Rourab Paul

Rourab Paul, Krishnendu Guha, Amlan Chakrabarti

Number Theoretic Transform (NTT) is the most essential component for polynomial multiplications used in lattice-based Post-Quantum Cryptography (PQC) algorithms such as Kyber, Dilithium, NTRU etc. However, side-channel attacks (SCA) and hardware vulnerabilities in the form of hardware Trojans may alter control signals to disrupt the circuit's control flow and introduce unconventional delays in the critical hardware of PQC. Hardware Trojans, especially on control signals, are more low cost and impactful than data signals because a single corrupted control signal can disrupt or bypass entire computation sequences, whereas data faults usually cause only localized errors. On the other hand, adversaries can perform Soft Analytical Side Channel Attacks (SASCA) on the design using the inserted hardware Trojan. In this paper, we present a secure NTT architecture capable of detecting unconventional delays, control-flow disruptions, and SASCA, while providing an adaptive fault-correction methodology for their mitigation. Extensive simulations and implementations of our Secure NTT on Artix-7 FPGA with different Kyber variants show that our fault detection and correction modules can efficiently detect and correct faults whether caused unintentionally or intentionally by hardware Trojans with a high success rate, while introducing only modest area and time overheads.

Rourab Paul, Nimisha Ghosh, Amlan Chakrabarti et al.

The growing sophistication of cyber attacks, vulnerabilities in high computing systems and increasing dependency on cryptography to protect our digital data make it more important to keep secret keys safe and secure. Few major issues on secret keys like incorrect use of keys, inappropriate storage of keys, inadequate protection of keys, insecure movement of keys, lack of audit logging, insider threats and non-destruction of keys can compromise the whole security system dangerously. In this article, we have proposed and implemented an isolated secret key memory which can log life cycle of secret keys cryptographically using blockchain (BC) technology. We have also implemented a special custom bus interconnect which receives custom crypto instruction from Processing Element (PE). During the execution of crypto instructions, the architecture assures that secret key will never come in the processor area and the movement of secret keys to various crypto core is recorded cryptographically after the proper authentication process controlled by proposed hardware based BC. To the best of our knowledge, this is the first work which uses blockchain based solution to address the issues of the life cycle of the secret keys in hardware platform. The additional cost of resource usage and timing complexity we spent to implement the proposed idea is very nominal. We have used Xilinx Vivado EDA tool and Artix 7 FPGA board.

Nimisha Ghosh, Sayantan Saha, Rourab Paul

Data gathered from multiple sensors can be effectively fused for accurate monitoring of many engineering applications. In the last few years, one of the most sought after applications for multi sensor fusion has been fault diagnosis. Dempster-Shafer Theory of Evidence along with Dempsters Combination Rule is a very popular method for multi sensor fusion which can be successfully applied to fault diagnosis. But if the information obtained from the different sensors shows high conflict, the classical Dempsters Combination Rule may produce counter-intuitive result. To overcome this shortcoming, this paper proposes an improved combination rule for multi sensor data fusion. Numerical examples have been put forward to show the effectiveness of the proposed method. Comparative analysis has also been carried out with existing methods to show the superiority of the proposed method in multi sensor fault diagnosis.

Rourab Paul, Nimisha Ghosh, Suman Sau et al.

Standard security protocols like SSL, TLS, IPSec etc. have high memory and processor consumption which makes all these security protocols unsuitable for resource constrained platforms such as Internet of Things (IoT). Blockchain (BC) finds its efficient application in IoT platform to preserve the five basic cryptographic primitives, such as confidentiality, authenticity, integrity, availability and non-repudiation. Conventional adoption of BC in IoT platform causes high energy consumption, delay and computational overhead which are not appropriate for various resource constrained IoT devices. This work proposes a machine learning (ML) based smart access control framework in a public and a private BC for a smart city application which makes it more efficient as compared to the existing IoT applications. The proposed IoT based smart city architecture adopts BC technology for preserving all the cryptographic security and privacy issues. Moreover, BC has very minimal overhead on IoT platform as well. This work investigates the existing threat models and critical access control issues which handle multiple permissions of various nodes and detects relevant inconsistencies to notify the corresponding nodes. Comparison in terms of all security issues with existing literature shows that the proposed architecture is competitively efficient in terms of security access control.

Nimisha Ghosh, Rourab Paul, Satyabrata Maity et al.

Fault detection in sensor nodes is a pertinent issue that has been an important area of research for a very long time. But it is not explored much as yet in the context of Internet of Things. Internet of Things work with a massive amount of data so the responsibility for guaranteeing the accuracy of the data also lies with it. Moreover, a lot of important and critical decisions are made based on these data, so ensuring its correctness and accuracy is also very important. Also, the detection needs to be as precise as possible to avoid negative alerts. For this purpose, this work has adopted Dempster-Shafer Theory of Evidence which is a popular learning method to collate the information from sensors to come up with a decision regarding the faulty status of a sensor node. To verify the validity of the proposed method, simulations have been performed on a benchmark data set and data collected through a test bed in a laboratory set-up. For the different types of faults, the proposed method shows very competent accuracy for both the benchmark (99.8%) and laboratory data sets (99.9%) when compared to the other state-of-the-art machine learning techniques.

Rourab Paul, Hemanta Dey, Amlan Chakrabarti et al.

RC4 can be made more secured if an additional RC4-like Post-KSA Random Shuffing (PKRS) process is introduced between KSA and PRGA. It can also be made significantly faster if RC4 bytes are processed in a FPGA embedded system using multiple coprocessors functioning in parallel. The PKRS process is tuned to form as many S-boxes as required by particular design architectures involving multiple coprocessors, each one undertaking byte-by-byte processing. Following a ecent idea [1] [2] the speed of execution of each processor is also enhanced by another fold if the byte-by-byte processing is replaced by a scheme of processing two consecutive bytes together. Adopting some new innovative concepts, three hardware design architectures are proposed in a suitable FPGA embedded system involving 1, 2 and 4 coprocessors functioning in parallel and a study is made on accelerating RC4 by processing bytes in byte-by-byte mode achieving throughputs from 1-byte-in-1-clock to 4-bytes-in-1-clock. The hardware designs are appropriately upgraded to accelerate RC4 further by processing 2 onsecutive RC4 bytes together and it has been possible to achieve a maximum throughput of 8-bytes per clock in Xilinx Virtex-5 LX110t FPGA [3] architecture followed by secured data communication between two FPGA boards.

Sruti Agarwal, Sangeet Saha, Rourab Paul et al.

Cryptographic algorithms are computationally costly and the challenge is more if we need to execute them in resource constrained embedded systems. Field Programmable Gate Arrays (FPGAs) having programmable logic de- vices and processing cores, have proven to be highly feasible implementation platforms for embedded systems providing lesser design time and reconfig- urability. Design parameters like throughput, resource utilization and power requirements are the key issues. The popular Elliptic Curve Cryptography (ECC), which is superior over other public-key crypto-systems like RSA in many ways, such as providing greater security for a smaller key size, is cho- sen in this work and the possibilities of its implementation in FPGA based embedded systems for both single and dual processor core architectures in- volving task parallelization have been explored. This exploration, which is first of its kind considering the other existing works, is a needed activity for evaluating the best possible architectural environment for ECC implementa- tion on FPGA (Virtex4 XC4VFX12, FF668, -10) based embedded platform.