DOCSLIB.ORG

Ralf Zimmermann Bochum, June 2015 Copyright C 2015 by Ralf Zimmermann

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Ralf Zimmermann Bochum, June 2015 Copyright C 2015 by Ralf Zimmermann CRYPTANALYSIS USING RECONFIGURABLE HARDWARE CLUSTERS FOR HIGH-PERFORMANCE COMPUTING DISSERTATION zur Erlangung des Grades eines Doktor-Ingenieurs der Fakultät für Elektrotechnik und Informationstechnik an der Ruhr-Universität Bochum by Ralf Zimmermann Bochum, June 2015 Copyright c 2015 by Ralf Zimmermann. All rights reserved. Printed in Germany. To my beloved wife, Heike. Ralf Zimmermann Place of birth: Cologne, Germany Author’s contact information: [email protected] www.rub.de Thesis Advisor: Prof. Dr.-Ing. Christof Paar Ruhr-Universität Bochum, Germany Secondary Referee: Prof. Dr. Tanja Lange Technische Universiteit Eindhoven, Netherlands Thesis submitted: June 10th, 2015 Thesis defense: July 13th, 2015 Last revision: March 16, 2016 v vi Source: “Piled Higher and Deeper” by Jorge Cham www.phdcomics.com vii viii Abstract Today, we share our thoughts, habits, and acquaintances in social networks at every step we take in our lives and use network-based services like smart grid, home automation, and the Internet of Things. As the connectivity and data-flow between sensors and networks grows, we rely more and more on cryptographic primitives to prevent misuse of services, protect data, and ensure data integrity, authenticity, and confidentiality — given that the primitives remain secure as long as the data is considered useful. History shows the need for well-performed cryptanalysis not only on the theoretical level but also by utilizing state-of-the-art technology: By applying the best implementation of suitable attacks to cutting-edge hardware, we derive upper bounds on the security level of cryptographic algorithms. This allows us to suggest adjustments of security parameters or to exchange primitives at an early stage. The focus of this thesis is an analysis of the effects of hardware acceleration using clusters of reconfigurable devices for cryptanalytical tasks and security evaluations of practical attacks. As not all tasks are equally suitable for hardware implementations, this thesis covers different areas of cryptography and cryptanalysis in four major projects, i. e., algebraic attacks on stream ciphers, post-quantum cryptography, password search, and elliptic curve cryptography: The first project, Dynamic Cube Attack on the Grain-128 Stream Cipher, introduces a new type of algebraic attack, based on an improved version of cube testers, against the Grain-128 stream cipher and required special-purpose hardware for the attack verification. The second project covers Password Search against Key Derivation Functions and evaluates the security of two of the current standards in password-based key derivation: PBKDF2 and bcrypt. We analyze the effects of special-purpose hardware for both low-power attacks and well-funded, powerful adversaries. In the third project, Elliptic Curve Discrete Logarithm Problem on sect113r2, we target the ECDL computation on the sect113r2 elliptic curve, which is a non-broken SECG standard binary elliptic curve. We implemented Pollard’s rho algorithm in combination with the negation-map technique on FPGAs to increase the efficiency of the random walk, which has not been done before. The last part consists of the project Information Set Decoding against McEliece, in which we designed the first hardware-accelerated implementation of an Information Set Decoding attack against the code-based cryptosystem McEliece. We present a proof-of- concept implementation of ISD on reconfigurable devices and discuss the benefits and restrictions of our hardware approach to provide a solid basis for upcoming hardware implementations. The results of the projects show that special-purpose hardware is a very important platform to accelerate cryptanalytic tasks and — even though the speed gain heavily depends on the algorithm and the choice of the hardware platform — that it plays a key role for practical attacks and security evaluations of new cryptographic primitives. Thus, a lot of effort is spent to decrease the effects of massively parallelized and energy-efficient attack implementations. ix Abstract Keywords Cryptanaysis, Reconfigurable Hardware, FPGA, Cluster, High-Performance Computation, Im- plementation. x Kurzfassung Hochleistungsrechner aus rekonfigurierbarer Hardware für Anwendungen in der Kryptoanalyse Heutzutage haben wir uns angewöhnt, zu jedem Zeitpunkt unsere Gedanken, Gewohnheiten und Bekanntschaften in sozialen Netzwerken zu teilen. Hierzu nutzen wir netzwerkbasierte Dienste wie das intelligente Stromnetz, ferngesteuerte Haustechnik oder das Internet der Dinge. Im gleichen Maße, in dem die Verbindung zwischen Mensch und Netzwerk sowie der Datenfluss an- steigen, wächst die Bedeutung eines verlässlichen Schutzes vor Datenmissbrauch. Dazu vertrauen wir auf kryptographische Primitive, die wir zum Schutz von Datenintegrität, -authentizität und -vertrauenswürdigkeit einsetzen. Diese Primitive müssen dabei so lange als sicher gelten, wie die Daten potenziell Verwendung finden können. Die Geschichte hat gezeigt, dass Kryptoanalyse nicht nur eine theoretische Bedeutung hat, sondern auch unter Berücksichtigung des aktuellen Standes der Technik erfolgen muss. Durch die Verwendung optimaler Angriffe in Kombination mit der modernsten Hardware lässt sich das Sicherheitsniveau kryptographischer Algorithmen nach oben abschätzen. Dadurch können frühzeitig Anpassungen an die Sicherheitsparameter oder der Austausch von Algorithmen vorgeschlagen werden. Der Fokus dieser Arbeit liegt in der Analyse der Einflüsse der Verwendung von Hardwarebe- schleunigung durch Hochleistungsrechner aus rekonfigurierbarer Hardware für die Anwendungen in der Kryptoanalyse. Zudem werden die daraus resultierenden Auswirkung auf die Sicherheits- abschätzungen untersucht. Da nicht alle kryptographischen Primitive gleichermaßen für eine Hardwareimplementierung geeignet sind, werden in dieser Arbeit vier Projekte aus verschiedenen Teilgebieten der Kryptologie, insbesondere aus dem Bereich der Stromchiffren, effizienter Pass- wortsuche, Elliptischen-Kurven-Kryptographie und Post-Quantum Kryptographie dargestellt: Im ersten Projekt wird ein neuer algebraischer Angriff, der auf einer verbesserten Version der Cube Tester basiert, gegen die Stromchiffre Grain-128 beschrieben. Die Validierung des Angriffs unter Verwendung eines Simulationsalgorithmuses erfordert darauf spezialisierte Hardware, da ein Software-Ansatz nicht effizient genug ist. Das zweite Projekt beschäftigt sich mit der effi- zienten Passwortsuche gegen Schlüsselableitungsfunktionen und untersucht die Sicherheit von zwei der derzeitigen Standards in der Passwortableitung: PBKDF2 und bcrypt. Dabei werden die Auswirkungen von spezialisierter Hardware für energieeffiziente Angriffe und Kontrahen- ten mit entsprechenden finanziellen Mitteln analysiert. In dem dritten Projekt geht es um die Berechnung des diskreten Logarithmus auf der elliptischen Kurve sect113r2, die eine bislang nicht gebrochene Binärkurve der SECG Standardkurven über dem F2113 ist. Dabei wurde der parallele Pollard’s Rho Algorithmus zum ersten Mal in Hardware in Kombination mit der Ne- gation Map Technik implementiert, um die Effizienz der Random Walk Iteration zu erhöhen. Der letzte Abschnitt handelt von der ersten hardwarebeschleunigten Implementierung eines In- formation Set Decoding Angriffs auf das Post-Quantum Kryptographieverfahren McEliece. Die Proof-of-Concept Implementierung dient dabei als Grundlage für die Diskussion der Vorteile xi Kurzfassung und Einschränkungen durch den Hardware-Entwurf, die signifikante Unterschiede in der Wahl der Parameter und Optimierungen nach sich ziehen. Die Resultate der Projekte zeigen, dass in den verschiedenen Bereichen der Kryptoanalyse der Einsatz von Hardwarebeschleunigung unterschiedliche große Auswirkungen mit sich bringt. Dennoch rücken Hochleistungsrechner und hochparallele Implementierungen immer stärker in den Fokus der Sicherheitsforscher, da die relativen Kosten für die Durchführung von Angriffen immer attraktiver werden. Dementsprechend wird inzwischen bei der Definition neuer krypto- graphischer Primitive viel Wert auf Maßnahmen gegen Vorteile eines Angreifers durch massive Parallelisierung und energie-effiziente Implementierungen gelegt. Schlagworte Kryptoanalyse, Rekonfigurierbare Hardware, FPGA, Hochleistungsrechner, Hochgeschwindig- keitsberechnungen, Implementierung. xii Acknowledgements This thesis is the result of the last 5 years, which I spent at the Chair for Embedded Security at the Ruhr-University Bochum, at conferences, workshops and summer schools all around the world, and by commuting far more than 100 000 km on countless (usually delayed) trains between Mainz and Bochum. Here, I would like to express my gratitude and thank those, who made all of this possible and enjoyable. First and foremost, I would like to thank my family for all of the support throughout the years and thank my wife, Heike, in particular, who managed to act as a counterbalance and married me in spite of my unrealistic years-to-graduate estimation, the long long-distance relationship, and the work I brought home frequently to ruin her plans for our weekends. Thank you for all your support, your faith, and your love. Coming back to academia, I am very grateful to my supervisor, Christof Paar. Aside from the scientific guidance, helpful advices, and the contribution of research ideas, you always managed to motivate and encourage me. Thank you very much! I would also like to thank my thesis committee, especially Tanja Lange, who provided me with advices and suggestions whenever I met her. I am very grateful for the wonderful
Load more

Recommended publications
  • Efficient Implementation of an Optimized Attack on a Reconfigurable Hardware Cluster
    Breaking ecc2-113: Efficient Implementation of an Optimized Attack on a Reconfigurable Hardware Cluster Susanne Engels Master’s Thesis. February 22, 2014. Chair for Embedded Security – Prof. Dr.-Ing. Christof Paar Advisor: Ralf Zimmermann EMSEC Abstract Elliptic curves have become widespread in cryptographic applications since they offer the same cryptographic functionality as public-key cryptosystems designed over integer rings while needing a much shorter bitlength. The resulting speedup in computation as well as the smaller storage needed for the keys, are reasons to favor elliptic curves. Nowadays, elliptic curves are employed in scenarios which affect the majority of people, such as protecting sensitive data on passports or securing the network communication used, for example, in online banking applications. This works analyzes the security of elliptic curves by practically attacking the very basis of its mathematical security — the Elliptic Curve Discrete Logarithm Problem (ECDLP) — of a binary field curve with a bitlength of 113. As our implementation platform, we choose the RIVYERA hardware consisting of multiple Field Programmable Gate Arrays (FPGAs) which will be united in order to perform the strongest attack known in literature to defeat generic curves: the parallel Pollard’s rho algorithm. Each FPGA will individually perform a what is called additive random walk until two of the walks collide, enabling us to recover the solution of the ECDLP in practice. We detail on our optimized VHDL implementation of dedicated parallel Pollard’s rho processing units with which we equip the individual FPGAs of our hardware cluster. The basic design criterion is to build a compact implementation where the amount of idling units — which deplete resources of the FPGA but contribute in only a fraction of the computations — is reduced to a minimum.
    [Show full text]
  • High Performance Computing Zur Technischen Finanzmarktanalyse
    High Performance Computing zur technischen Finanzmarktanalyse Christoph Starke Dissertation zur Erlangung des akademischen Grades Doktor der Ingenieurwissenschaften (Dr.-Ing.) der Technischen Fakultät der Christian-Albrechts-Universität zu Kiel eingereicht im Jahr 2012 1. Gutachter: Prof. Dr. Manfred Schimmler Christian-Albrechts-Universität zu Kiel 2. Gutachter: Prof. Dr. Andreas Speck Christian-Albrechts-Universität zu Kiel Datum der mündlichen Prüfung: 24.9.2012 ii Zusammenfassung Auf Grundlagen der technischen Finanzmarktanalyse wird ein Algorith- mus für eine sicherheitsorientierte Wertpapierhandelsstrategie entwickelt. Maßgeblich für den Erfolg der Handelsstrategie ist dabei eine mög- lichst optimale Gewichtung mehrerer Indikatoren. Die Ermittlung dieser Gewichte erfolgt in einer sogenannten Kalibrierungsphase, die extrem rechenintensiv ist. Bei einer direkten Implementierung auf einem herkömmlichen High Performance PC würde diese Kalibrierungsphase zigtausend Jahre dauern. Deshalb wird eine parallele Version des Algorithmus entwickelt, die hervorragend für die massiv parallele, FPGA-basierte Rechnerarchitektur der RIVYERA geeignet ist, die am Lehrstuhl für technische Infor- matik der Christian-Albrechts-Universität zu Kiel entwickelt wurde. Durch mathematisch äquivalente Transformationen und Optimierungs- schritte aus verschiedenen Bereichen der Informatik gelingt eine FPGA- Implementierung mit einer im Vergleich zu dem PC mehr als 22.600-fach höheren Performance. Darauf aufbauend wird durch die zusätzliche Ent- wicklung eines
    [Show full text]
  • High-Performance Reconfigurable Computing
    International Journal of Reconfigurable Computing High-Performance Reconfigurable Computing Guest Editors: Khaled Benkrid, Esam El-Araby, Miaoqing Huang, Kentaro Sano, and Thomas Steinke High-Performance Reconfigurable Computing International Journal of Reconfigurable Computing High-Performance Reconfigurable Computing Guest Editors: Khaled Benkrid, Esam El-Araby, Miaoqing Huang, Kentaro Sano, and Thomas Steinke Copyright © 2012 Hindawi Publishing Corporation. All rights reserved. This is a special issue published in “International Journal of Reconfigurable Computing.” All articles are open access articles distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, pro- vided the original work is properly cited. Editorial Board Cristinel Ababei, USA Paris Kitsos, Greece Mario Porrmann, Germany Neil Bergmann, Australia Chidamber Kulkarni, USA Viktor K. Prasanna, USA K. L. M. Bertels, The Netherlands Miriam Leeser, USA Leonardo Reyneri, Italy Christophe Bobda, Germany Guy Lemieux, Canada Teresa Riesgo, Spain Miodrag Bolic, Canada Heitor Silverio Lopes, Brazil Marco D. Santambrogio, USA Joao˜ Cardoso, Portugal Martin Margala, USA Ron Sass, USA Paul Chow, Canada Liam Marnane, Ireland Patrick R. Schaumont, USA Rene´ Cumplido, Mexico Eduardo Marques, Brazil Andrzej Sluzek, Singapore Aravind Dasu, USA Maire´ McLoone, UK Walter Stechele, Germany Claudia Feregrino, Mexico Seda Ogrenci Memik, USA Todor Stefanov, The Netherlands Andres D. Garcia, Mexico Gokhan Memik, USA Gregory Steffan, Canada Soheil Ghiasi, USA Daniel Mozos, Spain Gustavo Sutter, Spain Diana Gohringer,¨ Germany Nadia Nedjah, Brazil Lionel Torres, France Reiner Hartenstein, Germany Nik Rumzi Nik Idris, Malaysia Jim Torresen, Norway Scott Hauck, USA JoseNu´ nez-Ya˜ nez,˜ UK W. Vanderbauwhede, UK Michael Hubner,¨ Germany Fernando Pardo, Spain Mus¨¸tak E.
    [Show full text]
  • A Hybrid-Parallel Architecture for Applications in Bioinformatics
    A Hybrid-parallel Architecture for Applications in Bioinformatics M.Sc. Jan Christian Kässens Dissertation zur Erlangung des akademischen Grades Doktor der Ingenieurwissenschaften (Dr.-Ing.) der Technischen Fakultät der Christian-Albrechts-Universität zu Kiel eingereicht im Jahr 2017 Kiel Computer Science Series (KCSS) 2017/4 dated 2017-11-08 URN:NBN urn:nbn:de:gbv:8:1-zs-00000335-a3 ISSN 2193-6781 (print version) ISSN 2194-6639 (electronic version) Electronic version, updates, errata available via https://www.informatik.uni-kiel.de/kcss The author can be contacted via [email protected] Published by the Department of Computer Science, Kiel University Computer Engineering Group Please cite as: Ź Jan Christian Kässens. A Hybrid-parallel Architecture for Applications in Bioinformatics Num- ber 2017/4 in Kiel Computer Science Series. Department of Computer Science, 2017. Dissertation, Faculty of Engineering, Kiel University. @book{Kaessens17, author = {Jan Christian K\"assens}, title = {A Hybrid-parallel Architecture for Applications in Bioinformatics}, publisher = {Department of Computer Science, CAU Kiel}, year = {2017}, number = {2017/4}, doi = {10.21941/kcss/2017/4}, series = {Kiel Computer Science Series}, note = {Dissertation, Faculty of Engineering, Kiel University.} } © 2017 by Jan Christian Kässens ii About this Series The Kiel Computer Science Series (KCSS) covers dissertations, habilitation theses, lecture notes, textbooks, surveys, collections, handbooks, etc. written at the Department of Computer Science at Kiel University. It was initiated in 2011 to support authors in the dissemination of their work in electronic and printed form, without restricting their rights to their work. The series provides a unified appearance and aims at high-quality typography. The KCSS is an open access series; all series titles are electronically available free of charge at the department’s website.
    [Show full text]
  • An Efficient VHDL Description and Hardware Implementation of The
    An Efficient VHDL Description and Hardware Implementation of the Triple DES Algorithm A thesis submitted to the Graduate School of the University of Cincinnati In partial fulfillment of the requirements for the degree of Master of Science In the Department of Electrical and Computer Engineering Of the College of Engineering and Applied Sciences June 2014 By Lathika SriDatha Namburi B.Tech, Electronics and Communications Engineering, Jawaharlal Nehru Technological University, Hyderabad, India, 2011 Thesis Advisor and Committee Chair: Dr. Carla Purdy ABSTRACT Data transfer is becoming more and more essential these days with applications ranging from everyday social networking to important banking transactions. The data that is being sent or received shouldn’t be in its original form but must be coded to avoid the risk of eavesdropping. A number of algorithms to encrypt and decrypt the data are available depending on the level of security to be achieved. Many of these algorithms require special hardware which makes them expensive for applications which require a low to medium level of data security. FPGAs are a cost effective way to implement such algorithms. We briefly survey several encryption/decryption algorithms and then focus on one of these, the Triple DES. This algorithm is currently used in the electronic payment industry as well as in applications such as Microsoft OneNote, Microsoft Outlook and Microsoft system center configuration manager to password protect user content and data. We implement the algorithm in a Hardware Description Language, specifically VHDL and deploy it on an Altera DE1 board which uses a NIOS II soft core processor. The algorithm takes input encoded using a software based Huffman encoding to reduce its redundancy and compress the data.
    [Show full text]
  • Secure Volunteer Computing for Distributed Cryptanalysis
    ysis SecureVolunteer Computing for Distributed Cryptanal Nils Kopal Secure Volunteer Computing for Distributed Cryptanalysis ISBN 978-3-7376-0426-0 kassel university 9 783737 604260 Nils Kopal press kassel university press ! "# $ %& & &'& #( )&&*+ , #()&- ( ./0 12.3 - 4 # 5 (!!&& & 6&( 7"#&7&12./ 5 -839,:,3:3/,2;1/,2% ' 5 -839,:,3:3/,2;13,3% ,' 05( (!!<& &!.2&.81..!")839:3:3/2;133 "=( (!!, #& !(( (2221,;2;13/ '12.97 # ?@7 & &, & ) ? “With magic, you can turn a frog into a prince. With science, you can turn a frog into a Ph.D. and you still have the frog you started with.” Terry Pratchett Abstract Volunteer computing offers researchers and developers the possibility to distribute their huge computational jobs to the computers of volunteers. So, most of the overall cost for computational power and maintenance is spread across the volunteers. This makes it possible to gain computing resources that otherwise only expensive grids, clusters, or supercomputers offer. Most volunteer computing solutions are based on a client-server model. The server manages the distribution of subjobs to the computers of volunteers, the clients, which in turn compute the subjobs and return the results to the server. The Berkeley Open Infrastructure for Network Computing (BOINC) is the most used middleware for volunteer computing. A drawback of any client-server architecture is the server being the single point of control and failure. To get rid of the single point of failure, we developed different distribution algorithms (epoch distribution algorithm, sliding-window distribution algorithm, and extended epoch distribution algorithm) based on unstructured peer-to-peer networks. These algorithms enable the researchers and developers to create volunteer computing networks without any central server.
    [Show full text]
  • Fpgas in Bioinformatics
    FPGAs in Bioinformatics Implementation and Evaluation of Common Bioinformatics Algorithms in Reconfigurable Logic Dipl.-Inf. Lars Wienbrandt Dissertation zur Erlangung des akademischen Grades Doktor der Ingenieurwissenschaften (Dr.-Ing.) der Technischen Fakultät der Christian-Albrechts-Universität zu Kiel eingereicht im Jahr 2015 Kiel Computer Science Series (KCSS) 2016/2 v1.0 dated 2016-03-15 ISSN 2193-6781 (print version) ISSN 2194-6639 (electronic version) Electronic version, updates, errata available via https://www.informatik.uni-kiel.de/kcss The author can be contacted via http://www.techinf.informatik.uni-kiel.de Published by the Department of Computer Science, Kiel University Technical Computer Science Group Please cite as: Ź Lars Wienbrandt. FPGAs in Bioinformatics Number 2016/2 in Kiel Computer Science Series. Department of Computer Science, 2016. Dissertation, Faculty of Engineering, Kiel University. @book{Wienbrandt16, author = {Lars Wienbrandt}, title = {{FPGAs in Bioinformatics}}, publisher = {Department of Computer Science, Kiel University}, year = {2016}, number = {2016/2}, series = {Kiel Computer Science Series}, note = {Dissertation, Faculty of Engineering, Kiel University.} } © 2016 by Lars Wienbrandt ii About this Series The Kiel Computer Science Series (KCSS) covers dissertations, habilitation theses, lecture notes, textbooks, surveys, collections, handbooks, etc. written at the Department of Computer Science at Kiel University. It was initiated in 2011 to support authors in the dissemination of their work in electronic and printed form, without restricting their rights to their work. The series provides a unified appearance and aims at high-quality typography. The KCSS is an open access series; all series titles are electronically available free of charge at the department’s website. In addition, authors are encouraged to make printed copies available at a reasonable price, typically with a print-on-demand service.
    [Show full text]
  • Solving the Discrete Logarithm of a 113-Bit Koblitz Curve with an FPGA Cluster
    Solving the Discrete Logarithm of a 113-bit Koblitz Curve with an FPGA Cluster Erich Wenger and Paul Wolfger Graz University of Technology Institute for Applied Information Processing and Communications Inffeldgasse 16a, 8010 Graz, Austria [email protected], [email protected] Abstract. Using FPGAs to compute the discrete logarithms of elliptic curves is a well-known method. However, until to date only CPU clus- ters succeeded in computing new elliptic curve discrete logarithm records. This work presents a high-speed FPGA implementation that was used to compute the discrete logarithm of a 113-bit Koblitz curve. The core of the design is a fully unrolled, highly pipelined, self-sufficient Pollard's rho iteration function. An 18-core Virtex-6 FPGA cluster computed the discrete logarithm of a 113-bit Koblitz curve in extrapolated 24 days. Until to date, no attack on such a large Koblitz curve succeeded using as little resources or in such a short time frame. Keywords: elliptic curve cryptography, discrete logarithm problem, Koblitz curve, hardware design, FPGA, discrete logarithm record. 1 Introduction It is possible to repeatedly fold a standard letter-sized sheet of paper at the midway point about six to seven times. In 2012, some MIT students [28] were able to fold an 1.2 kilometer long toilet paper 13 times. And every time the paper was folded, the number of layers on top of each other doubled. Therefore, the MIT students ended up with 213 = 8192 layers of paper on top of each other. And poor Eve's job was to manually count all layers one by one.
    [Show full text]
  • A Massively Parallel Architecture for Bioinformatics
    A Massively Parallel Architecture for Bioinformatics Gerd Pfeiffer1, Stefan Baumgart1, Jan Schr¨oder2, and Manfred Schimmler2 1 SciEngines GmbH, 24118 Kiel, Germany, WWW home page: http://www.sciengines.com 2 Christian-Albrechts Universit¨at, Department of Computer Science, Hermann-Rodewald-Str. 3, 24118 Kiel, Germany WWW home page: http://www.informatik.uni-kiel.de Abstract. Today’s general purpose computers lack in meeting the re- quirements on computing performance for standard applications in bioin- formatics like DNA sequence alignment, error correction for assembly, or TFBS finding. The size of DNA sequence databases doubles twice a year. On the other hand the advance in computing performance per unit cost only doubles every 2 years. Hence, ingenious approaches have been developed for putting this discrepancy in perspective by use of special purpose computing architectures like ASICs, GPUs, multicore CPUs or CPU Clusters. These approaches suffer either from being too applica- tion specific (ASIC and GPU) or too general (CPU-Cluster and multi- core CPUs). An alternative is the FPGA, which outperforms the solu- tions mentioned above in case of bioinformatic applications with respect to cost and power efficiency, flexibility and communication bandwidths. For making maximal use of the advantages, a new massively parallel architecture consisting of low-cost FPGAs is presented. 1 Introduction Bioinformatics algorithms are most demanding in scientific computing. Most of the times they are not NP-hard or even of high asymptotic complexity but the sheer masses of input data make their computation laborious. Furthermore, the life science thus bioinformatics research field is growing fast and so is the input data that wait to be processed.
    [Show full text]
  • Active Electromagnetic Attacks on Secure Hardware
    UCAM-CL-TR-811 Technical Report ISSN 1476-2986 Number 811 Computer Laboratory Active electromagnetic attacks on secure hardware A. Theodore Markettos December 2011 15 JJ Thomson Avenue Cambridge CB3 0FD United Kingdom phone +44 1223 763500 http://www.cl.cam.ac.uk/ c 2011 A. Theodore Markettos This technical report is based on a dissertation submitted March 2010 by the author for the degree of Doctor of Philosophy to the University of Cambridge, Clare Hall. Technical reports published by the University of Cambridge Computer Laboratory are freely available via the Internet: http://www.cl.cam.ac.uk/techreports/ ISSN 1476-2986 Active electromagnetic attacks on secure hardware A. Theodore Markettos Summary The field of side-channel attacks on cryptographic hardware has been extensively studied. In many cases it is easier to derive the secret key from these attacks than to break the cryptography itself. One such side- channel attack is the electromagnetic side-channel attack, giving rise to electromagnetic analysis (EMA). EMA, when otherwise known as ‘TEMPEST’ or ‘compromising eman- ations’, has a long history in the military context over almost the whole of the twentieth century. The US military also mention three related at- tacks, believed to be: HIJACK (modulation of secret data onto conducted signals), NONSTOP (modulation of secret data onto radiated signals) and TEAPOT (intentional malicious emissions). In this thesis I perform a fusion of TEAPOT and HIJACK/NONSTOP techniques on secure integrated circuits. An attacker is able to introduce one or more frequencies into a cryptographic system with the intention of forcing it to misbehave or to radiate secrets.
    [Show full text]
  • Breaking Legacy Banking Standards with Special-Purpose Hardware
    Appears in Proceedings: Financial Cryptography and Data Security – FC 2008, Cozumel, Mexico. Lecture Notes on Computer Science (LNCS), Springer Verlag. Breaking Legacy Banking Standards with Special-Purpose Hardware Tim G¨uneysu, Christof Paar Horst G¨ortz Institute for IT Security, Ruhr University Bochum, Germany Abstract. In the field of eCommerce, online-banking is one of the major application requiring the usage of modern cryptography to protect the confidentiality and integrity of financial transactions between users and the banking system. In banking applications of some countries, the authorization of user transactions is performed with support of cryptographic One-Time-Password (OTP) tokens implementing ANSI X9.9-based challenge-response protocols. The legacy ANSI X9.9 standard is a DES-based authentication method on which we will demonstrate an attack based on a special-purpose hardware cluster. In this work we show how to break such an OTP-token with little effort in terms of costs and time. With an investment of about US $ 10,000 we are able to perform an attack which computes the key of a DES-based OTP token in less than a week having only three challenge-response pairs. Our attack can even be scaled linearly according to the budget of the attacker resulting in even faster breaking times. With this work, we want to point out once more that the immediate migration from legacy products using the DES algorithm is absolutely mandatory for security critical applications. Keywords: ANSI X9.9, Banking, Cryptanalysis, Special-Purpose Hardware. 1 Introduction With the rise of the Internet during the last decades, this new communication medium has become increasingly relevant for financial transactions with respect to eCommerce and particularly, online-banking.
    [Show full text]
  • Download Hostside C/C++ API Documentation
    RIVYERA/API CI NGINES SmassivelyE parallel computing RIVYERA API SciEngines RIVYERA Host-API Documentation Development User Guide, Host-API (C/C++) Version 1.94.05 J. Bissel, Chief Software Architect Revision: 1269 1.94.05 August 2, 2019 Released version SciEngines Software Division RIVYERA API RIVYERA/API Revision: 1269 1.94.05 August 2, 2019 SciEngines RIVYERA Host-API Documentation Development User Guide, Host-API (C/C++) Version 1.94.05 J. Bissel, Chief Software Architect SciEngines GmbH Am-Kiel-Kanal 2 24106 Kiel Germany Public Released version Prepared for SciEngines GmbH, Am-Kiel-Kanal 2, 24106 Kiel, Germany Under No Contract Number Monitored by J. Bissel RIVYERA/API ii Abstract: This introduction offers a brief overview of the SciEngines RIVYERA computer. It describes the physical and structural details from the programmers’ point of view. The main purpose of the RIVYERA API is to interface with single and multiple FPGAs in a massively parallel architecture as simply and easily as possible. We intended to provide an infrastructure for your FPGA designs which allows to leverage the benefits of a massively parallel architecture without raising the complexity of your design. Therefore, we provide a simple interface hiding the idiosyncratic implementation details of the physical layers while permitting a high-level view of your RIVYERA computer. Disclaimer: Any information contained in this document is confidential, and only intended for reception and use by the company or authority who bought a SciEngines product. Drawings, pictures, illustrations and estimations are nonbinding and for illustration purposes only. If you are not the intended recipient, please return the document to the sender and delete any copies afterwards.
    [Show full text]