Jean-Didier Legat

Bio: Jean-Didier Legat is an academic researcher from Université catholique de Louvain. The author has contributed to research in topics: Encryption & Low-power electronics. The author has an hindex of 33, co-authored 191 publications receiving 4075 citations. Previous affiliations of Jean-Didier Legat include University College London & École centrale de Lyon.

Efficient implementation of Rijndael encryption in reconfigurable hardware: Improvements and design tradeoffs

Abstract: Performance evaluation of the Advanced Encryption Standard candidates has led to intensive study of both hardware and software implementations. However, although plentiful papers present various implementation results, it seems that efficiency could still be greatly improved by applying good design rules adapted to devices and algorithms. This paper addresses various approaches for efficient FPGA implementations of the Advanced Encryption Standard algorithm. As different applications of the AES algorithm may require different speed/area tradeoffs, we propose a rigorous study of the possible implementation schemes, but also discuss design methodology and algorithmic optimization in order to improve previously reported results. We propose heuristics to evaluate hardware efficiency at different steps of the design process. We also define an optimal pipeline that takes the place and route constraints into account. Resulting circuits significantly improve previously reported results: throughput is up to 18.5 Gbits/sec and area requirements can be limited to 542 slices and 10 RAM blocks with a ratio throughput/area improved by at least 25% of the best-known designs in the Xilinx Virtex-E technology.

Compact and efficient encryption/decryption module for FPGA implementation of the AES Rijndael very well suited for small embedded applications

Abstract: Hardware implementations of the advanced encryption standard (AES) Rijndael algorithm have recently been the object of an intensive evaluation. Several papers describe efficient architectures for ASICs and FPGAs. In this context, the highest effort was devoted to high throughput (up to 20 Gbps) encryption-only designs, fewer works studied low area encryption-only architectures and only a few papers have investigated low area encryption/decryption structures. However, in practice, only a few applications need throughput up to 20 Gbps while flexible and low cost encryption/decryption solutions are needed to protect sensible data, especially for embedded hardware applications. We purpose an efficient solution to combine Rijndael encryption and decryption in one FPGA design, with a strong focus on low area constraints. The proposed design fits into the smallest Xilinx FPGAs, deals with data streams of 208 Mbps, uses 163 slices and 3 RAM blocks and improves by 68% the best-known similar designs in terms of ratio Throughput/Area. We also propose implementations in other FPGA Families (Xilinx Virtex-II) and comparisons with similar DES, triple-DES and AES implementations.

Interests and Limitations of Technology Scaling for Subthreshold Logic

Abstract: Subthreshold logic is an efficient technique to achieve ultralow energy per operation for low-to-medium throughput applications. In this paper, the interests and limitations of technology scaling for subthreshold logic are investigated from 0.25 mum to 32 nm nodes. Scaling to 90/65 nm nodes is shown to be highly desirable for medium-throughput applications (1-10 MHz) due to great dynamic energy reduction. However, this interest is limited at 45/32 nm nodes by high static energy due to degraded subthreshold swing and delay variability. Moreover, for low-throughput applications (10-100 kHz), this limitation is worsened by the increase of minimum supply voltage to achieve sufficient functional yield, which results in bad energy efficiency starting at 0.13 mum node. Upsizing the channel length is proposed as a straightforward circuit-level technique to efficiently mitigate these effects. At 32 nm node, this technique reduces energy per operation by 60% at medium throughput and by two orders of magnitude at low throughput.

RASH: RAdon soft hash algorithm

Abstract: In this paper, we present a high compression and collision resistant algorithm for images either suitable to extract an indexing pattern of the image and to detect deformations applied to original image. Some transforms are extracting characteristics invariant against geometrical deformations (rotation and scalling). Among them, the Radon transform, largely used in magnetic resonance imaging, is also robust against image processing basic attacks (like compression, filtering, blurring, etc…) and strong attacks (Stirmark). This transformation allows to caracterize easily features of geometrical transforms. It permits also an easy extraction of an indexing vector of the image.

The Self-Organizing Map

Abstract: An overview of the self-organizing map algorithm, on which the papers in this issue are based, is presented in this article.

[서평]「Applied Cryptography」

Abstract: The objective of this paper is to give a comprehensive introduction to applied cryptography with an engineer or computer scientist in mind. The emphasis is on the knowledge needed to create practical systems which supports integrity, confidentiality, or authenticity. Topics covered includes an introduction to the concepts in cryptography, attacks against cryptographic systems, key use and handling, random bit generation, encryption modes, and message authentication codes. Recommendations on algorithms and further reading is given in the end of the paper. This paper should make the reader able to build, understand and evaluate system descriptions and designs based on the cryptographic components described in the paper.

Architectural support for copy and tamper-resistant software

Abstract: Although there have been attempts to develop code transformations that yield tamper-resistant software, no reliable software-only methods are know. This paper studies the hardware implementation of a form of execute-only memory (XOM) that allows instructions stored in memory to be executed but not otherwise manipulated. To support XOM code we use a machine that supports internal compartments---a process in one compartment cannot read data from another compartment. All data that leaves the machine is encrypted, since we assume external memory is not secure. The design of this machine poses some interesting trade-offs between security, efficiency, and flexibility. We explore some of the potential security issues as one pushes the machine to become more efficient and flexible. Although security carries a performance penalty, our analysis indicates that it is possible to create a normal multi-tasking machine where nearly all applications can be run in XOM mode. While a virtual XOM machine is possible, the underlying hardware needs to support a unique private key, private memory, and traps on cache misses. For efficient operation, hardware assist to provide fast symmetric ciphers is also required.

Introduction to differential power analysis

Abstract: The power consumed by a circuit varies according to the activity of its individual transistors and other components As a result, measurements of the power used by actual computers or microchips contain information about the operations being performed and the data being processed Cryptographic designs have traditionally assumed that secrets are manipulated in environments that expose no information beyond the specified inputs and outputs This paper examines how information leaked through power consumption and other side channels can be analyzed to extract secret keys from a wide range of devices The attacks are practical, non-invasive, and highly effective—even against complex and noisy systems where cryptographic computations account for only a small fraction of the overall power consumption We also introduce approaches for preventing DPA attacks and for building cryptosystems that remain secure even when implemented in hardware that leaks