The objective of this paper is to give a comprehensive introduction to applied cryptography with an engineer or computer scientist in mind. The emphasis is on the knowledge needed to create practical systems which supports integrity, confidentiality, or authenticity. Topics covered includes an introduction to the concepts in cryptography, attacks against cryptographic systems, key use and handling, random bit generation, encryption modes, and message authentication codes. Recommendations on algorithms and further reading is given in the end of the paper. This paper should make the reader able to build, understand and evaluate system descriptions and designs based on the cryptographic components described in the paper.

[서평]「Applied Cryptography」

Fog/edge computing has been proposed to be integrated with Internet of Things (IoT) to enable computing services devices deployed at network edge, aiming to improve the user’s experience and resilience of the services in case of failures. With the advantage of distributed architecture and close to end-users, fog/edge computing can provide faster response and greater quality of service for IoT applications. Thus, fog/edge computing-based IoT becomes future infrastructure on IoT development. To develop fog/edge computing-based IoT infrastructure, the architecture, enabling techniques, and issues related to IoT should be investigated first, and then the integration of fog/edge computing and IoT should be explored. To this end, this paper conducts a comprehensive overview of IoT with respect to system architecture, enabling technologies, security and privacy issues, and present the integration of fog/edge computing and IoT, and applications. Particularly, this paper first explores the relationship between cyber-physical systems and IoT, both of which play important roles in realizing an intelligent cyber-physical world. Then, existing architectures, enabling technologies, and security and privacy issues in IoT are presented to enhance the understanding of the state of the art IoT development. To investigate the fog/edge computing-based IoT, this paper also investigate the relationship between IoT and fog/edge computing, and discuss issues in fog/edge computing-based IoT. Finally, several applications, including the smart grid, smart transportation, and smart cities, are presented to demonstrate how fog/edge computing-based IoT to be implemented in real-world applications.

A Survey on Internet of Things: Architecture, Enabling Technologies, Security and Privacy, and Applications

Towards sustainable smart cities: A review of trends, architectures, components, and open challenges in smart cities

The multinational, distributed, and multistep nature of integrated circuit (IC) production supply chain has introduced hardware-based vulnerabilities. Existing literature in hardware security assumes ad hoc threat models, defenses, and metrics for evaluation, making it difficult to analyze and compare alternate solutions. This paper systematizes the current knowledge in this emerging field, including a classification of threat models, state-of-the-art defenses, and evaluation metrics for important hardware-based attacks.

A Primer on Hardware Security: Models, Methods, and Metrics

This paper proposes spongent - a family of lightweight hash functions with hash sizes of 88 (for preimage resistance only), 128, 160, 224, and 256 bits based on a sponge construction instantiated with a present-type permutation, following the hermetic sponge strategy. Its smallest implementations in ASIC require 738, 1060, 1329, 1728, and 1950 GE, respectively. To our best knowledge, at all security levels attained, it is the hash function with the smallest footprint in hardware published so far, the parameter being highly technology dependent. spongent offers a lot of flexibility in terms of serialization degree and speed. We explore some of its numerous implementation trade-offs.

We furthermore present a security analysis of spongent. Basing the design on a present-type primitive provides confidence in its security with respect to the most important attacks. Several dedicated attack approaches are also investigated.

/pdf/spongent-a-lightweight-hash-function-3hls4eirb2.pdf

SPONGENT: a lightweight hash function

Scan based test is a double edged sword. On one hand, it is a powerful test technique. On the other hand, it is an equally powerful attack tool. We show that scan chains can be used as a side channel to recover secret keys from a hardware implementation of the Data Encryption Standard (DES). By loading pairs of known plaintexts with one-bit difference in the normal mode and then scanning out the internal state in the test mode, we first determine the position of all scan elements in the scan chain. Then, based on a systematic analysis of the structure of the nonlinear substitution boxes, and using three additional plaintexts we discover the DES secret key. Finally, some assumptions in the attack are discussed.

Scan based side channel attack on dedicated hardware implementations of Data Encryption Standard

Scan-based design for test (DFT) is a powerful testing scheme, but it can be used to retrieve the secrets stored in a crypto chip, thus compromising its security. On one hand, sacrificing the security for testability by using a traditional scan-based DFT restricts its use in privacy sensitive applications. On the other hand, sacrificing the testability for security by abandoning the scan-based DFT hurts the product quality. The security of a crypto chip comes from the small secret key stored in a few registers, and the testability of a crypto chip comes from the data path and control path implementing the crypto algorithm. Based on this key observation, the authors propose a novel scan DFT architecture called secure scan that maintains the high test quality of traditional scan DFT without compromising the security. They used a hardware implementation of the advanced encryption standard to show that the traditional scan DFT scheme can compromise the secret key. They then showed that by using secure-scan DFT, neither the secret key nor the testability of the AES implementation is compromised

Secure Scan: A Design-for-Test Architecture for Crypto Chips

Scan-based design-for-test (DFT) is a powerful testing scheme, but it can be used to retrieve the secrets stored in a crypto chip thus compromising its security. On one hand, sacrificing security for testability by using traditional scan-based DFT restricts its use in privacy sensitive applications. On the other hand, sacrificing testability for security by abandoning scan-based DFT hurts product quality. The security of a crypto chip comes from the small secret key stored in a few registers and the testability of a crypto chip comes from the data path and control path implementing the crypto algorithm. Based on this key observation, we propose a novel scan DFT architecture called secure scan that maintains the high test quality of traditional scan DFT without compromising the security. We used a hardware implementation of the advanced encryption standard (AES) to show that the traditional scan DFT scheme can compromise the secret key. We then showed that by using secure scan DFT, neither the secret key nor the testability of the AES implementation is compromised.

/pdf/secure-scan-a-design-for-test-architecture-for-crypto-chips-1wn22trgzc.pdf

Secure scan: a design-for-test architecture for crypto chips

/pdf/a-high-speed-architecture-for-galois-counter-mode-of-54gq8cpq1c.pdf

A High Speed Architecture for Galois/Counter Mode of Operation (GCM).

Scan based test is a double edged sword. On one hand, it is a powerful test technique. On the other hand, it is an equally powerful attack tool. In this paper we show that scan chains can be used as a side channel to recover secret keys from a hardware implementation of the Data Encryption Standard (DES). By loading pairs of known plaintexts with one-bit difference in the normal mode and then scanning out the internal state in the test mode, we first determine the position of all scan elements in the scan chain. Then, based on a systematic analysis of the structure of the non-linear substitution boxes, and using three additional plaintexts we discover the DES secret key. Finally, some assumptions in the attack are discussed.

/pdf/scan-based-side-channel-attack-on-data-encryption-standard-2sjdureewt.pdf

Bo Yang

Papers

Scan based side channel attack on dedicated hardware implementations of Data Encryption Standard

Secure Scan: A Design-for-Test Architecture for Crypto Chips

Secure scan: a design-for-test architecture for crypto chips

A High Speed Architecture for Galois/Counter Mode of Operation (GCM).

Scan Based Side Channel Attack on Data Encryption Standard.