1 / 50

COSIC: the first 35 years of cryptology research in Leuven esat.kuleuven.be/cosic

COSIC: the first 35 years of cryptology research in Leuven http://www.esat.kuleuven.be/cosic. Thanks. Outline. Crypto 101 COSIC: a brief overview COSIC: some success stories. Life can only be understood backwards; but it must be lived forwards. Soren Kierkegaard. COMSEC. COMSEC.

nailah
Download Presentation

COSIC: the first 35 years of cryptology research in Leuven esat.kuleuven.be/cosic

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. COSIC: the first 35 years of cryptology research in Leuvenhttp://www.esat.kuleuven.be/cosic

  2. Thanks

  3. Outline • Crypto 101 • COSIC: a brief overview • COSIC: some success stories Life can only be understood backwards; but it must be lived forwards.Soren Kierkegaard

  4. COMSEC COMSEC

  5. Cryptography for COMSEC

  6. COMPUSEC • secure execution • TPM • Trusted Execution Technology (TXT) • ARM TrustZone • data at rest: • hard disk • database • USB/memory card • mobile devices

  7. COM(PU)SEC

  8. Crypto hardware (1965-…) CrypTecho1984

  9. Crypto software (1990-…) Utimaco o 1992

  10. Crypto “everywhere” continuum between software and hardware ASIC (microcode) FPGA fully programmable processor Intel NI instruction everything is always connected everywhere

  11. Challenges for cryptography algorithm agility • security for 50-100 years • authenticated encryption of Terabit networks • ultra-low power/footprint cost secure software and hardware implementations performance security

  12. Challenges for cryptography

  13. Shifting power balance? citizen government companies government citizen companies

  14. Architecture is politicsthere are choices to be made in our architectures privacy is a security property • privacy by design: • focus on technology rather than processes and organizational measures • data minimization full trust in a central server with all our data is not compatible with a robust democracy

  15. Distributed cryptography: more security and more privacy • data can be centralized but in protected (encrypted) form - still allows limited processing • data can be stored and processed locally • example: road pricing

  16. Outline • Crypto 101 • COSIC: a brief overview • COSIC: some success stories

  17. Academic research in cryptology: 1975 Hellman was drawn to coding despite discouragement from almost all of his Stanford colleagues. "They told me I was crazy," Hellman said. "Their arguments were valid: How could I hope to discover anything that the NSA […] didn’t already know? And they classified everything so highly that if we came up with anything good, they'd classify it.” Merkle Hellman Diffie Shamir-Rivest-Adleman Rivest-Shamir-Adleman

  18. COSIC (o 1978)

  19. COSIC: graduation of first 7 PhD students

  20. COSIC: 66 graduated PhD students

  21. COSIC international PhD students sourcedestination source + destination

  22. COSIC European PhD students sourcedestination source + destination

  23. Initial research (1980) • partial cryptanalysis of knapsack system • DES: identifying properties • DES: hardware and software • hash functions and MAC algorithms

  24. Eurocrypt’89 - Houthalen FSE’94, CMS’99, Eurocrypt’00, FSE’02, FSE ’08, ESORICS’10, CHES’12

  25. RIPE project: open competition RIPE: RACE Integrity Primitives Evaluation Was: RACE Authentication Primitives Evaluation • CWI • Siemens • KPN • Philips Research • Aarhus University • KU Leuven

  26. Outline • Crypto 101 • COSIC: a brief overview • COSIC: some success stories

  27. AES competition (1997-2001) S S S S S S S S S S S S S S S S round S S S S S S S S S S S S S S S S round Key Schedule MixColumns MixColumns MixColumns MixColumns round . . . . . round Joan Daemen and Vincent Rijmen

  28. A stick figure guide to AES http://www.moserware.com/2009/09/stick-figure-guide-to-advanced.html

  29. AES Crib Sheet

  30. AES mathematics

  31. Applied Discrete Algebra Sommigen kennen wellicht het Nederlandse lied : “Wat heb ik nou aan algebra, nu ik voor de keuze sta…" Algebra is generous; she often gives more than is asked of her. Jean Le Rond d'Alembert (1717-1783)

  32. AES Success FIPS 197 published Nov. 6, 2001, effective May 26 2002 mandatory for sensitive US govt. information fast adoption in the market NIST validation list: 2621 implementations http://csrc.nist.gov/groups/STM/cavp/documents/aes/aesval.html thousands of products: pc, tablet, smartphone, wifi,… rather slower adoption in financial sector 2003: AES-128 also for classified information and AES-192/-256 for secret and top secret information! 2010: Intel instruction AES-NI (and AMD follows) Adi Shamir: AES may well be the last block cipher

  33. Cryptanalysis of Keeloq (August 2007) August 2007: first practical attack by COSIC, Technion, Hebrew Univ. • block cipher with 32-bit block length and 64-bit key • market share of 80% as car immobilizer • also to open garage doors • 1 hour access to device; 1 day on 100 PCs • may be sufficient to find master key

  34. Belgian eID card (1999-) Identity file Chip-specific: Chip number Citizen-specific: Name First 2 names First letter of 3rd first name RRN identification number Nationality Birth location and date Gender Noble condition Special status SHA-1 hash of citizen photo Card-specific: Card number Validity’s begin and end date Card delivery municipality Document type Digital signature on identity file issued by RRN Citizen’s main address file Street + number Zip code Municipality Digital signature on main address issued by RRN Citizen’s JPEG photo ~3 Kbyte • King, Prince, Count, Earl, Baron,… • None, white cane (blind people), yellow cane (partially sighted people), extended minority, any combination • Belgian citizen, EU citizen, non-EU citizen, bootstrap card, habilitation/authorization card

  35. BeVote: Belgian local elections (2007-2008) • October 2012 • 15,000 computers • 3 million voters

  36. BeVote: Belgian local elections 2012

  37. GPS Full GPS Data Insurance company Current modelinsurance pricing – road pricing – smart grid Poor GPS Data + bill Post • flexible: easy change • easy computation • business advantage: data mining and new services • privacy invasive: tracking • third parties (legal implications)

  38. Privacy by design (2008-…) insurance pricing – road pricing – smart grid GPS Insurance company Encrypted GPS data Bill Policy changes Post Minimum billing data • flexible: easy change • moderate computation • Low cost • privacy friendly • third parties do not carry personal data

  39. Device fingerprinting much more prevalent than believed (2013) control of cookies Do-Not-Track Extension but browser is unique: version, screen size, fonts 1.5% of the 10,000 top websites track based on Flash 404 out of the top 1 million sites track based on fonts Do-Not-Track Extension is ignored TOR users can be tracked 12 new tracking providers identified G. Acar, M. Juarez, C. Diaz, S. Guerses, B. Preneel, N. Nikiforakis, F. Piessens, FPDetective: Dusting the Web for Fingerprinters, ACM CCS 2012

  40. COSIC - Research • software: block ciphers, point counting algorithms • hardware: FPGA and ASIC • side-channel attacks: power, timing, and electromagnetic analysis, fault attacks Efficient and secure implementations Cryptographic protocols: design and cryptanalysis • entity authentication, credentials, oblivious transfer, secure metering • block ciphers, stream ciphers, hash functions, MAC algorithms, (hyper)-elliptic curve cryptography • e.g.: AES, RIPEMD-160, HAMSI, Trivium Cryptographic algorithms: design and cryptanalysis • number theoretic algorithms, Boolean functions, secure multi-party computation, secret sharing Fundamental research in discrete mathematics

  41. COSIC - Applications • Creating electronic equivalent of the real world: • electronic payments and commerce • e-government: electronic ID card, e-voting • car telematics • e-health and medical devices • smart grids • cloud computing • social networks

  42. Conclusions • starting from discrete algebra • gaining from Moore’s law • vertical approach driven by (civilian) applications • conflicting interests: diplomacy needed Life can only be understood backwards; but it must be lived forwards.Soren Kierkegaard Ad Multos Annos

  43. NIST hash function competition (SHA-3) SHA-3: 224, 256, 384, and 512-bit message digests Call: 02/11/07 Deadline (64): 31/10/08 Round 1 (51): 09/12/08 Round 2 (14): 24/7/09 Final (5): 10/12/10 Selection: 02/10/12 Q4/12 final round 1 round 2

  44. The Candidates (credit: C. De Cannière) 44

  45. Preliminary Cryptanalysis Slide credit: Christophe De Cannière 45

  46. End of Round 1 Candidates a Slide credit: Christophe De Cannière 46

  47. Round 2 Candidates a Slide credit: Christophe De Cannière 47

  48. Round 3 candidates a Slide credit: Christophe De Cannière 48

  49. Winner: Keccak permutation: 25, 50, 100, 200, 400, 800, 1600 49

  50. COSIC today 4 +1 full-time professors 15 postdocs 36 researchers 3 support staff 5 visitors …and 20 nationalities

More Related