Attacking Deterministic Signature Schemes Using Fault Attacks
Total Page:16
File Type:pdf, Size:1020Kb

Load more
Recommended publications
-
Post-Quantum Cryptography
Post-quantum cryptography Daniel J. Bernstein & Tanja Lange University of Illinois at Chicago; Ruhr University Bochum & Technische Universiteit Eindhoven 12 September 2020 I Motivation #1: Communication channels are spying on our data. I Motivation #2: Communication channels are modifying our data. I Literal meaning of cryptography: \secret writing". I Achieves various security goals by secretly transforming messages. I Confidentiality: Eve cannot infer information about the content I Integrity: Eve cannot modify the message without this being noticed I Authenticity: Bob is convinced that the message originated from Alice Cryptography with symmetric keys AES-128. AES-192. AES-256. AES-GCM. ChaCha20. HMAC-SHA-256. Poly1305. SHA-2. SHA-3. Salsa20. Cryptography with public keys BN-254. Curve25519. DH. DSA. ECDH. ECDSA. EdDSA. NIST P-256. NIST P-384. NIST P-521. RSA encrypt. RSA sign. secp256k1. Cryptography / Sender Receiver \Alice" \Bob" Tsai Ing-Wen picture credit: By =q府, Attribution, Wikimedia. Donald Trump picture credit: By Shealah Craighead - White House, Public Domain, Wikimedia. Daniel J. Bernstein & Tanja Lange Post-quantum cryptography2 Cryptography with symmetric keys AES-128. AES-192. AES-256. AES-GCM. ChaCha20. HMAC-SHA-256. Poly1305. SHA-2. SHA-3. Salsa20. I Literal meaning of cryptography: \secret writing". Cryptography with public keys Achieves various security goals by secretly transforming messages. BN-254I . Curve25519. DH. DSA. ECDH. ECDSA. EdDSA. NIST P-256. NIST P-384. Confidentiality: Eve cannot infer information about the content NISTI P-521. RSA encrypt. RSA sign. secp256k1. I Integrity: Eve cannot modify the message without this being noticed I Authenticity: Bob is convinced that the message originated from Alice Cryptography / Sender Untrustworthy network Receiver \Alice" \Eve" \Bob" I Motivation #1: Communication channels are spying on our data. -
Secure Authentication Protocol for Internet of Things Achraf Fayad
Secure authentication protocol for Internet of Things Achraf Fayad To cite this version: Achraf Fayad. Secure authentication protocol for Internet of Things. Networking and Internet Archi- tecture [cs.NI]. Institut Polytechnique de Paris, 2020. English. NNT : 2020IPPAT051. tel-03135607 HAL Id: tel-03135607 https://tel.archives-ouvertes.fr/tel-03135607 Submitted on 9 Feb 2021 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. Protocole d’authentification securis´ e´ pour les objets connectes´ These` de doctorat de l’Institut Polytechnique de Paris prepar´ ee´ a` Tel´ ecom´ Paris Ecole´ doctorale n◦626 Ecole´ doctorale de l’Institut Polytechnique de Paris (EDIPP) Specialit´ e´ de doctorat : Reseaux,´ informations et communications NNT : 2020IPPAT051 These` present´ ee´ et soutenue a` Palaiseau, le 14 decembre´ 2020, par ACHRAF FAYAD Composition du Jury : Ken CHEN Professeur, Universite´ Paris 13 Nord President´ Pascal LORENZ Professeur, Universite´ de Haute-Alsace (UHA) Rapporteur Ahmed MEHAOUA Professeur, Universite´ Paris Descartes Rapporteur Lyes KHOUKHI Professeur, Ecole´ Nationale Superieure´ d’Ingenieurs´ de Examinateur Caen-ENSICAEN Ahmad FADLALLAH Associate Professor, University of Sciences and Arts in Lebanon Examinateur (USAL) Rida KHATOUN Maˆıtre de conferences,´ Tel´ ecom´ Paris Directeur de these` Ahmed SERHROUCHNI Professeur, Tel´ ecom´ Paris Co-directeur de these` Badis HAMMI Associate Professor, Ecole´ pour l’informatique et les techniques Invite´ avancees´ (EPITA) 626 Acknowledgments First, I would like to thank my thesis supervisor Dr. -
Alternative Elliptic Curve Representations
Alternative Elliptic Curve Representations draft-struik-lwig-curve-representations-00 René Struik Struik Security Consultancy E-mail: [email protected] IETF 101draft-struik – London,-lwig-curve- representationsUK, March-002018 1 Outline 1. The ECC Algorithm Zoo – NIST curve P-256, ECDSA – Curve25519 – Ed25519 2. Implementation Detail 3. How to Reuse Code 4. How to Reuse Existing Standards 5. Conclusions draft-struik-lwig-curve-representations-00 2 ECC Algorithm Zoo (1) NIST curves: Curve model: Weierstrass curve Curve equation: y2 = x3 + ax + b (mod p) Base point: G=(Gx, Gy) Scalar multiplication: addition formulae using, e.g., mixed Jacobian coordinates Point representation: both coordinates of point P=(X, Y) (affine coordinates) 0x04 || X || Y in most-significant-bit/octet first order Examples: NIST P-256 (ANSI X9.62, NIST SP 800-56a, SECG, etc.); Brainpool256r1 (RFC 5639) ECDSA: Signature: R || s in most-significant-bit/octet first order Signing equation: e = s k + d r (mod n), where e=Hash(m) Example: ECDSA, w/ P-256 and SHA-256 (FIPS 186-4, ANSI X9.62, etc.) Note: message m pre-hashed draft-struik-lwig-curve-representations-00 3 ECC Algorithm Zoo (2) CFRG curves: Curve model: Montgomery curve Curve equation: By2 = x3 + Ax2 + x (mod p) Base point: G=(Gx, Gy) Scalar multiplication: Montgomery ladder, using projective coordinates [X: :Z] Point representation: x-coordinate of point P=(X, Y) (x-coordinate-only) X in least-significant-octet, most-significant-bit first order Examples: Curve25519, Curve448 (RFC 7748) DH Key agreement: -
Security Analysis of the Signal Protocol Student: Bc
ASSIGNMENT OF MASTER’S THESIS Title: Security Analysis of the Signal Protocol Student: Bc. Jan Rubín Supervisor: Ing. Josef Kokeš Study Programme: Informatics Study Branch: Computer Security Department: Department of Computer Systems Validity: Until the end of summer semester 2018/19 Instructions 1) Research the current instant messaging protocols, describe their properties, with a particular focus on security. 2) Describe the Signal protocol in detail, its usage, structure, and functionality. 3) Select parts of the protocol with a potential for security vulnerabilities. 4) Analyze these parts, particularly the adherence of their code to their documentation. 5) Discuss your findings. Formulate recommendations for the users. References Will be provided by the supervisor. prof. Ing. Róbert Lórencz, CSc. doc. RNDr. Ing. Marcel Jiřina, Ph.D. Head of Department Dean Prague January 27, 2018 Czech Technical University in Prague Faculty of Information Technology Department of Computer Systems Master’s thesis Security Analysis of the Signal Protocol Bc. Jan Rub´ın Supervisor: Ing. Josef Kokeˇs 1st May 2018 Acknowledgements First and foremost, I would like to express my sincere gratitude to my thesis supervisor, Ing. Josef Kokeˇs,for his guidance, engagement, extensive know- ledge, and willingness to meet at our countless consultations. I would also like to thank my brother, Tom´aˇsRub´ın,for proofreading my thesis. I cannot express enough gratitude towards my parents, Lenka and Jaroslav Rub´ınovi, who supported me both morally and financially through my whole studies. Last but not least, this thesis would not be possible without Anna who re- lentlessly supported me when I needed it most. Declaration I hereby declare that the presented thesis is my own work and that I have cited all sources of information in accordance with the Guideline for adhering to ethical principles when elaborating an academic final thesis. -
Family Friendly Magazine 129 in PDF Format
Family Friendly Gaming The VOICE of TM the FAMILY in GAMING Kingdom Hearts III, Ooblets, Monster Hunter World and more in this fabu- lous issue!! ISSUE #129 NI NO KUNI II REVENANT KING- DOM wants you to April 2018 role play. CONTENTS ISSUE #129 April 2018 CONTENTS Links: Home Page Section Page(s) Editor’s Desk 4 Female Side 5 Comics 7 Sound Off 8 - 10 Look Back 12 Quiz 13 Devotional 14 Helpful Thoughts 15 In The News 16 - 23 We Would Play That! 24 Reviews 25 - 37 Sports 38 - 41 Developing Games 42 - 67 Now Playing 68 - 83 Last Minute Tidbits 84 - 106 “Family Friendly Gaming” is trademarked. Contents of Family Friendly Gaming is the copyright of Paul Bury, and Yolanda Bury with the exception of trademarks and related indicia (example Digital Praise); which are prop- erty of their individual owners. Use of anything in Family Friendly Gaming that Paul and Yolanda Bury claims copyright to is a violation of federal copyright law. Contact the editor at the business address of: Family Friendly Gaming 7910 Autumn Creek Drive Cordova, TN 38018 [email protected] Trademark Notice Nintendo, Sony, Microsoft all have trademarks on their respective machines, and games. The current seal of approval, and boy/girl pics were drawn by Elijah Hughes thanks to a wonderful donation from Tim Emmerich. Peter and Noah are inspiration to their parents. Family Friendly Gaming Page 2 Page 3 Family Friendly Gaming Editor’s Desk FEMALE SIDE this instance I feel wonderful. God has given God is my prize and my goal. -
Annual Report & Accounts 2020
Sumo Group Annual Report & Accounts 2020 Sumo Report & Accounts Annual Group sumogroupplc.com Annual Report & Accounts 2020 We are one of the UK’s largest providers of end-to-end creative development and co-development services to the video games and entertainment industries. We make highly innovative games for the most prestigious publishers in the world, with an increasing number of titles based on original concepts developed by Sumo. Strategic Report Governance Financial Statements At a Glance 2 Introduction to Governance 45 Independent Auditor’s report 68 Chairman’s Statement 4 Corporate Governance 46 Consolidated Income Statement 76 Business Model 6 Board of Directors 50 Consolidated Statement of Our Businesses 14 Operating Board 52 Comprehensive Income 77 Our Markets 20 Audit and Risk Committee Report 54 Consolidated Balance Sheet 78 Our Strategy 22 Directors’ Remuneration Report 56 Consolidated Statement of Chief Executive’s review 23 Directors’ Report 64 Changes in Equity 79 Group Financial Review 29 Statement of Directors’ Consolidated Cash Flow Section 172 Statement 34 Responsibilities 66 Statement 80 Environmental, Social Notes to the Group Financial and Governance 38 Statements 81 Energy and Carbon Report 40 Parent Company Balance Sheet 114 Risks & Uncertainties 41 Parent Company Statement of Changes in Equity 115 Notes to the Parent Company Financial Statements 116 Financial Calendar and Company Information 119-120 Designed and printed by Perivan STRATEGICSTRATEGIC REPORTREPORT Highlights Our vision Achieving wonder together. Revenue £68.9m 2019: £49.0m +40.7% Gross profit Our mission £31.5m 2019: £23.9m Grow a sustainable business, providing security to our +31.5% people and shareholders, whilst delivering a first-class experience to our partners and players. -
Multi-Party Encrypted Messaging Protocol Design Document, Release 0.3-2-Ge104946
Multi-Party Encrypted Messaging Protocol design document Release 0.3-2-ge104946 Mega Limited, Auckland, New Zealand Guy Kloss <[email protected]> arXiv:1606.04593v1 [cs.CR] 14 Jun 2016 11 January 2016 CONTENTS 1 Strongvelope Multi-Party Encrypted Messaging Protocol 2 1.1 Intent.......................................... ....... 2 1.2 SecurityProperties.............................. ............ 2 1.3 ScopeandLimitations ............................. ........... 3 1.4 Assumptions ..................................... ........ 3 1.5 Messages........................................ ....... 3 1.6 Terminology ..................................... ........ 4 2 Cryptographic Primitives 5 2.1 KeyPairforAuthentication . ............. 5 2.2 KeyAgreement.................................... ........ 5 2.3 (Sender)KeyEncryption. ............ 5 2.4 MessageAuthentication . ............ 6 2.5 MessageEncryption ............................... .......... 6 3 Message Encryption 7 3.1 SenderKeyExchange ............................... ......... 7 3.2 ContentEncryption............................... ........... 8 4 Protocol Encoding 9 4.1 TLVTypes ........................................ ...... 9 4.2 MessageSignatures ............................... .......... 10 4.3 MessageTypes.................................... ........ 10 4.4 KeyedMessages ................................... ........ 10 4.5 FollowupMessages ................................ ......... 10 4.6 AlterParticipantMessages. .............. 11 4.7 LegacySenderKeyEncryption . ............ 11 4.8 SenderKeystoInclude... -
Practical Fault Attack Against the Ed25519 and Eddsa Signature Schemes
Practical fault attack against the Ed25519 and EdDSA signature schemes Yolan Romailler, Sylvain Pelissier Kudelski Security Cheseaux-sur-Lausanne, Switzerland fyolan.romailler,[email protected] main advantages is that its scalar multiplication can be Abstract—The Edwards-curve Digital Signature Algorithm implemented without secret dependent branch and lookup, (EdDSA) was proposed to perform fast public-key digital avoiding the risk of side-channel leakage. More recently, a signatures as a replacement for the Elliptic Curve Digital Signature Algorithm (ECDSA). Its key advantages for em- new digital signature algorithm, namely Ed25519 [6], was bedded devices are higher performance and straightforward, proposed based on the curve edwards25519, i.e., the Edward secure implementations. Indeed, neither branch nor lookup twist of Curve25519. This algorithm was then generalized operations depending on the secret values are performed to other curves and called EdDSA [7]. Due to its various during a signature. These properties thwart many side-channel advantages [7], EdDSA was quickly implemented in many attacks. Nevertheless, we demonstrate here that a single-fault attack against EdDSA can recover enough private key material products and libraries, such as OpenSSH [8]. It was also to forge valid signatures for any message. We demonstrate a recently formally defined in RFC 8032 [9]. practical application of this attack against an implementation The authors of EdDSA did not make any claims about its on Arduino Nano. To the authors’ best knowledge this is the security against fault attacks. However, its resistance to fault first practical fault attack against EdDSA or Ed25519. attacks is discussed in [10]–[12] and taken into account by Keywords-EdDSA; Ed25519; fault attack; digital signature Perrin in [13]. -
(Not) to Design and Implement Post-Quantum Cryptography
SoK: How (not) to Design and Implement Post-Quantum Cryptography James Howe1 , Thomas Prest1 , and Daniel Apon2 1 PQShield, Oxford, UK. {james.howe,thomas.prest}@pqshield.com 2 National Institute of Standards and Technology, USA. [email protected] Abstract Post-quantum cryptography has known a Cambrian explo- sion in the last decade. What started as a very theoretical and mathe- matical area has now evolved into a sprawling research ˝eld, complete with side-channel resistant embedded implementations, large scale de- ployment tests and standardization e˙orts. This study systematizes the current state of knowledge on post-quantum cryptography. Compared to existing studies, we adopt a transversal point of view and center our study around three areas: (i) paradigms, (ii) implementation, (iii) deployment. Our point of view allows to cast almost all classical and post-quantum schemes into just a few paradigms. We highlight trends, common methodologies, and pitfalls to look for and recurrent challenges. 1 Introduction Since Shor's discovery of polynomial-time quantum algorithms for the factoring and discrete logarithm problems, researchers have looked at ways to manage the potential advent of large-scale quantum computers, a prospect which has become much more tangible of late. The proposed solutions are cryptographic schemes based on problems assumed to be resistant to quantum computers, such as those related to lattices or hash functions. Post-quantum cryptography (PQC) is an umbrella term that encompasses the design, implementation, and integration of these schemes. This document is a Systematization of Knowledge (SoK) on this diverse and progressive topic. We have made two editorial choices. -
Think Global Go Local
THINK GLOBAL GO LOCAL Altagram Group Company Deck Company History Founded by Marie Amigues, Altagram rapidly Year 2013 established itself in the gaming industry with a reputation for high-quality multilingual game localization. The company had already tripled in size, and Marie was named one of the top 10 women Year 2017 entrepreneurs in the gaming industry in Germany. The Korean office in Seoul opened its doors to better cater to the specific needs of Altagram’s Asian clients. Altagram expanded into North America, opening an Year 2018 office in Montréal – dedicated for QA. Altagram develops the first all-in-one culturalization Year 2019 platform – with the Horizon 2020 EU grant of 2M€. Europe’s Horizon2020 SME-Instrument Phase 2 Champion Awarded “Best for Employee Well-being” Our Values It takes passion and expertise to achieve the quality that will make your game different! • Consistent high quality • Passion for games • Drive for constant innovation Proud member of: Our Solutions A dedicated team specialized in every type of game— the key to successful game localization! Game Text Localization In-game, UI, manuals, marketing text, packaging, app store text Game Culturalization Cultural consultation, graphics & mechanics localization, store features, ASO, SEO Multilingual Voice-Over Multilingual voice-over, pre/post-production, SFX, casting Testing Linguistic (LQA), functional (FQA), testing Quality Evaluation (LQE) We cover all markets for the video game industry, Game Markets working into 50+ target languages. Western Europe Eastern -
SUMO FINAL RESULTS 2020 Sumo Group, T
31 March 2021 SUMO GROUP PLC (“Sumo Group”, the “Group” or the “Company”) AIM: SUMO FINAL RESULTS 2020 Sumo Group, the award-winning provider of creative and development services to the video games and entertainment industries, announces its final results for the year ended 31 December 2020 (“FY20”), which show substantial growth in revenue and Adjusted EBITDA and further outperform consensus market expectations for FY20, which were upgraded in January 2021 following the Group’s positive trading update. Financials Reported results 2020 2019 Change Revenue £68.9m £49.0m + 40.7% Gross profit £31.5m £23.9m + 31.5% Gross margin 45.7% 48.9% Profit before taxation1 £0.9m £7.4m Cash flow from operations £13.0m £14.4m Net cash £6.8m £12.9m Basic earnings per share 1.08p 5.19p Diluted earnings per share 1.01p 5.07p Underlying results 2020 2019 Change Adjusted gross profit2 £31.7m £25.2m + 25.8% Adjusted gross margin3 41.8% 44.8% Adjusted EBITDA4 £16.5m £14.1m + 17.1% 1 The statutory profit before taxation of £0.9m in 2020 is stated after charging an amount of £7.3m arising on the acquisition of Pipeworks consisting of the £2.7m fair value loss on contingent consideration, £1.7m of amortisation of customer contracts and customer relationships and £2.9m of transactions costs on that acquisition. In addition, the statutory profit before taxation is stated after charging exceptional items other than the costs incurred on the acquisition of Pipeworks of £1.2m (2019: £0.5m) and the share-based payment charge of £5.0m (2019: £2.7m) and the unrealised gain on foreign currency derivative contracts of £1.0m. -
Annual Review
annual review 2017 our board Ukie Annual Review 2016/17 contents 02 foreword 04 Noirin Carmody - Chair Harvey Eagle chair’s report Owner and COO Xbox UK Marketing Director Our initiatives Revolution Software Microsoft 06 ceo’s report Ian Livingstone CBE - Vice Chair Miles Jacobson OBE Chairman Studio Director Playmob Sports Interactive 08 a year in westminster and brussels askaboutgames Dave Gould - Treasurer Veronique Lallier askaboutgames.com Snr Director of Sales UK & Export European Managing Director 12 Take 2 Interactive Hi-Rez Studios research and analysis Without house background Simon Barratt Warwick Light 16 Director UK Managing Director and Vice President ukie’s year in numbers Sony Interactive Entertainment Barog Game Labs INSPIRATIONAL COMPUTING 18 Katherine Bidwell Phil Mansell Digital Schoolhouse acting locally thinking globally Co-Founder CEO digitalschoolhouse.org.ukWith house background State of Play Games Jagex 20 ukie’s global trade programme Neil Boyd Andy Payne OBE INSPIRATIONAL COMPUTING European Anti-Piracy Counsel CEO Nintendo Europe AppyNation 22 the digital schoolhouse Shaun Campbell Kirsty Rigden Games London UK Country Manager Operations Director games.london 24 Electronic Arts FuturLab inspiring talent John Clark Ella Romanos 26 Senior Vice President, Commercial Director promoting a positive image Publishing Rocket Lolly Games SEGA Europe Students 27 Rob Cooper Roy Stackhouse making the most of your IP Managing Director Northern Europe and Vice President - UK, Ireland & Benelux Ukie Students Export Territories