Worcester Polytechnic Institute

About: Worcester Polytechnic Institute is a education organization based out in Worcester, Massachusetts, United States. It is known for research contribution in the topics: Computer science & Population. The organization has 6270 authors who have published 12704 publications receiving 332081 citations. The organization is also known as: WPI.

Wait a minute! A fast, Cross-VM attack on AES.

Abstract: In cloud computing, efficiencies are reaped by resource sharing such as co-location of computation and deduplication of data. This work exploits resource sharing in virtualization software to build a powerful cache-based attack on AES. We demonstrate the vulnerability by mounting Cross-VM Flush+Reload cache attacks in VMware VMs to recover the keys of an AES implementation of OpenSSL 1.0.1 running inside the victim VM. Furthermore, the attack works in a realistic setting where different VMs are located on separate cores. The modified flush+reload attack we present, takes only in the order of seconds to minutes to succeed in a cross-VM setting. Therefore long term co-location, as required by other fine grain attacks in the literature, are not needed. The results of this study show that there is a great security risk to OpenSSL AES implementation running on VMware cloud services when the deduplication is not disabled.

A high-performance reconfigurable elliptic curve processor for GF(2m)

Abstract: This work proposes a processor architecture for elliptic curves cryptosystems over fields GF(2 m ) This is a scalable architecture in terms of area and speed that exploits the abilities of reconfigurable hardware to deliver optimized circuitry for different elliptic curves and finite fields The main features of this architecture are the use of an optimized bit-parallel squarer, a digit-serial multiplier, and two programmable processors Through reconfiguration, the squarer and the multiplier architectures can be optimized for any field order or field polynomial The multiplier performance can also be scaled according to system's needs Our results show that implementations of this architecture executing the projective coordinates version of the Montgomery scalar multiplication algorithm can compute elliptic curve scalar multiplications with arbitrary points in 021 msec in the field GF(2 167 ) A result that is at least 19 times faster than documented hardware implementations and at least 37 times faster than documented software implementations

On the leakage of personally identifiable information via online social networks

Abstract: For purposes of this paper, we define "Personally identifiable information" (PII) as information which can be used to distinguish or trace an individual's identity either alone or when combined with other information that is linkable to a specific individual. The popularity of Online Social Networks (OSN) has accelerated the appearance of vast amounts of personal information on the Internet. Our research shows that it is possible for third-parties to link PII, which is leaked via OSNs, with user actions both within OSN sites and elsewhere on non-OSN sites. We refer to this ability to link PII and combine it with other information as "leakage". We have identified multiple ways by which such leakage occurs and discuss measures to prevent it.