C Gebotys - Academia.edu (original) (raw)

Papers by C Gebotys

Future wireless embedded devices will be increasingly powerful supporting many more applications ... more Future wireless embedded devices will be increasingly powerful supporting many more applications including one of the most crucial, security. Although many embedded devices offer more resistance to bus probing attacks due to their compact size, susceptibility to power or electromagnetic analysis attacks must be analyzed. This paper presents a table masking countermeasure to resist differential power analysis (DPA) and differential electromagnetic analysis (DEMA). Real power and EM measurements are used to verify the countermeasure using 2 nd and 3 rd order DPA and DEMA attacks on a popular low energy embedded ARM processor. Results show that the new table masking countermeasure provides increased security without large overheads of energy dissipation compared to previous countermeasures. With the emergence of security applications in PDAs, cellphones, and other embedded devices, low energy countermeasures for resistance to DPA/DEMA is crucial for supporting future wireless embedded ...

In recent years, Kocher introduced SCA techniques to the cryptographic community. Contrary to pre... more In recent years, Kocher introduced SCA techniques to the cryptographic community. Contrary to previous cryptanalysis methods that attack the mathematically difficult problems cryptographic techniques are based on, SCAs exploit physical properties of implementations in an attempt to compromise systems. Following the introduction of the new cryptanalysis techniques, numerous algorithms have been proposed that reduce or eliminate their effectiveness. Focusing on ECC, the paper proposes numerous SPA and DPA countermeasures relevant to random and Koblitz curve implementations. The countermeasures are described and briefly analyzed, including stating how they are proposed to reduce the effectiveness of the attacks. The implementation and performance of the countermeasures on a specific DSP is described. Furthermore, power traces of implementations of the techniques are examined for SPA attempts, as well as investigating the effectiveness of simulated DPA attacks on the DSP.

Among several countermeasures suggested for thwarting differential analysis are the random orderi... more Among several countermeasures suggested for thwarting differential analysis are the random ordering of operations, insertion of random operations, and random insertion of operations. This paper presents a phase-substitution technique which in combination with subsequent time-domain differential analysis is shown to be able to thwart these three countermeasures in several experiments. Unlike previous techniques for aligning traces, this approach makes use of the phase information. The proposed technique involves: fast fourier transform, phase-substitution, inverse fast fourier transform and time-based differential analysis. Results are demonstrated using electromagnetic traces acquired from a PDA device (representing a complex embedded system including cache misses, operating system events, etc). This research is important for future wireless embedded systems which will increasingly demand higher levels of security.

Future wireless embedded devices will be increasingly powerful supporting many more applications ... more Future wireless embedded devices will be increasingly powerful supporting many more applications including one of the most crucial, security. Although many embedded devices offer more resistance to bus probing attacks due to their compact size, susceptibility to power or electromagnetic analysis attacks must be analyzed. This paper presents a table masking countermeasure to resist differential power analysis (DPA) and differential electromagnetic analysis (DEMA). Real power and EM measurements are used to verify the countermeasure using 2 and 3 order DPA and DEMA attacks on a popular low energy embedded ARM processor. Results show that the new table masking countermeasure provides increased security without large overheads of energy dissipation compared to previous countermeasures. With the emergence of security applications in PDAs, cellphones, and other embedded devices, low energy countermeasures for resistance to DPA/DEMA is crucial for supporting future wireless embedded systems.

Proceedings of the Twenty-Eighth Annual Hawaii International Conference on System Sciences, 1995

This research presents for the first time an integer optimization approach for scheduling video c... more This research presents for the first time an integer optimization approach for scheduling video computations on bus-constrained VLSI architectures or on an existing VLIW processor. For many video systems a combination of processor and VLSI chip provides a low cost solution that meets given performance requirements. Thus tools for analyzing whether a video function is best implemented in hardware (VLSI) or in software (on a VLIW processor) are valuable. An optimization approach is presented which can efficiently map video computations to hardware or software. The technique maps fast (I)DCT-II applications to an existing VLIW video signal processor chip. Our research shows that the optimized mapping to VLSI architectures provides up to 66% fewer busses than previous research. This research is important for industry since the partitioning of applications into software or hardware has a significant impact on the overall cost and performance of video processing systems.<<ETX>>

2012 IEEE First AESS European Conference on Satellite Telecommunications (ESTEL), 2012

Although the vast majority of space communications are in-the-clear, security is an emerging tren... more Although the vast majority of space communications are in-the-clear, security is an emerging trend in spacecraft missions. However, key management in space has received limited attention. This work provides an approach to symmetric key management with justification of parameters. Unlike previous approaches, quantitative analysis and models are proposed. Specifically, key hierarchy, key roles, key lengths and corresponding crypto periods are specified, based upon models of known attacks, and computing power. These results are crucial in order to support future secure space missions and cryptographic modules onboard spacecrafts.

International Conference on Hardware Software Codesign, 2004

This paper presents a new current flattening technique applicable in software and hardware. This ... more This paper presents a new current flattening technique applicable in software and hardware. This technique is important in embedded cryptosystems since power analysis attacks (that make use of the current variation dependency on data and program) compromise the security of the system. The technique flattens the current internally by exploiting current consumption differences at the instruction level. Code transformations supporting

Designing single event upset (SEU)-resistant security for communications in satellites is an impo... more Designing single event upset (SEU)-resistant security for communications in satellites is an important yet challenging problem. For example, although SRAM-based FPGAs are beneficial for satellite applications, they are susceptible to SEUs. Harsh environments such as space where cosmic radiation is present increase the likelihood of these errors known as SEUs. However these errors are also expected to be prevalent in non-space applications of future nanometer technologies. Thus this is an important problem to be studied for future secure embedded systems. Satellites require an encryption mechanism for many purposes; for example, to provide secure communications with the ground station. A SEU detection technique for a symmetric encryption algorithm, such as the NIST standardized Advanced Encryption Standard (AES), is additionally challenging due to its complex non-linear task in the algorithm, namely the substitution transformation (sub_byte). This research presents an efficient solut...

A global optimization approach to high level synthesis of VLSI multichip architectures is present... more A global optimization approach to high level synthesis of VLSI multichip architectures is presented. Optimal application-specific architectures are synthesized to minimize latency given constraints on chip area, I/O pin count and interchip communication delays. A mathematical integer programming (IP) model for simultaneously partitioning, scheduling, and allocating hardware (functional units, I/O pins, and interchip buses) is formulated. By exploiting the problem structure (using polyhedral theory), the size of the search space is decreased and a new variable selection strategy is introduced based on the branch and bound algorithm. Multichip optimal architectures for several examples are synthesized in practical CPU times. Execution times are comparable to those for previous heuristic approaches. There are, however, significant improvements in optimal schedules and allocations of multichips

Signal Processing for Space …, 2008

Page 1. SEU-Resistant SHA-256 Design for Security in Satellites Marcio Juliato and Catherine Gebo... more Page 1. SEU-Resistant SHA-256 Design for Security in Satellites Marcio Juliato and Catherine Gebotys Dept. ... This re-search proposes and analyzes various architectures for SHA-256 hash function which are of utmost importance to ensure secure communications. ...

… of the 1998 international symposium on …, 1998

IEE Proceedings - Computers and Digital Techniques

Proceedings of Canadian Conference on Electrical and Computer Engineering, 1993

Exposure of the elements of power systems to the harshest of environments promotes premature agin... more Exposure of the elements of power systems to the harshest of environments promotes premature aging. In applications where metal comes in direct contact with electrolytic substances, deradiation occurs rapidly and with grave consequences. Underground and submarine schemes are most susceptible to corrosion due to the nature of the surrounding mediums. As periodic inspections and routine maintenance are not possible where the elements are immersed in a medium such as water, earth or concrete, an effective cathodic protection system is essential. While current design procedures provide a sufficient defence against corrosion, the protection schemes are not necessarily cost efficient. A new technique is presented in this paper for minimizing the cost of sacrificial anode beds used in pipe-type cable projects. The proposed method minimises a nonlinear problem to permit the design of a sacrificial anode bed which satisfies all project design requirements at a minimal cost. Anode bed designs based upon the proposed method are considerably less expensive then those built using traditional heuristic techniques

Proceedings of IEEE Custom Integrated Circuits Conference - CICC '94, 1994

Proceedings of IEEE Custom Integrated Circuits Conference - CICC '93, 1993

Proceedings of the 2nd IEEE/ACM/IFIP international conference on Hardware/software codesign and system synthesis - CODES+ISSS '04, 2004

ABSTRACT

Lecture Notes in Computer Science, 2009

Future wireless embedded devices will be increasingly powerful supporting many more applications ... more Future wireless embedded devices will be increasingly powerful supporting many more applications including one of the most crucial, security. Although many embedded devices offer more resistance to bus probing attacks due to their compact size, susceptibility to power or electromagnetic analysis attacks must be analyzed. This paper presents a table masking countermeasure to resist differential power analysis (DPA) and differential electromagnetic analysis (DEMA). Real power and EM measurements are used to verify the countermeasure using 2 and 3 order DPA and DEMA attacks on a popular low energy embedded ARM processor. Results show that the new table masking countermeasure provides increased security without large overheads of energy dissipation compared to previous countermeasures. With the emergence of security applications in PDAs, cellphones, and other embedded devices, low energy countermeasures for resistance to DPA/DEMA is crucial for supporting future wireless embedded systems.