1 / 40

Course web page:

ECE 646 Cryptography and Computer Network Security. Course web page:. ECE web page  Courses  Course web pages  ECE 646. Kris Gaj. Research and teaching interests: cryptography network security computer arithmetic FPGA & ASIC design and testing Contact:

magdalen-kotas
Télécharger la présentation

Course web page:

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ECE 646 Cryptography and Computer Network Security Course web page: ECE web page  Courses  Course web pages  ECE 646

  2. Kris Gaj • Research and teaching interests: • cryptography • network security • computer arithmetic • FPGA & ASIC design and testing • Contact: • The Engineering Building, room 3225 • kgaj@gmu.edu Office hours: Monday, Tuesday, Wednesday6:00-7:00 PM

  3. ECE 646 Part of: MS in CpE Network and System Security (required) Computer Networks (elective) MS in EE Communications & Networks (elective) Ph.D. in Electrical and Computer Engineering MS in Information Security & Assurance MS in E-Commerce Certificate in Information Systems Security Ph.D. in Information Technology

  4. NETWORK AND SYSTEM SECURITY • Concentration advisors: Kris Gaj, Jens-Peter Kaps • ECE 542 Computer Network Architectures and Protocols– S.-C. Chang, et al. • ECE 646 Cryptography and Computer Network Security– K. Gaj, J-P. Kaps– lab, project • ECE 746 Advanced Applied Cryptography– K. Gaj – lab, project: C/C++, VHDL, or analytical • ISA 656 Network Security– A. Stavrou • ECE 699 Cryptographic Engineering– J.-P. Kaps, K. Gaj

  5. ECE 646 Lecture Laboratory Project Homework 15 % Quizzes 5 % Midterm exams 10 % Final Exam 20 % 15 % 35 % Specification - 5 % Results - 10 % Oral presentation - 10% Written report - 8% Review - 2%

  6. deapth

  7. Lecture • viewgraphs / whiteboard • viewgraphs available on the web • (please, extend with your notes) • books • 1 required (Stallings) • 1 optional (all chapters available on the book web page) • articles (CryptoBytes, RSA Data Security Conf., CHES, • CRYPTO, etc.) • web sites - Crypto Resources • standards, FAQs, surveys

  8. Distance Learning Mode (1) • pilot project introduced for the first time this year • lectures delivered simultaneously in class and on-line • students joining on-line can actively participate in • the class (raise a hand, ask questions, etc.) • minimum preparation required (setting options of a browser, login to Blackboard, etc.) • on-line sessions can be recorded and replayed • outside of the class time (in the asynchronous mode)

  9. Distance Learning Mode Rules • this semester done at a specific request of students interested in attending classes remotely • requests for on-line delivery should be sent to the • instructor at least 24 hours before the beginning of a given class • allow participation in the lectures by students who are on • travel, sick, or cannot attend the class for any other serious • reason • no guarantee of the equivalent quality of educational experience is provided

  10. Important Announcement There will be no class next Tuesday, September 8 (the instructor attending a conference in Europe). Instead, we will hold a make-up lecture in class: Columbus Day, Monday, Oct. 12 on-line: per your request

  11. Homework (1) • reading assignments • theoretical problems (may require basics of • number theory or probability theory) • problems from the main textbook • short programs • literature surveys

  12. Homework (2) • optional assignments short programs vs. analytical problems or HDL codes • More time consuming • Most time spent on debugging • Relatively straightforward • Typically less time consuming • More thinking • Little writing

  13. Midterm exam • 2 hours 30 minutes • multiple choice test + short problems • open-books, open-notes • practice exams available on the web • midterm exam review session - optional Tentative date: Tuesday, October 27th

  14. Quizzes • 10-15 minutes • one-two questions related to the most recent lectures • closed-books, closed-notes • announced

  15. Final exam 2 hours 45 minutes Multiple choice + several problems Tuesday, December 15 7:30 – 10:15 PM

  16. Laboratory • 4 labs based on three major software packages • CrypTool • GnuPG for Linux or GnuPG for Windows • MAGMA Computational Algebra System • done at home or in the ECE labs: • software downloaded from the web • based on detailed instructions • grading based on written reports (answers to • questions included in the instructions)

  17. Tentative list of laboratory topics • Secure e-mail: Pretty Good Privacy - GnuPG • Historical ciphers - CrypTool • 3. Properties of classical cryptosystems - CrypTool • 4. Properties of public key cryptosystems - Magma

  18. Project (1) • original • useful • depth, originality • based on additional literature • you can start at the point where former students ended • based on something you know and are interested in • software or hardware • may involve experiments • teams of 1-3 students

  19. Project (2) • about three weeks to choose a topic and write • the corresponding specification • regular meetings with the instructor • a few oral progress reports based on Power Point slides • draft final presentation due at the last progress report • written report/article, IEEE style • due Tuesday December 1 • short conference-style oral presentations • Tuesday, December 8 • contest for the best presentation • publication of reports and viewgraphs on the web

  20. Project (3) • Project reports/articles requirements • - IEEE style • - 15 pages maximum • - appendices possible but do not influence • the evaluation • Review of project reports • reviews done by your fellow students • reviews due, Saturday, December 5, midnight • final version of the report due Monday, • December 7, midnight

  21. Project (4) • Project presentations (Tuesday, December 8, 7:30-10:00PM) • - conference style • - open to general public (in particular, • students from previous years), ECE seminar credit • - 10 minutes for the presentation + 5 minutes for Q&A • - time strictly enforced

  22. This Year’s Project Theme • Benchmarking (comparing) • cryptographic algorithms • cryptographic libraries and open-source • implementations (software and hardware) • platforms • tools

  23. Motivation (1) • multitude of implementations of cryptographic algorithms available in public domain • (~50 open-source software libraries, • >20 open-source hardware cryptographic cores) How do they compare against each other? Which one to use when implementing a particular cryptographic system?

  24. Motivation (2) • multitude of platforms • general-purpose microprocessors (e.g., Pentium 4, Core i7, etc.) • microcontrollers (TI MSP 430, MicroChip PIC18) • Digital Signal Processors • FPGAs (from Xilinx, Altera, Actel, etc.) • ASICs (based on various libraries of standard cells) • processors embedded in FPGAs (PicoBlaze, MicroBlaze, • Nios II)

  25. Motivation (3) • multitude of languages and tools • C, C++, Java, Python, C#, assembly language, etc. • VHDL, Verilog, AHDL, etc. • multiple compilers for software codes • multiple synthesis tools for hardware codes

  26. Motivation (4) • multitude of cryptographic algorithms • secret-key block ciphers • secret-key stream ciphers • public-key ciphers • hash functions • message authentication codes • digital signature schemes • key agreement schemes

  27. Common benchmarking pitfalls • taking credit for improvements in technologye.g. comparing Bob's AES in Virtex 5 vs. Alice's AES in Virtex 2 Pro • choosing a convenient performance measure • comparing designs with different functionality e.g., encryption+decryption vs. encryption only • comparing the speed of different operations e.g., comparing the combined speed of encrypting 8 messages in parallel vs. the speed of encrypting a single long message • designs optimized using different optimization criteria e.g., speed only or the ratio of speed to cost • using different input/output interfaces

  28. Previous Work Comparative Analysis of SoftwareMulti-precision Arithmetic Librariesfor Public Key Cryptography Ashraf AbuSharekh MS Thesis, April 2004

  29. Previous work eBACS: ECRYPT Benchmarkingof Cryptographic Systemshttp://bench.cr.yp.to Project to compare software implementations of cryptographic algorithms Developed by: Daniel J. Bernstein and Tanja Lange (2006-present) Activity of: VAMPIRE: Virtual Application and Implementation REsearch Lab Integrates: eBATS: ECRYPT Benchmarking of Asymmetric Systems eBASC: ECRYPT Benchmarking of Stream Ciphers eBASH: ECRYPT Benchmarking of All Submitted Hashes Extends earlier software evaluation projects developed by different groups within NESSIE and eSTREAM.

  30. SUPERCOP System for Unified Performance Evaluation Related to Cryptographic Operations and Primitives • toolkit developed by the VAMPIRE lab for measuring the performance of cryptographic software • measures the performance of • hash functions • secret-key stream ciphers • public-key encryption systems • public-key signature systems • public-key secret-sharing systems • output is an extensive set of measurements in a form suitable for easy computer processing

  31. SUPERCOP • measurements on multiple machines (currently over 70)and machine-ABI (application binary interface) combinations (currently over 100) • each implementation is recompiled multiple times (currently over 1200 times) with various compiler options to identify best working options for implementation, machine • time measured in clock cycles/byte for multiple input/output sizes • median, lower quartile (25th percentile), and upper quartile (75th percentile) reported • standardized function arguments (may be implemented using wrappers)

  32. GMU Tool ATHENa – Automated Tool for Hardware EvaluatioN • Set of scripts written in Perl aimed at an AUTOMATED generation of • OPTIMIZED results for • MULTIPLE hardware platforms Currently under development at George Mason University. First version to be released this Fall.

  33. ATHENa Major Features • running all steps of synthesis, implementation, and timing analysis in the batch mode • support for devices and tools of multiple FPGA vendors: Xilinx, Altera, Actel • generation of results for multiple families of FPGAs of a given vendor • automated choice of a device within a given family of FPGAa assuming that the resource utilization does not exceed a certain limit, e.g., 80% of CLB slices, or 70% of BRAM • choice of multiple optimization criteria (speed, area, ratio speed/area) • heuristic optimization algorithms aimed at maximizing the performance measures (e.g., speed) based on checking multiple options, and multiple target clock frequencies

  34. ATHENa Additional Features • automated verification of the design through simulation, run in the batch mode based on the provided testbench (optional): • Functional • Post-synthesis • Timing • support for Windows and Linux • Graphical User Interface Requirements: • interpreter of Perl • FPGA tools: free, educational, or commercial versions

  35. ATHENa Input/Output Input: • synthesizable source files • configuration files (text files) • testbench (optional) • constraint files (optional) Output: • result summary (human readable) • database entries (suitable for computer postprocessing)

  36. Basic Dataflow of ATHENa User FPGA Synthesis and Implementation 6 5 3 Ranking of designs 2 Database query HDL + scripts + configuration files Result Summary + Database Entries ATHENa Server 1 HDL + FPGA Tools Download scripts andconfiguration files8 4 Designer Database Entries

  37. Draft Specification due in two weeks • Specification should include the choice of: • software vs. hardware • software cryptographic libraries • or • hardware cryptographic cores • languages • platforms • tools • list of cryptographic algorithms included in comparison (common for selected libraries)

  38. Follow-up courses Cryptography and Computer Network Security ECE 646 Digital System Design with VHDL ECE 545 Advanced Applied Cryptography ECE 746 Computer Arithmetic ECE 645

  39. Cryptography and Computer Network Security Advanced Applied Cryptography Operations in the Galois Fields GF(2n) Modular integer arithmetic • AES • Stream ciphers • Elliptic curve cryptosystems • Random number generators • Smart cards • Attacks against implementations • (timing, power, fault analysis) • Efficient and secure • implementations of cryptography • Security in various kinds of • networks (IPSec, wireless) • Zero-knowledge identification • schemes • Historical ciphers • Classical encryption • (DES, IDEA, RC5, AES) • Public key encryption • (RSA, DH, DSA) • Hash functions and MACs • Digital signatures • Public key certificates • Secure Internet Protocols • - e-mail: PGP and S-MIME • - www: SSL • Cryptographic standards

  40. “Typical” course difficulty time This course difficulty time

More Related