{"625051":{"#nid":"625051","#data":{"type":"event","title":"PhD Defense by Monjur Alam","body":[{"value":"\u003Cp\u003E\u003Cstrong\u003ETitle: \u003C\/strong\u003EMaking Crypto Libraries Robust\u0026nbsp;Against Physical\u0026nbsp;Side-Channel Attacks\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003EMonjur Alam\u003C\/p\u003E\r\n\r\n\u003Cp\u003EPh.D. Candidate in Computer Science\u003C\/p\u003E\r\n\r\n\u003Cp\u003ESchool of Computer Science\u003C\/p\u003E\r\n\r\n\u003Cp\u003ECollege of Computing\u003C\/p\u003E\r\n\r\n\u003Cp\u003EGeorgia Institute of Technology\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cstrong\u003EDate:\u003C\/strong\u003E\u0026nbsp;Friday, September\u0026nbsp;6, 2019\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cstrong\u003ETime:\u003C\/strong\u003E\u0026nbsp;13:00 - 15:00\u0026nbsp;(EST)\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cstrong\u003ELocation:\u003C\/strong\u003E\u0026nbsp;Klaus 3100\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cstrong\u003ECommittee:\u003C\/strong\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003EDr. Milos Prvulovic\u0026nbsp;(Advisor), School of Computer Science, Georgia Institute of Technology\u003C\/p\u003E\r\n\r\n\u003Cp\u003EDr. Alenka\u0026nbsp;Zajic(Co-advisor), School of Computer Science, Georgia Institute of Technology\u003C\/p\u003E\r\n\r\n\u003Cp\u003EDr.\u0026nbsp;Alexandra\u0026nbsp;Boldyreva, School of Computer Science, Georgia Institute of Technology\u003C\/p\u003E\r\n\r\n\u003Cp\u003EDr.\u0026nbsp;Raheem Beyah,\u0026nbsp;School of Computer Science,\u0026nbsp;Georgia Institute of Technology\u003C\/p\u003E\r\n\r\n\u003Cp\u003EDr. Angelos Keromytis,\u0026nbsp;School\u0026nbsp;of\u0026nbsp;Electrical and Computer Engineering,\u0026nbsp;Georgia Institute of Technology\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003EAbstract:\u003C\/p\u003E\r\n\r\n\u003Cp\u003EThe connection between theoretical and applied cryptography is often not well established due to difficulties in translating the theoretical security proofs to real world software and hardware implementations. Physical side-channel cryptanalysis is a very effective approach to break a secure cryptographic system.\u0026nbsp;Most side-channel attacks on cryptographic primitives and implementations rely on different control flow or memory access patterns. As a countermeasure, the cryptographic community has established the notion of constant time program code which\u0026nbsp;avoids secret-dependent control flow and data access patterns.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003EThis thesis focuses on detailing a set of new techniques to exploit widely used open sources for software implementations of cryptographic primitives.\u0026nbsp;\u0026nbsp;First, we present\u0026nbsp;One\u0026amp;Done,\u0026nbsp;\u0026nbsp;a side-channel attack that is based on the analysis of signals that correspond to the brief computation activity that computes the value of each window during exponentiation, i.e. activity between large-integer multiplications.\u0026nbsp;As the attack is message-independent, it makes the attack completely immune to existing countermeasures that focus on thwarting chosen-ciphertext attacks and\/or square\/multiply sequence analysis.\u0026nbsp;Second, we present\u0026nbsp;Nonce@Once, the first side-channel attack that recovers the secret scalar from the electromagnetic signal that corresponds to a single signing operation in current versions of Libgcrypt, OpenSSL. Our attack uses the signal differences created by systematic differences in operand values during a conditional swap operation itself to recover each bit of the secret.\u0026nbsp;We also\u0026nbsp;propose a mitigation that randomizes the exclusive-or mask in the conditional swap operation, is effective in preventing this and similar attacks. Next,\u0026nbsp;we present a\u0026nbsp;physical side-channel attack on DSA implementation, which utilizes constant-time fixed-window (m-ary) modular exponentiation.\u0026nbsp;We demonstrated different implementation aspects and their effects as countermeasures which embrace the importance of re-thinking before designing and implementing PKC, in general. Lastly,\u0026nbsp;We present the security issues on NAF based OpenSSL\u0026#39;s ECDSA implementation.\u003C\/p\u003E\r\n","summary":null,"format":"limited_html"}],"field_subtitle":"","field_summary":"","field_summary_sentence":[{"value":"Making Crypto Libraries Robust Against Physical Side-Channel Attacks"}],"uid":"27707","created_gmt":"2019-08-23 12:58:03","changed_gmt":"2019-08-23 12:58:03","author":"Tatianna Richardson","boilerplate_text":"","field_publication":"","field_article_url":"","field_event_time":{"event_time_start":"2019-09-06T14:00:00-04:00","event_time_end":"2019-09-06T16:00:00-04:00","event_time_end_last":"2019-09-06T16:00:00-04:00","gmt_time_start":"2019-09-06 18:00:00","gmt_time_end":"2019-09-06 20:00:00","gmt_time_end_last":"2019-09-06 20:00:00","rrule":null,"timezone":"America\/New_York"},"extras":[],"groups":[{"id":"221981","name":"Graduate Studies"}],"categories":[],"keywords":[{"id":"100811","name":"Phd Defense"}],"core_research_areas":[],"news_room_topics":[],"event_categories":[{"id":"1788","name":"Other\/Miscellaneous"}],"invited_audience":[{"id":"78761","name":"Faculty\/Staff"},{"id":"78771","name":"Public"},{"id":"174045","name":"Graduate students"},{"id":"78751","name":"Undergraduate students"}],"affiliations":[],"classification":[],"areas_of_expertise":[],"news_and_recent_appearances":[],"phone":[],"contact":[],"email":[],"slides":[],"orientation":[],"userdata":""}}}