Enrico Pozzobon

Ostbayerische Technische Hochschule · Faculty of Electrical Engineering and Information Technology

In this work, we present our benchmarking results for the ten finalist ciphers of the Lightweight Cryptography (LWC) project initiated by National Institute of Standards and Technology (NIST). We evaluate the speed and code size of various software implementations on five different platforms featuring four different architectures. Moreover, we benc...

The modular addition is a popular building block when designing lightweight ciphers. While algorithms mainly based on the addition can reach very high performance, masking their implementations results in a huge penalty. Since efficient protection against side-channel attacks is a requirement in lots of use cases, we focus on optimizing the Boolean...

The modular addition is used as a non-linear operation in ARX ciphers because it achieves the requirement of introducing non-linearity in a cryptographic primitive while only taking one clock cycle to execute on most modern archi-tectures. This makes ARX ciphers especially fast in software implementations, but comes at the cost of making it harder...

Car manufacturers define proprietary protocols to be used inside their vehicular networks, which are kept an industrial secret, therefore impeding independent researchers from extracting information from these networks. This article describes a statistical and a neural network approach that allows reverse engineering proprietary controller area net...

The National Institute of Standards and Technology (NIST) started the standardization process for lightweight cryptography algorithms in 2018. By the end of the first round, 32 submissions have been selected as 2nd round candidates. NIST allowed designers of 2nd round submissions to provide small updates on both their specifications and implementat...

The National Institute of Standards and Technology (NIST) started the standardization process for lightweight cryptography algorithms in 2018. By the end of the first round, 32 submissions have been selected as 2nd round candidates. NIST allowed designers of 2nd round submissions to provide small updates on both their specifications and implementat...

This paper introduces a custom framework for benchmarking software implementations from the National Institute of Standards and Technology (NIST) Lightweight Cryptography (LWC) project on embedded devices. We present the design and core functions of the framework and apply it to various NIST LWC authenticated encryption with associated data (AEAD)...

https://www.troopers.de/troopers19/agenda/mud7fn/ Connecting cheap IoT devices to the safety-critical network of a car can be an extremely bad idea, but at least it allows us to hack together our own automotive gadget. This talk explains the complete procedure involved in transforming a cheap OBD GSM dongle designed for fleet management into a op...

https://www.troopers.de/troopers19/agenda/znxvht/ This talk will provide a general overview on how Scapy can be used for automotive penetration testing. All present features of Scapy for automotive penetration will be introduced and explained. Also an overview of higher level automotive protocols will be given. As automotive penetration testing b...

Controller Area Network (CAN) is still the most used network technology in today's connected cars. Now and in the near future, penetration tests in the area of automotive security will still require tools for CAN media access. More and more open source automotive penetration tools and frameworks are presented by researchers on various conferences,...

Modern cars include more and more features that first emerged from the consumer electronics industry. Technologies like Bluetooth and Internet-connected services found their way into the vehicle industry. The secure implementation of these functions presents a great challenge for the manufacturers because products originating from the consumer indu...