Implementing fully homomorphic encryption schemes in FPGA-based systems

LLas nuevas tecnologías orientadas a la nube, el internet de las cosas o las tendencias "as a service" se basan en el almacenamiento y procesamiento de datos en servidores remotos. Para garantizar la seguridad en la comunicación de dichos datos al servidor remoto, y en el manejo de los mismos en dicho servidor, se hace uso de diferentes esquemas criptográficos. Tradicionalmente, dichos sistemas criptográficos se centran en encriptar los datos mientras no sea necesario procesarlos (es decir, durante la comunicación y almacenamiento de los mismos). Sin embargo, una vez es necesario procesar dichos datos encriptados (en el servidor remoto), es necesario desencriptarlos, momento en el cual un intruso en dicho servidor podría a acceder a datos sensibles de usuarios del mismo. Es más, este enfoque tradicional necesita que el servidor sea capaz de desencriptar dichos datos, teniendo que confiar en la integridad de dicho servidor de no comprometer los datos. Como posible solución a estos problemas, surgen los esquemas de encriptación homomórficos completos. Un esquema homomórfico completo no requiere desencriptar los datos para operar con ellos, sino que es capaz de realizar las operaciones sobre los datos encriptados, manteniendo un homomorfismo entre el mensaje cifrado y el mensaje plano. De esta manera, cualquier intruso en el sistema no podría robar más que textos cifrados, siendo imposible un robo de los datos sensibles sin un robo de las claves de cifrado. Sin embargo, los esquemas de encriptación homomórfica son, actualmente, drás-ticamente lentos comparados con otros esquemas de encriptación clásicos. Una op¬eración en el anillo del texto plano puede conllevar numerosas operaciones en el anillo del texto encriptado. Por esta razón, están surgiendo distintos planteamientos sobre como acelerar estos esquemas para un uso práctico. Una de las propuestas para acelerar los esquemas homomórficos consiste en el uso de High-Performance Computing (HPC) usando FPGAs (Field Programmable Gate Arrays). Una FPGA es un dispositivo semiconductor que contiene bloques de lógica cuya interconexión y funcionalidad puede ser reprogramada. Al compilar para FPGAs, se genera un circuito hardware específico para el algorithmo proporcionado, en lugar de hacer uso de instrucciones en una máquina universal, lo que supone una gran ventaja con respecto a CPUs. Las FPGAs tienen, por tanto, claras difrencias con respecto a CPUs: -Arquitectura en pipeline: permite la obtención de outputs sucesivos en tiempo constante -Posibilidad de tener multiples pipes para computación concurrente/paralela. Así, en este proyecto: -Se realizan diferentes implementaciones de esquemas homomórficos en sistemas basados en FPGAs. -Se analizan y estudian las ventajas y desventajas de los esquemas criptográficos en sistemas basados en FPGAs, comparando con proyectos relacionados. -Se comparan las implementaciones con trabajos relacionados New cloud-based technologies, the internet of things or "as a service" trends are based in data storage and processing in a remote server. In order to guarantee a secure communication and handling of data, cryptographic schemes are used. Tradi¬tionally, these cryptographic schemes focus on guaranteeing the security of data while storing and transferring it, not while operating with it. Therefore, once the server has to operate with that encrypted data, it first decrypts it, exposing unencrypted data to intruders in the server. Moreover, the whole traditional scheme is based on the assumption the server is reliable, giving it enough credentials to decipher data to process it. As a possible solution for this issues, fully homomorphic encryption(FHE) schemes is introduced. A fully homomorphic scheme does not require data decryption to operate, but rather operates over the cyphertext ring, keeping an homomorphism between the cyphertext ring and the plaintext ring. As a result, an outsider could only obtain encrypted data, making it impossible to retrieve the actual sensitive data without its associated cypher keys. However, using homomorphic encryption(HE) schemes impacts performance dras-tically, slowing it down. One operation in the plaintext space can lead to several operations in the cyphertext space. Because of this, different approaches address the problem of speeding up these schemes in order to become practical. One of these approaches consists in the use of High-Performance Computing (HPC) using FPGAs (Field Programmable Gate Array). An FPGA is an integrated circuit designed to be configured by a customer or a designer after manufacturing - hence "field-programmable". Compiling into FPGA means generating a circuit (hardware) specific for that algorithm, instead of having an universal machine and generating a set of machine instructions. FPGAs have, thus, clear differences compared to CPUs: - Pipeline architecture, which allows obtaining successive outputs in constant time. -Possibility of having multiple pipes for concurrent/parallel computation. Thereby, In this project: -We present different implementations of FHE schemes in FPGA-based systems. -We analyse and study advantages and drawbacks of the implemented FHE schemes, compared to related work.

Implementação de sistemas de encriptação AES advanced encryption standard em hardware para segurança

Dissertação de mestrado integrado em Engenharia Electrónica Industrial e Computadores

Models of social networks based on social distance attachment

We propose a class of models of social network formation based on a mathematical abstraction of the concept of social distance. Social distance attachment is represented by the tendency of peers to establish acquaintances via a decreasing function of the relative distance in a representative social space. We derive analytical results (corroborated by extensive numerical simulations), showing that the model reproduces the main statistical characteristics of real social networks: large clustering coefficient, positive degree correlations, and the emergence of a hierarchy of communities. The model is confronted with the social network formed by people that shares confidential information using the Pretty Good Privacy (PGP) encryption algorithm, the so-called web of trust of PGP.

An Interdomain PKI Model Based on Trust Lists

The penetration of PKI technology in the market is moving slowly due to interoperability concerns. Main causes are not technical but political and social since there is no trust development model that appropriately deals with multidomain PKIs. We propose a new architecture that on one hand considers that trust is not an homogeneous property but tied to a particular relation, and on the other hand, trust management must be performed through specialized entities that can evaluate its risks and threads. The model is based on trust certificate lists that allows users to hold a personalized trust view without having to get involved in technical details. The model dynamically adapts tothe context changes thanks to a new certificate extension, we have called TrustProviderLink (TPL).

Optical Encryption using Photon-Counting Polarimetric Imaging

We present a polarimetric-based optical encoder for image encryption and verification. A system for generating random polarized vector keys based on a Mach-Zehnder configuration combined with translucent liquid crystal displays in each path of the interferometer is developed. Polarization information of the encrypted signal is retrieved by taking advantage of the information provided by the Stokes parameters. Moreover, photon-counting model is used in the encryption process which provides data sparseness and nonlinear transformation to enhance security. An authorized user with access to the polarization keys and the optical design variables can retrieve and validate the photon-counting plain-text. Optical experimental results demonstrate the feasibility of the encryption method.

Improved Privacy-Preserving P2P Multimedia Distribution Based on Recombined Fingerprints

Peer-reviewed

Genetic purity certificate in seeds of hybrid maize using molecular markers

One of the main features that confer high quality to the seed is its genetic purity, in which one of the major causes of contamination is the self-pollination of the female parent. Up to date, there is no accurate and fast methods for detecting such contamination. Thus, this work was carried out to certify the genetic purity in seeds of hybrid maize using different biochemical and DNA-based markers. Two single-cross hybrids and their parental lines derived from the maize breeding program at UFLA were evaluated by isoenzymatic pattern of alcohol dehydrogenase (ADH), esterase (EST), acid phosphatase (ACP), glutamate-oxaloacetate transaminase (GOT), malate dehydrogenase (MDH), isocitrate dehydrogenase (IDH), phosphoglucomutase (PGM), 6-phosphoglucomate dehydrogenase (PGDH), catalase (CAT) and ß-glucosidade (ßGLU) and by microsatellites markers. The enzymatic systems that were able to distinguish the hybrids from their parental line were the catalase, the isocitrate dehydrogenase and the esterase. The esterase showed a Mendelian segregation pattern for UFLA 8/3 hybrid, that enables a safer genetic purity certificate. Microsatellites were able to differentiate the hybrid lines and the respective parental lines. Moreover, this technique was fast, precise and without environment effects. For microsatellites, the amplification pattern was identical when young leaves or seeds were used as DNA source. The possibility of using seeds as DNA source would accelerate and facilitate the role process of the genetic purity analysis.

An Approach Towards The Development Of An Efficient Symmetric Key Encryption Scheme

n the recent years protection of information in digital form is becoming more important. Image and video encryption has applications in various fields including Internet communications, multimedia systems, medical imaging, Tele-medicine and military communications. During storage as well as in transmission, the multimedia information is being exposed to unauthorized entities unless otherwise adequate security measures are built around the information system. There are many kinds of security threats during the transmission of vital classified information through insecure communication channels. Various encryption schemes are available today to deal with information security issues. Data encryption is widely used to protect sensitive data against the security threat in the form of “attack on confidentiality”. Secure transmission of information through insecure communication channels also requires encryption at the sending side and decryption at the receiving side. Encryption of large text message and image takes time before they can be transmitted, causing considerable delay in successive transmission of information in real-time. In order to minimize the latency, efficient encryption algorithms are needed. An encryption procedure with adequate security and high throughput is sought in multimedia encryption applications. Traditional symmetric key block ciphers like Data Encryption Standard (DES), Advanced Encryption Standard (AES) and Escrowed Encryption Standard (EES) are not efficient when the data size is large. With the availability of fast computing tools and communication networks at relatively lower costs today, these encryption standards appear to be not as fast as one would like. High throughput encryption and decryption are becoming increasingly important in the area of high-speed networking. Fast encryption algorithms are needed in these days for high-speed secure communication of multimedia data. It has been shown that public key algorithms are not a substitute for symmetric-key algorithms. Public key algorithms are slow, whereas symmetric key algorithms generally run much faster. Also, public key systems are vulnerable to chosen plaintext attack. In this research work, a fast symmetric key encryption scheme, entitled “Matrix Array Symmetric Key (MASK) encryption” based on matrix and array manipulations has been conceived and developed. Fast conversion has been achieved with the use of matrix table look-up substitution, array based transposition and circular shift operations that are performed in the algorithm. MASK encryption is a new concept in symmetric key cryptography. It employs matrix and array manipulation technique using secret information and data values. It is a block cipher operated on plain text message (or image) blocks of 128 bits using a secret key of size 128 bits producing cipher text message (or cipher image) blocks of the same size. This cipher has two advantages over traditional ciphers. First, the encryption and decryption procedures are much simpler, and consequently, much faster. Second, the key avalanche effect produced in the ciphertext output is better than that of AES.

Using problem-based learning in a chemistry practical class for pharmacy students and engaging them with feedback

Objective: To introduce a new approach to problem based learning (PBL) used in the context of medicinal chemistry practical class teaching pharmacy students. Design: The described chemistry practical is based on independent studies by small groups of undergraduate students (4-5), who design their own practical work taking relevant professional standards into account. Students are carefully guided by feedback and acquire a set of skills important to their future profession as healthcare professionals. This model has been tailored to the application of PBL in a chemistry practical class setting for a large student cohort (150 students). Assessment: The achievement of learning outcomes is based on the submission of relevant documentation including a certificate of analysis, in addition to peer assessment. Some of the learning outcomes are also assessed in the final written examination at the end of the academic year. Conclusion: The described design of a novel PBL chemistry laboratory course for pharmacy students has been found to be successful. Self-reflective learning and engagement with feedback were encouraged, and students enjoyed the challenging learning experience. Skills that are highly essential for the students’ future careers as healthcare professionals are promoted.

Antiepileptic drugs and pregnancy. Population based pharmaco-epidemiological study on prescription patterns, pregnancy outcome and foetal health

Aims of the study: To assess the prevalence of Antiepileptic Drug (AED) exposure in pregnant women with or without epilepsy and the comparative risk of terminations of pregnancy (TOPs), spontaneous abortions, stillbirth, major congenital malformations (MCMs) and foetal growth retardation (FGR) following intrauterine AED exposure in the Emilia Romagna region (RER), Northern Italy (4 million inhabitants). Methods: Data were obtained from official regional registries: Certificate of Delivery Assistance, Hospital Discharge Card, reimbursed prescription databases and Registry of Congenital Malformations. We identified all the deliveries, hospitalized abortions and MCMs occurred between January 2009 and December 2011. Results: We identified 145,243 pregnancies: 111,284 deliveries (112,845 live births and 279 stillbirths), 16408 spontaneous abortions and 17551 TOPs. Six hundred and eleven pregnancies (0.42% 95% Cl: 0.39-0.46) were exposed to AEDs. Twenty-one per cent of pregnancies ended in TOP in the AED group vs 12% in the non-exposed (OR:2.24; CI 1.41-3.56). The rate of spontaneous abortions and stillbirth was comparable in the two groups. Three hundred fifty-three babies (0.31%, 95% CI: 0.28-0.35) were exposed to AEDs during the first trimester. The rate of MCMs was 2.3% in the AED group (2.2% in babies exposed to monotherapy and 3.1% in babies exposed to polytherapy) vs 2.0% in the non-exposed. The risk of FGR was 12.7 % in the exposed group compared to 10% in the non-exposed. Discussion and Conclusion: The prevalence of AED exposure in pregnancy in the RER was 0.42%. The rate of MCMs in children exposed to AEDs in utero was almost superimposable to the one of the non-exposed, however polytherapy carried a slightly increased risk . The rate of TOPs was significantly higher in the exposed women. Further studies are needed to clarify whether this high rate reflects a higher rate of MCMs detected prenatally or other more elusive reasons.

Analysis of a disaster medical track for the Certificate in Emergency Management and Preparedness Program at the University of Texas at Dallas

Since the tragic events of September 11, 2001, the United States has engaged in building the infrastructure and developing the expertise necessary to protect its borders and its citizens from further attacks against its homeland. One approach has been the development of academic courses to educate individuals on the nature and dangers of subversive attacks and to prepare them to respond to attacks and other large-scale emergencies in their roles as working professionals, participating members of their communities, and collaborators with first responders. An initial review of the literature failed to reveal any university-based emergency management courses or programs with a disaster medical component, despite the public health significance and need for such programs. In the Fall of 2003, The School of Management at The University of Texas at Dallas introduced a continuing education Certificate in Emergency Management and Preparedness Program. This thesis will (1) describe the development and implementation of a new Disaster Medical Track as a component of this Certificate in Emergency Management and Preparedness Program, (2) analyze the need for and effectiveness of this Disaster Medical Track, and (3) propose improvements in the track based on this analysis. ^

Abstract interpretation-based mobile code certification

Current approaches to mobile code safety – inspired by the technique of Proof-Carrying Code (PCC) [4] – associate safety information (in the form of a certificate) to programs. The certificate (or proof) is created by the code supplier at compile time, and packaged along with the untrusted code. The consumer who receives the code+certificate package can then run a checker which, by a straightforward inspection of the code and the certificate, is able to verify the validity of the certificate and thus compliance with the safety policy. The main practical difficulty of PCC techniques is in generating safety certificates which at the same time: i) allow expressing interesting safety properties, ii) can be generated automatically and, iii) are easy and efficient to check.

On abstraction-carrying code and certificate-size reduction

Abstraction-Carrying Code (ACC) is a framework for mobile code safety in which the code supplier provides a program together with an abstraction (or abstract model of the program) whose validity entails compliance with a predefined safety policy. The abstraction plays thus the role of safety certificate and its generation is carried out automatically by a fixed-point analyzer. The advantage of providing a (fixed-point) abstraction to the code consumer is that its validity is checked in a single pass (i.e., one iteration) of an abstract interpretation-based checker. A main challenge to make ACC useful in practice is to reduce the size of certificates as much as possible, while at the same time not increasing checking time. Intuitively, we only include in the certificate the information which the checker is unable to reproduce without iterating. We introduce the notion of reduced certifícate which characterizes the subset of the abstraction which a checker needs in order to validate (and re-construct) the full certificate in a single pass. Based on this notion, we show how to instrument a generic analysis algorithm with the necessary extensions in order to identify the information relevant to the checker.

Certificate size reduction in abstraction-carrying code

Abstraction-Carrying Code (ACC) has recently been proposed as a framework for mobile code safety in which the code supplier provides a program together with an abstraction (or abstract model of the program) whose validity entails compliance with a predefined safety policy. The abstraction plays thus the role of safety certificate and its generation is carried out automatically by a fixpoint analyzer. The advantage of providing a (fixpoint) abstraction to the code consumer is that its validity is checked in a single pass (i.e., one iteration) of an abstract interpretation-based checker. A main challenge to make ACC useful in practice is to reduce the size of certificates as much as possible while at the same time not increasing checking time. The intuitive idea is to only include in the certificate information that the checker is unable to reproduce without iterating. We introduce the notion of reduced certificate which characterizes the subset of the abstraction which a checker needs in order to validate (and re-construct) the fall certificate in a single pass. Based on this notion, we instrument a generic analysis algorithm with the necessary extensions in order to identify the information relevant to the checker. Interestingly, the fact that the reduced certificate omits (parts of) the abstraction has implications in the design of the checker. We provide the sufficient conditions which allow us to ensure that 1) if the checker succeeds in validating the certificate, then the certificate is valid for the program (correctness) and 2) the checker will succeed for any reduced certificate which is valid (completeness). Our approach has been implemented and benchmarked within the CiaoPP system. The experimental results show t h a t our proposal is able to greatly reduce the size of certificates in practice. To appear in Theory and Practice of Logic Programming (TPLP).

Power management techniques in an FPGA-Based WSN node for high performance application

In this work, the power management techniques implemented in a high-performance node for Wireless Sensor Networks (WSN) based on a RAM-based FPGA are presented. This new node custom architecture is intended for high-end WSN applications that include complex sensor management like video cameras, high compute demanding tasks such as image encoding or robust encryption, and/or higher data bandwidth needs. In the case of these complex processing tasks, yet maintaining low power design requirements, it can be shown that the combination of different techniques such as extensive HW algorithm mapping, smart management of power islands to selectively switch on and off components, smart and low-energy partial reconfiguration, an adequate set of save energy modes and wake up options, all combined, may yield energy results that may compete and improve energy usage of typical low power microcontrollers used in many WSN node architectures. Actually, results show that higher complexity tasks are in favor of HW based platforms, while the flexibility achieved by dynamic and partial reconfiguration techniques could be comparable to SW based solutions.