Course web page:

ECE 646Cryptography

and Computer Network Security

ECE web page Courses Course web pages ECE 646

Kris Gaj

Office hours: Monday, Tuesday, Wednesday 6:00-7:00 PM

Research and teaching interests:• cryptography• network security• computer arithmetic• FPGA & ASIC design and testing

Contact:The Engineering Building, room 3225

kgaj@gmu.edu

ECE 646

Part of:

MS in EE

MS in CpENetwork and System Security (required)Computer Networks (elective)

Certificate in Information Systems Security

MS in E-Commerce

MS in Information Security & Assurance

Communications & Networks (elective)

Ph.D. in Information Technology

Ph.D. in Electrical and Computer Engineering

NETWORK AND SYSTEM SECURITY

Concentration advisors: Kris Gaj, Jens-Peter Kaps

1. ECE 542 Computer Network Architectures and Protocols– S.-C. Chang, et al.

2. ECE 646 Cryptography and Computer Network Security– K. Gaj, J-P. Kaps – lab, project

3. ECE 746 Advanced Applied Cryptography– K. Gaj – lab, project: C/C++, VHDL, or analytical

4. ISA 656 Network Security – A. Stavrou

5. ECE 699 Cryptographic Engineering– J.-P. Kaps, K. Gaj

ECE 646

Lecture ProjectLaboratory

35 %15 %

Homework15 %

Quizzes5 %

Midterm exams10 %

Final Exam 20 %

Specification - 5 %Results - 10 %Oral presentation - 10%Written report - 8%Review - 2%

deapth

• viewgraphs / whiteboard

• viewgraphs available on the web (please, extend with your notes)

• books 1 required (Stallings) 1 optional (all chapters available on the book web page)

• articles (CryptoBytes, RSA Data Security Conf., CHES, CRYPTO, etc.)

• web sites - Crypto Resources standards, FAQs, surveys

Lecture

Distance Learning Mode (1)

• pilot project introduced for the first time this year • lectures delivered simultaneously in class and on-line

• students joining on-line can actively participate in the class (raise a hand, ask questions, etc.)

• minimum preparation required (setting options of a browser, login to Blackboard, etc.)

• on-line sessions can be recorded and replayed outside of the class time (in the asynchronous mode)

Distance Learning Mode Rules

• this semester done at a specific request of students interested in attending classes remotely • requests for on-line delivery should be sent to the instructor at least 24 hours before the beginning of a given class

• allow participation in the lectures by students who are on travel, sick, or cannot attend the class for any other serious reason

• no guarantee of the equivalent quality of educational experience is provided

Important Announcement

There will be no class next Tuesday, September 8(the instructor attending a conference in Europe).

Instead, we will hold a make-up lecture in class: Columbus Day, Monday, Oct. 12 on-line: per your request

Homework (1)

• reading assignments

• theoretical problems (may require basics of number theory or probability theory)

• problems from the main textbook

• short programs

• literature surveys

Homework (2)

• optional assignments

short programs vs. analytical problems or HDL codes

More time consuming Most time spent on debugging Relatively straightforward

Typically less time consuming More thinking Little writing

Midterm exam

2 hours 30 minutes

multiple choice test + short problems

open-books, open-notes

practice exams available on the web

midterm exam review session - optional

Tuesday, October 27th

Tentative date:

Quizzes

10-15 minutes

one-two questions related to the most recent lectures

closed-books, closed-notes

announced

Final exam

2 hours 45 minutes

Multiple choice + several problems

Tuesday, December 15

7:30 – 10:15 PM

• 4 labs based on three major software packages CrypTool GnuPG for Linux or GnuPG for Windows MAGMA Computational Algebra System

• done at home or in the ECE labs: software downloaded from the web

• based on detailed instructions

• grading based on written reports (answers to questions included in the instructions)

Laboratory

Tentative list of laboratory topics

1. Secure e-mail: Pretty Good Privacy - GnuPG

2. Historical ciphers - CrypTool

3. Properties of classical cryptosystems - CrypTool

4. Properties of public key cryptosystems - Magma

• depth, originality• based on additional literature• you can start at the point where former students ended• based on something you know and are interested in• software or hardware• may involve experiments • teams of 1-3 students

Project (1)

• original • useful

• about three weeks to choose a topic and write

the corresponding specification• regular meetings with the instructor• a few oral progress reports based on Power Point slides• draft final presentation due at the last progress report• written report/article, IEEE style

due Tuesday December 1• short conference-style oral presentations

Tuesday, December 8• contest for the best presentation• publication of reports and viewgraphs on the web

Project (2)

• Project reports/articles requirements

- IEEE style

- 15 pages maximum

- appendices possible but do not influence

the evaluation• Review of project reports

- reviews done by your fellow students- reviews due, Saturday, December 5, midnight- final version of the report due Monday,

December 7, midnight

Project (3)

• Project presentations (Tuesday, December 8, 7:30-10:00PM)

- conference style

- open to general public (in particular,

students from previous years), ECE seminar credit

- 10 minutes for the presentation + 5 minutes for Q&A

- time strictly enforced

Project (4)

This Year’s Project Theme

Benchmarking (comparing)• cryptographic algorithms• cryptographic libraries and open-source implementations (software and hardware)• platforms• tools

Motivation (1)

• multitude of implementations of cryptographic algorithms available in public domain (~50 open-source software libraries, >20 open-source hardware cryptographic cores)

How do they compare against each other?

Which one to use when implementing a particular cryptographic system?

Motivation (2)

• multitude of platforms

general-purpose microprocessors (e.g., Pentium 4, Core i7, etc.) microcontrollers (TI MSP 430, MicroChip PIC18) Digital Signal Processors FPGAs (from Xilinx, Altera, Actel, etc.) ASICs (based on various libraries of standard cells) processors embedded in FPGAs (PicoBlaze, MicroBlaze, Nios II)

Motivation (3)

• multitude of languages and tools

C, C++, Java, Python, C#, assembly language, etc. VHDL, Verilog, AHDL, etc. multiple compilers for software codes multiple synthesis tools for hardware codes

Motivation (4)

• multitude of cryptographic algorithms

secret-key block ciphers secret-key stream ciphers public-key ciphers hash functions message authentication codes digital signature schemes key agreement schemes

Common benchmarking pitfalls

• taking credit for improvements in technologye.g. comparing Bob's AES in Virtex 5 vs. Alice's AES in Virtex 2 Pro

• choosing a convenient performance measure• comparing designs with different functionality

e.g., encryption+decryption vs. encryption only• comparing the speed of different operations

e.g., comparing the combined speed of encrypting 8 messages in parallel vs. the speed of encrypting a single long message

• designs optimized using different optimization criteria e.g., speed only or the ratio of speed to cost• using different input/output interfaces

27

Ashraf AbuSharekhMS Thesis, April 2004

Previous WorkComparative Analysis of Software

Multi-precision Arithmetic Librariesfor Public Key Cryptography

Support

HighSchemes

LowPrimitives

Low CryptoPP

PIOLOGIE

OpenSSL

MIRACL

Perform

ance

GMP,NTL, LiDIA

CLN

High

Support

HighSchemes

LowPrimitives

Low CryptoPP

PIOLOGIE

OpenSSL

MIRACL

Perform

ance

GMP,NTL, LiDIA

CLN

High

Previous workeBACS: ECRYPT Benchmarking of Cryptographic Systems

http://bench.cr.yp.to

Project to compare software implementations of cryptographic algorithms

Developed by: Daniel J. Bernstein and Tanja Lange (2006-present)

Activity of: VAMPIRE: Virtual Application and Implementation REsearch Lab

Integrates:

eBATS: ECRYPT Benchmarking of Asymmetric Systems

eBASC: ECRYPT Benchmarking of Stream Ciphers

eBASH: ECRYPT Benchmarking of All Submitted Hashes

Extends earlier software evaluation projects developed by different groups

within NESSIE and eSTREAM. 29

SUPERCOPSystem for Unified Performance Evaluation Related to Cryptographic

Operations and Primitives

• toolkit developed by the VAMPIRE lab for measuring the performance of cryptographic software

• measures the performance of – hash functions

– secret-key stream ciphers

– public-key encryption systems

– public-key signature systems

– public-key secret-sharing systems

• output is an extensive set of measurements in a form suitable for easy computer processing

30

SUPERCOP

• measurements on multiple machines (currently over 70)and machine-ABI (application binary interface) combinations (currently over 100)

• each implementation is recompiled multiple times (currently over 1200 times) with various compiler options to identify best working options for implementation, machine

• time measured in clock cycles/byte for multiple input/output sizes

• median, lower quartile (25th percentile), and upper quartile (75th percentile) reported

• standardized function arguments (may be implemented using wrappers)

31

GMU ToolATHENa – Automated Tool for Hardware EvaluatioN

32

Set of scripts written in Perl aimed at an AUTOMATED generation of OPTIMIZED results for MULTIPLE hardware platforms

Currently under development at George Mason University.First version to be released this Fall.

ATHENa Major Features• running all steps of synthesis, implementation, and timing analysis in

the batch mode

• support for devices and tools of multiple FPGA vendors: Xilinx, Altera, Actel

• generation of results for multiple families of FPGAs of a given vendor

• automated choice of a device within a given family of FPGAa assuming that the resource utilization does not exceed a certain limit, e.g., 80% of CLB slices, or 70% of BRAM

• choice of multiple optimization criteria (speed, area, ratio speed/area)

• heuristic optimization algorithms aimed at maximizing the performance measures (e.g., speed) based on checking multiple options, and multiple target clock frequencies

33

ATHENa Additional Features

• automated verification of the design through simulation, run in the batch mode based on the provided testbench (optional):

– Functional

– Post-synthesis

– Timing

• support for Windows and Linux

• Graphical User Interface

Requirements:

– interpreter of Perl

– FPGA tools: free, educational, or commercial versions34

ATHENa Input/Output

Input:

– synthesizable source files

– configuration files (text files)

– testbench (optional)

– constraint files (optional)

Output:

– result summary (human readable)

– database entries (suitable for computer postprocessing)

35

ATHENaServer

FPGA Synthesis and Implementation

Result Summary+ Database Entries

2 3

HDL + scripts + configuration files

1

Database Entries

Download scripts and

configuration files8

Designer

4

HDL + FPGA Tools

User

Databasequery

Ranking of designs

5

6

Basic Dataflow of ATHENa

Draft Specificationdue in two weeks

Specification should include the choice of:

• software vs. hardware• software cryptographic libraries or hardware cryptographic cores• languages• platforms• tools• list of cryptographic algorithms included in comparison (common for selected libraries)

Follow-up courses

Cryptography and Computer Network Security ECE 646

Advanced Applied Cryptography

ECE 746Computer Arithmetic

ECE 645

Digital System Design with VHDL

ECE 545

Cryptography and Computer Network Security

Advanced Applied Cryptography

• AES• Stream ciphers• Elliptic curve cryptosystems• Random number generators• Smart cards• Attacks against implementations (timing, power, fault analysis)• Efficient and secure implementations of cryptography• Security in various kinds of networks (IPSec, wireless)• Zero-knowledge identification schemes

• Historical ciphers• Classical encryption (DES, IDEA, RC5, AES)• Public key encryption (RSA, DH, DSA)• Hash functions and MACs • Digital signatures• Public key certificates• Secure Internet Protocols - e-mail: PGP and S-MIME - www: SSL• Cryptographic standards

Modular integer arithmetic Operations in the Galois Fields GF(2n)

“Typical” course

time

difficulty

This coursedifficulty

time