this situation.

Thesis on DSpace

Dr.-Ing. Martin Novotný

Ing. Jan Pospíšil, Ph.D.

Department of Digital Design

Dr.-Ing. Martin Novotný

Ing. Vojtěch Miškovský, Ph.D.

Department of Digital Design

Every cryptographic design has to be secure to fulfil its function properly. As side-channel attacks are becoming easier and easier to perform, designers of secure circuits must pay attention to implementing various countermeasures against these attacks. However, in some cases, their hard work can be thwarted if automatic optimizations invalidate the defences. This thesis explores the effect of synthesis parameters settings on the vulnerability of the cryptographic designs implemented in FPGAs to side-channel attacks. It focuses on the implementation of AES with multiple countermeasures against attacks and evaluates the effect of parameters settings on security using Test Vector Leakage Assessment based on Welch's t-test.

Thesis on DSpace

Dr.-Ing. Martin Novotný

Ing. Jakub Klemsa

Department of Digital Design

With the rise of cloud compute services, the privacy of user's data is often put into question, as the service provider has full access to it. This is further exacerbated by facilities that hold private data, but lack the computational power to run their own research - namely hospitals. A Fully Homomorphic Encryption (FHE) could be a solution to this problem as it can evaluate arbitrary functions over encrypted data without the need for decryption on the Cloud service provider's side. Since the breakthrough by Gentry et al. in 2009, this field is very active with Chilloti et al. recently introducing the scheme called TFHE. TFHE scheme has been shown to be suitable for securing Machine Learning as a Service (MLaaS). TFHE in its original form only works with one-bit plaintext space, however, several improvements allow the usage of multivalue plaintext space. This improved version was codenamed netWork-ready TFHE (WTHE). In general, (W)TFHE Schemes implemented in software are several orders of magnitude slower than the commonly used encryption schemes. This thesis serves as a case study to determine the feasibility of accelerating the WTFHE Scheme with an FPGA. Our contributions consist of designing an FPGA accelerator capable of simple Neural Network evaluation, measuring its performance compared to the software setup, discovering resource requirements, and the potential of scalability.

Thesis on DSpace

Dr.-Ing. Martin Novotný

Ing. Viktor Černý

Department of Computer Systems

Diploma thesis deals with nowadays very mentioned term Internet of Things and especially with the issue of security of devices from this category. The main objective of this thesis was to analyze security risks and possible security incidents and afterwards to apply the acquired knowledge in the development of the sound sensor, which will be used to obtain sound data for the detection of sound anomalies by Neuron soundware company. The sound sensor was developed on the basis of predefined rules and it is multi-level security against the theft of sensitive data. Sensor uses services such as Amazon S3, Dataplicity, Elasticsearch, Logstash, Kibana and Filebeat.

Thesis on DSpace

Dr.-Ing. Martin Novotný

doc. Ing. Ivan Šimeček, Ph.D.

Department of Computer Systems