Theses

doc. Dr.-Ing. Martin Novotný

Ing. Vojtěch Miškovský, Ph.D.

Department of Computer Systems

This thesis explored the replicability of a remote side-channel attack. Initially, an analysis was conducted on current FPGA on-chip power sensors and their approaches to executing remote side-channel attacks. Subsequently, the routing delay sensor was identified as a suitable candidate and deployed on the Digilent Basys 3 (Xilinx Artix-7) board. Using this sensor, measurements were carried out, enabling a successful remote power analysis side-channel attack on the last round of the AES-128 cipher, which was evaluated using correlation power analysis. Thus, the replicability of a remote attack aimed at obtaining a secret key in the presence of the routing delay sensor has been confirmed. Furthermore, all Python scripts used throughout were made openly available in the attachments.

Thesis on DSpace

doc. Dr.-Ing. Martin Novotný

Ing. Jakub Klemsa

Department of Digital Design

The bachelor thesis focuses on working with the CEC1702 cryptoprocessor. The first part of the thesis is oriented on programming the cryptoprocessor, modification of existing implementation of the library for operating on large numbers, and implementation of the Paillier cryptosystem for the mentioned cryptoprocessor. The thesis also includes development of firmware that allows the use of the RSA-CRT encryption algorithm and the Paillier cryptosystem with variable key length. The second part of the thesis focuses on fault injection attacks on the RSA-CRT encryption algorithm. Power supply glitches and clock source glitches used are generated using the ChipWhisperer suite. The attacks are first successfully performed on the STM32F3 microcontroller, where RSA-CRT is implemented using the library for operating on large numbers from the first part of the thesis. Using the knowledge from the attacks on the STM32F3, a further set of attacks was designed for the CEC1702 cryptoprocessor, using only power supply glitches, as the CEC1702 does not have the ability to use an external clock source. The attack was performed on two versions of RSA-CRT. The first version corresponds to the implementation for the STM32F3. The second version uses a hardware accelerator for cryptographic operations. The attack was successful on both versions of the implementation. This thesis outlines a possible approach to extend the created implementations and the implemented fault injection attacks. Created manual for programming the cryptoprocessor and the firmware documentation can be found in the appendix of the thesis.

Thesis on DSpace

doc. Dr.-Ing. Martin Novotný

Ing. Jakub Klemsa

Department of Digital Design

The goal of this work is provide a development flow for CEC1702 Cryptographic Microcontroller and to assess its robustness against Power Analysis side-channel attacks. Attacks mounted were Correlational Power Analysis and Higher-Order Power Analysis targeting first round of encryption. After successfully attacking firmware implementation of AES on another ARM controller -- STM32F3, several other -- also successful -- attacks were mounted on corresponding implementation on CEC1702. Final attacks were mounted on the AES implementation using hardware accelerator, where all failed. Platforms for attack used were ChipWhisperer toolchain and SICAK toolkit.

Thesis on DSpace

doc. Dr.-Ing. Martin Novotný

Ing. Vojtěch Miškovský, Ph.D.

Department of Digital Design

This thesis proposes a versatile hardware framework for elliptic curve cryptography. The framework supports modular arithmetics with up to 256-bit general modulus and optimized arithmetic for P-256, Ed25519, and Curve25519 curves, enabling easy implementation of various elliptic curve cryptography algorithms. Full elliptic curve and Edwards curve digital signature algorithms can be performed using this framework as well as the X25519 algorithm for Diffie-Hellman key exchange. Such a framework finds its application area in nowadays rapidly expanding field of hardware wallets or IoT devices. As the design is intended to be implemented in ASIC, it is designed to be area efficient. Individual hardware units are reused for several different calculations. The framework allows to implement several side-channel attack countermeasures, mainly masking techniques, even after the framework is designed.

Thesis on DSpace

Ing. Petr Socha, Ph.D.

Ing. Vojtěch Miškovský, Ph.D.

Department of Digital Design

PRESENT cipher encrypts and decrypts a text block. Correlation power analysis introduces power consumption model to correlate against real consumption during encryption. During encryption can be introduces undesired phenomenons, that could decrease the correlation. Signal- to-noise ratio is a ratio of a signal against and undesired events. In the event of increase of undesired phenomenons, signal-to-noise ratio will decrease. This work deliberately changes the power of noise and encloses the relationship between signal-to-noise ratio and correlation power attack success rate.

Thesis on DSpace

Dr.-Ing. Martin Novotný

Ing. Stanislav Jeřábek

Department of Digital Design

This thesis focuses on securing block ciphers against side-channel attacks that can deduce the secret key from a device's power consumption. Multiple-and dummy-rounds countermeasure was tested because its effectiveness is yet to be proven. To verify previous results and find possible errors in countermeasure design, I created VHDL implementation of PRESENT cipher secured by dummy rounds. This version underwent a series of tests that revealed a leakage at the beginning of the cryptographic operation. Further improvements led to progressively better but still unsatisfying results. The most prominent feature was the insertion of a random number of dummy clock cycles before the first valid operation. I also examined the influence of added dummy registers used as storage for outputs of dummy rounds. Furthermore, as part of my effort, I developed tools useful for future testing of multiple- and dummy-rounds countermeasure.

Thesis on DSpace

Dr.-Ing. Martin Novotný

Ing. Vojtěch Miškovský, Ph.D.

Department of Digital Design

The bachelor thesis deals with the inluence of prevention against fault-injection attacks on the AES cryptographic algorithm implemented on the Spartan 3E FPGA. It is investigated whether these fault detection circuits have any impact on resistance to differential power analysis attacks. In the course of the thesis, hardware implementation of AES in VHDL was developed and a program was written for DPA attack in the Matlab scripting language. Additional 5 variants were derived from the primary desing containing information redundancy for error detection during runtime. The number of patterns of consumption was found to successfully break the cipher and obtain the cipher key for each variation. The results did not reveal any greater impact on the feasibility of the attack.

Thesis on DSpace

Dr.-Ing. Martin Novotný

Ing. Vojtěch Miškovský, Ph.D.

Department of Digital Design

We explored the possibilities of application of Differential Power Analysis (DPA) on the implementation of AES algorithm on the FPGA Spartan-3E by Xilinx. We created two different hardware implementations of the AES cipher in VHDL language, a script implementing the DPA method in the Mathematica software and a wrapper implementing the communication between an AES module and a computer using a serial line. We inserted eight different versions of AES cipher inside the wrapper - five versions with safety measures and three basic versions without any safety measures. We compared the resistance of basic variant with the fault tolerant ones by computing the minimal number of power traces needed for breaking the correct key for each variant. We discovered that the safety measures (hardware redundacy, time redundancy and information redundancy) had minimal influence on the resistance against DPA.

Thesis on DSpace

Dr.-Ing. Martin Novotný

Ing. Vojtěch Miškovský, Ph.D.

Department of Digital Design

Aim of this work is to compare influence of Fault-Tolerance techniques on differential power-analysis (DPA) resistance of AES cipher implemented in Altera FPGA. After attacking simple variant, I attacked fault-tolerant variants of the cipher and compared results with the simple variant. From the comparison follows that the use of informational redundancy at SubBytes operation, spatial and time redundancy at both round and algorithm level had minimal influence on resistance against DPA, as the number of power traces necessary to obtain the key had not changed significantly.

Thesis on DSpace

Dr.-Ing. Martin Novotný

Ing. Vojtěch Miškovský, Ph.D.

Department of Digital Design

We explored the possibilities of the Differential Power Analysis (DPA) on the Field Programmable Gate Array (FPGA). We have modified the application for measuring a power consumption, created scripts for performing DPA, and created different implementations of AES algorithm for FPGA. Developed scripts and applications for DPA were verified against AES implementation for smart cards. Once those applications successfully broke the implementation for smart cards, we continued with the application of DPA against AES implementation for an FPGA board. DPA against FPGA was performed in six different configurations. Those configurations differed in AES implementation for FPGA, in board configuration, in oscilloscope setup, and in method of the attack. We found variants that could be successfully broken. We found out that an oscilloscope and measuring environment setups has major impact on the feasibility of the DPA on FPGA. The implementation is less important for the success of the attack. The most important aspect of the implementation was the clock frequency. We have also found out that using different power sources and removing capacitors on the FPGA board have significant impact on the feasibility of the DPA.

Thesis on DSpace

Dr.-Ing. Martin Novotný

Ing. Vojtěch Miškovský, Ph.D.

Department of Digital Design

The thesis explores applicability of differential power analysis (DPA) attack against FPGA implementation of AES. We created all necesery tools for DPA on FPGA, i.e. we created several variants of AES in FPGA, we developed scripts for differential power analysis and we modifed programe controling power measurements to cooperate with FPGA kit. DPA tools were verified on SmardCard implementaion of AES. Attack was succesful in these case. DPA was then applied on seven various configurations of AES implementation in FPGA.The configurations vary in VHDL code, modifed schematic of design kit and/or various power supplies. The attack was not succesful in any above configuration. In scope of this work we also propose future work in exploration of DPA applicability on field programmable gate arrays.

Thesis on DSpace

Ing. Vojtěch Miškovský, Ph.D.

Ing. Matúš Olekšák

Department of Digital Design

This thesis investigates the vulnerability of the ChaCha20 stream cipher to side-channel attacks, focusing on its software implementation in embedded systems. ChaCha20 is based on the ARX design principle, which relies exclusively on Addition, Rotation, and XOR operations, which are generally considered resistant to side-channel leakage. However, recent research demonstrates that even ARX constructions can be susceptible to leakage when implemented in practice. The main goal of this work is to evaluate the security of ChaCha20 against power analysis attacks. The cipher was evaluated on two widely used platforms, XMEGA and STM32F3, using the ChipWhisperer side-channel analysis framework. A thorough leakage assessment was conducted using specific and non-specific t-tests to identify exploitable leakage points. In the case of nonce misuse, full recovery of the keystream was demonstrated via a successful CPA attack. This scenario serves both as evidence of ChaCha20's vulnerability when used improperly and as validation of the attack setup and methodology. In scenarios with proper nonce usage, full key recovery was not achieved through CPA on either platform. A dedicated experiment on the feasibility of Differential Power Analysis (DPA) was also conducted, which did not yield any exploitable results. However, a novel CPA-based method for recovering key bytes stored in the first column of the ChaCha20 state was proposed and experimentally verified. This methodology leverages correlation in the second round of the cipher and applies inverse operations to reconstruct the original key bytes.

Ing. Vojtěch Miškovský, Ph.D.

Ing. David Pokorný

Department of Digital Design

Side-channel attacks and measures against them have been a hot topic for decades. Over the years, countless ways to prevent the attacker from gleaning sensitive information have emerged. Temporal misalignment of the trace either through random delay inserts or unstable clock is one such countermeasure. In response, numerous methods of realignment were proposed. This thesis researches these methods and uses one to help detect leakage from a chip with unstable clock.

Ing. Vojtěch Miškovský, Ph.D.

Ing. Matúš Olekšák

Department of Digital Design

Side-channel attacks represent a critical threat to the security of cryptographic devices, exploiting unintended physical leakages rather than mathematical vulnerabilities. This thesis focuses on evaluating the side-channel resistance of the SipHash algorithm, a lightweight ARX-based pseudorandom function, when implemented in FPGA. Although ARX ciphers are often considered resistant to such attacks, recent research suggests otherwise. A complete and configurable implementation of SipHash for the ChipWhisperer CW308 FPGA platform is presented, along with a measurement setup. Power consumption of the implementation is thoroughly evaluated using statistical leakage assessment methods. Detected vulnerabilities are then exploited in a practical side-channel attack. The results demonstrate that even ARX-based designs like SipHash require active consideration of side-channel countermeasures. This thesis provides valuable insights into the real-world security of the SipHash cipher and contributes to the broader understanding of side-channel threats in modern embedded systems.

Ing. Vojtěch Miškovský, Ph.D.

Ing. Petr Socha, Ph.D.

Department of Digital Design

This thesis focuses on the implementation of deep learning methods in side-channel analysis techniques. It explores both side-channel analysis and deep learning methodologies. The analyzed methods are implemented into a toolkit that enables their easy application. The developed tool is then used in a series of experiments to verify its functionality and evaluate the employed techniques.

Ing. Vojtěch Miškovský, Ph.D.

Ing. Petr Socha, Ph.D.

Department of Digital Design

This work deals with testing the security of control units for cars, more specifically, secure onboard communication via the CAN bus. Side-channel attack, flash of modified firmware, and extraction of bootloader over JTAG were attempted. The result is a successful attack with correlation power analysis of SipHash algorithm. However, I failed to use it for a real control unit, because of inability to find the computation in the measured data. The benefit of this work is the analysis of possible attacks on control units and successful side-channel attack on SipHash.

Thesis on DSpace

doc. Dr.-Ing. Martin Novotný

Ing. Jakub Klemsa

Department of Digital Design

With the rise of cloud compute services, the privacy of user's data is often put into question, as the service provider has full access to it. This is further exacerbated by facilities that hold private data, but lack the computational power to run their own research - namely hospitals. A Fully Homomorphic Encryption (FHE) could be a solution to this problem as it can evaluate arbitrary functions over encrypted data without the need for decryption on the Cloud service provider's side. Since the breakthrough by Gentry et al. in 2009, this field is very active with Chilloti et al. recently introducing the scheme called TFHE. TFHE scheme has been shown to be suitable for securing Machine Learning as a Service (MLaaS). TFHE in its original form only works with one-bit plaintext space, however, several improvements allow the usage of multivalue plaintext space. This improved version was codenamed netWork-ready TFHE (WTHE). In general, (W)TFHE Schemes implemented in software are several orders of magnitude slower than the commonly used encryption schemes. This thesis serves as a case study to determine the feasibility of accelerating the WTFHE Scheme with an FPGA. Our contributions consist of designing an FPGA accelerator capable of simple Neural Network evaluation, measuring its performance compared to the software setup, discovering resource requirements, and the potential of scalability.

Thesis on DSpace

Ing. Petr Socha

doc. Dr.-Ing. Martin Novotný

Department of Information Security

Rainbow, a layered multivariate quadratic digital signature, is a candidate for~standardization by National institute of standards and technology (NIST). In~this paper, we present a CPA side-channel attack on the submitted 32-bit reference implementation. We evaluate the attack on an STM32F3 ARM microcontroller. After a successful attack, we propose countermeasures against side-channel attacks. Countermeasures are implemented and evaluated using leakage assessment.

Thesis on DSpace

Dr.-Ing. Martin Novotný

Ing. Vojtěch Miškovský, Ph.D.

Department of Digital Design

Every cryptographic design has to be secure to fulfil its function properly. As side-channel attacks are becoming easier and easier to perform, designers of secure circuits must pay attention to implementing various countermeasures against these attacks. However, in some cases, their hard work can be thwarted if automatic optimizations invalidate the defences. This thesis explores the effect of synthesis parameters settings on the vulnerability of the cryptographic designs implemented in FPGAs to side-channel attacks. It focuses on the implementation of AES with multiple countermeasures against attacks and evaluates the effect of parameters settings on security using Test Vector Leakage Assessment based on Welch's t-test.

Thesis on DSpace

Ing. Vojtěch Miškovský, Ph.D.

Ing. Petr Socha

Department of Digital Design

To mount a power analysis attack on a cryptographic device, one has to acquire up to millions of power traces of the attacked device. The goal of this thesis is to create a toolkit which will make the power traces acquisition faster whilst supporting as many different cryptographic schemes as possible. The toolkit will focus on hardware implentations of cryptographic schemes in FPGA.

Thesis on DSpace

Ing. Jakub Klemsa

Dr.-Ing. Martin Novotný

Department of Digital Design

Homomorphic encryption is an effective way of securing data privacy while maintaining the possibility to process the data. The VeraGreg framework, unlike other existing homomorphic cryptosystem allows for verification of computation that was done with the encrypted data. This work deals with an implementation of the VeraGreg framework and its effectiveness comparison with a na¨ive scheme based on symmetric encryption. Secure microcontroller CE1302 was chosen as the implementation platform. A new library for multiprecision integer arithmetic was created as well as the first published implementation of Paillier cryptosystem using hardware RSA accelerator. The VeraGreg framework is 200 times slower compared to the naive scheme and occupies one third more space in the program memory, so it is not a suitable alternative to symmetric cryptosystems. On the other hand, it provides privacy to the user while allowing computations with the encrypted data, and verifying that is has not been manipulated during the computation.

Thesis on DSpace

Ing. Stanislav Jeřábek

Dr.-Ing. Martin Novotný

Department of Digital Design

Field Programmable Gate Arrays (FPGAs) have an ability of dynamic reconfiguration, which allows them to be reprogrammed at runtime by itself. One computation can be implemented in different ways at different times. An actual way at a specific time is not known for an attacker and therefore it is much more difficult to use side-channel leakage to gain sensitive information. This diploma thesis follows the paper [1], which describes usage of three different countermeasures on PRESENT encryption algorithm. In this thesis, all these countermeasures were applied to PRESENT, SERPENT and AES. AES algorithm was implemented in two ways. The first way is based on the approach described in [1]. The second way uses a composite finite field to implement S-Box and therefore needs less CFGLUTs.

Thesis on DSpace

Ing. Vojtěch Miškovský, Ph.D.

Dr.-Ing. Martin Novotný

Department of Digital Design

Side-channel cryptanalysis pose a serious threat to many modern cryptographic systems. Typical side-channel attack consists of an active phase, where data are acquired, and an analytical phase, where the data get examined and evaluated. A software toolkit is presented in this thesis, which includes support for cryptographic device control, oscilloscope data acquisition, data preprocessing, statistical analysis and evaluation of the attack. The toolkit is composed of non-interactive text-based utilities with a modular plug-in architecture, and it is released under open-source licence.

Thesis on DSpace

doc. Ing. Jan Schmidt, Ph.D.

Dr. Vincent Grosso
doc. Ing. Zdeněk Martinásek, Ph.D.
Prof. Paris Kitsos, PhD.

Department of Digital Design

Thesis on DSpace