There is, I think, something ethereal about i —the square root of minus one. I remember first hearing about it at school. It seemed an odd beast at that time—an intruder hovering on the edge of reality.

Usually familiarity dulls this sense of the bizarre, but in the case of i it was the reverse: over the years the sense of its surreal nature intensified. It seemed that it was impossible to write mathematics that described the real world in …

I and i

Data Mining Practical Machine Learning Tools and Techniques

“Unpaired Image-to-Image Translation using Cycle-Consistent Adversarial Networks”の学習報告

Im Jahre 1977 wurde der „Data Encryption Algorithm“ (DEA) vom „National Bureau of Standards“ (NBS, später „National Institute of Standards and Technology“ – NIST) zum amerikanischen Verschlüsselungsstandard für Bundesbehörden erklärt [NBS_77]. 1981 folgte die Verabschiedung der DEA-Spezifikation als ANSI-Standard „DES“ [ANSI_81]. Die Empfehlung des DES als StandardVerschlüsselungsverfahren wurde auf fünf Jahre befristet und 1983, 1988 und 1993 um jeweils weitere fünf Jahre verlängert. Derzeit liegt eine Neufassung des NISTStandards vor [NIST_99], in dem der DES für weitere fünf Jahre übergangsweise zugelassen sein soll, aber die Verwendung von Triple-DES empfohlen wird: eine dreifache Anwendung des DES mit drei verschiedenen Schlüsseln (effektive Schlüssellänge: 168 bit) [NIST_99]. Der DES basiert auf einer von Horst Feistel bei IBM entwickelten Blockchiffre („Lucipher“) mit einer Schlüssellänge von 128 bit. Da die amerikanische „National Security Agency“ (NSA) dafür gesorgt hatte, daß der DES eine Schlüssellänge von lediglich 64 bit besitzt, von denen nur 56 bit relevant sind, und spezielle Substitutionsboxen (den „kryptographischen Kern“ des Verfahrens) erhielt, deren Konstruktionskriterien von der NSA nicht veröffentlicht wurden, war das Verfahren von Beginn an umstritten. Kritiker nahmen an, daß es eine geheime „Trapdoor“ in dem Verfahren gäbe, die der NSA eine OnlineEntschlüsselung auch ohne Kenntnis des Schlüssels erlauben würde. Zwar ließ sich dieser Verdacht nicht erhärten, aber sowohl die Zunahme von Rechenleistung als auch die Parallelisierung von Suchalgorithmen machen heute eine Schlüssellänge von 56 bit zum Sicherheitsrisiko. Zuletzt konnte 1998 mit einer von der „Electronic Frontier Foundation“ (EFF) entwickelten Spezialmaschine mit 1.800 parallel arbeitenden, eigens entwickelten Krypto-Prozessoren ein DES-Schlüssel in einer Rekordzeit von 2,5 Tagen gefunden werden. Um einen Nachfolger für den DES zu finden, kündigte das NIST am 2. Januar 1997 die Suche nach einem „Advanced Encryption Standard“ (AES) an. Ziel dieser Initiative ist, in enger Kooperation mit Forschung und Industrie ein symmetrisches Verschlüsselungsverfahren zu finden, das geeignet ist, bis weit ins 21. Jahrhundert hinein amerikanische Behördendaten wirkungsvoll zu verschlüsseln. Dazu wurde am 12. September 1997 ein offizieller „Call for Algorithm“ ausgeschrieben. An die vorzuschlagenden symmetrischen Verschlüsselungsalgorithmen wurden die folgenden Anforderungen gestellt: nicht-klassifiziert und veröffentlicht, weltweit lizenzfrei verfügbar, effizient implementierbar in Hardund Software, Blockchiffren mit einer Blocklänge von 128 bit sowie Schlüssellängen von 128, 192 und 256 bit unterstützt. Auf der ersten „AES Candidate Conference“ (AES1) veröffentlichte das NIST am 20. August 1998 eine Liste von 15 vorgeschlagenen Algorithmen und forderte die Fachöffentlichkeit zu deren Analyse auf. Die Ergebnisse wurden auf der zweiten „AES Candidate Conference“ (22.-23. März 1999 in Rom, AES2) vorgestellt und unter internationalen Kryptologen diskutiert. Die Kommentierungsphase endete am 15. April 1999. Auf der Basis der eingegangenen Kommentare und Analysen wählte das NIST fünf Kandidaten aus, die es am 9. August 1999 öffentlich bekanntmachte: MARS (IBM) RC6 (RSA Lab.) Rijndael (Daemen, Rijmen) Serpent (Anderson, Biham, Knudsen) Twofish (Schneier, Kelsey, Whiting, Wagner, Hall, Ferguson).

Advanced Encryption Standard (AES).

Design and Analysis ofFault-Tolerant Digital Systems: B. W. JOHNSON (Addison Wesley, 1989,577 pp., £41.35) The book provides an introduction to the important aspects of designing fault-tolerant systems, and an evaluation of how well the reliability goals have been achieved. The book is mainly oriented towards a final year undergraduate course on fault-tolerant computing, primarily with an implementation bias. In chapters 1 and 2, definitions and basic terminology are covered, which sets the stage for the remaining chapters, and provides the background and motivation for the remainder of the book. Chapter 3 provides a thorough analysis of fault-tolerance techniques and concepts. This chapter in particular is remarkably well written, covering the issues of hardware and information redundancy, which form the mainstay offault-tolerant computing. Subsequent chapters on the use and evaluation of the various approaches illustrate the principles as they have been put into practice. At the end of chapter 5, small projects that allow the reader to apply the material presented in the preceding chapters are included. The resurgence of interest in fault-tolerance with the emergence of VLSI is the theme of chapter 6, focussing on designing fault-tolerant systems in a VLSI environment. The problems and opportunities presented by VLSI are discussed and the use of redundancy techniques in order to enhance manufacturing yield and to provide in-service reliability are reviewed. The final chapter covers testing, design for testability and testability analysis, which must be considered during each phase of the design process to guarantee that resulting designs can be thoroughly tested. Each chapter is followed by a summary of the key issues and concepts presented therein, and a separate list of references, which makes it easily readable. In addition, there is a reading list with more comprehensive and specialised references devoted to each chapter. Overall, the book is well written, and contains a great deal of information in 577 pages. The book has a definite implementation bias, and draws considerably on the author's experience in industry, particularly reflected in the projects accompanying chapter 5. The book should be a useful addition to a library, and a suitable text to accompany a lecture course on fault-tolerant computing. R. RAMASWAMI, Department ofComputation, UMIST

Book Review: Design and Analysis of Fault-Tolerant Digital SystemsDesign and Analysis of Fault-Tolerant Digital Systems: JohnsonB. W. (Addison Wesley, 1989, 577 pp., £41.35)

Today, soft errors are one of the major design technology challenges at and beyond the 22nm technology nodes. This article introduces the soft error problem from the perspective of processor design. This article also provides a survey of the existing soft error mitigation methods across different levels of design abstraction involved in processor design, including the device level, the circuit level, the architectural level, and the program level.

Processor Design for Soft Errors: Challenges and State of the Art

Side channel attacks are becoming a major threat to the security of embedded systems Countermeasures proposed to overcome Simple Power Analysis (SPA) and Differential Power Analysis (DPA), are data masking, table masking, current flattening, circuitry level solutions, dummy instruction insertions and balancing bit-flips All these techniques are either susceptible to multi-order side channel attacks, not sufficiently generic to cover all encryption algorithms, or burden the system with high area cost, run-time or energy consumption A HW/SW based randomized instruction injection technique is proposed in this paper to overcome the pitfalls of previous countermeasures Our technique injects random instructions at random places during the execution of an application which protects the system from both SPA and DPA Further, we devise a systematic method to measure the security level of a power sequence and use it to measure the number of random instructions needed, to suitably confuse the adversary Our processor model costs 19% in additional area for a simplescalar processor, and costs on average 298% in runtime and 271% in additional energy consumption for six industry standard cryptographic algorithms

/pdf/rijid-random-code-injection-to-mask-power-analysis-based-37cfsvxcr0.pdf

RIJID: random code injection to mask power analysis based side channel attacks

Security and reliability in processor based systems are concerns requiring adroit solutions. Security is often compromised by code injection attacks, jeopardizing even 'trusted software'. Reliability is of concern where unintended code is executed in modern processors with ever smaller feature sizes and low voltage swings causing bit flips. Countermeasures by software-only approaches increase code size by large amounts and therefore significantly reduce performance. Hardware assisted approaches add extensive amounts of hardware monitors and thus incur unacceptably high hardware cost. This paper presents a novel hardware/software technique at the granularity of micro-instructions to reduce overheads considerably. Experiments show that our technique incurs an additional hardware overhead of 0.91% and clock period increase of 0.06%. Average clock cycle and code size overheads are just 11.9% and 10.6% for five industry standard application benchmarks. These overheads are far smaller than have been previously encountered.

http://www.cse.unsw.edu.au/~sridevan/index_files/31.4s-ragel.pdf

IMPRES: integrated monitoring for processor reliability and security

Recently, researchers in the area of biosensor based human emotion recognition have used different types of machine learning models for recognizing human emotions. However, most of them still lack the ability to recognize human emotions with higher classification accuracy incorporating a limited number of bio-sensors. In the domain of machine learning, ensemble learning methods have been successfully applied to solve different types of real-world machine learning problems which require improved classification accuracies. Emphasising on that, this research suggests an ensemble learning approach for developing a machine learning model that can recognize four major human emotions namely: anger; sadness; joy; and pleasure incorporating electrocardiogram (ECG) signals. As feature extraction methods, this analysis combines four ECG signal based techniques, namely: heart rate variability; empirical mode decomposition; with-in beat analysis; and frequency spectrum analysis. The first three feature extraction methods are well-known ECG based feature extraction techniques mentioned in the literature, and the fourth technique is a novel method proposed in this study. The machine learning procedure of this investigation evaluates the performance of a set of well-known ensemble learners for emotion classification and further improves the classification results using feature selection as a prior step to ensemble model training. Compared to the best performing single biosensor based model in the literature, the developed ensemble learner has the accuracy gain of 10.77%. Furthermore, the developed model outperforms most of the multiple biosensor based emotion recognition models with a significantly higher classification accuracy gain.

An Ensemble Learning Approach for Electrocardiogram Sensor Based Human Emotion Recognition

One of the security issues in embedded system is the ability of an adversary to perform side channel attacks. Power analysis attacks are often very successful, where the power sequence dissipated by the system is observed and analyzed to predict secret keys. In this paper we show a processor architecture, which automatically detects the execution of the most common encryption algorithms, starts to scramble the power waveform by adding randomly placed instructions with random register accesses, and stops injecting instructions when it is safe to do so. Our technique prevents both Simple Power Analysis (SPA) and Differential Power Analysis (DPA). This approach has less overheads compared to previous solutions and avoids software instrumentation, allowing programmers with no special knowledge to use the system. Our processor model costs an additional area of 1.2%, and an average of 25% in runtime and 28.5% in energy over heads for industry standard cryptographic algorithms.

/pdf/a-smart-random-code-injection-to-mask-power-analysis-based-bffqz6vuuw.pdf

Roshan Ragel

Papers

Processor Design for Soft Errors: Challenges and State of the Art

RIJID: random code injection to mask power analysis based side channel attacks

IMPRES: integrated monitoring for processor reliability and security

An Ensemble Learning Approach for Electrocardiogram Sensor Based Human Emotion Recognition

A smart random code injection to mask power analysis based side channel attacks