Seminars in 2016
- Tuesday, October 11 at 2pm in AK 218:
Towards Efficient Evaluation of a Time-Driven Cache Attack on Modern Processors
Presenter: Andreas Zankl (Fraunhofer AISEC)
Software implementations of block ciphers are widely used to perform critical operations such as disk encryption or TLS traffic protection. To speed up cipher execution, many implementations rely on pre-computed lookup tables, which makes them vulnerable to cache-timing attacks on modern processors. For time-driven attacks, the overall execution time of a cipher is sufficient to recover the secret key. Testing cryptographic software on actual hardware is consequently essential for vulnerability and risk assessment. In this work, we investigate the efficient and robust evaluation of cryptographic software on modern processors under a time-driven attack. Using a practical case study, we discuss necessary adaptations to the original attack and identify promising new micro-architectural side-channels for it. To leverage the leakage of
multiple side-channels, we propose a simple, heuristic way to combine their corresponding attacks. As an additional benefit, combined attacks simplify a comprehensive evaluation of cryptographic software across multiple different processors. We finally formulate practical evaluation suggestions based on the results of our case study.
- Friday, September 2 at 11am in AK 218:
Post-Quantum Key Exchange based on the learning with errors problems
Presenter: Jintai Ding (U. of Cincinnati)
Public key cryptosystems (PKC) are critical part of the foundation of modern communication systems, in particular, Internet. However Shor’s algorithm shows that the existing PKC like Diffie-Hellmann key exchange, RSA and ECC can be broken by a quantum computer. To prepare for the coming age of quantum computing, we need to build new public key cryptosystems that could resist quantum computer attacks. In this lecture, we present a practical and provably secure (authenticated) key exchange protocol based on the learning with errors problems, which is conceptually simple and has strong provable security properties. Several concrete choices of parameters are provided, and a proof-of-concept implementation shows that our protocols are indeed practical.
In addition, we will show how to use the signal function invented for KE for authentication schemes.