Profiling side-channel attacks on cryptographic algorithms

Traditionally, attacks on cryptographic algorithms looked for mathematical weaknesses in the underlying structure of a cipher. Side-channel attacks, however, look to extract secret key information based on the leakage from the device on which the cipher is implemented, be it smart-card, microprocessor, dedicated hardware or personal computer. Attacks based on the power consumption, electromagnetic emanations and execution time have all been practically demonstrated on a range of devices to reveal partial secret-key information from which the full key can be reconstructed. The focus of this thesis is power analysis, more specifically a class of attacks known as profiling attacks. These attacks assume a potential attacker has access to, or can control, an identical device to that which is under attack, which allows him to profile the power consumption of operations or data flow during encryption. This assumes a stronger adversary than traditional non-profiling attacks such as differential or correlation power analysis, however the ability to model a device allows templates to be used post-profiling to extract key information from many different target devices using the power consumption of very few encryptions. This allows an adversary to overcome protocols intended to prevent secret key recovery by restricting the number of available traces. In this thesis a detailed investigation of template attacks is conducted, along with how the selection of various attack parameters practically affect the efficiency of the secret key recovery, as well as examining the underlying assumption of profiling attacks in that the power consumption of one device can be used to extract secret keys from another. Trace only attacks, where the corresponding plaintext or ciphertext data is unavailable, are then investigated against both symmetric and asymmetric algorithms with the goal of key recovery from a single trace. This allows an adversary to bypass many of the currently proposed countermeasures, particularly in the asymmetric domain. An investigation into machine-learning methods for side-channel analysis as an alternative to template or stochastic methods is also conducted, with support vector machines, logistic regression and neural networks investigated from a side-channel viewpoint. Both binary and multi-class classification attack scenarios are examined in order to explore the relative strengths of each algorithm. Finally these machine-learning based alternatives are empirically compared with template attacks, with their respective merits examined with regards to attack efficiency.

The protection and security of vulnerable populations in complex emergencies using the Dadaab refugee camps in the north eastern province of Kenya as a case study

The past two decades has seen a dramatic upheaval in the international world order: the end of the Cold War, the 9/11 attacks and the subsequent 'War on Terror', increased Jihadist activities, the accelerated pace of globalization, climate change and the 2008 global financial crisis have contributed to fear, uncertainty, poverty, conflict, massive displacements of populations of asylum seekers and refugees globally and a proliferation of Protracted Refugee Situations (PRS), defined as situations in which refugees have been in exile 'for 5 years or more after their initial displacement, without immediate prospects for implementation of durable solutions. In the past two decades there has been a huge proliferation of these with more than 7.2 million refugees now trapped in these PRS, with a further 16 million internally displaced persons (IDPs) trapped in camps within their own countries. The Dadaab refugee complex in Kenya, which of as March 2012, holds over 463,000 refugees, is the most significant and extreme example in recent times of a PRS. It was established in 1991 following the collapse of the Somali Government of Dictator Siad Barre, and the disintegration of Somalia into the chaos that still exists today. PRS such as Dadaab raise particular issues about humanitarianism in terms of aid, protection, security, human rights and the actions (or inaction) of the various stakeholders on an international, national and local level. This thesis investigates these issues by the use of a case study methodology on Dadaab as a PRS, framed in the context of humanitarianism and in particular the issues that arise in terms of how the international community, the UN system and individual states provide assistance and protection to vulnerable populations. Although the refugee camps have been in existence (as of 2012) for over 20 years, there has never been such a detailed study of Dadaab (or any other PRS) undertaken to date and would be of interest to academics in the areas of international relations, refugee/migration studies and global Governance as well as practitioners in both humanitarian response and development

Secure architectures for pairing based public key cryptography

Along with the growing demand for cryptosystems in systems ranging from large servers to mobile devices, suitable cryptogrophic protocols for use under certain constraints are becoming more and more important. Constraints such as calculation time, area, efficiency and security, must be considered by the designer. Elliptic curves, since their introduction to public key cryptography in 1985 have challenged established public key and signature generation schemes such as RSA, offering more security per bit. Amongst Elliptic curve based systems, pairing based cryptographies are thoroughly researched and can be used in many public key protocols such as identity based schemes. For hardware implementions of pairing based protocols, all components which calculate operations over Elliptic curves can be considered. Designers of the pairing algorithms must choose calculation blocks and arrange the basic operations carefully so that the implementation can meet the constraints of time and hardware resource area. This thesis deals with different hardware architectures to accelerate the pairing based cryptosystems in the field of characteristic two. Using different top-level architectures the hardware efficiency of operations that run at different times is first considered in this thesis. Security is another important aspect of pairing based cryptography to be considered in practically Side Channel Analysis (SCA) attacks. The naively implemented hardware accelerators for pairing based cryptographies can be vulnerable when taking the physical analysis attacks into consideration. This thesis considered the weaknesses in pairing based public key cryptography and addresses the particular calculations in the systems that are insecure. In this case, countermeasures should be applied to protect the weak link of the implementation to improve and perfect the pairing based algorithms. Some important rules that the designers must obey to improve the security of the cryptosystems are proposed. According to these rules, three countermeasures that protect the pairing based cryptosystems against SCA attacks are applied. The implementations of the countermeasures are presented and their performances are investigated.

Structural carpentry in medieval Ireland: continuity and change

The study of medieval carpentry is probably one of the most neglected aspects of archaeological research in Ireland. The principal difficulty is the nature of the evidence, in that timber, unless the conditions are right, rarely leaves a trace above ground. The problem is further exacerbated by the fact that not a single medieval timber-framed building has survived in Ireland. Nevertheless, in recent years, in addition to the medieval roof of Dunsoghley, which up to quite recently was thought to be the only surviving roof structure in Ireland, a further eight medieval roof structures have been identified. Furthermore, an extensive corpus of early medieval mills, with evidence for advanced Roman carpentry techniques, has been excavated, while evidence for Viking houses, on what is probably the largest extant Viking settlement in Europe, have also been recovered. Although post and wattle structures dominate the archaeological record of the Viking period, nevertheless, it will be shown that the Roman tradition of carpentry, evidenced in the early medieval mills from the early seventh century, continued in use in the wider Gaelic community. And it is one of the pivotal points of this study, that with the takeover of Dublin by the Gaelic Irish in the late tenth century, this Roman carpentry tradition was gradually assimilated into the carpentry tradition of the Viking towns, which were now largely inhabited by a mixed population of Hiberno-Norse. Evidence for this Gaelic influence can be seen not only in the gradual replacement of the Viking post and wattle house by timber houses with load-bearing walls, but more importantly by the evidence for waterfront structures founded on baseplates with mortise and tenoned uprights on the pre-Norman waterfront in Cork. Furthermore, it will be shown, that the carpentry techniques used to build the Wood Quay revetments, shortly after the Anglo-Norman conquest in AD 1170, supports this contention.

The accountability of transnational armed groups under international law

Terrorist attacks by transnational armed groups cause on average 15,000 deaths every year worldwide, with the law enforcement agencies of some states facing many challenges in bringing those responsible to justice. Despite various attempts to codify the law on transnational terrorism since the 1930s, a crime of transnational terrorism under International Law remains contested, reflecting concerns regarding the relative importance of prosecuting members of transnational armed groups before the International Criminal Court. However, a study of the emerging jurisprudence of the International Criminal Court suggests that terrorist attacks cannot be classified as a war crime or a crime against humanity. Therefore, using organisational network theory, this thesis will probe the limits of international criminal law in bringing members of transnational armed groups to justice in the context of changing methods of warfare. Determining the organisational structure of transnational armed groups, provides a powerful analytical framework for examining the challenges in holding members of transnational armed groups accountable before the International Criminal Court, in the context of the relationship between the commanders and the subordinate members of the group.