Future Proofing the Connected World: A Quantum-Resistant Trusted Platform Module

Livrables

Runtime Risk Assessment, Resilience and Mitigation Planning – First Release

This deliverable relies on the output of Tasks 4.3, 4.4 & 4.5, and provides complementary functionality of the risk assessment framework delivered in D4.2. More specifically, it handles the unacceptable calculated risks by inferring (using backward-chaining techniques) the optimal mitigation actions (i.e., properties that have to be reactively attested) that have to be applied.

Runtime Risk Assessment, Resilience and Mitigation Planning

This deliverable relies on the output of Tasks 4.3, 4.4 & 4.5, and provides complementary functionality of the risk assessment framework delivered in D4.4.

Final Report on New QR Cryptographic Primitives

Update of Deliverable D2.2. Additionally, the deliverable includes the final recommendation on which algorithms should be implemented by a future TPM and the full specification of these algorithms.

Second Report on Security Models for the TPM

Final version of the report describing and outlining security models for the TPM.

Project quality plan

The project quality plan (the project handbook) constitutes a set of project templates, explanations on the project management process, review process, quality checks, meeting organisation, which is communicated to all partners.

Second Report on the Security of the TPM

Report outlining security proofs for the integrated TPM functionality.

Security Risks in QR Deployments

Documentation of the security problems and risks that classical protocols, to be employed in the three envisioned use cases, might face in the presence of quantum adversaries.

First Report on the Security of the TPM

Initial report outlining security arguments for the integrated TPM functionality.

Report on implementations

Final report on QR TSS, SW based QR TPM, VM based QR TPM and HW based QR TPM.

FutureTPM Reference Architecture

This deliverable will provide the specification of the FutureTPM reference architecture, the functional components and interfaces between them. It will provide an analysis and point of reference for the FutureTPM in relation to the three specific use cases, including an analysis of relevant classical protocols and the use cases themselves in terms of FutureTPM functionality.

Final Demonstrators Implementation Report

Documentation of the implementation of the final release of the demonstrators’ prototypes (Tasks 6.3, 6.4 & 6.5). The deliverable will contain a public report on the evaluation and a confidential annex on the setup of the demonstrator, and a confidential demonstrator.

Final Report on the Design and Security of the QR TPM

The final report describing fully our security models for core, extended and full TPM interfaces in various scenarios, as well as our quantum-resistant TPM design, and its provable security. The report will also include a holistic security analysis of the current TPM design, and consolidate contributions from WP2 and WP3 into a single deliverable.

First Report on New QR Cryptographic Primitives

This deliverable reports on the work done by all tasks, including the surveys, the newly developed algorithms, and the full specification of the candidate algorithms (TPM and TSS) that are to be implemented and evaluated by WP5.

Demonstrators Implementation Report – First Release

Documentation of the implementation of the first release of the demonstrators’ prototypes (Tasks 6.3, 6.4 & 6.5). This deliverable will also provide a rigorous evaluation of the results gathered from the execution of the first demonstrator’s phase. The deliverable will contain a public report on the evaluation and a confidential annex on the setup of the demonstrator, and a confidential demonstrator.

First Report on Security Models for the TPM

Initial report describing and outlining security models for various implementations of TPM.

Risk Assessment Plan

The risk assessment plan shows how potential risks are assessed and mitigated in order to avoid any negative influence on the [ACRONYM] project objectives. The interrelated risk assessment plan – risk identification, handling and monitoring – will be established.

FutureTPM Use Cases and System Requirements

This deliverable will define the three use cases the FutureTPM will address. It will provide a detailed view of FutureTPM’s reference scenarios and describe a number of use cases within the reference scenarios. It will then derive the technical requirements for the FutureTPM project, including an analysis of how present-day TPM functionality can be implemented using QR cryptography.

Threat Modelling & Risk Assessment Methodology

This deliverable provides the normative specification of a meta-model which will be used by security analysts in order to capture the cartography of a QR TPM supported environment and the non-normative specification of a multi-step RA methodology that has to be applied prior to the risk quantification. It also provides the approach for integrating multiple levels of risk analysis and dependencies such as safety.

Validation Results, Performance Evaluation and Adoption Guidelines

The deliverable will document the evaluation results gathered from the execution of the demonstrators; the project/framework impact assessment; and the methodology and adoption guidelines. It will also include a critical appraisal of the QR algorithms developed and tested and how they can be generalized to secure hardware solutions other than TPM environments. Any information with regards to the technical details of the TPM implementation (e.g., benchmarking) will be added as a confidential appendix.

Second Report on New QR Cryptographic Primitives

Update of D2.1.

Internal and external IT communication infrastructure and project website

The external IT communication infrastructure constitutes a guideline for communication of the FutureTPM project to external target groups including conferences, marketing measures and communication channels. Furthermore this deliverable constitutes the launch of the internal communication infrastructure including the establishment of mailing lists or a subversion server, and the FutureTPM website.

First version of implementation

First version of SW based QR TSS and QR TPM.

Publications

Building Trust for Smart Connected Devices: The Challenges and Pitfalls of TrustZone

Auteurs: Nikolaos Koutroumpouchos, Christoforos Ntantogian, Christos Xenakis
Publié dans: Sensors, Numéro 21/2, 2021, Page(s) 520, ISSN 1424-8220
Éditeur: Multidisciplinary Digital Publishing Institute (MDPI)
DOI: 10.3390/s21020520

Toward Practical Privacy-Preserving Processing Over Encrypted Data in IoT: An Assistive Healthcare Use Case

Auteurs: Linzhi Jiang, Liqun Chen, Thanassis Giannetsos, Bo Luo, Kaitai Liang, Jinguang Han
Publié dans: IEEE Internet of Things Journal, Numéro 6/6, 2019, Page(s) 10177-10190, ISSN 2327-4662
Éditeur: Institute of Electrical and Electronics Engineers Inc.
DOI: 10.1109/jiot.2019.2936532

The Role of Non-Positional Arithmetic on Efficient Emerging Cryptographic Algorithms

Auteurs: Paulo Martins, Leonel Sousa
Publié dans: IEEE Access, Numéro 8, 2020, Page(s) 59533-59549, ISSN 2169-3536
Éditeur: Institute of Electrical and Electronics Engineers Inc.
DOI: 10.1109/ACCESS.2020.2983020

High-Throughput Elliptic Curve Cryptography using AVX2 Vector Instructions

Auteurs: Cheng, H.; Großschädl, J.; Tian, J.; Roenne, P.; Ryan. P.
Publié dans: Numéro 10, 2020
Éditeur: Springer
DOI: 10.5281/zenodo.4263826

Clust-IT: Clustering-Based Intrusion Detection in IoT Environments

Auteurs: Markiewicz, R.; Sgandurra, D.
Publié dans: Numéro 7, 2020
Éditeur: ACM
DOI: 10.5281/zenodo.4146827

An Accountable Decryption System Based on Privacy-Preserving Smart Contracts

Auteurs: Li, R.; Wang, Q.; Liu, F.; Wang, Q.; Galindo, D.
Publié dans: Numéro 1, 2020
Éditeur: ISC 2020
DOI: 10.5281/zenodo.4556922

A Framework for Efficient Lattice-Based DAA

Auteurs: Liqun Chen, Nada El Kassem, Anja Lehmann, Vadim Lyubashevsky
Publié dans: Proceedings of the 1st ACM Workshop on Workshop on Cyber-Security Arms Race - CYSARM'19, 2019, Page(s) 23-34, ISBN 9781450368407
Éditeur: ACM Press
DOI: 10.1145/3338511.3357349

Combiners for AEAD

Auteurs: Poettering, B.; Rösler, P.
Publié dans: Numéro 1, 2020
Éditeur: IACR / Ruhr University Bochum
DOI: 10.5281/zenodo.4277168

Implementing RLWE-based Schemes Using an RSA Co-Processor

Auteurs: Albrecht, Martin R.; Hanser, Christian; Höller, Andrea; Pöppelmann, Thomas; Virdia, Fernando; Wallner, Andreas
Publié dans: IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES), Volume 2019, Numéro 1, Numéro Numéro 1, 2018
Éditeur: Zenodo
DOI: 10.5281/zenodo.1486566

A Symbolic Analysis of ECC-Based Direct Anonymous Attestation

Auteurs: Jorden Whitefield, Liqun Chen, Ralf Sasse, Steve Schneider, Helen Treharne, Stephan Wesemeyer
Publié dans: 2019 IEEE European Symposium on Security and Privacy (EuroS&P), 2019, Page(s) 127-141, ISBN 978-1-7281-1148-3
Éditeur: IEEE
DOI: 10.1109/eurosp.2019.00019

NTTRU: Truly Fast NTRU Using NTT

Auteurs: Vadim Lyubashevsky, Gregor Seiler
Publié dans: Conference on Cryptographic Hardware and Embedded Systems 2019 , 2019
Éditeur: Cryptology ePrint archive
DOI: 10.13154/tches.v2019.i3.180-201

An HPR variant of the FV scheme: Computationally Cheaper, Asymptotically Faster

Auteurs: Jean-Claude Bajard, Julien Eynard, Paulo Martins, Leonel Sousa, Vincent Zucca
Publié dans: Cryptology ePrint Archive: Report 2019/500; ESORICS 2019, 2019
Éditeur: Cryptology ePrint Archive: Report 2019/500

Optimal TNFS-secure pairings on elliptic curves with composite embedding degree

Auteurs: Georgios Fotiadis (SnT, University of Luxembourg), Chloe Martindale (Technische Universiteit Eindhoven)
Publié dans: Latincrypt 2019, 2019
Éditeur: Cryptology ePrint Archive

A forensic investigation of Android mobile applications

Auteurs: Theodoula-Ioanna Kitsaki, Anna Angelogianni, Christoforos Ntantogian, Christos Xenakis
Publié dans: Proceedings of the 22nd Pan-Hellenic Conference on Informatics - PCI '18, 2018, Page(s) 58-63, ISBN 9781-450366106
Éditeur: ACM Press
DOI: 10.1145/3291533.3291573

Secure Edge Computing with Lightweight Control-Flow Property-based Attestation

Auteurs: Nikos Koutroumpouchos, Christoforos Ntantogian, Sofia-Anna Menesidou, Kaitai Liang, Panagiotis Gouvas, Christos Xenakis, Thanassis Giannetsos
Publié dans: 2019 IEEE Conference on Network Softwarization (NetSoft), 2019, Page(s) 84-92, ISBN 978-1-5386-9376-6
Éditeur: IEEE
DOI: 10.1109/netsoft.2019.8806658

HyPoRes: An Hybrid Representation System for ECC

Auteurs: Martins, Paulo; Marrez, Jérémy; Bajard, Jean-Claude; Sousa, Leonel
Publié dans: 2019 IEEE 26th Symposium on Computer Arithmetic (ARITH), Numéro 14, 2019
Éditeur: IEEE
DOI: 10.5281/zenodo.3946125

An HPR variant of the FV scheme: Computationally Cheaper, Asymptotically Faster

Auteurs: Bajard, J.; Eynard, J.; Martins, P.; Sousa, L.; Zucca, V.
Publié dans: Numéro 13, 2019
Éditeur: ESORICS
DOI: 10.5281/zenodo.3947788

A Tale of Two Worlds - Assessing the Vulnerability of Enclave Shielding Runtimes

Auteurs: Jo Van Bulck, David Oswald, Eduard Marin, Abdulla Aldoseri, Flavio D. Garcia, Frank Piessens
Publié dans: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, 2019, Page(s) 1741-1758, ISBN 9781-450367479
Éditeur: ACM
DOI: 10.1145/3319535.3363206

Optimal TNFS-secure pairings on elliptic curves with composite embedding degree

Auteurs: Fotiadis, G.; Martindale, C.
Publié dans: info:eu-repo/grantAgreement/EC/H2020/779391, Numéro 14, 2019
Éditeur: IACR
DOI: 10.5281/zenodo.3947834

Securing V2X Communications for the Future - Can PKI Systems offer the answer?

Auteurs: Thanassis Giannetsos, Ioannis Krontiris
Publié dans: Proceedings of the 14th International Conference on Availability, Reliability and Security - ARES '19, 2019, Page(s) 1-8, ISBN 9781-450371643
Éditeur: ACM Press
DOI: 10.1145/3339252.3340523

A Lightweight Implementation of NTRUEncrypt for 8-bit AVR Microcontrollers

Auteurs: Cheng, H.; Großschädl, J.; Rønne, P.; Ryan, P.
Publié dans: info:eu-repo/grantAgreement/EC/H2020/779391, Numéro 8, 2019
Éditeur: CSRC
DOI: 10.5281/zenodo.3947856

Machine-Checked Proofs for Cryptographic Standards - Indifferentiability of Sponge and Secure High-Assurance Implementations of SHA-3

Auteurs: José Bacelar Almeida, Cécile Baritel-Ruet, Manuel Barbosa, Gilles Barthe, François Dupressoir, Benjamin Grégoire, Vincent Laporte, Tiago Oliveira, Alley Stoughton, Pierre-Yves Strub
Publié dans: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, 2019, Page(s) 1607-1622, ISBN 9781-450367479
Éditeur: ACM
DOI: 10.1145/3319535.3363211

" A Game of ""Cut and Mouse"": Bypassing Antivirus by Simulating User Inputs "

Auteurs: Genç, Z.; Lenzini, G.; Sgandurra, D.
Publié dans: Numéro 9, 2019
Éditeur: ACM
DOI: 10.5281/zenodo.3951918

[Preprint] ObjectMap: Detecting Insecure Object Deserialization

Auteurs: Koutroumpouchos Nikolaos; Lavdanis Georgios; Eleni, Veroni; Ntantogian Christoforos; Xenakis Christos
Publié dans: Numéro 13, 2019
Éditeur: ACM
DOI: 10.5281/zenodo.3553675

Subverting Decryption in AEAD

Auteurs: Armour, M.; Poettering, B.
Publié dans: Numéro 2, 2019
Éditeur: Springer
DOI: 10.5281/zenodo.3951943

Substitution Attacks against Message Authentication

Auteurs: Armour, M.; Poettering, B.
Publié dans: Numéro 8, 2019
Éditeur: IACR
DOI: 10.13154/tosc.v2019.i3.152-168

Plundervolt: Software-based Fault Injection Attacks against Intel SGX

Auteurs: Kit Murdock, David Oswald, Flavio D. Garcia, Jo Van Bulck, Daniel Gruss, Frank Piessens
Publié dans: 2020 IEEE Symposium on Security and Privacy (SP), 2020, Page(s) 1466-1482, ISBN 978-1-7281-3497-0
Éditeur: IEEE
DOI: 10.1109/sp40000.2020.00057

Efficient and Secured Implementation of PostQuantum Cryptography

Auteurs: Pöppelmann, T.
Publié dans: Numéro 6, 2020
Éditeur: Embedded World Conference 2020
DOI: 10.5281/zenodo.3952200

Risk-Limiting Tallies

Auteurs: Jamroga, W.; Roenne, P.; Ryan, P.; Stark, P.
Publié dans: Numéro 7, 2019
Éditeur: Springer
DOI: 10.5281/zenodo.3952218

A Lightweight Implementation of NTRU Prime for the Post-Quantum Internet of Things

Auteurs: Cheng, H.; Dinu, D.; Großschädl, P.; Rønne, P.; Ryan, P.
Publié dans: Numéro 7, 2019
Éditeur: Springer
DOI: 10.5281/zenodo.3952246

Authenticated Key Distribution: When the Coupon Collector is Your Enemy

Auteurs: Beunardeau, M.; Orche, F.; Maimuţ, D.; Naccache, D.; Rønne, P.; Ryan, P.
Publié dans: Numéro 3, 2019
Éditeur: Springer
DOI: 10.5281/zenodo.3952268

Software Emulation of Quantum Resistant Trusted Platform Modules

Auteurs: Fiolhais, L.; Martins, P.; Sousa, L.
Publié dans: 2020
Éditeur: SECRYPT
DOI: 10.5281/zenodo.3979200

Post-Quantum Key Encapsulation on 8-bit Microcontrollers: A New Hope for the IoT

Auteurs: Hao Cheng, Johann Groszschaedl, Peter Roenne, Peter Ryan
Publié dans: 2020
Éditeur: CARDIS
DOI: 10.5281/zenodo.3980419

CloudVaults: Integrating Trust Extensions into System Integrity Verification for Cloud-based Environments

Auteurs: Larsen, B.; Bergsson, D.; Giannetsos, T.
Publié dans: Numéro 1, 2020
Éditeur: IEEE
DOI: 10.5281/zenodo.4279029

Efficiency Improvements for Encrypt-to-Self

Auteurs: Jeroen Pijnenburg, Bertram Poettering
Publié dans: Proceedings of the 2nd Workshop on Cyber-Security Arms Race, 2020, Page(s) 13-23, ISBN 9781450380911
Éditeur: ACM
DOI: 10.1145/3411505.3418438

Certicateless Public Key Signature Schemes from Standard Algorithms

Auteurs: Cheng, Z.; Chen, L.
Publié dans: Numéro 3, 2018
Éditeur: Springer
DOI: 10.5281/zenodo.4017195

Encrypt-to-self: Securely Outsourcing Storage

Auteurs: Pijnenburg, J.; Poettering, B.
Publié dans: Numéro 7, 2020
Éditeur: Springer
DOI: 10.5281/zenodo.4146854

Faulty Point Unit: ABI Poisoning Attacks on Intel SGX

Auteurs: Fritz Alder, Jo Van Bulck, David Oswald, Frank Piessens
Publié dans: Annual Computer Security Applications Conference, 2020, Page(s) 415-427, ISBN 9781450388580
Éditeur: ACSAC 2020
DOI: 10.1145/3427228.3427270

Malware vs Anti-Malware Battle - Gotta Evade 'em All!

Auteurs: Chaffey, E.; Sgandurra, D.
Publié dans: Numéro 1, 2020
Éditeur: IEEE
DOI: 10.5281/zenodo.4277105

Modelling of 802.11 4-Way Handshake Attacks and Analysis of Security Properties

Auteurs: Rajiv Ranjan Singh, José Moreira, Tom Chothia, Mark D. Ryan
Publié dans: Security and Trust Management - 16th International Workshop, STM 2020, Guildford, UK, September 17–18, 2020, Proceedings, Numéro 12386, 2020, Page(s) 3-21, ISBN 978-3-030-59816-7
Éditeur: Springer International Publishing
DOI: 10.1007/978-3-030-59817-4_1

Floppy-Sized Group Signatures from Lattices

Auteurs: Cecilia Boschini, Jan Camenisch, Gregory Neven
Publié dans: Applied Cryptography and Network Security, Numéro 10892, 2018, Page(s) 163-182, ISBN 978-3-319-93386-3
Éditeur: Springer International Publishing
DOI: 10.1007/978-3-319-93387-0_9

Certificateless Public Key Signature Schemes from Standard Algorithms

Auteurs: Zhaohui Cheng, Liqun Chen
Publié dans: Information Security Practice and Experience - 14th International Conference, ISPEC 2018, Tokyo, Japan, September 25-27, 2018, Proceedings, Numéro 11125, 2018, Page(s) 179-197, ISBN 978-3-319-99806-0
Éditeur: Springer International Publishing
DOI: 10.1007/978-3-319-99807-7_11

Short Discrete Log Proofs for FHE and Ring-LWE Ciphertexts

Auteurs: Rafael del Pino, Vadim Lyubashevsky, Gregor Seiler
Publié dans: Public-Key Cryptography – PKC 2019 - 22nd IACR International Conference on Practice and Theory of Public-Key Cryptography, Beijing, China, April 14-17, 2019, Proceedings, Part I, Numéro 11442, 2019, Page(s) 344-373, ISBN 978-3-030-17252-7
Éditeur: Springer International Publishing
DOI: 10.1007/978-3-030-17253-4_12

Algebraic Techniques for Short(er) Exact Lattice-Based Zero-Knowledge Proofs

Auteurs: Jonathan Bootle, Vadim Lyubashevsky, Gregor Seiler
Publié dans: Advances in Cryptology – CRYPTO 2019 - 39th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 18–22, 2019, Proceedings, Part I, Numéro 11692, 2019, Page(s) 176-202, ISBN 978-3-030-26947-0
Éditeur: Springer International Publishing
DOI: 10.1007/978-3-030-26948-7_7

On Deception-Based Protection Against Cryptographic Ransomware

Auteurs: Ziya Alper Genç, Gabriele Lenzini, Daniele Sgandurra
Publié dans: Detection of Intrusions and Malware, and Vulnerability Assessment - 16th International Conference, DIMVA 2019, Gothenburg, Sweden, June 19–20, 2019, Proceedings, Numéro 11543, 2019, Page(s) 219-239, ISBN 978-3-030-22037-2
Éditeur: Springer International Publishing
DOI: 10.1007/978-3-030-22038-9_11

CrowdLED: Towards Crowd-Empowered and Privacy-Preserving Data Sharing Using Smart Contracts

Auteurs: Constantinos Pouyioukka, Thanassis Giannetsos, Weizhi Meng
Publié dans: Trust Management XIII - 13th IFIP WG 11.11 International Conference, IFIPTM 2019, Copenhagen, Denmark, July 17-19, 2019, Proceedings, Numéro 563, 2019, Page(s) 147-161, ISBN 978-3-030-33715-5
Éditeur: Springer International Publishing
DOI: 10.1007/978-3-030-33716-2_12

[Preprint] Transforming malicious code to ROP gadgets for antivirus evasion

Auteurs: Ntantogian Christoforos; Poulios Georgios; Karopoulos Georgios; Xenakis Christos
Publié dans: IET Information Security , Numéro 3, 2019
Éditeur: IET Digital Library
DOI: 10.5281/zenodo.3239991

Can you sign a quantum state?

Auteurs: Alagic, Gorjan; Gagliardoni, Tommaso; Majenz, Christian
Publié dans: arXiv.org, Numéro 1, 2018
Éditeur: arXiv.org

[Preprint] A Survey of Voice and Communication Protection Solutions Against Wiretapping

Auteurs: Ntantogian Christoforos; Veroni Eleni; Karopoulos Georgios; Xenakis Christos
Publié dans: Computers & Electrical Engineering Volume 77 , Numéro 6, 2019
Éditeur: Elsevier
DOI: 10.5281/zenodo.3237476

[Preprint] Evaluation of Password Hashing Schemes in Open Source Web Platforms

Auteurs: Ntantogian Christoforos; Malliaros Stefanos; Xenakis Christos
Publié dans: Computers & Security , Numéro 6, 2019, Page(s) 206-224
Éditeur: ScienceDirect
DOI: 10.5281/zenodo.2633019

Magnifying Side-Channel Leakage of Lattice-Based Cryptosystems with Chosen Ciphertexts: The Case Study of Kyber

Auteurs: Zhuang Xu, Owen Pemberton, Sujoy Sinha Roy, David Oswald
Publié dans: 2020
Éditeur: IACR eprint server
DOI: 10.5281/zenodo.3979188

More efficient, provably-secure direct anonymous attestation from lattices

Auteurs: Nada El Kassem, Liqun Chen, Rachid El Bansarkhani, Ali El Kaafarani, Jan Camenisch, Patrick Hough, Paulo Martins, Leonel Sousa
Publié dans: Future Generation Computer Systems, Numéro 99, 2019, Page(s) 425-458, ISSN 0167-739X
Éditeur: Elsevier BV
DOI: 10.1016/j.future.2019.04.036

Recherche de données OpenAIRE...

Livrables

Publications

Partager cette page

Télécharger