Seminars & Talks

Seminars & Talks

  • Introduction to Biochip Security
    Ramesh Karri (New York University, New York)
    Tuesday, August 22, 2017 - 10:00
    RM 301

    Abstract: This presentation will explore the security implications of biochips that are envisioned for use in lab-on-chips. We will discuss how attackers in the bio-chip supply chain can undermine proprietary biochemical protocols or alter their results, with serious consequences for laboratory analysis, healthcare, and biotechnology innovation.

    Bio: Ramesh Karri is a Professor of Electrical and Computer Engineering at Tandon School of Engineering, New York University. He has a Ph.D. in Computer Science and Engineering, from the University of California at San Diego. His research and education activities span hardware cybersecurity including trustworthy ICs, processors and cyberphysical systems; security-aware computer aided design, test, verification, validation and reliability; nano meets security; metrics; benchmarks; hardware cybersecurity competitions; additive manufacturing security. He has over 200 journal and conference publications including tutorials on Trustworthy Hardware in IEEE Computer (2) and Proceedings of the IEEE (5). His groups work on hardware cybersecurity was nominated for best paper awards (ICCD 2015 and DFTS 2015) and received awards at conferences (ITC 2014, CCS 2013, DFTS 2013 and VLSI Design 2012) and at competitions (ACM Student Research Competition at DAC 2012, ICCAD 2013, DAC 2014, ACM Grand Finals 2013, Kaspersky Challenge and Embedded Security Challenge). He was the recipient of the Humboldt Fellowship and the National Science Foundation CAREER Award. He is the area director for cyber security of the NY State Center for Advanced Telecommunications Technologies at NYU-Poly; Co-founded the NYU Center for CyberSecurity  -CCS (http://cyber.nyu.edu/), co-founded the Trust-Hub (http://trust-hub.org/) and founded and organizes the Embedded Security Challenge, the annual red team blue team event at NYU,  (http://www.nyu.edu/csaw2016/csaw-embedded).

  • Cyber-Security: Analog Side Channels of Embedded Cyber-Physical Systems
    Farshad Khorrami (New York University, New York)
    Tuesday, August 22, 2017 - 10:00
    RM 301

    Abstract: This talk will address some of our prior and on-going efforts on various security aspects of analog side channels of embedded cyber-physical systems (CPS). Modern CPS are complex interconnections of heterogeneous hardware and software components. With increasing complexity, connectivity, and programmability of embedded CPS devices, the potential cyber-attack surface has also been increasing making the study of related cyber-security issues highly relevant and timely. In particular, analog side channels are especially interesting from both attack (e.g., exploiting these side channels as an attack mechanism such as for information leakage) and defense viewpoints (e.g., utilizing these side channels for real-time monitoring). In this context, process-aware information leakage utilizing acoustic side channels from CPS instrumentation without impacting process stability and performance will be discussed. Thermal side channel monitoring of CPS devices leveraging their typical periodic code structures will also be discussed. Both the algorithmic techniques and hardware implementation aspects will be presented in the talk. The implementation of a Hardware-In-The-Loop (HITL) CPS testbed for study of cyber-security of embedded CPS devices will also be presented.

    Bio:  Farshad Khorrami received his Bachelors degrees in Mathematics and Electrical Engineering in 1982 and 1984 respectively from The Ohio State University. He also received his Master's degree in Mathematics and Ph.D. in Electrical Engineering in 1984 and 1988 from The Ohio State University. Dr. Khorrami is currently a professor of Electrical & Computer Engineering Department at NYU where he joined as an assistant professor in Sept. 1988. His research interests include adaptive and nonlinear controls, robotics and automation,  control systems and CPS security, embedded systems security, unmanned vehicles (fixed-wing and rotary wing aircrafts as well as underwater vehicles and surface ships), smart structures, large-scale systems and decentralized control, smart grid security, and microprocessor based control and instrumentation. Prof. Khorrami has published more than 250 refereed journal and conference papers in these areas. His book on "modeling and adaptive nonlinear control of electric motors" was published by Springer Verlag in 2003. He also has fourteen U.S. patents on novel smart micro-positioners and actuators, control systems, cyber security, and wireless sensors and actuators. He has developed and directed the Control/Robotics Research Laboratory at Polytechnic Univrsity (Now NYU).  His research has been supported by the Army Research Office, National Science Foundation, Office of Naval Research, DARPA, Sandia National Laboratory, Army Research Laboratory, NASA, Boeing, and several corporations. Prof. Khorrami has served as general chair and conference organizing committee member of several international conferences.

  • Cryptanalysis of Selected Symmetric Ciphers: Lightweight Choices for Secure Hardware
    Hoda A. Alkhzaimi, New York University Abu Dhabi
    Tuesday, August 22, 2017 - 10:00
    RM 301

    Abstract: Throughout the years, designing a symmetric cipher with a specific security rationale, and designing the cryptanalytic techniques that will test the claimed security bounds went hand-in-hand to test the boundaries on the design and attack methods. This formed a continuous evolution in the approaches that cryptographic primitives are constructed to be suitable for future and current hardware environments. This seminar session is meant to shed focus on the different conventional and lightweight design approaches for block ciphers. In addition to considering different design criteria and requirements for the different layers within a certain design. It will also introduce an  overview on the possible generic, structural and statistical cryptanalytic techniques that can be used to test or reduce certain security properties within a design. We will finally look into possible connections between different cryptanalytic methods and how this can be used to utilize an effective attack model.

    Bio: Hoda A.Alkhzaimi is currently a research assistant professor in New York University and the Director of Center of Cyber Security in NewYork University AD. She served in different posts for research and development in Cyber Security and Cryptology for the past years. She headed the Department of Research and Development for Cyber Security and Cryptology in different national initiatives in the United Arab Emirates along with her associations to different security initiatives nationally and internationally.  Alkhzaimi has a specific expertise in cryptology; cryptanalysis, constructing and validating security hardware and software components, constructing trusted security architectures for different environments in different products for the respective industries. HodaA.Alkhzaimi obtained her PhD inCryptanalysis from Denmark Technical University. Her current research interests include
    Space, Aerospace, and UAV security, constructing and analyzing cryptographic primitives, validating and investigating links between different cryptanalytic approaches and utilizing cryptographic primitives in different cybersecurity architectures as in Internet of Things and big data analysis among ot

  • Do You Trust Your Chip?
    Ozgur Sinanoglu (New York University at Abu Dhabi)
    Tuesday, August 22, 2017 - 10:00
    RM 301

    Globalization of Integrated Circuit (IC) design and manufacturing is making designers and users of ICs re-assess their trust in hardware. As the IC design flow spans the globe - driven by cost-conscious consumer electronics - hardware is increasingly prone to reverse engineering, Intellectual Property (IP) piracy and malicious modifications (i.e., hardware trojans). An attacker, anywhere within the global design flow, can reverse engineer the functionality of an IC/IP, steal and claim ownership of the IP or introduce counterfeits into the supply chain. Moreover, an untrusted IC fab may overbuild ICs and sell them illegally. Finally, rogue elements in the fabs may insert hardware trojans into the design without the knowledge of the designer or the end-user of the IC; this additional functionality may subsequently be exploited to introduce errors in the results, steal sensitive information or incapacitate a fielded system. The semiconductor industry routinely loses $billions annually due to these attacks.  This talk will cover various forms of threats that the electronic chip supply chain is up against, as well as defenses against these threats. It will focus on one particular solution—logic locking—by covering its basics and evolution. It will also demonstrate the first-ever prototype: the first chip that is resilient to hardware-level threats.

    Bio:  Ozgur Sinanoglu is an associate professor of electrical and computer engineering at New York University Abu Dhabi. He earned his B.S. degrees, one in Electrical and Electronics Engineering and one in Computer Engineering, both from Bogazici University, Turkey in 1999. He obtained his MS and PhD in Computer Science and Engineering from University of California San Diego in 2001 and 2004, respectively. He has industry experience at TI, IBM and Qualcomm, and has been with NYU Abu Dhabi since 2010. During his PhD, he won the IBM PhD fellowship award twice. He is also the recipient of the best paper awards at IEEE VLSI Test Symposium 2011 and ACM Conference on Computer and Communication Security 2013.  Prof. Sinanoglu’s research interests include design-for-test, design-for-security and design-for-trust for VLSI circuits, where he has around 160 conference and journal papers, and 20 issued and pending US Patents. Sinanoglu has given more than a dozen tutorials on hardware security and trust in leading CAD and test conferences, such as DAC, DATE, ITC, VTS, ETS, ICCD, ISQED, etc. He is serving as track/topic chair or technical program committee member in about 15 conferences, and as (guest) associate editor for IEEE TIFS, IEEE TCAD, ACM JETC, IEEE TETC, Elsevier MEJ, JETTA, and IET CDT journals.  Prof. Sinanoglu is the director of the Design-for-Excellence Lab at NYU Abu Dhabi. His recent research in hardware security and trust is being funded by US National Science Foundation, US Department of Defense, Semiconductor Research Corporation, and Mubadala Technology.

  • Malware Classification using Image Representation
    Ajay Singh, 15111005
    Monday, July 17, 2017 - 11:30
    KD 101

    In the recent years, there has been a rapid rise in the number of files submitted to anti-virus companies for analysis, so it has become very difficult to analyse functionality of each file manually. Malware developers have been highly successful in evading the signature-based detection techniques. Most of the prevailing static analysis techniques involve a tool to parse the file. The entire analysis process becomes dependent to the efficacy of the tool, if the tool crashes the process is hampered. Most of the dynamic analysis techniques involve the binary file to be run in a sand-boxed environment to examine its behaviour. This can be easily thwarted by hiding the malicious activities of the file if it is being run inside a virtual environment. In this thesis, we have explored a new technique to represent malware as images. We then used existing neural network techniques, for classifying images, to train a classifier for classifying new malware files into their respective classes. By converting the file into an image representation we have made our analysis process independent of any tool also the process becomes less time consuming. With our model we have been able to get an accuracy of 98.21% in classifying malware samples. 

  • Robust Malware Detection using Integrated Static and Dynamic Analysis
    Pranjul Ahuja, 15111029
    Monday, July 17, 2017 - 10:30
    KD 101

    There has been an exponential  growth in the number of malware in the cyber world in the last few years. Modern malware use sophisticated techniques such as polymorphism and metamorphism to thwart the malware detection and analysis.

    Detecting malware on the basis of their features and behavior is critical for the computer security community. Most anti-virus depends on the signature based detection which is relatively easy to evade and is ineffective for zero-day exploit based malwares. Static analysis analyzes the executables without executing them whereas dynamic analysis actually executes the malware in a sand-boxed environment and the system changes are logged for further investigation. In this thesis, we are adopting a hybrid approach in which we integrate the feature vectors extracted from both static and dynamic analysis to detect unknown malware. Our experiments obtained an accuracy of 98.62% in detecting malware. Our detection system is robust and scalable as we have increased the amount of samples used for analysis and reduced the feature space compared to the existing approaches in the literature.

  • SMTP by Public Key Cryptography
    Shobhit Rastogi
    Monday, July 10, 2017 - 11:00
    KD 103

    Abstract: SMTP is a text based protocol and this property of the protocol renders it really insecure as any mail can be compromised if intercepted. Therefore, I have augmented the source code of  an open source MTA ,i.e., Haraka to incorporate the public key cryptography using openpgpjs module. Haraka is written in asynchronous JS and is totally based on plugins. For the first time, the client generates a key pair and sends the public key component of the key to the designated server for registration. The registration process follows OTP authentication. Now every client registered on the network has a secret private key and the corresponding public key stored on the server. I have created a server whose sole task is key management. Whenever a client wants to send a mail, it requests the server for the public key of the recipient and encrypts the mail body. The mail is decrypted by the designated client with it’s private key and the pass phrase, which are kept confidential.

  • Malware Analysis with Machine Learning
    Mohit Sharma & Utsava Verma
    Monday, July 10, 2017 - 11:00
    KD 103

    Abstract: The only way to really determine what a piece of malicious software is doing is to analyze it. Statistics show that around 3 lakhs malwares per day are being encountered by various antivirus companies. Analysis of such large number of malwares is a challenging task. Moreover, most of the malware are modified versions of some pre-existing malware and do not need manual analysis. The experts need to focus more on the malwares not encountered before to identify their signature. There are two techniques which can be used to perform an analysis on a piece of software to understand what it does: static analysis – analyzing the source of the malware and dynamic analysis-observation of network traffic and any changes made to the operating system environment as the executable runs. Our focus during the internship was on static analysis. We applied machine learning models on the attributes of the files such as Windows Portable Executable files in order to correctly classify a file as malicious or benign.

  • Design and Implementation of a Web-based Scalable, Secure and attributional grade management system
    Amodini Vardhan
    Monday, July 10, 2017 - 11:00
    KD 103

    Abstract: Cyber security audits of the existing grade management system-OARS has revealed number of attacks on the system that could lead to serious consequences such as revealing the grades and changing them by unauthorized users and attackers.

    Thus, to mitigate such incidents in the future in this project a software is being built on open source content-management framework -Drupal. The Grade Management system covers the three major phases of an academic session- Pre-Registration, Grading and Registration accessible to students, instructors and admin officers. The system is being built in a scalable way such that it caters the needs of colleges and universities all over India. The talk will focus on describing the major functionalities implemented for all the three types of users. Security of the software is ensured by providing strict roles to every authenticated user such that they can only view content as per their roles (student, instructor or admin office), through strong password settings, checking drupal vulnerabilities and using various penetration testing tools. Two factor authentications is also implemented for every user(tfa) which gives access to a user only when he enters the password and Time-based One-time Password at the login.

    The talk will majorly focus on:

    1.The general flow of website from the point of view of all the 3 types of users.

    2.Scalabilty and how easily it can be changed as per the requirements of college.

    3.How the security of the system is ensured and future works.

  • Implementation of ZUC Algorithm on FPGA
    Jayadeep reddy Ganta
    Monday, July 10, 2017 - 11:00
    KD 103

    Abstract: As the world is shifting towards the faster 4G LTE which is the next generation network enabling to meet the requirements of mobile migrations of Internet applications such as VoIP (Voice over IP), video streaming and mobile TV, Encryption of data being sent through the network is of utmost importance. As per international standards set by 3GPP and ETSI organisation, AES, SNOW-3G and ZUC algorithms have chosen for maintaining data security. The objective of the internship is to design a co-processor for ZUC algorithm, EIA-3 and EEA-3 algorithms on FPGA board. Although these algorithms could be implemented on processors using software solutions, implementing a dedicated co-processor would make the process more robust in nature, difficult for the attacker to interfere if the system is compromised and increase the throughput of the algorithm by many folds than the software implementation. ZUC algorithm is a stream cipher mainly intended for the Chinese market as it is the only algorithm approved by the Chinese government. My work has been mainly focused on understanding the ZUC algorithm in its entirety and implementing it on an Artix-7 board. After implementing the algorithm using the Xilinx Vivado tool, I checked for the important characteristics like critical path, maximum operating frequency, area used and total power consumed and compared them existing literature to check the efficiency of my design. Using ZUC as core, I have finally implemented EEA-3 and EIA-3 algorithm which are the actual confidentiality and integrity algorithm which will be deployed in field.

Pages

  • Introduction to Biochip Security
    Ramesh Karri (New York University, New York)
    Tuesday, August 22, 2017 - 10:00
    RM 301

    Abstract: This presentation will explore the security implications of biochips that are envisioned for use in lab-on-chips. We will discuss how attackers in the bio-chip supply chain can undermine proprietary biochemical protocols or alter their results, with serious consequences for laboratory analysis, healthcare, and biotechnology innovation.

    Bio: Ramesh Karri is a Professor of Electrical and Computer Engineering at Tandon School of Engineering, New York University. He has a Ph.D. in Computer Science and Engineering, from the University of California at San Diego. His research and education activities span hardware cybersecurity including trustworthy ICs, processors and cyberphysical systems; security-aware computer aided design, test, verification, validation and reliability; nano meets security; metrics; benchmarks; hardware cybersecurity competitions; additive manufacturing security. He has over 200 journal and conference publications including tutorials on Trustworthy Hardware in IEEE Computer (2) and Proceedings of the IEEE (5). His groups work on hardware cybersecurity was nominated for best paper awards (ICCD 2015 and DFTS 2015) and received awards at conferences (ITC 2014, CCS 2013, DFTS 2013 and VLSI Design 2012) and at competitions (ACM Student Research Competition at DAC 2012, ICCAD 2013, DAC 2014, ACM Grand Finals 2013, Kaspersky Challenge and Embedded Security Challenge). He was the recipient of the Humboldt Fellowship and the National Science Foundation CAREER Award. He is the area director for cyber security of the NY State Center for Advanced Telecommunications Technologies at NYU-Poly; Co-founded the NYU Center for CyberSecurity  -CCS (http://cyber.nyu.edu/), co-founded the Trust-Hub (http://trust-hub.org/) and founded and organizes the Embedded Security Challenge, the annual red team blue team event at NYU,  (http://www.nyu.edu/csaw2016/csaw-embedded).

  • Cyber-Security: Analog Side Channels of Embedded Cyber-Physical Systems
    Farshad Khorrami (New York University, New York)
    Tuesday, August 22, 2017 - 10:00
    RM 301

    Abstract: This talk will address some of our prior and on-going efforts on various security aspects of analog side channels of embedded cyber-physical systems (CPS). Modern CPS are complex interconnections of heterogeneous hardware and software components. With increasing complexity, connectivity, and programmability of embedded CPS devices, the potential cyber-attack surface has also been increasing making the study of related cyber-security issues highly relevant and timely. In particular, analog side channels are especially interesting from both attack (e.g., exploiting these side channels as an attack mechanism such as for information leakage) and defense viewpoints (e.g., utilizing these side channels for real-time monitoring). In this context, process-aware information leakage utilizing acoustic side channels from CPS instrumentation without impacting process stability and performance will be discussed. Thermal side channel monitoring of CPS devices leveraging their typical periodic code structures will also be discussed. Both the algorithmic techniques and hardware implementation aspects will be presented in the talk. The implementation of a Hardware-In-The-Loop (HITL) CPS testbed for study of cyber-security of embedded CPS devices will also be presented.

    Bio:  Farshad Khorrami received his Bachelors degrees in Mathematics and Electrical Engineering in 1982 and 1984 respectively from The Ohio State University. He also received his Master's degree in Mathematics and Ph.D. in Electrical Engineering in 1984 and 1988 from The Ohio State University. Dr. Khorrami is currently a professor of Electrical & Computer Engineering Department at NYU where he joined as an assistant professor in Sept. 1988. His research interests include adaptive and nonlinear controls, robotics and automation,  control systems and CPS security, embedded systems security, unmanned vehicles (fixed-wing and rotary wing aircrafts as well as underwater vehicles and surface ships), smart structures, large-scale systems and decentralized control, smart grid security, and microprocessor based control and instrumentation. Prof. Khorrami has published more than 250 refereed journal and conference papers in these areas. His book on "modeling and adaptive nonlinear control of electric motors" was published by Springer Verlag in 2003. He also has fourteen U.S. patents on novel smart micro-positioners and actuators, control systems, cyber security, and wireless sensors and actuators. He has developed and directed the Control/Robotics Research Laboratory at Polytechnic Univrsity (Now NYU).  His research has been supported by the Army Research Office, National Science Foundation, Office of Naval Research, DARPA, Sandia National Laboratory, Army Research Laboratory, NASA, Boeing, and several corporations. Prof. Khorrami has served as general chair and conference organizing committee member of several international conferences.

  • Cryptanalysis of Selected Symmetric Ciphers: Lightweight Choices for Secure Hardware
    Hoda A. Alkhzaimi, New York University Abu Dhabi
    Tuesday, August 22, 2017 - 10:00
    RM 301

    Abstract: Throughout the years, designing a symmetric cipher with a specific security rationale, and designing the cryptanalytic techniques that will test the claimed security bounds went hand-in-hand to test the boundaries on the design and attack methods. This formed a continuous evolution in the approaches that cryptographic primitives are constructed to be suitable for future and current hardware environments. This seminar session is meant to shed focus on the different conventional and lightweight design approaches for block ciphers. In addition to considering different design criteria and requirements for the different layers within a certain design. It will also introduce an  overview on the possible generic, structural and statistical cryptanalytic techniques that can be used to test or reduce certain security properties within a design. We will finally look into possible connections between different cryptanalytic methods and how this can be used to utilize an effective attack model.

    Bio: Hoda A.Alkhzaimi is currently a research assistant professor in New York University and the Director of Center of Cyber Security in NewYork University AD. She served in different posts for research and development in Cyber Security and Cryptology for the past years. She headed the Department of Research and Development for Cyber Security and Cryptology in different national initiatives in the United Arab Emirates along with her associations to different security initiatives nationally and internationally.  Alkhzaimi has a specific expertise in cryptology; cryptanalysis, constructing and validating security hardware and software components, constructing trusted security architectures for different environments in different products for the respective industries. HodaA.Alkhzaimi obtained her PhD inCryptanalysis from Denmark Technical University. Her current research interests include
    Space, Aerospace, and UAV security, constructing and analyzing cryptographic primitives, validating and investigating links between different cryptanalytic approaches and utilizing cryptographic primitives in different cybersecurity architectures as in Internet of Things and big data analysis among ot

  • Do You Trust Your Chip?
    Ozgur Sinanoglu (New York University at Abu Dhabi)
    Tuesday, August 22, 2017 - 10:00
    RM 301

    Globalization of Integrated Circuit (IC) design and manufacturing is making designers and users of ICs re-assess their trust in hardware. As the IC design flow spans the globe - driven by cost-conscious consumer electronics - hardware is increasingly prone to reverse engineering, Intellectual Property (IP) piracy and malicious modifications (i.e., hardware trojans). An attacker, anywhere within the global design flow, can reverse engineer the functionality of an IC/IP, steal and claim ownership of the IP or introduce counterfeits into the supply chain. Moreover, an untrusted IC fab may overbuild ICs and sell them illegally. Finally, rogue elements in the fabs may insert hardware trojans into the design without the knowledge of the designer or the end-user of the IC; this additional functionality may subsequently be exploited to introduce errors in the results, steal sensitive information or incapacitate a fielded system. The semiconductor industry routinely loses $billions annually due to these attacks.  This talk will cover various forms of threats that the electronic chip supply chain is up against, as well as defenses against these threats. It will focus on one particular solution—logic locking—by covering its basics and evolution. It will also demonstrate the first-ever prototype: the first chip that is resilient to hardware-level threats.

    Bio:  Ozgur Sinanoglu is an associate professor of electrical and computer engineering at New York University Abu Dhabi. He earned his B.S. degrees, one in Electrical and Electronics Engineering and one in Computer Engineering, both from Bogazici University, Turkey in 1999. He obtained his MS and PhD in Computer Science and Engineering from University of California San Diego in 2001 and 2004, respectively. He has industry experience at TI, IBM and Qualcomm, and has been with NYU Abu Dhabi since 2010. During his PhD, he won the IBM PhD fellowship award twice. He is also the recipient of the best paper awards at IEEE VLSI Test Symposium 2011 and ACM Conference on Computer and Communication Security 2013.  Prof. Sinanoglu’s research interests include design-for-test, design-for-security and design-for-trust for VLSI circuits, where he has around 160 conference and journal papers, and 20 issued and pending US Patents. Sinanoglu has given more than a dozen tutorials on hardware security and trust in leading CAD and test conferences, such as DAC, DATE, ITC, VTS, ETS, ICCD, ISQED, etc. He is serving as track/topic chair or technical program committee member in about 15 conferences, and as (guest) associate editor for IEEE TIFS, IEEE TCAD, ACM JETC, IEEE TETC, Elsevier MEJ, JETTA, and IET CDT journals.  Prof. Sinanoglu is the director of the Design-for-Excellence Lab at NYU Abu Dhabi. His recent research in hardware security and trust is being funded by US National Science Foundation, US Department of Defense, Semiconductor Research Corporation, and Mubadala Technology.

  • Malware Classification using Image Representation
    Ajay Singh, 15111005
    Monday, July 17, 2017 - 11:30
    KD 101

    In the recent years, there has been a rapid rise in the number of files submitted to anti-virus companies for analysis, so it has become very difficult to analyse functionality of each file manually. Malware developers have been highly successful in evading the signature-based detection techniques. Most of the prevailing static analysis techniques involve a tool to parse the file. The entire analysis process becomes dependent to the efficacy of the tool, if the tool crashes the process is hampered. Most of the dynamic analysis techniques involve the binary file to be run in a sand-boxed environment to examine its behaviour. This can be easily thwarted by hiding the malicious activities of the file if it is being run inside a virtual environment. In this thesis, we have explored a new technique to represent malware as images. We then used existing neural network techniques, for classifying images, to train a classifier for classifying new malware files into their respective classes. By converting the file into an image representation we have made our analysis process independent of any tool also the process becomes less time consuming. With our model we have been able to get an accuracy of 98.21% in classifying malware samples. 

  • Robust Malware Detection using Integrated Static and Dynamic Analysis
    Pranjul Ahuja, 15111029
    Monday, July 17, 2017 - 10:30
    KD 101

    There has been an exponential  growth in the number of malware in the cyber world in the last few years. Modern malware use sophisticated techniques such as polymorphism and metamorphism to thwart the malware detection and analysis.

    Detecting malware on the basis of their features and behavior is critical for the computer security community. Most anti-virus depends on the signature based detection which is relatively easy to evade and is ineffective for zero-day exploit based malwares. Static analysis analyzes the executables without executing them whereas dynamic analysis actually executes the malware in a sand-boxed environment and the system changes are logged for further investigation. In this thesis, we are adopting a hybrid approach in which we integrate the feature vectors extracted from both static and dynamic analysis to detect unknown malware. Our experiments obtained an accuracy of 98.62% in detecting malware. Our detection system is robust and scalable as we have increased the amount of samples used for analysis and reduced the feature space compared to the existing approaches in the literature.

  • SMTP by Public Key Cryptography
    Shobhit Rastogi
    Monday, July 10, 2017 - 11:00
    KD 103

    Abstract: SMTP is a text based protocol and this property of the protocol renders it really insecure as any mail can be compromised if intercepted. Therefore, I have augmented the source code of  an open source MTA ,i.e., Haraka to incorporate the public key cryptography using openpgpjs module. Haraka is written in asynchronous JS and is totally based on plugins. For the first time, the client generates a key pair and sends the public key component of the key to the designated server for registration. The registration process follows OTP authentication. Now every client registered on the network has a secret private key and the corresponding public key stored on the server. I have created a server whose sole task is key management. Whenever a client wants to send a mail, it requests the server for the public key of the recipient and encrypts the mail body. The mail is decrypted by the designated client with it’s private key and the pass phrase, which are kept confidential.

  • Malware Analysis with Machine Learning
    Mohit Sharma & Utsava Verma
    Monday, July 10, 2017 - 11:00
    KD 103

    Abstract: The only way to really determine what a piece of malicious software is doing is to analyze it. Statistics show that around 3 lakhs malwares per day are being encountered by various antivirus companies. Analysis of such large number of malwares is a challenging task. Moreover, most of the malware are modified versions of some pre-existing malware and do not need manual analysis. The experts need to focus more on the malwares not encountered before to identify their signature. There are two techniques which can be used to perform an analysis on a piece of software to understand what it does: static analysis – analyzing the source of the malware and dynamic analysis-observation of network traffic and any changes made to the operating system environment as the executable runs. Our focus during the internship was on static analysis. We applied machine learning models on the attributes of the files such as Windows Portable Executable files in order to correctly classify a file as malicious or benign.

  • Design and Implementation of a Web-based Scalable, Secure and attributional grade management system
    Amodini Vardhan
    Monday, July 10, 2017 - 11:00
    KD 103

    Abstract: Cyber security audits of the existing grade management system-OARS has revealed number of attacks on the system that could lead to serious consequences such as revealing the grades and changing them by unauthorized users and attackers.

    Thus, to mitigate such incidents in the future in this project a software is being built on open source content-management framework -Drupal. The Grade Management system covers the three major phases of an academic session- Pre-Registration, Grading and Registration accessible to students, instructors and admin officers. The system is being built in a scalable way such that it caters the needs of colleges and universities all over India. The talk will focus on describing the major functionalities implemented for all the three types of users. Security of the software is ensured by providing strict roles to every authenticated user such that they can only view content as per their roles (student, instructor or admin office), through strong password settings, checking drupal vulnerabilities and using various penetration testing tools. Two factor authentications is also implemented for every user(tfa) which gives access to a user only when he enters the password and Time-based One-time Password at the login.

    The talk will majorly focus on:

    1.The general flow of website from the point of view of all the 3 types of users.

    2.Scalabilty and how easily it can be changed as per the requirements of college.

    3.How the security of the system is ensured and future works.

  • Implementation of ZUC Algorithm on FPGA
    Jayadeep reddy Ganta
    Monday, July 10, 2017 - 11:00
    KD 103

    Abstract: As the world is shifting towards the faster 4G LTE which is the next generation network enabling to meet the requirements of mobile migrations of Internet applications such as VoIP (Voice over IP), video streaming and mobile TV, Encryption of data being sent through the network is of utmost importance. As per international standards set by 3GPP and ETSI organisation, AES, SNOW-3G and ZUC algorithms have chosen for maintaining data security. The objective of the internship is to design a co-processor for ZUC algorithm, EIA-3 and EEA-3 algorithms on FPGA board. Although these algorithms could be implemented on processors using software solutions, implementing a dedicated co-processor would make the process more robust in nature, difficult for the attacker to interfere if the system is compromised and increase the throughput of the algorithm by many folds than the software implementation. ZUC algorithm is a stream cipher mainly intended for the Chinese market as it is the only algorithm approved by the Chinese government. My work has been mainly focused on understanding the ZUC algorithm in its entirety and implementing it on an Artix-7 board. After implementing the algorithm using the Xilinx Vivado tool, I checked for the important characteristics like critical path, maximum operating frequency, area used and total power consumed and compared them existing literature to check the efficiency of my design. Using ZUC as core, I have finally implemented EEA-3 and EIA-3 algorithm which are the actual confidentiality and integrity algorithm which will be deployed in field.

Pages

  • Malware Classification using Image Representation
    Ajay Singh, 15111005
    Monday, July 17, 2017 - 11:30
    KD 101

    In the recent years, there has been a rapid rise in the number of files submitted to anti-virus companies for analysis, so it has become very difficult to analyse functionality of each file manually. Malware developers have been highly successful in evading the signature-based detection techniques. Most of the prevailing static analysis techniques involve a tool to parse the file. The entire analysis process becomes dependent to the efficacy of the tool, if the tool crashes the process is hampered. Most of the dynamic analysis techniques involve the binary file to be run in a sand-boxed environment to examine its behaviour. This can be easily thwarted by hiding the malicious activities of the file if it is being run inside a virtual environment. In this thesis, we have explored a new technique to represent malware as images. We then used existing neural network techniques, for classifying images, to train a classifier for classifying new malware files into their respective classes. By converting the file into an image representation we have made our analysis process independent of any tool also the process becomes less time consuming. With our model we have been able to get an accuracy of 98.21% in classifying malware samples. 

  • Robust Malware Detection using Integrated Static and Dynamic Analysis
    Pranjul Ahuja, 15111029
    Monday, July 17, 2017 - 10:30
    KD 101

    There has been an exponential  growth in the number of malware in the cyber world in the last few years. Modern malware use sophisticated techniques such as polymorphism and metamorphism to thwart the malware detection and analysis.

    Detecting malware on the basis of their features and behavior is critical for the computer security community. Most anti-virus depends on the signature based detection which is relatively easy to evade and is ineffective for zero-day exploit based malwares. Static analysis analyzes the executables without executing them whereas dynamic analysis actually executes the malware in a sand-boxed environment and the system changes are logged for further investigation. In this thesis, we are adopting a hybrid approach in which we integrate the feature vectors extracted from both static and dynamic analysis to detect unknown malware. Our experiments obtained an accuracy of 98.62% in detecting malware. Our detection system is robust and scalable as we have increased the amount of samples used for analysis and reduced the feature space compared to the existing approaches in the literature.

  • SMTP by Public Key Cryptography
    Shobhit Rastogi
    Monday, July 10, 2017 - 11:00
    KD 103

    Abstract: SMTP is a text based protocol and this property of the protocol renders it really insecure as any mail can be compromised if intercepted. Therefore, I have augmented the source code of  an open source MTA ,i.e., Haraka to incorporate the public key cryptography using openpgpjs module. Haraka is written in asynchronous JS and is totally based on plugins. For the first time, the client generates a key pair and sends the public key component of the key to the designated server for registration. The registration process follows OTP authentication. Now every client registered on the network has a secret private key and the corresponding public key stored on the server. I have created a server whose sole task is key management. Whenever a client wants to send a mail, it requests the server for the public key of the recipient and encrypts the mail body. The mail is decrypted by the designated client with it’s private key and the pass phrase, which are kept confidential.

  • Malware Analysis with Machine Learning
    Mohit Sharma & Utsava Verma
    Monday, July 10, 2017 - 11:00
    KD 103

    Abstract: The only way to really determine what a piece of malicious software is doing is to analyze it. Statistics show that around 3 lakhs malwares per day are being encountered by various antivirus companies. Analysis of such large number of malwares is a challenging task. Moreover, most of the malware are modified versions of some pre-existing malware and do not need manual analysis. The experts need to focus more on the malwares not encountered before to identify their signature. There are two techniques which can be used to perform an analysis on a piece of software to understand what it does: static analysis – analyzing the source of the malware and dynamic analysis-observation of network traffic and any changes made to the operating system environment as the executable runs. Our focus during the internship was on static analysis. We applied machine learning models on the attributes of the files such as Windows Portable Executable files in order to correctly classify a file as malicious or benign.

  • Design and Implementation of a Web-based Scalable, Secure and attributional grade management system
    Amodini Vardhan
    Monday, July 10, 2017 - 11:00
    KD 103

    Abstract: Cyber security audits of the existing grade management system-OARS has revealed number of attacks on the system that could lead to serious consequences such as revealing the grades and changing them by unauthorized users and attackers.

    Thus, to mitigate such incidents in the future in this project a software is being built on open source content-management framework -Drupal. The Grade Management system covers the three major phases of an academic session- Pre-Registration, Grading and Registration accessible to students, instructors and admin officers. The system is being built in a scalable way such that it caters the needs of colleges and universities all over India. The talk will focus on describing the major functionalities implemented for all the three types of users. Security of the software is ensured by providing strict roles to every authenticated user such that they can only view content as per their roles (student, instructor or admin office), through strong password settings, checking drupal vulnerabilities and using various penetration testing tools. Two factor authentications is also implemented for every user(tfa) which gives access to a user only when he enters the password and Time-based One-time Password at the login.

    The talk will majorly focus on:

    1.The general flow of website from the point of view of all the 3 types of users.

    2.Scalabilty and how easily it can be changed as per the requirements of college.

    3.How the security of the system is ensured and future works.

  • Implementation of ZUC Algorithm on FPGA
    Jayadeep reddy Ganta
    Monday, July 10, 2017 - 11:00
    KD 103

    Abstract: As the world is shifting towards the faster 4G LTE which is the next generation network enabling to meet the requirements of mobile migrations of Internet applications such as VoIP (Voice over IP), video streaming and mobile TV, Encryption of data being sent through the network is of utmost importance. As per international standards set by 3GPP and ETSI organisation, AES, SNOW-3G and ZUC algorithms have chosen for maintaining data security. The objective of the internship is to design a co-processor for ZUC algorithm, EIA-3 and EEA-3 algorithms on FPGA board. Although these algorithms could be implemented on processors using software solutions, implementing a dedicated co-processor would make the process more robust in nature, difficult for the attacker to interfere if the system is compromised and increase the throughput of the algorithm by many folds than the software implementation. ZUC algorithm is a stream cipher mainly intended for the Chinese market as it is the only algorithm approved by the Chinese government. My work has been mainly focused on understanding the ZUC algorithm in its entirety and implementing it on an Artix-7 board. After implementing the algorithm using the Xilinx Vivado tool, I checked for the important characteristics like critical path, maximum operating frequency, area used and total power consumed and compared them existing literature to check the efficiency of my design. Using ZUC as core, I have finally implemented EEA-3 and EIA-3 algorithm which are the actual confidentiality and integrity algorithm which will be deployed in field.

  • Designing coprocessor for implementing crypto-algorithm 'Snow3g'
    Mugdha Jadhao
    Monday, July 10, 2017 - 11:00
    KD 103

    Abstract: In communication systems, cryptographic algorithms play an important role to provide secrecy, authentication and integrity. The elementary difference between emerging 4G wireless networks and other preceding versions is that 4G operates entirely on the TCP/IP architectural suite, thus becoming totally IP based which makes it more prone to risks in terms of safety and reliability. The whole security architecture of LTE/SAE consists of four main hardware-oriented cryptographic algorithms as per international set standards: KASUMI block cipher, SNOW-3G stream cipher, the MILENAGE algorithm set, and the ZUC algorithm. It is generally easy to implement crypto algorithms in software, but such algorithms are proven to be quite slow for real-time applications, such as mobile phones. For this reason, it becomes necessary to implement crypto algorithms as hardware modules or crypto processors. My task was to design a coprocessor for SNOW-3G algorithm and use it as a core in EEA1 confidentiality and EIA1 integrity algorithms and implement on FPGA Artix 7 board. The algorithm was designed in verilog language. Post implementation important characteristics like critical path, maximum operating frequency, area used and total power consumed were noted in the Xilinx Vivado tool and compared with existing literature to check the efficiency of the design. 

  • Detection of Cyber Attacks In Industrial Control Systems Using Neural Networks
    Aditya Srivastava
    Saturday, July 8, 2017 - 12:00
    KD 102

    Abstract: Critical Infrastructures are the most important assets for any country in terms of economic and financial aspects and they vary from country to country. For India, power and water supplies are some of the critical infrastructures that are controlled using industrial control systems. SCADA (supervisory control and data acquisition systems) plays an important role in it. Recently they have become attractive target for highly skilled and organized cyber attackers. In the past a malware named STUXNET targeted industrial site of Iran-Uranium enrichment plant. It manipulated the set point at which the centrifuges are supposed to rotate which changed the speed of the centrifuges without the knowledge of the uranium enrichment plant-operators. A recent power blackout in Ukraine's capital Kiev was caused by a cyber-attack which created a blackout in entire north zone of the capital.

    These incidents have drawn our attention towards strengthening of cybersecurity in critical infrastructure. And for this we need persistent security systems which can defend against zero day attacks. We have seen signature based IDS (Intrusion Detection Systems) that can defend against known or defined attack types but not unknown or zero days. For this we need Intelligent Intrusion detection systems that use deep learning techniques like neural networks to defend against these attacks. 

    This project involves

    • Development of a Simulation Environment of an Industrial Control System using Python, Virtualization Technology and communication protocol MODBUS TCP.
    • An anomaly based IDS using LSTM Recurrent Neural Network for ICS as these have the capabilities to learn important patterns and forget the not so important things about the operation of the plant.
    • Analysis of Code Injection Attacks detected by IDS
  • Cyber Threat Intelligence Analysis
    Akshat Aggarwal
    Saturday, July 8, 2017 - 11:30
    KD 102

    Abstract: In the current era of cyber warfare and security threat attacks, where the strength of any nation in the present world is measured largely by the growth of its technical strength, it comes as a crucial need to constantly monitor and analyze the ongoing threats and day to day malicious activities. The Cyber Threat Intelligence Analysis project will deal with:

    1. Real-time extraction of raw threat intelligence data like malicious IP addresses, latest information regarding Botnets, Malwares, Spams IP, Phishing attacks across the world from multiple reliable sources and threat feeds across the Internet and from the honeypot sources of the IIT Kanpur Honey-pot network.

    2. The project further aims to make a statistical dashboard and a web API service of this data. This includes providing real-time updates of multiple statistical visualizations like threat intelligence pie-charts, GeoIP maps, country-wise comparisons, date-time analysis and other data aggregation techniques.

    3. The final task accomplished in this project is to detect whether a URL is malicious or safe by analyzing and classifying URLs as malicious or benign by applying machine learning algorithms on a corpus of URL text. An analysis of accuracy of multiple machine learning classification algorithms is done and the best one is chosen.

  • Application Vulnerabilities, Issues and Mitigation
    Sagar Sharma
    Saturday, July 8, 2017 - 11:00
    KD 102

    Abstract: In today's scenario, every facility is being digitalized. These facilities and luxuries are the result of several work-hours of rigorous work put in by the team of developers, be it a standalone application or a massively multiplayer gaming network. But security is seldom the priority of developers unless the system is designed to provide security itself. And the fact remains that people with malicious intent still try to take advantage of the security loopholes left by the developers, mostly for profit and sometimes just for fun. Given the facility is a critical system like a power plant, such attacks may lead to nationwide distress. On the other hand, vulnerabilities in a system like a banking network can cause economic loss to numerous individuals. However, more than 75% of these vulnerabilities exist on the application level. These are mostly the implementation and programming mistakes. Some of them are: integer overflow, buffer overflow, faulty string formatting, double free etc. Though this lead to most of the exploitation which are easily avoidable by simple practices and awareness, like VAPT, input validation, input sanitization, etc. These are the few topics that I would be discussing and demonstrating.

Pages

  • Introduction to Biochip Security
    Ramesh Karri (New York University, New York)
    Tuesday, August 22, 2017 - 10:00
    RM 301

    Abstract: This presentation will explore the security implications of biochips that are envisioned for use in lab-on-chips. We will discuss how attackers in the bio-chip supply chain can undermine proprietary biochemical protocols or alter their results, with serious consequences for laboratory analysis, healthcare, and biotechnology innovation.

    Bio: Ramesh Karri is a Professor of Electrical and Computer Engineering at Tandon School of Engineering, New York University. He has a Ph.D. in Computer Science and Engineering, from the University of California at San Diego. His research and education activities span hardware cybersecurity including trustworthy ICs, processors and cyberphysical systems; security-aware computer aided design, test, verification, validation and reliability; nano meets security; metrics; benchmarks; hardware cybersecurity competitions; additive manufacturing security. He has over 200 journal and conference publications including tutorials on Trustworthy Hardware in IEEE Computer (2) and Proceedings of the IEEE (5). His groups work on hardware cybersecurity was nominated for best paper awards (ICCD 2015 and DFTS 2015) and received awards at conferences (ITC 2014, CCS 2013, DFTS 2013 and VLSI Design 2012) and at competitions (ACM Student Research Competition at DAC 2012, ICCAD 2013, DAC 2014, ACM Grand Finals 2013, Kaspersky Challenge and Embedded Security Challenge). He was the recipient of the Humboldt Fellowship and the National Science Foundation CAREER Award. He is the area director for cyber security of the NY State Center for Advanced Telecommunications Technologies at NYU-Poly; Co-founded the NYU Center for CyberSecurity  -CCS (http://cyber.nyu.edu/), co-founded the Trust-Hub (http://trust-hub.org/) and founded and organizes the Embedded Security Challenge, the annual red team blue team event at NYU,  (http://www.nyu.edu/csaw2016/csaw-embedded).

  • Cyber-Security: Analog Side Channels of Embedded Cyber-Physical Systems
    Farshad Khorrami (New York University, New York)
    Tuesday, August 22, 2017 - 10:00
    RM 301

    Abstract: This talk will address some of our prior and on-going efforts on various security aspects of analog side channels of embedded cyber-physical systems (CPS). Modern CPS are complex interconnections of heterogeneous hardware and software components. With increasing complexity, connectivity, and programmability of embedded CPS devices, the potential cyber-attack surface has also been increasing making the study of related cyber-security issues highly relevant and timely. In particular, analog side channels are especially interesting from both attack (e.g., exploiting these side channels as an attack mechanism such as for information leakage) and defense viewpoints (e.g., utilizing these side channels for real-time monitoring). In this context, process-aware information leakage utilizing acoustic side channels from CPS instrumentation without impacting process stability and performance will be discussed. Thermal side channel monitoring of CPS devices leveraging their typical periodic code structures will also be discussed. Both the algorithmic techniques and hardware implementation aspects will be presented in the talk. The implementation of a Hardware-In-The-Loop (HITL) CPS testbed for study of cyber-security of embedded CPS devices will also be presented.

    Bio:  Farshad Khorrami received his Bachelors degrees in Mathematics and Electrical Engineering in 1982 and 1984 respectively from The Ohio State University. He also received his Master's degree in Mathematics and Ph.D. in Electrical Engineering in 1984 and 1988 from The Ohio State University. Dr. Khorrami is currently a professor of Electrical & Computer Engineering Department at NYU where he joined as an assistant professor in Sept. 1988. His research interests include adaptive and nonlinear controls, robotics and automation,  control systems and CPS security, embedded systems security, unmanned vehicles (fixed-wing and rotary wing aircrafts as well as underwater vehicles and surface ships), smart structures, large-scale systems and decentralized control, smart grid security, and microprocessor based control and instrumentation. Prof. Khorrami has published more than 250 refereed journal and conference papers in these areas. His book on "modeling and adaptive nonlinear control of electric motors" was published by Springer Verlag in 2003. He also has fourteen U.S. patents on novel smart micro-positioners and actuators, control systems, cyber security, and wireless sensors and actuators. He has developed and directed the Control/Robotics Research Laboratory at Polytechnic Univrsity (Now NYU).  His research has been supported by the Army Research Office, National Science Foundation, Office of Naval Research, DARPA, Sandia National Laboratory, Army Research Laboratory, NASA, Boeing, and several corporations. Prof. Khorrami has served as general chair and conference organizing committee member of several international conferences.

  • Cryptanalysis of Selected Symmetric Ciphers: Lightweight Choices for Secure Hardware
    Hoda A. Alkhzaimi, New York University Abu Dhabi
    Tuesday, August 22, 2017 - 10:00
    RM 301

    Abstract: Throughout the years, designing a symmetric cipher with a specific security rationale, and designing the cryptanalytic techniques that will test the claimed security bounds went hand-in-hand to test the boundaries on the design and attack methods. This formed a continuous evolution in the approaches that cryptographic primitives are constructed to be suitable for future and current hardware environments. This seminar session is meant to shed focus on the different conventional and lightweight design approaches for block ciphers. In addition to considering different design criteria and requirements for the different layers within a certain design. It will also introduce an  overview on the possible generic, structural and statistical cryptanalytic techniques that can be used to test or reduce certain security properties within a design. We will finally look into possible connections between different cryptanalytic methods and how this can be used to utilize an effective attack model.

    Bio: Hoda A.Alkhzaimi is currently a research assistant professor in New York University and the Director of Center of Cyber Security in NewYork University AD. She served in different posts for research and development in Cyber Security and Cryptology for the past years. She headed the Department of Research and Development for Cyber Security and Cryptology in different national initiatives in the United Arab Emirates along with her associations to different security initiatives nationally and internationally.  Alkhzaimi has a specific expertise in cryptology; cryptanalysis, constructing and validating security hardware and software components, constructing trusted security architectures for different environments in different products for the respective industries. HodaA.Alkhzaimi obtained her PhD inCryptanalysis from Denmark Technical University. Her current research interests include
    Space, Aerospace, and UAV security, constructing and analyzing cryptographic primitives, validating and investigating links between different cryptanalytic approaches and utilizing cryptographic primitives in different cybersecurity architectures as in Internet of Things and big data analysis among ot

  • Do You Trust Your Chip?
    Ozgur Sinanoglu (New York University at Abu Dhabi)
    Tuesday, August 22, 2017 - 10:00
    RM 301

    Globalization of Integrated Circuit (IC) design and manufacturing is making designers and users of ICs re-assess their trust in hardware. As the IC design flow spans the globe - driven by cost-conscious consumer electronics - hardware is increasingly prone to reverse engineering, Intellectual Property (IP) piracy and malicious modifications (i.e., hardware trojans). An attacker, anywhere within the global design flow, can reverse engineer the functionality of an IC/IP, steal and claim ownership of the IP or introduce counterfeits into the supply chain. Moreover, an untrusted IC fab may overbuild ICs and sell them illegally. Finally, rogue elements in the fabs may insert hardware trojans into the design without the knowledge of the designer or the end-user of the IC; this additional functionality may subsequently be exploited to introduce errors in the results, steal sensitive information or incapacitate a fielded system. The semiconductor industry routinely loses $billions annually due to these attacks.  This talk will cover various forms of threats that the electronic chip supply chain is up against, as well as defenses against these threats. It will focus on one particular solution—logic locking—by covering its basics and evolution. It will also demonstrate the first-ever prototype: the first chip that is resilient to hardware-level threats.

    Bio:  Ozgur Sinanoglu is an associate professor of electrical and computer engineering at New York University Abu Dhabi. He earned his B.S. degrees, one in Electrical and Electronics Engineering and one in Computer Engineering, both from Bogazici University, Turkey in 1999. He obtained his MS and PhD in Computer Science and Engineering from University of California San Diego in 2001 and 2004, respectively. He has industry experience at TI, IBM and Qualcomm, and has been with NYU Abu Dhabi since 2010. During his PhD, he won the IBM PhD fellowship award twice. He is also the recipient of the best paper awards at IEEE VLSI Test Symposium 2011 and ACM Conference on Computer and Communication Security 2013.  Prof. Sinanoglu’s research interests include design-for-test, design-for-security and design-for-trust for VLSI circuits, where he has around 160 conference and journal papers, and 20 issued and pending US Patents. Sinanoglu has given more than a dozen tutorials on hardware security and trust in leading CAD and test conferences, such as DAC, DATE, ITC, VTS, ETS, ICCD, ISQED, etc. He is serving as track/topic chair or technical program committee member in about 15 conferences, and as (guest) associate editor for IEEE TIFS, IEEE TCAD, ACM JETC, IEEE TETC, Elsevier MEJ, JETTA, and IET CDT journals.  Prof. Sinanoglu is the director of the Design-for-Excellence Lab at NYU Abu Dhabi. His recent research in hardware security and trust is being funded by US National Science Foundation, US Department of Defense, Semiconductor Research Corporation, and Mubadala Technology.

  • Invited Talk by Sujoy Sinha Roy
    Sujoy Sinha Roy
    Friday, July 7, 2017 - 17:00
    KD101

    Abstract: Shor's algorithm running on a powerful quantum computer would break  the RSA and ECC public-key cryptosystems. Keeping in mind the recent progress in quantum computing, NIST has recommended a gradual shift towards quantum-computing-secure public-key cryptography. Post-quantum cryptography refers to cryptographic algorithms that are presumed secure against quantum attacks. Of several candidates, lattice-based public-key cryptography is the most promising one. We investigated implementation aspects of lattice-based post-quantum public key schemes whose security is based on the hardness of the ring-LWE problem. These cryptographic schemes perform arithmetic operations in a polynomial ring and require sampling from a discrete Gaussian distribution. To design a discrete Gaussian sampler that satisfies a negligible statistical distance to the accurate distribution, we analyzed the Knuth-Yao random walk, and proposed an algorithm that is fast and lightweight. For efficient polynomial multiplication, we applied the number theoretic transform and performed computational and architectural optimizations. From these primitives, we designed a compact coprocessor architecture. For a medium security level, the architecture takes only 20/9µs to compute encryption/decryption on a Xilinx FPGA. We also implemented the proposed algorithms on resource-constrained software platforms and found that the ring-LWE-based public-key encryption is roughly 10 times faster than the ECC-based public-key encryption.

    Homomorphic encryption enables computation on encrypted data. One application of homomorphic encryption is private cloud computing: a user uploads her encrypted data in the cloud and then computes on the encrypted data. The ring-LWE problem has been used to construct homomorphic encryption schemes. However, software implementations of homomorphic evaluation are very slow due to its arithmetic involving very large polynomials with large coefficients. In this research, we designed a multi-core FPGA-based accelerator for the homomorphic encryption scheme FV. Fast computation time is achieved by implementing various optimizations on both algorithm and architecture levels. We observe that though the computation intensive arithmetic can be accelerated, the overhead of external memory access becomes a bottleneck. Then we propose a more practical scheme that uses a special module to assist homomorphic function evaluation in less time. With this module, we can evaluate encrypted search roughly 20 times faster than the implementation without this module.