Previous Issue
Volume 5, June

Cryptography, Volume 5, Issue 3 (September 2021) – 10 articles

  • Issues are regarded as officially published after their release is announced to the table of contents alert mailing list.
  • You may sign up for e-mail alerts to receive table of contents of newly released issues.
  • PDF is the official format for papers published in both, html and pdf forms. To view the papers in pdf format, click on the "PDF Full-text" link, and use the free Adobe Readerexternal link to open them.
Order results
Result details
Select all
Export citation of selected articles as:
Article
The Cost of a True Random Bit—On the Electronic Cost Gain of ASIC Time-Domain-Based TRNGs
Cryptography 2021, 5(3), 25; https://0-doi-org.brum.beds.ac.uk/10.3390/cryptography5030025 (registering DOI) - 18 Sep 2021
Viewed by 90
Abstract
Random number generators are of paramount importance in numerous fields. Under certain well-defined adversarial settings, True Random Number Generators (TRNGs) are more secure than their computational (pseudo) random number generator counterparts. TRNGs are also known to be more efficiently implemented on hardware platforms [...] Read more.
Random number generators are of paramount importance in numerous fields. Under certain well-defined adversarial settings, True Random Number Generators (TRNGs) are more secure than their computational (pseudo) random number generator counterparts. TRNGs are also known to be more efficiently implemented on hardware platforms where, for various applications, efficiency in terms of electronic cost factors is critical. In this manuscript, we first provide an evaluation of robustness and reliability of efficient time-domain-based TRNG implementation over FPGA platform. In particular, we demonstrate sensitivities which imply a TRNG construction which is not agnostic to electronic-design-automation tools and to the level of designers’ know-how. This entails a large amount of effort and validation to make the designs robust, as well as requires a high degree of complexity from non-trivial FPGAs flows. This motivates the second part of the manuscript, where we propose an ASIC-based implementation of the TRNG, along with the optimization steps to enhance its characteristics. The optimized design improves the randomness-throughput by 42× for the same entropy level described in previous works, and it can provide maximal entropy level of 0.985 with 7× improvement in randomness throughput over the raw samples (no pre-processing). The proposed design simultaneously provides a reduced energy of 0.1 (mW/bit) for the same entropy level as previous works, and 1.06 (mW/bit) for the higher entropy flavor, and a lower area utilization of 0.000252 (mm2) on a 65 nm technology evaluation, situating it in the top-class of the discuss ratings. This leads to the quantitative question of the gain in electronic cost factors over ASIC TRNGs, and the minimum Cost Per Bit/Source possible to date. Finally, we exemplify a TRNG versus PRNG cost-extrapolation for security architects and designers, targeting an ASIC scenario feeding a lightweight encryption core. Full article
Show Figures

Figure 1

Article
Improved Filtering Techniques for Single- and Multi-Trace Side-Channel Analysis
Cryptography 2021, 5(3), 24; https://0-doi-org.brum.beds.ac.uk/10.3390/cryptography5030024 - 13 Sep 2021
Viewed by 207
Abstract
Side-channel analysis (SCA) attacks constantly improve and evolve. Implementations are therefore designed to withstand strong SCA adversaries. Different side channels exhibit varying statistical characteristics of the sensed or exfiltrated leakage, as well as the embedding of different countermeasures. This makes it crucial to [...] Read more.
Side-channel analysis (SCA) attacks constantly improve and evolve. Implementations are therefore designed to withstand strong SCA adversaries. Different side channels exhibit varying statistical characteristics of the sensed or exfiltrated leakage, as well as the embedding of different countermeasures. This makes it crucial to improve and adapt pre-processing and denoising techniques, and abilities to evaluate the adversarial best-case scenario. We address two popular SCA scenarios: (1) a single-trace context, modeling an adversary that captures only one leakage trace, and (2) a multi-trace (or statistical) scenario, that models the classical SCA context. Given that horizontal attacks, localized electromagnetic attacks and remote-SCA attacks are becoming evermore powerful, both scenarios are of interest and importance. In the single-trace context, we improve on existing Singular Spectral Analysis (SSA) based techniques by utilizing spectral property variations over time that stem from the cryptographic implementation. By adapting overlapped-SSA and optimizing over the method parameters, we achieve a significantly shorter computation time, which is the main challenge of the SSA-based technique, and a higher information gain (in terms of the Signal-to-Noise Ratio (SNR)). In the multi-trace context, a profiling strategy is proposed to optimize a Band-Pass Filter (BPF) based on a low-computational cost criterion, which is shown to be efficient for unprotected and low protection level countermeasures. In addition, a slightly more computationally intensive optimized ‘shaped’ filter is presented that utilizes a frequency-domain SNR-based coefficient thresholding. Our experimental results exhibit significant improvements over a set of various implementations embedded with countermeasures in hardware and software platforms, corresponding to varying baseline SNR levels and statistical leakage characteristics. Full article
Show Figures

Figure 1

Article
A Novel Ultra-Compact FPGA PUF: The DD-PUF
Cryptography 2021, 5(3), 23; https://0-doi-org.brum.beds.ac.uk/10.3390/cryptography5030023 - 08 Sep 2021
Viewed by 293
Abstract
In this paper, we present a novel ultra-compact Physical Unclonable Function (PUF) architecture and its FPGA implementation. The proposed Delay Difference PUF (DD-PUF) is the most dense FPGA-compatible PUF ever reported in the literature, allowing the implementation of two PUF bits in a [...] Read more.
In this paper, we present a novel ultra-compact Physical Unclonable Function (PUF) architecture and its FPGA implementation. The proposed Delay Difference PUF (DD-PUF) is the most dense FPGA-compatible PUF ever reported in the literature, allowing the implementation of two PUF bits in a single slice and provides very good values for all the most important figures of merit. The architecture of the proposed PUF exploits the delay difference between two nominally identical signal paths and the metastability features of D-Latches with an asynchronous reset input. The DD-PUF has been implemented on both Xilinx Spartan-6 and Artix-7 devices and the resulting design flows which allow to accurately balance the nominal delay of the different signal paths is outlined. The circuits have been extensively tested under temperature and supply voltage variations and the results of our evaluations on both FPGA families have shown that the proposed architecture and implementation are able to fit in just 32 Configurable Logic Blocks (CLBs) without sacrificing steadiness, uniqueness and uniformity, thus outperforming most of the previously published FPGA-compatible PUFs. Full article
Show Figures

Figure 1

Article
Foundations of Programmable Secure Computation
Cryptography 2021, 5(3), 22; https://0-doi-org.brum.beds.ac.uk/10.3390/cryptography5030022 - 21 Aug 2021
Viewed by 436
Abstract
This paper formalises the security of programmable secure computation focusing on simplifying security proofs of new algorithms for existing computation frameworks. Security of the frameworks is usually well established but the security proofs of the algorithms are often more intuitive than rigorous. This [...] Read more.
This paper formalises the security of programmable secure computation focusing on simplifying security proofs of new algorithms for existing computation frameworks. Security of the frameworks is usually well established but the security proofs of the algorithms are often more intuitive than rigorous. This work specifies a transformation from the usual hybrid execution model to an abstract model that is closer to the intuition. We establish various preconditions that are satisfied by natural secure computation frameworks and protocols, thus showing that mostly the intuitive proofs suffice. More elaborate protocols might still need additional proof details. Full article
(This article belongs to the Special Issue Secure Multiparty Computation)
Show Figures

Figure 1

Article
Implementing Privacy-Preserving Genotype Analysis with Consideration for Population Stratification
Cryptography 2021, 5(3), 21; https://0-doi-org.brum.beds.ac.uk/10.3390/cryptography5030021 - 20 Aug 2021
Viewed by 354
Abstract
In bioinformatics, genome-wide association studies (GWAS) are used to detect associations between single-nucleotide polymorphisms (SNPs) and phenotypic traits such as diseases. Significant differences in SNP counts between case and control groups can signal association between variants and phenotypic traits. Most traits are affected [...] Read more.
In bioinformatics, genome-wide association studies (GWAS) are used to detect associations between single-nucleotide polymorphisms (SNPs) and phenotypic traits such as diseases. Significant differences in SNP counts between case and control groups can signal association between variants and phenotypic traits. Most traits are affected by multiple genetic locations. To detect these subtle associations, bioinformaticians need access to more heterogeneous data. Regulatory restrictions in cross-border health data exchange have created a surge in research on privacy-preserving solutions, including secure computing techniques. However, in studies of such scale, one must account for population stratification, as under- and over-representation of sub-populations can lead to spurious associations. We improve on the state of the art of privacy-preserving GWAS methods by showing how to adapt principal component analysis (PCA) with stratification control (EIGENSTRAT), FastPCA, EMMAX and the genomic control algorithm for secure computing. We implement these methods using secure computing techniques—secure multi-party computation (MPC) and trusted execution environments (TEE). Our algorithms are the most complex ones at this scale implemented with MPC. We present performance benchmarks and a security and feasibility trade-off discussion for both techniques. Full article
(This article belongs to the Special Issue Secure Multiparty Computation)
Article
Complementing Privacy and Utility Trade-Off with Self-Organising Maps
Cryptography 2021, 5(3), 20; https://0-doi-org.brum.beds.ac.uk/10.3390/cryptography5030020 - 17 Aug 2021
Viewed by 309
Abstract
In recent years, data-enabled technologies have intensified the rate and scale at which organisations collect and analyse data. Data mining techniques are applied to realise the full potential of large-scale data analysis. These techniques are highly efficient in sifting through big data to [...] Read more.
In recent years, data-enabled technologies have intensified the rate and scale at which organisations collect and analyse data. Data mining techniques are applied to realise the full potential of large-scale data analysis. These techniques are highly efficient in sifting through big data to extract hidden knowledge and assist evidence-based decisions, offering significant benefits to their adopters. However, this capability is constrained by important legal, ethical and reputational concerns. These concerns arise because they can be exploited to allow inferences to be made on sensitive data, thus posing severe threats to individuals’ privacy. Studies have shown Privacy-Preserving Data Mining (PPDM) can adequately address this privacy risk and permit knowledge extraction in mining processes. Several published works in this area have utilised clustering techniques to enforce anonymisation models on private data, which work by grouping the data into clusters using a quality measure and generalising the data in each group separately to achieve an anonymisation threshold. However, existing approaches do not work well with high-dimensional data, since it is difficult to develop good groupings without incurring excessive information loss. Our work aims to complement this balancing act by optimising utility in PPDM processes. To illustrate this, we propose a hybrid approach, that combines self-organising maps with conventional privacy-based clustering algorithms. We demonstrate through experimental evaluation, that results from our approach produce more utility for data mining tasks and outperforms conventional privacy-based clustering algorithms. This approach can significantly enable large-scale analysis of data in a privacy-preserving and trustworthy manner. Full article
(This article belongs to the Special Issue Techniques and Protocols to Preserve and Enhance Privacy)
Show Figures

Figure 1

Article
Fair and Secure Multi-Party Computation with Cheater Detection
Cryptography 2021, 5(3), 19; https://0-doi-org.brum.beds.ac.uk/10.3390/cryptography5030019 - 12 Aug 2021
Viewed by 364
Abstract
Secure multi-party computation (SMC) is a cryptographic protocol that allows participants to compute the desired output without revealing their inputs. A variety of results related to increasing the efficiency of SMC protocol have been reported, and thus, SMC can be used in various [...] Read more.
Secure multi-party computation (SMC) is a cryptographic protocol that allows participants to compute the desired output without revealing their inputs. A variety of results related to increasing the efficiency of SMC protocol have been reported, and thus, SMC can be used in various applications. With the SMC protocol in smart grids, it becomes possible to obtain information for load balancing and various statistics, without revealing sensitive user information. To prevent malicious users from tampering with input values, SMC requires cheater detection. Several studies have been conducted on SMC with cheater detection, but none of these has been able to guarantee the fairness of the protocol. In such cases, only a malicious user can obtain a correct output prior to detection. This can be a critical problem if the result of the computation is real-time information of considerable economic value. In this paper, we propose a fair and secure multi-party computation protocol, which detects malicious parties participating in the protocol before computing the final output and prevents them from obtaining it. The security of our protocol is proven in the universal composability framework. Furthermore, we develop an enhanced version of the protocol that is more efficient when computing an average after detecting cheaters. We apply the proposed protocols to a smart grid as an application and analyze their efficiency in terms of computational cost. Full article
(This article belongs to the Special Issue Secure Multiparty Computation)
Show Figures

Figure 1

Article
A Delay-Based Machine Learning Model for DMA Attack Mitigation
Cryptography 2021, 5(3), 18; https://0-doi-org.brum.beds.ac.uk/10.3390/cryptography5030018 - 27 Jul 2021
Viewed by 475
Abstract
Direct Memory Access (DMA) is a state-of-the-art technique to optimize the speed of memory access and to efficiently use processing power during data transfers between the main system and a peripheral device. However, this advanced feature opens security vulnerabilities of access compromise and [...] Read more.
Direct Memory Access (DMA) is a state-of-the-art technique to optimize the speed of memory access and to efficiently use processing power during data transfers between the main system and a peripheral device. However, this advanced feature opens security vulnerabilities of access compromise and to manipulate the main memory of the victim host machine. The paper outlines a lightweight process that creates resilience against DMA attacks minimal modification to the configuration of the DMA protocol. The proposed scheme performs device identification of the trusted PCIe devices that have DMA capabilities and constructs a database of profiling time to authenticate the trusted devices before they can access the system. The results show that the proposed scheme generates a unique identifier for trusted devices and authenticates the devices. Furthermore, a machine learning–based real-time authentication scheme is proposed that enables runtime authentication and share the results of the time required for training and respective accuracy. Full article
(This article belongs to the Special Issue Cybersecurity, Cryptography, and Machine Learning)
Show Figures

Figure 1

Article
Minimum Round Card-Based Cryptographic Protocols Using Private Operations
Cryptography 2021, 5(3), 17; https://0-doi-org.brum.beds.ac.uk/10.3390/cryptography5030017 - 13 Jul 2021
Viewed by 585
Abstract
This paper shows new card-based cryptographic protocols with the minimum number of rounds, using private operations under the semi-honest model. Physical cards are used in card-based cryptographic protocols instead of computers to achieve secure multiparty computation. Operations that a player executes in a [...] Read more.
This paper shows new card-based cryptographic protocols with the minimum number of rounds, using private operations under the semi-honest model. Physical cards are used in card-based cryptographic protocols instead of computers to achieve secure multiparty computation. Operations that a player executes in a place where the other players cannot see are called private operations. Using three private operations—private random bisection cuts, private reverse cuts, and private reveals—the calculations of two variable Boolean functions and copy operations were realized with the minimum number of cards. Though the number of cards has been discussed, the efficiency of these protocols has not been discussed. This paper defines the number of rounds to evaluate the efficiency of the protocols, using private operations. Most of the meaningful calculations using private operations need at least two rounds. This paper presents a new two-round committed-input, committed-output logical XOR protocol, using four cards. Then, we show new two-round committed-input, committed-output logical AND and copy protocols, using six cards. Even if private reveal operations are not used, logical XOR, logical AND, and copy operations can be executed with the minimum number of rounds. Protocols for general n-variable Boolean functions and protocols that preserve an input are also shown. Lastly, protocols with asymmetric cards are shown. Full article
(This article belongs to the Special Issue Techniques and Protocols to Preserve and Enhance Privacy)
Article
SC-DDPL as a Countermeasure against Static Power Side-Channel Attacks
Cryptography 2021, 5(3), 16; https://0-doi-org.brum.beds.ac.uk/10.3390/cryptography5030016 - 28 Jun 2021
Viewed by 707
Abstract
With the continuous scaling of CMOS technology, which has now reached the 3 nm node at production level, static power begins to dominate the power consumption of nanometer CMOS integrated circuits. A novel class of security attacks to cryptographic circuits which exploit the [...] Read more.
With the continuous scaling of CMOS technology, which has now reached the 3 nm node at production level, static power begins to dominate the power consumption of nanometer CMOS integrated circuits. A novel class of security attacks to cryptographic circuits which exploit the correlation between the static power and the secret keys was introduced more than ten years ago, and, since then, several successful key recovery experiments have been reported. These results clearly demonstrate that attacks exploiting static power (AESP) represent a serious threat for cryptographic systems implemented in nanometer CMOS technologies. In this work, we analyze the effectiveness of the Standard Cell Delay-based Precharge Logic (SC-DDPL) style in counteracting static power side-channel attacks. Experimental results on an FPGA implementation of a compact PRESENT crypto-core show that the SC-DDPL implementation allows a great improvement of all the security metrics with respect to the standard CMOS implementation and other state-of-the-art countermeasures such as WDDL and MDPL. Full article
Show Figures

Figure 1

Previous Issue
Back to TopTop