Search

Your search keyword '"Sikhar Patranabis"' showing total 108 results
Start Over Author "Sikhar Patranabis"
108 results on '"Sikhar Patranabis"'

1. On the Quantum Security of OCB

Author

Varun Maram, Daniel Masny, Sikhar Patranabis, and Srinivasan Raghuraman

Subjects
OCB, IND-qCPA security, universal forgeability, Simon’s Algorithm, Deutsch’s Algorithm, XTS, Computer engineering. Computer hardware, TK7885-7895
Abstract

The OCB mode of operation for block ciphers has three variants, OCB1, OCB2 and OCB3. OCB1 and OCB3 can be used as secure authenticated encryption schemes whereas OCB2 has been shown to be classically insecure (Inoue et al., Crypto 2019). Even further, in the presence of quantum queries to the encryption functionality, a series of works by Kaplan et al. (Crypto 2016), Bhaumik et al. (Asiacrypt 2021) and Bonnetain et al. (Asiacrypt 2021) have shown how to break the unforgeability of the OCB modes. However, these works did not consider the confidentiality of OCB in the presence of quantum queries. We fill this gap by presenting the first formal analysis of the IND-qCPA security of OCB. In particular, we show the first attacks breaking the IND-qCPA security of the OCB modes. Surprisingly, we are able to prove that OCB2 is IND-qCPA secure when used without associated data, while relying on the assumption that the underlying block cipher is a quantum-secure pseudorandom permutation. Additionally, we present new quantum attacks breaking the universal unforgeability of OCB. Our analysis of OCB has implications for the post-quantum security of XTS, a well-known disk encryption standard, that was considered but mostly left open by Anand et al. (PQCrypto 2016).

Published
2022
Full Text
View/download PDF

2. RASSLE: Return Address Stack based Side-channel LEakage

Author

Anirban Chakraborty, Sarani Bhattacharya, Manaar Alam, Sikhar Patranabis, and Debdeep Mukhopadhyay

Subjects
Return Address Stack, Microarchitectural Attack, Template Matching, OpenSSL ECC scalar multiplication, ECDSA P-256, Lattice Reduction, Computer engineering. Computer hardware, TK7885-7895, Information technology, T58.5-58.64
Abstract

Microarchitectural attacks on computing systems often stem from simple artefacts in the underlying architecture. In this paper, we focus on the Return Address Stack (RAS), a small hardware stack present in modern processors to reduce the branch miss penalty by storing the return addresses of each function call. The RAS is useful to handle specifically the branch predictions for the RET instructions which are not accurately predicted by the typical branch prediction units. In particular, we envisage a spy process who crafts an overflow condition in the RAS by filling it with arbitrary return addresses, and wrestles with a concurrent process to establish a timing side channel between them. We call this attack principle, RASSLE 1 (Return Address Stack based Side-channel Leakage), which an adversary can launch on modern processors by first reverse engineering the RAS using a generic methodology exploiting the established timing channel. Subsequently, we show three concrete attack scenarios: i) How a spy can establish a covert channel with another co-residing process? ii) How RASSLE can be utilized to determine the secret key of the P-384 curves in OpenSSL (v1.1.1 library)? iii) How an Elliptic Curve Digital Signature Algorithm (ECDSA) secret key on P-256 curve of OpenSSL can be revealed using Lattice Attack on partially leaked nonces with the aid of RASSLE? In this attack, we show that the OpenSSL implementation of scalar multiplication on this curve has varying number of add-and-sub function calls, which depends on the secret scalar bits. We demonstrate through several experiments that the number of add-and-sub function calls can be used to template the secret bit, which can be picked up by the spy using the principles of RASSLE. Finally, we demonstrate a full end-to-end attack on OpenSSL ECDSA using curve parameters of curve P-256. In this part of our experiments with RASSLE, we abuse the deadline scheduler policy to attain perfect synchronization between the spy and victim, without any aid of induced synchronization from the victim code. This synchronization and timing leakage through RASSLE is sufficient to retrieve the Most Significant Bits (MSB) of the ephemeral nonces used while signature generation, from which we subsequently retrieve the secret signing key of the sender applying the Hidden Number Problem. 1RASSLE is a non-standard spelling for wrestle.

Published
2021
Full Text
View/download PDF

3. Lightweight and Side-channel Secure 4 × 4 S-Boxes from Cellular Automata Rules

Author

Ashrujit Ghoshal, Rajat Sadhukhan, Sikhar Patranabis, Nilanjan Datta, Stjepan Picek, and Debdeep Mukhopadhyay

Subjects
Lightweight, Block Ciphers, Side-channels, Threshold Implementation, Cellular Automata, Optimal S-Box, Computer engineering. Computer hardware, TK7885-7895
Abstract

This work focuses on side-channel resilient design strategies for symmetrickey cryptographic primitives targeting lightweight applications. In light of NIST’s lightweight cryptography project, design choices for block ciphers must consider not only security against traditional cryptanalysis, but also side-channel security, while adhering to low area and power requirements. In this paper, we explore design strategies for substitution-permutation network (SPN)-based block ciphers that make them amenable to low-cost threshold implementations (TI) - a provably secure strategy against side-channel attacks. The core building blocks for our strategy are cryptographically optimal 4×4 S-Boxes, implemented via repeated iterations of simple cellular automata (CA) rules. We present highly optimized TI circuits for such S-Boxes, that consume nearly 40% less area and power as compared to popular lightweight S-Boxes such as PRESENT and GIFT. We validate our claims via implementation results on ASIC using 180nm technology. We also present a comparison of TI circuits for two popular lightweight linear diffusion layer choices - bit permutations and MixColumns using almost-maximum-distance-separable (almost-MDS) matrices. We finally illustrate design paradigms that combine the aforementioned TI circuits for S-Boxes and diffusion layers to obtain fully side-channel secure SPN block cipher implementations with low area and power requirements.

Published
2018
Full Text
View/download PDF

11. Supersingular Curves You Can Trust.

Author

Andrea Basso 0002, Giulio Codogni, Deirdre Connolly, Luca De Feo, Tako Boris Fouotsa, Guido Maria Lido, Travis Morrison, Lorenz Panny, Sikhar Patranabis, and Benjamin Wesolowski

Published
2023
Full Text
View/download PDF

18. Private Certifier Intersection.

Author

Bishakh Chandra Ghosh, Sikhar Patranabis, Dhinakaran Vinayagamurthy, Venkatraman Ramakrishna, Krishnasuri Narayanam, and Sandip Chakraborty 0001

Published
2023

37. Commitments via Physically Related Functions

Author

Harishma Boyapally, Sikhar Patranabis, and Debdeep Mukhopadhyay

Subjects
Computer Networks and Communications, Safety, Risk, Reliability and Quality
Published
2023

46. FlexiPair: An Automated Programmable Framework for Pairing Cryptosystems

Author

Debapriya Basu Roy, Sikhar Patranabis, Debdeep Mukhopadhyay, and Arnab Bag

Subjects
Flexibility (engineering), Finite-state machine, business.industry, Computer science, Cloud computing, 02 engineering and technology, Cryptographic protocol, 020202 computer hardware & architecture, Theoretical Computer Science, Computational Theory and Mathematics, Hardware and Architecture, Embedded system, Path (graph theory), 0202 electrical engineering, electronic engineering, information engineering, Cryptosystem, business, Field-programmable gate array, Implementation, Software
Abstract

Pairing cryptosystems are powerful mathematical tools for the development of cryptographic protocols that provide end-to-end security for applications like Internet-of-Things (IoT), cloud services and cyber-physical systems (CPS). However, these applications require light-weight implementations but still real-time and flexible. The flexibility can come from different choices of underlying algorithms along with suitable parameters. A software implementation offers better flexibility but lacks in timing performance, whereas custom hardware delivers better timing performance but has poor flexibility. Furthermore, the designs over small characteristic curves are now insecure against recent attacks. Existing designs do not address the drawback of less flexibility and massive resource consumption collectively. We present a micro-program controlled hardware design which has the least resource consumption among the comparable existing designs on FPGA. This redundant number arithmetic-based architecture consumes only 2,506 slices on Xilinx Virtex-7 FPGA. It can be migrated to other device families or updated for different algorithms without data-path or control path modification. To enhance the flexibility, we developed a custom assembly-like finite state machine (FSM) description, called Prism, and necessary tool to generate the micro-program states. To illustrate the functionality of Prism, we present designs for Tate and Optimal-Ate pairing with micro-program states generated using this tool.

Published
2022

49. Safe is the New Smart: PUF-Based Authentication for Load Modification-Resistant Smart Meters

Author

Harishma Boyapally, Paulson Mathew, Urbi Chatterjee, Umang Agarwal, Debdeep Mukhopadhyay, Sikhar Patranabis, Soumyajit Dey, and Manu Maheshwari

Subjects
Authentication, business.industry, Smart meter, Computer science, Cryptography, Smart grid, Authenticated key exchange (AKE), Mutual authentication, Physically unclonable functions (PUFs), Key Exchange Protocols, Physics-based attacks, Trusted third party, Data processing, computer science, Secure communication, Server, ddc:004, Electrical and Electronic Engineering, business, Computer network
Abstract

In the energy sector, IoT manifests in the form of next-generation power grids that provide enhanced electrical stability, efficient power distribution and utilization. The primary feature of a Smart Grid is the presence of an advanced bi-directional communication network between the Smart meters at the consumer end and the servers at the Utility Operators. The Smart meters are broadly vulnerable to attacks on communication and physical systems. We propose a secure and operationally asymmetric mutual authentication and key-exchange protocol for secure communication. Our protocol balances security and efficiency, delegates complex cryptographic operations to the resource-equipped servers, and carefully manages the workload on the resource-constrained Smart meter nodes using unconventional lightweight primitives such as Physically Unclonable Functions. We prove the security of the protocol using well-established cryptographic assumptions. We implement the proposed scheme end-to-end in a Smart meter prototype using commercial-off-the-shelf products, a Utility server and a credential generator as the trusted third party. Additionally, we demonstrate a physics-based attack named load modification attack on the Smart meter to demonstrate that merely securing the communication channel using authentication does not secure the meter, but requires further protections to ensure the correctness of the reported consumption. Hence, we propose a countermeasure to such attack that goes side-by-side with our protocol implementation., IEEE Transactions on Dependable and Secure Computing, 19 (1), ISSN:1545-5971, ISSN:1941-0018

Published
2022

Catalog

Books, media, physical & digital resources
See catalog results