Pub Date : 2019-12-01DOI: 10.1109/TPS-ISA48467.2019.00032
M. Bargh, Sunil Choenni
Designing privacy-protecting Information Systems (ISs), i.e., realizing the Privacy by Design (PbD) principle, is a challenging task. This challenge stems from having many stakeholders and design trade-offs involved, which cause uncertainty in defining the problem, eliciting soft requirements, and making design trade-offs among many contending objectives. As creating a formal model of such settings is often infeasible, applying a conventional engineering design method alone may not result in elucidating users' needs and/or devising a viable design that is acceptable for all parties (e.g., end-users and data subjects). This contribution aims at enriching engineering approaches for privacy-protecting ISs with the so-called design-thinking approach. Design-thinking, initially used for product and service design, has been applied to the areas where there are interactions among people, organizations and technologies, in order to elucidate user needs and concerns that are insufficiently formulated and/or hidden in tacit knowledge. In this contribution, we elaborate on three main PbD components, namely problem space, solution space and mapping space. We, further, analyze the shortcomings of traditional engineering approaches for privacy protection as well as the potentials and shortcomings of design-thinking in general. Finally, we present our practical experience with applying the design-thinking approach to the problem of PbD for ISs. We foresee the applicability of design-thinking for elucidating the problem space as well as for making design trade-off among contending values in order to come up with a viable design option.
{"title":"Towards Applying Design-Thinking for Designing Privacy-Protecting Information Systems","authors":"M. Bargh, Sunil Choenni","doi":"10.1109/TPS-ISA48467.2019.00032","DOIUrl":"https://doi.org/10.1109/TPS-ISA48467.2019.00032","url":null,"abstract":"Designing privacy-protecting Information Systems (ISs), i.e., realizing the Privacy by Design (PbD) principle, is a challenging task. This challenge stems from having many stakeholders and design trade-offs involved, which cause uncertainty in defining the problem, eliciting soft requirements, and making design trade-offs among many contending objectives. As creating a formal model of such settings is often infeasible, applying a conventional engineering design method alone may not result in elucidating users' needs and/or devising a viable design that is acceptable for all parties (e.g., end-users and data subjects). This contribution aims at enriching engineering approaches for privacy-protecting ISs with the so-called design-thinking approach. Design-thinking, initially used for product and service design, has been applied to the areas where there are interactions among people, organizations and technologies, in order to elucidate user needs and concerns that are insufficiently formulated and/or hidden in tacit knowledge. In this contribution, we elaborate on three main PbD components, namely problem space, solution space and mapping space. We, further, analyze the shortcomings of traditional engineering approaches for privacy protection as well as the potentials and shortcomings of design-thinking in general. Finally, we present our practical experience with applying the design-thinking approach to the problem of PbD for ISs. We foresee the applicability of design-thinking for elucidating the problem space as well as for making design trade-off among contending values in order to come up with a viable design option.","PeriodicalId":129820,"journal":{"name":"2019 First IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA)","volume":"138 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127341374","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-12-01DOI: 10.1109/TPS-ISA48467.2019.00041
D. Gračanin, Ramoni O. Lasisi, M. Azab, M. Eltoweissy
Smart Built Environments (SBEs) and similar cyber-physical environments utilizing the Internet of Things (IoT) have been a growing research area in recent years. Contemporary research primarily addresses technology aspects, while human aspects, such as empathy, privacy and ethics (EPE for short), in relation to SBEs have not yet received adequate attention. In addition to challenges with respect to technology, there are apparent tensions and conflicting requirements involving EPE. On the other hand, opportunities exist for these aspects to support one another. For example, data collected and analyzed for empathic response may be used to alert the privacy-preserving subsystem. An ethical response may turn out to be the most empathic. The main objective of this paper is to present our vision for next generation SBEs and to explore pertinent EPE factors. We propose a unified framework that incorporates a game theoretic model to address EPE interplay in SBEs. Integral to our framework, we also introduce the use of a blockchain infrastructure for the critical need to support data integrity in such data-intensive environments. We illustrate our work in progress using an example. We then present major research challenges for the realization of next generation SBEs with fused EPE.
{"title":"Next Generation Smart Built Environments: The Fusion of Empathy, Privacy and Ethics","authors":"D. Gračanin, Ramoni O. Lasisi, M. Azab, M. Eltoweissy","doi":"10.1109/TPS-ISA48467.2019.00041","DOIUrl":"https://doi.org/10.1109/TPS-ISA48467.2019.00041","url":null,"abstract":"Smart Built Environments (SBEs) and similar cyber-physical environments utilizing the Internet of Things (IoT) have been a growing research area in recent years. Contemporary research primarily addresses technology aspects, while human aspects, such as empathy, privacy and ethics (EPE for short), in relation to SBEs have not yet received adequate attention. In addition to challenges with respect to technology, there are apparent tensions and conflicting requirements involving EPE. On the other hand, opportunities exist for these aspects to support one another. For example, data collected and analyzed for empathic response may be used to alert the privacy-preserving subsystem. An ethical response may turn out to be the most empathic. The main objective of this paper is to present our vision for next generation SBEs and to explore pertinent EPE factors. We propose a unified framework that incorporates a game theoretic model to address EPE interplay in SBEs. Integral to our framework, we also introduce the use of a blockchain infrastructure for the critical need to support data integrity in such data-intensive environments. We illustrate our work in progress using an example. We then present major research challenges for the realization of next generation SBEs with fused EPE.","PeriodicalId":129820,"journal":{"name":"2019 First IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116163271","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-12-01DOI: 10.1109/TPS-ISA48467.2019.00030
Jonathan Kilgallin, Ross Vasko
RSA keys are at risk of compromise when using improper random number generation. Many weak keys can efficiently be discovered and subsequently compromised by finding reused prime factors in a large data set. We collect and analyze 75 million RSA certificates from the Internet, and find that 1 in 172 keys share a factor with another. In contrast, only 5 of 100 million certificates found in a sample from Certificate Transparency logs are compromised by the same technique. The discrepancy in rates of compromise is overwhelmingly due to IoT devices exposed to the Internet, which may be subject to design constraints and limited entropy. The widespread susceptibility of these IoT devices poses a potential risk to the public due to their presence in sensitive settings. We conclude that device manufacturers must ensure their devices have access to sufficient entropy and adhere to best practices in cryptography to protect consumers.
{"title":"Factoring RSA Keys in the IoT Era","authors":"Jonathan Kilgallin, Ross Vasko","doi":"10.1109/TPS-ISA48467.2019.00030","DOIUrl":"https://doi.org/10.1109/TPS-ISA48467.2019.00030","url":null,"abstract":"RSA keys are at risk of compromise when using improper random number generation. Many weak keys can efficiently be discovered and subsequently compromised by finding reused prime factors in a large data set. We collect and analyze 75 million RSA certificates from the Internet, and find that 1 in 172 keys share a factor with another. In contrast, only 5 of 100 million certificates found in a sample from Certificate Transparency logs are compromised by the same technique. The discrepancy in rates of compromise is overwhelmingly due to IoT devices exposed to the Internet, which may be subject to design constraints and limited entropy. The widespread susceptibility of these IoT devices poses a potential risk to the public due to their presence in sensitive settings. We conclude that device manufacturers must ensure their devices have access to sufficient entropy and adhere to best practices in cryptography to protect consumers.","PeriodicalId":129820,"journal":{"name":"2019 First IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA)","volume":"82 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122624487","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-12-01DOI: 10.1109/TPS-ISA48467.2019.00025
Hanlin Chen, B. Yang
Recent research on vehicular cybersecurity has highlighted the known vulnerabilities and exploits that plague in-vehicular networks; in particular, the communication protocol governing the in-vehicular network, the Control Area Network (CAN), has been a frequent and often fruitful target of related attacks. Accordingly, the focus of this project is to investigate the application of encryption algorithms to the in-vehicular network and evaluate the performance characteristics of said algorithms when used in this context. This current paper includes examination of a) the maximum acceptable latency based on the vehicular requirements as well as b) the latency in communication when employing various encryption algorithms. In Hardware-In-the-Loop (HIL) simulations, our work suggests that in-vehicular networks can absorb the latencies introduced by select encryption approaches and still satisfy the real-time requirements needed by the intra-vehicular communication system to avoid collisions and the like.
{"title":"A Performance Evaluation of CAN Encryption","authors":"Hanlin Chen, B. Yang","doi":"10.1109/TPS-ISA48467.2019.00025","DOIUrl":"https://doi.org/10.1109/TPS-ISA48467.2019.00025","url":null,"abstract":"Recent research on vehicular cybersecurity has highlighted the known vulnerabilities and exploits that plague in-vehicular networks; in particular, the communication protocol governing the in-vehicular network, the Control Area Network (CAN), has been a frequent and often fruitful target of related attacks. Accordingly, the focus of this project is to investigate the application of encryption algorithms to the in-vehicular network and evaluate the performance characteristics of said algorithms when used in this context. This current paper includes examination of a) the maximum acceptable latency based on the vehicular requirements as well as b) the latency in communication when employing various encryption algorithms. In Hardware-In-the-Loop (HIL) simulations, our work suggests that in-vehicular networks can absorb the latencies introduced by select encryption approaches and still satisfy the real-time requirements needed by the intra-vehicular communication system to avoid collisions and the like.","PeriodicalId":129820,"journal":{"name":"2019 First IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA)","volume":"63 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114336140","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-12-01DOI: 10.1109/TPS-ISA48467.2019.00038
Amirmasoud Ghiassi, Taraneh Younesian, Zilong Zhao, R. Birke, V. Schiavoni, L. Chen
Data is generated with unprecedented speed, due to the flourishing of social media and open platforms. However, due to the lack of scrutinizing, both clean and dirty data are widely spreaded. For instance, there is a significant portion of images tagged with corrupted dirty class labels. Such dirty data sets are not only detrimental to the learning outcomes, e.g., misclassified images into the wrong classes, but also costly. It is pointed out that bad data can cost the U.S. up to a daunting 3 trillion dollars per year. In this paper, we address the following question: how prevailing (deep) machine learning models can be robustly trained given a non-negligible presence of corrupted labeled data. Dirty labels significantly increase the complexity of existing learning problems, as the ground truth of label’s quality are not easily assessed. Here, we advocate to rigorously incorporate human experts into one learning framework where both artificial and human intelligence collaborate. To such an end, we combine three strategies to enhance the robustness for deep and regular machine learning algorithms, namely, (i) data filtering through additional quality model, (ii) data selection via actively learning from expert, and (iii) imitating expert’s correction process. We demonstrate three strategies sequentially with examples and apply them on widely used benchmarks, such as CIFAR10 and CIFAR100. Our initial results show the effectiveness of the proposed strategies in combating dirty labels, e.g., the resulting classification can be up to 50% higher than the state-of-the-art AI-only solutions. Finally, we extend the discussion of robust learning from the trusted data to the trusted execution environment.
{"title":"Robust (Deep) Learning Framework Against Dirty Labels and Beyond","authors":"Amirmasoud Ghiassi, Taraneh Younesian, Zilong Zhao, R. Birke, V. Schiavoni, L. Chen","doi":"10.1109/TPS-ISA48467.2019.00038","DOIUrl":"https://doi.org/10.1109/TPS-ISA48467.2019.00038","url":null,"abstract":"Data is generated with unprecedented speed, due to the flourishing of social media and open platforms. However, due to the lack of scrutinizing, both clean and dirty data are widely spreaded. For instance, there is a significant portion of images tagged with corrupted dirty class labels. Such dirty data sets are not only detrimental to the learning outcomes, e.g., misclassified images into the wrong classes, but also costly. It is pointed out that bad data can cost the U.S. up to a daunting 3 trillion dollars per year. In this paper, we address the following question: how prevailing (deep) machine learning models can be robustly trained given a non-negligible presence of corrupted labeled data. Dirty labels significantly increase the complexity of existing learning problems, as the ground truth of label’s quality are not easily assessed. Here, we advocate to rigorously incorporate human experts into one learning framework where both artificial and human intelligence collaborate. To such an end, we combine three strategies to enhance the robustness for deep and regular machine learning algorithms, namely, (i) data filtering through additional quality model, (ii) data selection via actively learning from expert, and (iii) imitating expert’s correction process. We demonstrate three strategies sequentially with examples and apply them on widely used benchmarks, such as CIFAR10 and CIFAR100. Our initial results show the effectiveness of the proposed strategies in combating dirty labels, e.g., the resulting classification can be up to 50% higher than the state-of-the-art AI-only solutions. Finally, we extend the discussion of robust learning from the trusted data to the trusted execution environment.","PeriodicalId":129820,"journal":{"name":"2019 First IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA)","volume":"67 3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128025761","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-12-01DOI: 10.1109/TPS-ISA48467.2019.00022
Sara Sutton, Benjamin Bond, Sementa Tahiri, J. Rrushi
The concept of a decoy process is a new development of defensive deception beyond traditional honeypots. Decoy processes can be exceptionally effective in detecting malware, directly upon contact or by redirecting malware to decoy I/O. A key requirement is that they resemble their real counterparts very closely to withstand adversarial probes by threat actors. To be usable, decoy processes need to consume only a small fraction of the resources consumed by their real counterparts. Our contribution in this paper is twofold. We attack the resource utilization consistency of decoy processes provided by a neural network with a heatmap training mechanism, which we find to be insufficiently trained. We then devise machine learning over control flow graphs that improves the heatmap training mechanism. A neural network retrained by our work shows higher accuracy and defeats our attacks without a significant increase in its own resource utilization.
{"title":"Countering Malware Via Decoy Processes with Improved Resource Utilization Consistency","authors":"Sara Sutton, Benjamin Bond, Sementa Tahiri, J. Rrushi","doi":"10.1109/TPS-ISA48467.2019.00022","DOIUrl":"https://doi.org/10.1109/TPS-ISA48467.2019.00022","url":null,"abstract":"The concept of a decoy process is a new development of defensive deception beyond traditional honeypots. Decoy processes can be exceptionally effective in detecting malware, directly upon contact or by redirecting malware to decoy I/O. A key requirement is that they resemble their real counterparts very closely to withstand adversarial probes by threat actors. To be usable, decoy processes need to consume only a small fraction of the resources consumed by their real counterparts. Our contribution in this paper is twofold. We attack the resource utilization consistency of decoy processes provided by a neural network with a heatmap training mechanism, which we find to be insufficiently trained. We then devise machine learning over control flow graphs that improves the heatmap training mechanism. A neural network retrained by our work shows higher accuracy and defeats our attacks without a significant increase in its own resource utilization.","PeriodicalId":129820,"journal":{"name":"2019 First IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA)","volume":"106 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132810105","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-12-01DOI: 10.1109/TPS-ISA48467.2019.00031
G. Bashar, G. Hill, Subroto Singha, Praneeth Babu Marella, Gaby G. Dagher, Jidong Xiao
Consensus protocols are mechanisms that enable a group of entities to reach an agreement on a specific subject. In blockchain systems, consensus protocols are the cornerstone of achieving security and scalability. They not only enable nodes in the network to agree on the valid information that can be added to the ledger while keeping all nodes synchronized, they also establish the sequence of order in which blocks (and consequently transactions) are affixed. In this paper, we provide a comprehensive review of the working principles of the most commonly used consensus protocols in blockchain-based cryptocurrencies. We categorize them based on their permission requirements and perform a thorough comparative evaluation. More specifically, we identify computational difficulty, barrier for entry, platform utilization, and weaknesses in terms of scalability and fairness.
{"title":"Contextualizing Consensus Protocols in Blockchain: A Short Survey","authors":"G. Bashar, G. Hill, Subroto Singha, Praneeth Babu Marella, Gaby G. Dagher, Jidong Xiao","doi":"10.1109/TPS-ISA48467.2019.00031","DOIUrl":"https://doi.org/10.1109/TPS-ISA48467.2019.00031","url":null,"abstract":"Consensus protocols are mechanisms that enable a group of entities to reach an agreement on a specific subject. In blockchain systems, consensus protocols are the cornerstone of achieving security and scalability. They not only enable nodes in the network to agree on the valid information that can be added to the ledger while keeping all nodes synchronized, they also establish the sequence of order in which blocks (and consequently transactions) are affixed. In this paper, we provide a comprehensive review of the working principles of the most commonly used consensus protocols in blockchain-based cryptocurrencies. We categorize them based on their permission requirements and perform a thorough comparative evaluation. More specifically, we identify computational difficulty, barrier for entry, platform utilization, and weaknesses in terms of scalability and fairness.","PeriodicalId":129820,"journal":{"name":"2019 First IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA)","volume":"2020 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126057309","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-12-01DOI: 10.1109/TPS-ISA48467.2019.00034
Saptarshi Das, S. Sural, Jaideep Vaidya, V. Atluri
Organizations deploy various types of access control systems for protecting their resources from unauthorized access. Choice of the underlying access control model is guided by the types of security policies required to be specified in individual organizations. Two of the most popular existing and upcoming ac- cess control models, namely, Role-based Access Control (RBAC) and Attribute-based Access Control (ABAC), in their basic forms can effectively enforce secure access to the resources of standalone organizations. However, recent growth in distributed operations of most organizations calls for an urgent need to collaborate for achieving collective goals through resource sharing. With dis- parate access control models deployed in different organizations or even in the subsidiaries of the same organization, such sharing presents an exigent situation. In this paper, we introduce the vision of a framework called Central Attribute Authority (CAA) that facilitates seamless sharing of organizational resources over heterogeneous access control models.
{"title":"Central Attribute Authority (CAA): A Vision for Seamless Sharing of Organizational Resources","authors":"Saptarshi Das, S. Sural, Jaideep Vaidya, V. Atluri","doi":"10.1109/TPS-ISA48467.2019.00034","DOIUrl":"https://doi.org/10.1109/TPS-ISA48467.2019.00034","url":null,"abstract":"Organizations deploy various types of access control systems for protecting their resources from unauthorized access. Choice of the underlying access control model is guided by the types of security policies required to be specified in individual organizations. Two of the most popular existing and upcoming ac- cess control models, namely, Role-based Access Control (RBAC) and Attribute-based Access Control (ABAC), in their basic forms can effectively enforce secure access to the resources of standalone organizations. However, recent growth in distributed operations of most organizations calls for an urgent need to collaborate for achieving collective goals through resource sharing. With dis- parate access control models deployed in different organizations or even in the subsidiaries of the same organization, such sharing presents an exigent situation. In this paper, we introduce the vision of a framework called Central Attribute Authority (CAA) that facilitates seamless sharing of organizational resources over heterogeneous access control models.","PeriodicalId":129820,"journal":{"name":"2019 First IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA)","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121631504","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-12-01DOI: 10.1109/TPS-ISA48467.2019.00017
J. Pandey, Chhavi Mitharwal, A. Karmakar
Public key cryptography plays a vital role in many information and communication systems for secure data transaction, authentication, identification, digital signature, and key management purpose. Elliptic curve cryptography (ECC) is a widely used public key cryptographic algorithm. In this paper, we propose a hardware-software codesign implementation of the ECC cipher. The algorithm is modelled in C language. Compute-intensive components are identified for their efficient hardware implementations. In the implementation, residue number system (RNS) with projective coordinates are utilized for performing the required arithmetic operations. To manage the hardware-software codeign in an integrated fashion Xilinx platform studio tool and Virtex-5 xc5vfx70t device based platform is utilized. An application of the implementation is demonstrated for encryption of text and its respective decryption over prime fields. The design is useful for providing an adequate level of security for IoTs.
{"title":"An RNS Implementation of the Elliptic Curve Cryptography for IoT Security","authors":"J. Pandey, Chhavi Mitharwal, A. Karmakar","doi":"10.1109/TPS-ISA48467.2019.00017","DOIUrl":"https://doi.org/10.1109/TPS-ISA48467.2019.00017","url":null,"abstract":"Public key cryptography plays a vital role in many information and communication systems for secure data transaction, authentication, identification, digital signature, and key management purpose. Elliptic curve cryptography (ECC) is a widely used public key cryptographic algorithm. In this paper, we propose a hardware-software codesign implementation of the ECC cipher. The algorithm is modelled in C language. Compute-intensive components are identified for their efficient hardware implementations. In the implementation, residue number system (RNS) with projective coordinates are utilized for performing the required arithmetic operations. To manage the hardware-software codeign in an integrated fashion Xilinx platform studio tool and Virtex-5 xc5vfx70t device based platform is utilized. An application of the implementation is demonstrated for encryption of text and its respective decryption over prime fields. The design is useful for providing an adequate level of security for IoTs.","PeriodicalId":129820,"journal":{"name":"2019 First IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA)","volume":"197 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121101487","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-12-01DOI: 10.1109/TPS-ISA48467.2019.00029
K. Bicakci, Ihsan Kagan Ak, Betul Askin Ozdemir, M. Gozutok
Trusted Execution Environments (TEEs) provide hardware support to isolate the execution of sensitive operations on mobile phones for improved security. However, they are not always available to use for application developers. To provide a consistent user experience to those who have and do not have a TEE-enabled device, we could get help from Open-TEE, an open-source GlobalPlatform (GP)-compliant software TEE emulator. However, Open-TEE does not offer any of the security properties hardware TEEs have. In this paper, we propose WhiteBox-TEE which integrates white-box cryptography with Open-TEE to provide better security while still remaining complaint with GP TEE specifications. We discuss the architecture, provisioning mechanism, implementation highlights, security properties and performance issues of WhiteBox-TEE and propose possible revisions to TEE specifications to have better use of white-box cryptography in software-only TEEs.
{"title":"Open-TEE is No Longer Virtual: Towards Software-Only Trusted Execution Environments Using White-Box Cryptography","authors":"K. Bicakci, Ihsan Kagan Ak, Betul Askin Ozdemir, M. Gozutok","doi":"10.1109/TPS-ISA48467.2019.00029","DOIUrl":"https://doi.org/10.1109/TPS-ISA48467.2019.00029","url":null,"abstract":"Trusted Execution Environments (TEEs) provide hardware support to isolate the execution of sensitive operations on mobile phones for improved security. However, they are not always available to use for application developers. To provide a consistent user experience to those who have and do not have a TEE-enabled device, we could get help from Open-TEE, an open-source GlobalPlatform (GP)-compliant software TEE emulator. However, Open-TEE does not offer any of the security properties hardware TEEs have. In this paper, we propose WhiteBox-TEE which integrates white-box cryptography with Open-TEE to provide better security while still remaining complaint with GP TEE specifications. We discuss the architecture, provisioning mechanism, implementation highlights, security properties and performance issues of WhiteBox-TEE and propose possible revisions to TEE specifications to have better use of white-box cryptography in software-only TEEs.","PeriodicalId":129820,"journal":{"name":"2019 First IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA)","volume":"151 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121323984","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: