Nicolai Schmitt | UCS

A Lot of Data and Added Complexity. How Does PQC Affect the Performance of My TLS Connection?

Mon, 15 Sep 2025 05:01:40 +0000

Abstract

In a previous study, Henrich et al. (ISC ‘23) demonstrate how TLS handshake performance is affected not only by different Post Quantum Cryptography (PQC) Key Encapsulation Mechanisms KEMs and security levels, but also by varying physical network conditions. In particular, they show that prior to selecting a PQC scheme replacement for TLS, it is important to conduct an analysis of the anticipated network conditions for applications that require a high level of responsiveness. In this paper, we build upon the afore mentioned work and complement the previous experiments to include digital signature PQC schemes and hybrid variants, as well as various compositions of certificate chains. Moreover, an analysis is conducted on the effects of deploying real physical servers and varying the underlying network stack configuration. Our results show that incorporating PQC signature schemes does not negatively impact the overall transmission time as substantially as poor network conditions. However, operating at high security levels frequently results in delays using PQC schemes. These findings are consistent across hybrid schemes as well. We conclude that migrating TLS to PQ-only or hybrid usage can generally be undertaken with a high degree of confidence. However, considering suboptimal network conditions or the use of higher security levels, a cautious transition is recommended. In such cases, the configuration of certificate chains or increasing the TCP Congestion Window might prove beneficial.

Simulation-based Software Leakage Evaluation for the RISC-V Platform

Mon, 15 Sep 2025 05:01:40 +0000

Abstract

Side-channel attacks are critical as they, despite the mathematical security of the algorithm, break the security assumption that private data stays hidden from the adversary. Developing secure hardware can be expensive, as multiple iterations of prototyping may be required to achieve a satisfactory level of security against side-channel attacks. Currently, the fairly new and open-source CPU-platform RISC-V is gaining traction by entering the IoT- and consumer market and also gains interest in security oriented projects such as OpenTitan. In case of security-critical applications, especially when the hardware is exposed to third party, the implementations of cryptographic algorithms must be secure against side-channel attacks. For the RISC-V platform currently only a small number of tools exist to assess the probing security. Further, we could identify a lack of simulation-based tooling to do so, with the ability to analyze larger implementations as e.g., full ciphers. To address this demand, we use PROLEAD_SW as a starting point and extend it to support the RISC-V platform. By analyzing micro-architectural leakage effects on the RISC-V platform we show that the CPU-independent leakage model used by PROLEAD_SW for the ARM architecture is suitable for the RISC-V platform. To verify the correctness of the new tooling, test-vectors are executed with the new tooling. In a final step, the performance of the new tooling is compared to the performance of the original version of PROLEAD_SW by analyzing two masked AES C implementations with both tools.

Studentische Hilfskraft (m/w/d) für wissenschaftliche Unterstützung gesucht

Sun, 22 Jun 2025 00:00:00 +0000

Motivation und Ziel

Das ATHENE LEAK Projekt hat das Ziel der Entwicklung neuartiger, hardwarenaher und ressourcen-freundlicher Seitenkanal-Leakagemodelle für die RISC-V CPU-Plattform. RISC-V ist eine verhältnismäßig neue CPU Plattform, welche zunehmend Verbeitung in IoT- und sicherheitsrelevanten Bereichen findet, wodurch der Bedarf an sicheren Implementierungen auf RISC-V-Basis steigt.

Deine Aufgaben

Unterstützung bei der Literaturrecherche und -aufbereitung zu Leakage-Assessment-Tooling und Leakage-Gegenmaßnahmen.
Praktische Messung von Seitenkanälen an Hardware
Entwicklung und Implementierung von Leakage-Modellen z.B. in Form von Leakage-Assessment Tooling.
Hardwarenahe Programmierung z.B. auf RISC-V Entwicklungsboards.

Voraussetzungen

Eingeschriebene:r Student:in (Idealerweise Informatik oder Elektrotechnik)
Interesse an Seitenkanal-Analyse, Probing-Security und wissenschaflichem Arbeiten
Strukturierte, zuverlässige und eigenständige Arbeitsweise

Wir bieten dir

Einblicke in spannende und aktuelle Forschungsthemen im Bereich der Hardwaresicherheit und Seitenkanalanalyse
Die Möglichkeit an aktuellen wissenschaftlichen Publikationen mit zu wirken
Flexible Arbeitszeiten

Organisation

Standort: Hochschule Darmstadt – Fachbereich Informatik – UCS Research Group
Arbeitszeit: zwischen 8 und 20 Stunden pro Woche (flexibel einteilbar; Stundenanzahl anpassbar)
Start: zum nächstmöglichen Zeitpunkt
Stundensatz: üblicher Stundensatz für SHKs
Projekt: LEAK: Leakage Models for Masking: Bridging the Gap Between Theory and Practice (https://ucs.h-da.io/project/leak/)

Interesse?

Dann sende uns deine Bewerbung (Leistungsübersicht und Lebenslauf) an nicolai.schmitt@h-da.de. Wir freuen uns auf dich!

Portierung eines Software Probing-Security Analyse Tools auf GPU Plattformen

Thu, 20 Mar 2025 00:00:00 +0000

Motivation

Seitenkanalangriffe gewinnen zunehmend an Bedeutung, wenn wie z.B. im Falle einer Smartcard, die Hardware in die Hände des Angreifers gelangen kann. In so einen Fall muss die Hardware-Software Kombination gegen Angriffe auf die Implementierung geschützt sein.

Um die Sicherheit von Hardware-Software Kombinationen gegen Seitenkanalangriffe zu evaluieren, können heutzutage Software-Tools verwendet werden, welche z.B. auf Basis eines Leakage-Modells sowie einer Ausführung der Software in einem Emulator arbeiten. Ein Derartiges Tool wird von uns derzeit für die verhältnismäßig neue CPU-Architektur RISC-V entwickelt.

Ein Leakage Assessment der Hardware-Software-Kombination eines Sicherheitsproduktes noch vor dem ersten Prototyp verringert die Entwicklungskosten und die Zeit pis zum Rollout des Produktes. Dennoch kann ein simulations-basiertes Leakage-Assessment im Sinne von Rechenzeit und Speicher ressourcen-aufwendig. Da in der heutigen Zeit z.B. im Hinblick auf KI-Anwendungen oftmals in leistungsfähige GPU-Cluster investiert wird, wird eine Unterstützung von GPU-basierten Plattformen zunehmend wichtiger.

Ziel

Ziel dieser Arbeit ist, unser in Entwicklung befindliches Leakage-Assessment Tool so zu erweitern oder zu portieren, dass es auf die Rechenleistung von GPU-Clustern zurückgreifen kann. Eine Umsetzung könnte beipsielsweise mit Hilfe von OpenCL oder CUDA erfolgen.

Aufgaben

Ziel dieser Arbeit ist die Entwicklung eines Konzeptes zur Trennung der Implementierung zwische GPU und Host-Seite, so dass diese effizient arbeitet und mit der Anzahl der GPUs skaliert. In einem weiteren Schritt soll das Konzept implementiert werden. Des weiteren sollen Konzepte erarbeitet werden, wie sich die GPU- sowie die klassische Implementierung nebeneinander warten und weiterentwickeln lassen.

Voraussetzungen

Gute C und C++ Kenntnisse
Vorkenntnisse in CUDA, OpenCL
Vorkenntnisse im Umgang mit Git, GNU-Make sowie Linux
Spaß an Softwareentwicklung

Referenzen und Literatur (Auswahl)

Haben wir Ihr Interesse geweckt? Kontakt: Nicolai Schmitt.

Parametrisierung simulations-basierter Software Probing-Security Analyse für spezifische CPU-Implementierungen

Fri, 31 Jan 2025 00:00:00 +0000

Motivation

Da die verwendeten Leakagemodelle generisch arbeiten, treffen die Aussagen der Tools nicht zwangsläufig genau auf eine Hardware-Implementierung einer CPU zu, wodurch ggf. die falschen oder mehr Schutzmaßnahmen auf der Software-Seite ergriffen werden könnten als notwendig und somit die Performance der Implementierung beeinträchtigt werden könnte.

Ziel

Ziel dieser Arbeit ist, anhand verschieder Implementierungen von RISC-V CPUs festzustellen, welche Unterschiede im Leakage-Verhalten zwischen verschiedenen Implementierungen von CPUs der RISC-V Plattform beobachtet bzw. gemessen werden können. Auf Basis von PROLEAD_SW wird von uns ein Tool für die RISC-V Plattform entwickelt, mit dessen Hilfe die Probing-Security von Software, welche auf RISC-V CPUs ausgeführt wird, evaluiert werden kann. Auf Basis dieser Datenlage soll identifiziert werden, wie weit das dem Tool zugrundeliegende Leakage-Modell verändert werden muss oder parametrisierbar gemacht werden muss, um genauere Aussagen für spezifische RISC-V implementierungen zu treffen.

Aufgaben

Gegebenenfalls Entwicklung neuer Testcases in Assembler und C
Gegebenenfalls Durchführen von Messungen an echter Hardware
Auswerten von Messdaten
Entwicklung eines Konzeptes für ein parametrisierbares Leakage-Modell
Implementierung des parametrisierbaren Leakage-Modells

Voraussetzungen

Gute C, C++ und Assembler Kenntnisse
Python Kenntnisse
Vorkenntnisse im Umgang mit Git, GNU-Make sowie Linux
Spaß an Softwareentwicklung

Referenzen und Literatur (Auswahl)

Haben wir Ihr Interesse geweckt? Kontakt: Nicolai Schmitt.

On Criteria and Tooling for Cryptographic Inventories

Tue, 09 Apr 2024 05:01:40 +0000

Abstract

When cryptography becomes insecure, a migration to new schemes is required. Often the migration process is very complicated, but the time available is very limited. Only if the used cryptographic algorithms, protocols and configurations are known can a system be efficiently and fully adapted to changed security situations. This creates the need for a crypto-inventory that gathers this knowledge. Consequently, the question arises what criteria a crypto-inventory must fulfill to support this adaptation. It also highlights the need for tools to assist compilation. We therefore conducted a literature survey and extracted key requirements. Missing content was supplemented by expanding existing requirements or adding new ones. Furthermore, appropriate metrics were assigned to assess the fulfillment of the requirements for a certain crypto-inventory implementation. Regarding the tooling, we identified five major areas of interest — installed software, connected hardware, communication, stored data and source code scanning — and provide prototypes for semi-automatic creation of crypto-inventories for three of them. This provides organizations with a starting point to understand their cryptographic landscape as a prerequisite for crypto-agility and crypto-migration. However, theoretical design and prototypes have not yet been evaluated. This will be done as a follow-up to this work. All types of organizations are invited to participate.

Toward Next Generation Quantum-Safe eIDs and eMRTDs: A Survey

Sat, 16 Mar 2024 05:00:48 +0000

Abstract

Security mechanisms of Electronic Personal Documents (eCards) depend on (asymmetric) cryptography that is and always has been subject to the threat of compromise, be it from conventional attacks or quantum computers. With Post-Quantum Cryptography (PQC), we now have alternative building blocks at hand that can be leveraged to protect against both kind of attacks. Thus, PQC should be incorporated into eCard ecosystems, yet it is not clear how this is done best. In the work at hand, we review the state of currently used crypto-systems for eCard security, as well as their possible quantum-secure replacements. Further, we identify and categorize respective challenges that need to be addressed, present and assess existing approaches for their solution, and formulate research questions for open issues. By providing an overview of the situation, we help unraveling the issue and pave the way toward quantum-safe electronic Identity Documents and electronic Machine-Readable Travel Documents.

Performance Impact of PQC KEMs on TLS 1.3 Under Varying Network Characteristics

Fri, 16 Jun 2023 05:00:35 +0000

Abstract

Widely used asymmetric primitives such as RSA or Elliptic Curve Diffie Hellman (ECDH), which enable authentication and key exchange, could be broken by Quantum Computers (QCs) in the coming years. Quantum-safe alternatives are urgently needed. However, a thorough investigation of these schemes is crucial to achieve sufficient levels of security, performance, and integrability in different application contexts. The integration into Transport Layer Security (TLS) plays an important role, as this security protocol is used in about 90% of today’s Internet connections and relies heavily on asymmetric cryptography. In this work, we evaluate different Post Quantum Cryptography (PQC) key establishment schemes in TLS 1.3 by extending the framework of Paquin et al.. We analyze the TLS handshake performance under variation of network parameters such as packet loss. This allows us to investigate the suitability of PQC KEMs in specific application contexts. We observe that Kyber and other structured lattice-based algorithms achieve very good overall performance and partially beat classical schemes. Other approaches such as FrodoKEM, HQC and BIKE show individual disadvantages. For these algorithms, there is a clear performance decrease when increasing the security level or using a hybrid implementation, e.g., a combination with ECDH. This is especially true for FrodoKEM, which, however, meets high security requirements in general. It becomes clear that performance is strongly influenced by the underlying network processes, which must be taken into account when selecting PQC algorithms.

On the State of Crypto Agility

Tue, 01 Feb 2022 00:00:00 +0000

Abstract

Cryptographic primitives and protocols require constant modifications and adaptations in order to maintain the security of IT-systems. Many researchers argue that applying the notion of crypto-agility provides more feasible and practical updating of cryptographic systems, especially in the light of the expected transition to PQC. However, there is no unified definition for this notion, nor a common understanding of the requirements that can enable it. Moreover, it is not entirely clear what measures need to be taken in order to apply crypto-agility in practice, and which aspects and challenges exist towards this endeavor. We compare the various definitions of crypto-agility including its requirements and varying facets, and investigate the state of readiness of crypto-agility by surveying works dealing with general challenges and recommendations in this regard. We present the survey and discuss discovered challenges and solutions and utilize our findings to evaluate the state of readiness for crypto-agility.