Worcester Polytechnic Institute

Past Seminars in 2013

  • Thursday, Dec. 12 at 4 pm in AK-219:
    Cache Attacks: How They Work and What to do About Them
    Presenter: Prof. Erkay Savas (Sabanci University)

    Cache attacks are shown to be effective side-channel attacks that use cache access patterns of a cryptographic algorithm during execution. The cryptographic algorithms using lookup table approach for acceleration are especially vulnerable to cache attacks. Depending on the available information that we can gather about cache activity during cryptographic operations, we can classify cache attacks into three major groups: access-based, trace-based and timing based. All the attack types, which are successfully demonstrated in each category in the literature, rely on a spy process that runs concurrently to the cryptographic process and creates collisions in the cache memory. A fourth type of attack which does not rely on a spy process, exploits naturally occurring collisions in the cache and can be applied remotely. In this talk, we will give an overview of all types of cache attacks and explain how they work and to what extent they will be a threat. We also discuss several countermeasures that can be deployed against the cache attacks. We will discuss a lightweight technique to locate a spy process on which many attacks seem to be relying for generating cache collisions with cryptographic process. We also discuss a technique to find the cause(s) of naturally occurring cache collisions which are exploited in certain types of attacks.Bio:
    Erkay Savaş received the BS (1990) and MS (1994) degrees in electrical engineering from the Electronics and Communications Engineering Department at Istanbul Technical University. He completed the Ph.D. degree in the Department of Electrical and Computer Engineering (ECE) at Oregon State University in June 2000. He had worked for various companies and research institutions before he joined Sabanci University as an assistant professor in 2002. He is the director of the Cryptography and Information Security Group (CISec) of Sabanci University. His research interests include cryptography, data and communication security, privacy in biometrics, trusted computing, security and privacy in data mining applications, embedded systems security, and distributed systems. He is a member of IEEE, ACM, the IEEE Computer Society, and the International Association of Cryptologic Research (IACR).

  • Thursday, Nov. 14 at 4 pm in AK-219:
    Beehive: Large-Scale Log Analysis for Detecting Suspicious Activity in Enterprise Networks
    Presenter: Dr. Alina Oprea (RSA Laboratories)

    Currently, many organizations keep large volumes of log data collected by various security products. This data is mostly used today for forensic analysis once an attack has been discovered or an incident triggered through some external mechanism. We present a novel system called Beehive that mines and automatically extracts knowledge from these various data sources available in our enterprise. Beehive profiles the typical behavior of hosts over extended periods of time, extracts features representative of different aspects of host behavior and identifies hosts that deviate from normal activity. By using a behavior-based approach to detecting security incidents, Beehive improves on signature-based techniques prevalent in industry products. We have evaluated Beehive on several months of log data collected in our enterprise and show that Beehive is able to identify malicious events and policy violations within the enterprise network which would otherwise go undetected.Bio:
    Alina Oprea is a Consultant Research Scientist at RSA Laboratories, the security division of EMC. Her research interests span multiple areas in computer and communications security including data analysis for security applications, cloud and storage security, foundations of cybersecurity and detection of advanced attacks. Alina holds a B.S. degree in Mathematics and Computer Science from University of Bucharest, Romania, and has obtained M.Sc. and Ph.D. degrees in Computer Science from Carnegie Mellon University in 2003 and 2007, respectively. She is the recipient of the 2011 TR35 award for her research in cloud security.

  • Wednesday, Nov. 6 at 3 pm in AK 233:
    Enabling Practical Secure Computing through Fully Homomorphic Encryption
    Presenter: Dr. Kurt Rohloff (Raytheon BBN Technologies)

    The first major breakthrough of theoretical computer science in the 21st century was the discovery of Fully Homomorphic Encryption (FHE). This breakthrough has provided the possibility for secure computation on encrypted data without requiring the sharing of encryption keys. When first discovered, early FHE implementations were 7+ orders of magnitude too slow to be of practical use. In this talk we’ll review our recent advances in practical implementations of FHE, with a particular focus on practical trade-offs associated with building and using these technologies and example use cases ranging from encrypted e-mail spam filtering and encrypted VOIP.Bio:
    Dr. Kurt Rohloff is a senior scientist in the Distributed Systems research group at BBN Technologies. Dr. Rohloff’s areas of technical expertise include secure computing, practical encryption, scalable distributed computing and graph data analytics. Dr. Rohloff is the Principal Investigator for the SIPHER team in the DARPA PROCEED program developing a practical FHE implementation in both software and commodity FPGA hardware. Dr. Rohloff was the Principal Investigator on the AFRL SCIMITAR project which resulted in the demonstration of a best-of-breed highly scalable cloud-based information brokering capability. Dr. Rohloff is the Chief Designer and Lead Architect of the SHARD triple-store, a highly scalable storage system and query engine for graph data. Dr. Rohloff received his Bachelor’s degree in Electrical Engineering from Georgia Tech and his Master’s and PhD. in Electrical Engineering from the University of Michigan. Dr. Rohloff did a post-doc at the UIUC Coordinated Sciences Laboratory.

  • Wednesday, Sept. 11 at 1 pm in AK 219:
    Side-Channel Countermeasures for Hardware: is There a Light at the End of the Tunnel?
    Presenter: Amir Moradi (Ruhr-Universität Bochum, Germany)

    Counteracting side-channel attacks (DPA), known as a serious threat to cryptographic devices, is a must for today’s security-related products. Due to the less control over the device internals compared to software dealing with DPA countermeasures in hardware is more challenging. This talk denotes the practical problems when implementing DPA countermeasures in hardware. It continues with a couple of examples as well as their weaknesses and vulnerabilities. At the end we conclude whether we can provide the desired level of DPA resistance by solely implementing a countermeasure.Bio:
    Amir Moradi received the PhD degrees in computer engineering from Sharif University of Technology, Iran, in 2008. Since 2009, he has been a postdoctoral researcher at the Embedded Security group, Horst Görtz Institute for IT-Security, Ruhr University Bochum, Germany. His research interests include the areas of side-channel attacks, countermeasures, and implementation of cryptographic algorithms.

  • Tuesday, Sept. 17 at 10 am in AK 233::
    On the complexity of computing discrete logarithms in the field GF(3^{6·509})
    Presenter: Francisco Rodríguez-Henríquez (CINVESTAV-IPN, Mexico)
    Presentation (PDF)

    In 2013, Joux, and then Barbulescu, Gaudry, Joux and Thomé, presented new algorithms for computing discrete logarithms in finite fields of small and medium characteristic. In this talk we show how to combine these new algorithms to compute discrete logarithms over the finite field GF(3^{6·509}) = GF(3^3054) at a significantly lower complexity than previously thought possible. Our concrete analysis shows that the supersingular elliptic curve over GF(3^509) with embedding degree 6 that had been widely considered for implementing pairing-based cryptosystems at the 128-bit security level, in fact provides only a considerably lower level of security.
    This is a joint work with Gora Adj, Alfred Menezes and Thomaz Oliveira.Bio:
    Francisco Rodríguez-Henríquez received the BSc degree in electrical engineering from the University of Puebla, México, in 1989, the MSc degree in electrical and computer engineering from the National Institute of Astrophysics, Optics and Electronics (INAOE), Mexico, in 1992, and the PhD degree in electrical and computer engineering from Oregon State University, in 2000. Currently, he is an associate professor at the Computer Science Department of CINVESTAV-IPN, Mexico City, México, which he joined in 2002. His major research interests are in cryptography and
    finite field arithmetic.

  • Thursday, Sept. 19 at 10 am in AK 233::
    Embedded Security for the Internet of Things
    Presenter: Christof Paar (Ruhr-Universität Bochum & UMASS Amherst)

    Through the prevalence of interconnected embedded systems, the vision of ubiquitous computing has become reality over the last few years. As part of this development, embedded security has become an increasingly important issue in a multitude of applications. Examples include the Stuxnet virus, which has allegedly delayed the Iranian nuclear program, killer applications in the consumer area like iTunes or Amazon’s Kindle (the business models of which rely heavily on IP protection) and even medical implants like pace makers and insulin pumps that allow remote configuration. These examples show the destructive and constructive aspects of modern embedded security. In this presentation I will talk about some of our research projects over the last few years which dealt with both the constructive and “penetration testing” aspect of embedded security applications.The first case study addresses a new and increasingly important area of embedded security research, namely lightweight cryptography. PRESENT is one of the smallest known ciphers which can be realized with as few as 1000 gates. The cipher was designed for extremely cost and power constrained applications such as RFID tags which can be used, e.g., as a tool for anti-counterfeiting of spare parts, or for other low-power applications. PRESENT is currently being standardized as ISO/IEC 29192.

    As “destructive” examples of our research we will show how two devices with very large deployment in the real world can be broken. First, we show how a combination of embedded reverse engineering and classical symmetric cryptanalysis lead to the break of two widely deployed satellite standards. The second attack breaks the bit stream encryption of current FPGAs. These are reconfigurable hardware devices which are popular in many embedded systems, ranging from set-top boxes to high-speed routers. We were able to extract AES and 3DES key from a single power-up of the reconfiguration process. Once the key has been recovered, an attacker can clone, reverse engineer and alter a presumingly secure hardware design.

    Christof Paar was with WPI’s ECE department from 1995 until 2001. Since then he has the Chair for Embedded Security at the University of Bochum, Germany, and is affiliated professor at the University of Massachusetts Amherst. He co-founded, with Cetin Koc, the CHES (Cryptographic Hardware and Embedded Systems) conference. Christof’s research interests include highly efficient software and hardware realizations of cryptography, physical security, penetration of real-world systems, trusted systems and cryptanalytical hardware. He also works on real-world applications of embedded security, e.g., in cars, consumer devices, smart cards and RFID.

    Christof has over 150 peer-reviewed publications and is co-author of the textbook Understanding Cryptography (Springer, 2009). He has given invited talks at MIT, Yale, Stanford University, IBM Labs, and Intel. He has taught cryptography extensively in industry, including courses at GTE, Motorola Research, NASA and Philips Research. Christof is Fellow of the IEEE. He co-founded ESCRYPT Inc. – Embedded Security, a leading system provider in industrial security which was acquired by Bosch in 2012.

  • Wednesday, Sept. 25 at 10 am in AK 233::
    Advances in Implementations of Code-based Cryptography on Embedded Systems
    Presenter: Tim Güneysu (Ruhr-Universität Bochum, Germany)

    Recent public-key schemes are either based on the factorization or the discrete logarithm problem. Since both problems are closely related, a major breakthrough in cryptanalysis (e.g., with the advent of quantum computing will render nearly all currently employed security system useless. Code-based public-key schemes rely on the alternative security assumption that decoding generic linear binary codes is NP-complete. Two code-based schemes for public-key encryption are available due to McEliece and Niederreiter. This talk highlights the latest advances in implementations of code-based cryptography for embedded systems and demonstrates that efficient alternatives to classical asymmetric public-key schemes are already available today.Bio:
    Prof. Tim Güneysu is the head of the research group on Hardware Security, whose major research topics are cryptographic and cryptanalytic implementations and systems, targeting reconfigurable devices in particular. He co-developed the COPACOBANA FPGA cluster system establishing a cost-efficient platform to perform a large variety of different cryptanalytic applications,- now sold by a spin-off company Sciengines GmbH that he co-founded. Tim published and contributed to more than 45 peer-reviewed journal and conference publications in the area of reconfigurable devices, IT-security and cryptography.

    Former Seminars can be found here.