ABSTRACT. Secure Multi-party Computation (MPC) is one of the most influential achievements of modern cryptography: it allows evaluation of an arbitrary function on private inputs from multiple parties without revealing the inputs. A crucial step of utilizing MPC protocols is to describe the function as a Boolean circuit. While efficient solutions have been proposed for special case of two-party secure computation, the general case of more than two-party is not addressed. This paper proposes MPCircuits, the first automated solution to devise the optimized Boolean circuit representation for any MPC function using hardware synthesis tools with new customized libraries that are scalable to multiple parties. MPCircuits creates a new end-to-end tool-chain to facilitate practical scalable MPC realization. To illustrate the practicality of MPCircuits, we design and implement a set of five circuits that represent real-world MPC problems. Our benchmarks inherently have different computational and communication complexities and are good candidates to evaluate MPC protocols. We also formalize the metrics by which a given protocol can be analyzed. We provide extensive experimental evaluations for these benchmarks; two of which are the first reported solutions in multi-party settings. As our experimental results indicate, MPCircuits can reduce the computation time of MPC protocols by up to 5.9x.

ABSTRACT. Recent advancements in energy-harvesting techniques provide an alternative to batteries for resource-constrained IoT devices and lead to a new computing paradigm, the intermittent computing model. In this model, a software module continues its execution from where it left off when an energy shortage occurred. Enforcing security of an intermittent software module is challenging because its power-off state has to be protected from a malicious adversary in addition to its power-on state, while the security mechanisms put in place must have a low overhead on the performance, resource consumption, and cost of a device.

In this paper, we propose SIA (Secure Intermittent Architecture), a security architecture for resource-constrained IoT devices. SIA leverages low-cost security features available in commercial off-the-shelf microcontrollers to protect both the power-on and power-off state of an intermittent software module. Therefore, SIA enables a host of secure intermittent computing applications such as self-attestation, remote attestation, and secure communication. Moreover, our architecture provides confidentiality and integrity guarantees to an intermittent computing module at no cost compared to previous approaches in the literature that impose significant overheads. The salient characteristic of SIA is that it does not require any hardware modifications, and hence, it can be directly applied to existing IoT devices.

We implemented and evaluated SIA on a resource-constrained IoT device based on an MSP430 processor. Besides being secure, SIA is simple and efficient. We confirm the feasibility of SIA for resource-constrained IoT devices with experimental results of several intermittent computing applications. Our prototype implementation outperforms by two to three orders of magnitude the secure intermittent computing solution of Suslowicz et al. presented at IGSC 2018.

ABSTRACT. Ransomware can produce direct and controllable economic loss making it one of the most prominent threats in cybersecurity. According to the latest statistics, more than half of the malwares reported in Q1 of 2017 are ransomwares, and there is a potential threat of novice cybercriminals accessing ransomware-as-a-service. The concept of public-key based data kidnapping and subsequent extortion was first introduced in 1996. Since then, variants of ransomware emerged with different cryptosystems and larger key sizes; however, the underlying techniques remained the same. There are several works in the literature which propose a generic framework to detect these ransomwares; though, most of them target ransomwares having specific classes of the encryption algorithm. In addition to it, most of these methods either require Operating System kernel modification or have high detection latency. In this work, we present a generalized two-step unsupervised detection framework: RATAFIA which uses a Deep Neural Network architecture and Fast Fourier Transformation to develop a highly accurate, fast and reliable solution to ransomware detection using minimal tracepoints. The proposed method does not require any Operating System kernel modification making it adaptable to most of the modern-day system. We also introduce a special detection module for successful identification of benign disk encryption processes having similar characteristics like malicious ransomware programs but having a different intention. We provide a comprehensive study to evaluate the performance of RATAFIA in the presence of standard benchmark programs, disk encryption and regular high computational processes in the light of software security.

ABSTRACT. In this work, we present five optimised implementations on a Xilinx-Zynq7200 SoC for the high-speed and defence in depth finalists of the CAESAR competition for finding authenticated encryption ciphers. We eliminated the standard interfaces used during the competition. Through optimised interfaces between hardware and software, we were able to get both performance improvements as well as reduction in used programmable logic. The performance of our implementations is comparable to pure hardware implementations, but our implementations are 50% smaller. Compared to pure SW implementations we are 16 times faster. Comparing the different algorithms, we come to the conclusion that Colm allows the fastest implementation.

ABSTRACT. Physical unclonable functions are excellent candi- dates to generate secret information on-chip without the need for secure storage. Ring-oscillator based PUFs have been receiving much attention over the years due to their easy design and superior statistical characteristics on field programmable gate arrays. Although previous work has improved their statistical measures and provided deeper insights, there are still gaps to be filled. Therefore, we present an in-depth analysis of RO-PUFs on Xilinx Zynq-7000 FPGAs with a framework based on partial reconfiguration. This approach allows for full-chip characteriza- tion of 100% of the targeted area. Based on the measured data and beforehand extracted delay estimations, we will show how to identify and avoid potential bias in the final PUF placement. By utilizing DSP48 slices, we designed an enhanced counter. Together with the addition of a second feedback path in the ring-oscillators for glitch avoidance and a reference normalization, we could reduce their frequency standard deviation to 0.0229% at a much shorter evaluation time of 10µs compared to the state-of-the- art, while maintaining the maximum inter-hamming distance. We also investigated the influence of spatial distribution on different RO pairings and found that the influence of chip variations are much higher than the difference between logic elements. The measurement data and the framework will be made accessible to interested researchers to provide them with a data basis for further research on the topic.