Your search keyword '"Kermani, Mehran Mozaffari"' showing total 8 results

1. Reliable Architectures for Composite-Field-Oriented Constructions of McEliece Post-Quantum Cryptography on FPGA.

Author

Cintas Canto, Alvaro, Kermani, Mehran Mozaffari, and Azarderakhsh, Reza

Subjects

*CRYPTOGRAPHY, *BINARY codes, *ELLIPTIC curve cryptography, *GATE array circuits, *QUANTUM cryptography, *QUANTUM computers, *CRYPTOSYSTEMS

Abstract

Code-based cryptography based on binary Goppa codes is a promising solution for thwarting attacks based on quantum computers. The McEliece cryptosystem is a code-based public-key cryptosystem which is believed to be resistant against quantum attacks. In fact, it is successfully advanced to the second round of the post-quantum cryptography standardization competition early 2019. Due to its very large key size, different variants of binary Goppa codes have been proposed. Nevertheless, research has shown that such codes can be thwarted through the injection of faults, causing erroneous outputs. In this work, we present countermeasures for the implementation of different composite field arithmetic units used in the McEliece cryptosystem. The proposed architectures use overhead-aware and tailored signatures. We apply these error detection signatures to the McEliece cryptosystem and perform field-programmable gate array (FPGA) implementations to show the feasibility of adopting the proposed schemes. We benchmark the overhead and performance degradation of the proposed approaches and show their suitability for constrained embedded systems. [ABSTRACT FROM AUTHOR]

Published

2021

2. Error Detection Architectures for Ring Polynomial Multiplication and Modular Reduction of Ring-LWE in Z/pZ[x]/xn+1 Benchmarked on ASIC.

Author

Sarker, Ausmita, Kermani, Mehran Mozaffari, and Azarderakhsh, Reza

Subjects

*POLYNOMIAL rings, *APPLICATION-specific integrated circuits, *MULTIPLICATION, *KEY performance indicators (Management), *QUANTUM communication

Abstract

Ring learning with error (ring-LWE) within lattice-based cryptography is a promising cryptographic scheme for the post-quantum era. In this article, we explore efficient error detection approaches for implementing ring-LWE encryption. For achieving accurate operation of the ring-LWE problem and thwarting active side-channel attacks, error detection schemes need to be devised so that the induced overhead is not a burden to deeply embedded and constrained applications. This article, for the first time, investigates error detection schemes for both stages of the ring-LWE encryption operation, i.e., ring polynomial multiplication and modular reduction. Our schemes exploit recomputing with encoded operands, which successfully counter both natural faults (for the stuck-at model). We implement our schemes on an application-specific integrated circuit. As performance metrics show hardware overhead, our schemes prove to be low complexity with high error coverage. The proposed efficient architectures can be tailored and utilized for post-quantum cryptographic schemes in different usage models with diverse constraints. [ABSTRACT FROM AUTHOR]

Published

2021

3. Reliable Architecture-Oblivious Error Detection Schemes for Secure Cryptographic GCM Structures.

Author

Kermani, Mehran Mozaffari and Azarderakhsh, Reza

Subjects

*ERROR detection (Information theory), *APPLICATION-specific integrated circuits, *LINEAR codes, *ADVANCED Encryption Standard, *BLOCK ciphers, *DATA integrity

Abstract

To augment the confidentiality property provided by block ciphers with authentication, the Galois Counter Mode (GCM) has been standardized by the National Institute of Standards and Technology. The GCM is used as an add-on to 128-bit block ciphers, such as the Advanced Encryption Standard (AES), SMS4, or Camellia, to verify the integrity of data. Prior works on the error detection of the GCM either use linear codes to protect the GCM architectures or are based on AES–GCM architectures, confining the mechanisms to the AES block cipher. Although such structures are efficient, they are not only confined to specific architectures of the GCM but might also not fully take advantage of the parallel architectures of the GCM. Moreover, linear codes have been shown to be potentially ineffective with respect to biased faults. In this paper, we propose algorithm-oblivious constructions through recomputing with swapped ciphertext and additional authenticated blocks, which can be applied to the GCM architectures using different finite field multipliers in $GF(2^{128})$. Such obliviousness for the proposed constructions used in the GCM gives freedom to the designers. We present the results of error simulations and application-specific integrated circuit implementations to demonstrate the utility of the presented schemes. Based on the overhead/degradation tolerance for implementation/performance metrics, one can fine-tune the proposed method to achieve more reliable architectures for the GCM. [ABSTRACT FROM AUTHOR]

Published

2019

4. Integrating Emerging Cryptographic Engineering Research and Security Education.

Author

Kermani, Mehran Mozaffari and Azarderakhsh, Reza

Subjects

*CRYPTOGRAPHY, *EMBEDDED computer systems, *SMART cards, *SECURITY management, *ENGINEERING education, *EDUCATION

Abstract

Unlike traditional embedded systems such as secure smart cards, emerging secure deeply- embedded systems, e.g., implantable and wearable medical devices, have larger "attack surface". A security breach in such systems which are embedded deeply in human bodies or objects would be life-threatening, for which adopting traditional solutions might not be practical due to tight constraints of these often-battery-powered systems. Unfortunately, although emerging cryptographic engineering research mechanisms have started solving this critical problem, university education (at both graduate and undergraduate level) lags comparably. One of the pivotal reasons for such a lag is the multi-disciplinary nature of the emerging security bottlenecks (mathematics, engineering, science, and medicine, to name a few). Based on the aforementioned motivation, in this paper, we present an effective research and education integration strategy to overcome this issue at Rochester Institute of Technology. Moreover, we present the results of more than one year implementation of the presented strategy at graduate- level through "side-channel analysis attacks" case studies. The results of the presented work show the success of the presented methodology while pinpointing the challenges encountered compared to traditional embedded system security research/teaching integration. [ABSTRACT FROM AUTHOR]

Published

2015

5. Fast Strategies for the Implementation of SIKE Round 3 on ARM Cortex-M4.

Author

Anastasova, Mila, Azarderakhsh, Reza, and Kermani, Mehran Mozaffari

Subjects

*MODULAR arithmetic, *FINITE fields, *ENERGY consumption, *CONSUMPTION (Economics), *ELLIPTIC curves

Abstract

The Supersingular Isogeny Key Encapsulation mechanism (SIKE) is the only post-quantum key encapsulation protocol based on elliptic curves and isogeny maps between them. Despite the quantum security of the protocol, SIKE requires a greater number of clock cycles and hence does not provide competitive timing and energy consumption results. However, it is more attractive offering the smallest public key as well as ciphertext sizes, which considering the impact of the communication costs and storage of the keys could become a good fit for resource-constrained devices. In this work, we present the fastest practical implementation of SIKE, targeting the platform Cortex-M4 based on the ARMv7-M architecture. We performed our measurements on the STM32F407VG microcontroller for benchmarking the clock cycles and on Nucleo-F411RE attached to X-NUCLEO-LPM01A (Power Shield) for measuring the energy consumption of the protocol. The low-level finite field arithmetic operations play main role in determining the efficiency of SIKE. Therefore, we mainly focus on their optimization and apply them to all NIST-required security levels. Our SIKEp434 implementation for NIST security level 1 is about 22.97% faster than the counterparts appeared in Seo et al. (2020), where for the SIKEp503, SIKEp610 and SIKEp751 the speedup reaches 21.10%, 19.21% and 19.08%. Finally, we benchmark energy consumption and report optimization of up to 11.9% depending on the NIST security level implementation. [ABSTRACT FROM AUTHOR]

Published

2021

6. A High-Performance and Scalable Hardware Architecture for Isogeny-Based Cryptography.

Author

Koziel, Brian, Azarderakhsh, Reza, and Kermani, Mehran Mozaffari

Subjects

*SCALABILITY, *CRYPTOGRAPHY, *QUANTUM computing, *SYSTEMS engineering, *ALGORITHMS

Abstract

In this work, we present a high-performance and scalable architecture for isogeny-based cryptosystems. In particular, we use the architecture in a fast, constant-time FPGA implementation of the quantum-resistant supersingular isogeny Diffie-Hellman (SIDH) key exchange protocol. On a Virtex-7 FPGA, we show that our architecture is scalable by implementing at 83, 124, 168, and 252-bit quantum security levels. This is the first SIDH implementation at close to the 256-bit quantum security level to appear in literature. Further, our implementation completes the SIDH protocol 2 times faster than performance-optimized software implementations and 1.34 times faster than the previous best FPGA implementation, both running a similar set of formulas. Our implementation employs inversion-free projective isogeny formulas. By replicating multipliers and utilizing an efficient scheduling methodology, we can heavily parallelize quadratic extension field arithmetic and the isogeny evaluation stage of the large-degree isogeny computation. For a constant-time implementation of 124-bit quantum security SIDH on a Virtex-7 FPGA, we generate ephemeral public keys in 8.0 and 8.6 ms and generate the shared secret key in 7.1 and 7.9 ms for Alice and Bob, respectively. Finally, we show that this architecture could also be used to efficiently generate undeniable and digital signatures based on supersingular isogenies. [ABSTRACT FROM AUTHOR]

Published

2018

7. Accelerated RISC-V for Post-Quantum SIKE.

Author

Elkhatib, Rami, Koziel, Brian, Azarderakhsh, Reza, and Kermani, Mehran Mozaffari

Subjects

*ELLIPTIC curve cryptography, *ELLIPTIC curves

Abstract

In this work, we present a fast and area-efficient software-hardware implementation of the supersingular isogeny key encapsulation (SIKE) mechanism. Our software-hardware design achieves both the flexibility of software as well as the efficient performance of intense computations of hardware. In particular, our implementation takes advantage of new and highly optimized hardware modules for addition, multiplication, and hardware-software control, targeted at Xilinx FPGAs. In conjunction with a small RISC-V processor, we can support all four SIKE parameter sets. On a Virtex-7 FPGA, this implementation occupies 3,492 slices, 78 DSPs, and 29 BRAMs, to perform encapsulation and decapsulation over SIKEp434, SIKEp503, SIKEp610, and SIKEp751 in 14.5, 19.2, 29.8, and 42.7 ms, respectively. Despite supporting all four parameter sets, this design has the best area-time product of all isogeny accelerators in the literature. [ABSTRACT FROM AUTHOR]

Published

2022

8. SIKE’d Up: Fast Hardware Architectures for Supersingular Isogeny Key Encapsulation.

Author

Koziel, Brian, Ackie, A-Bon, Khatib, Rami El, Azarderakhsh, Reza, and Kermani, Mehran Mozaffari

Subjects

*FIELD programmable gate arrays, *PARALLEL processing

Abstract

In this work, we present a fast parallel architecture to perform supersingular isogeny key encapsulation (SIKE). We propose and implement a fast isogeny accelerator architecture that uses fast and parallelized isogeny formulas. On top of our isogeny accelerator, we build a novel architecture for the SIKE primitive, which provides both quantum and IND-CCA security. We synthesized this architecture on the Xilinx Artix-7, Virtex-7, and Kintex UltraScale+ FPGA families. Over Virtex-7 FPGA’s, our constant-time implementations are roughly 14% faster than the state-of-the-art with a better area-time product. At the NIST security level 5 on a Kintex UltraScale+ FPGA, we can execute the entire SIKE protocol in 15.3 ms. This work continues to improve the speed of isogeny-based computations and also features all parameter sets of the SIKE round 2 specification, with results applicable to NIST’s post-quantum standardization process. [ABSTRACT FROM AUTHOR]

Published

2020