Michael Hutter

• MSc PhD
• Lead Hardware Architect at PQShield

Multi-precision multiplication is one of the most fundamental operations on microprocessors to allow public-key cryptography such as RSA and elliptic curve cryptography. In this paper, we present a novel multiplication technique that increases the performance of multiplication by sophisticated caching of operands. Our method significantly reduces t...

During the past two decades there has been a great deal of research published on masked hardware implementations of AES and other cryptographic primitives. Unfortunately, many hardware masking techniques can lead to increased latency compared to unprotected circuits for algorithms such as AES, due to the high-degree of nonlinear functions in their...

Software (SW) implementations of cryptographic algorithms are vulnerable to Side-channel Analysis (SCA) attacks, basically relinquishing the key to the outside world through measurable physical properties of the processor like power consumption and electromagnetic radiation. Protected SW implementations typically have a significant timing and code...

Converting a Boolean mask to an arithmetic mask, and vice versa, is often required in implementing side-channel-resistant instances of cryptographic algorithms that mix Boolean and arithmetic operations. In this paper, we describe a method for converting a Boolean mask to an arithmetic mask that runs in constant time for a fixed order and has quadr...

Multi-precision multiplication is one of the most fundamental operations on microprocessors to allow public-key cryptography such as RSA and elliptic curve cryptography (ECC). In this paper, we present a novel multiplication technique that increases the performance of multiplication by sophisticated caching of operands. Our method significantly red...

QcBits is a code-based public key algorithm based on a problem thought to be resistant to quantum computer attacks. It is a constant-time implementation for a quasi-cyclic moderate density parity check (QC-MDPC) Niederreiter encryption scheme, and has excellent performance and small key sizes. In this paper, we present a key recovery attack against...

Implementing efficient countermeasures against side-channel attacks is a challenge since two decades. Especially in hardware, many masking countermeasure implementations failed due to first-order leakages caused by glitches or other effects such as early evaluation and unbalanced routing. The Threshold Implementation (TI) countermeasure was propose...

This paper presents a low-resource hardware implementation of the widely used crypto_box function of the Networking and Cryptography library (NaCl). It supports the X25519 Diffie-Hellman key exchange using Curve25519, the Salsa20 stream cipher, and the Poly1305 message authenticator. Our targeted application is a secure communication between device...

This paper presents new speed records for 128-bit secure elliptic-curve Diffie-Hellman key-exchange software on three different popular microcontroller architectures. We consider a 255-bit curve proposed by Bernstein known as Curve25519, which has also been adopted by the IETF. We optimize the X25519 key-exchange protocol proposed by Bernstein in 2...

We present Zorro, a taped-out ASIC hosting three distinct authenticated encryption architectures based on the SpongeWrap construction. All designs target resource-constrained environments such as smart cards or embedded devices and therefore, have been protected against DPA attacks while keeping low-area as the most important design goal in mind. E...

True random number generators (TRNGs) are the basic building blocks of cryptographic implementations. They are used to generate random numbers required for security protocols, to generate ephemeral keys, and are often used in hiding or masking countermeasures to thwart implementation attacks. The protection of TRNGs is an important issue to guarant...

Fault attacks have been widely studied in the past but most of the literature describes only individual fault-injection techniques such as power/clock glitches, EM pulses, optical inductions, or heating/cooling. In this work, we investigate combined fault attacks by performing clock-glitch attacks under the impact of heating. We performed practical...

In the era of the Internet of Things, smart electronic devices facilitate processes in our everyday lives. Texas Instrument's MSP430 microcontrollers target low-power applications, among which are wireless sensor, metering and medical applications. Those domains have in common that sensitive data is processed, which calls for strong security primit...

In this paper, we evaluate various large-integer multiplication methods suitable for resource-constrained devices like passive RFIDs. We restrict our investigations on multiprecision multiplication units in hardware and evaluate their performance regarding area, power, and speed. We implemented and compared different multiplier techniques: array, b...

In recent years, a lot of effort was made to deploy asymmetric cryptography based on ECC to affordable RFID tags. However, many proposed hardware designs suffer from long execution times and many resource requirements. In this paper, we address this issue by presenting a low-resource implementation of a 160-bit ECDSA signature generation algorithm....

This paper presents new speed records for multiprecision multiplication on the AVR ATmega family of 8-bit microcontrollers. For example, our software takes only 1969 cycles for the multiplication of two 160-bit integers; this is more than 15% faster than previous work. For 256-bit inputs, our software is not only the first to break through the 6000...

The Internet of Things (IoT) envisions an autonomous network between everyday objects to create real-life services. This enables new applications that necessarily require a high level of security and privacy. In this paper, we present PIONEER—a Prototype for the Internet of Things based on an Extendable EPC Gen2 RFID tag. It is the first prototype...

Abstract—The detectability of malicious circuitry on FPGAs with varying placement properties yet has to be investigated. The authors utilize a Xilinx Virtex-II Pro target platform in order to insert a sequential denial-of-service Trojan into an existing AES design by manipulating a Xilinx-specific, intermediate file format prior to the bitstream ge...

A huge number of security-relevant systems nowadays use contactless smart cards. Such systems, like payment systems or access control systems, commonly use single-pass or mutual authentication protocols to proof the origin of the card holder. The application of relay attacks allows to circumvent this authentication process without needing to attack...

In this paper, we describe an attack against nonce leaks in 384-bit ECDSA using an FFT-based attack due to Bleichenbacher. The signatures were computed by a modern smart card. We extracted the low-order bits of each nonce using a template-based power analysis attack against the modular inversion of the nonce. We also developed a BKZ-based method fo...

In this paper, we present practical results of data leakages of CMOS devices via the temperature side channel - a side channel that has been widely cited in literature but not well characterized yet. We investigate the leakage of processed data by passively measuring the dissipated heat of the devices. The temperature leakage is thereby linearly co...

This paper presents the design and implementation of a complete near-field communication (NFC) tag system that supports high-security features. The tag design contains all hardware modules required for a practical realization, which are: an analog 13.56-MHz radio-frequency identification (RFID) front-end, a digital part that includes a tiny (progra...

In this paper, we present a practical relay attack that can be mounted on RFID systems found in many applications nowadays. The described attack uses a self-designed proxy device to forward the RF communication from a reader to a modern NFC-enabled smart phone (Google Nexus S). The phone acts as a mole to inquire a victim’s card in the vicinity of...

There exists a broad range of RFID protocols in literature that propose hash functions as cryptographic primitives. Since keccak has been selected as the winner of the NIST SHA-3 competition in 2012, there is the question of how far we can push the limits of keccak to fulfill the stringent requirements of passive low-cost RFID. In this paper, we ad...

In this paper we describe an attack against nonce leaks in 384-bit ECDSA using an FFT-based attack due to Bleichenbacher. The signatures were computed by a modern smart card. We extracted the low-order bits of each nonce using a template-based power analysis attack against the modular inversion of the nonce. We also developed a BKZ-based method for...

We infiltrate the ASIC development chain by inserting a small denial-of-service (DoS) hardware Trojan at the fabrication design phase into an existing VLSI circuit, thereby simulating an adversary at a semiconductor foundry. Both the genuine and the altered ASICs have been fabricated using a 180 nm CMOS process. The Trojan circuit adds an overhead...

This paper presents first results of the Networking and Cryptography library (NaCl) on the 8-bit AVR family of microcontrollers. We show that NaCl, which has so far been optimized mainly for different desktop and server platforms, is feasible on resource-constrained devices while being very fast and memory efficient. Our implementation shows that e...

This book constitutes the proceedings of the 9th Workshop on RFID Security and Privacy, RFIDsec 2013, held in Graz, Austria, in July 2013. The 11 papers presented in this volume were carefully reviewed and selected from 23 submissions. RFIDsec deals with topics of importance to improving the security and privacy of RFID, NFC, contactless technologi...

In this chapter, the authors explore the feasibility of Elliptic Curve Cryptography (ECC) on Wireless Identification and Sensing Platforms (WISPs). ECC is a public-key based cryptographic primitive that has been widely adopted in embedded systems and Wireless Sensor Networks (WSNs). In order to demonstrate the practicability of ECC on such platform...

We present GrÆStl, a combined hardware architecture for the Advanced Encryption Standard (AES) and Grøstl, one of the final round candidates of the SHA-3 hash competition. GrÆStl has been designed for low-resource devices implementing AES-128 (encryption and decryption) as well as Grøstl-256 (tweaked version). We applied several resource-sharing op...

Computing elliptic-curve scalar multiplication is the most time consuming operation in any elliptic-curve cryptosystem. In the last decades, it has been shown that pre-computations of elliptic-curve points improve the performance of scalar multiplication especially in cases where the elliptic-curve point P is fixed. In this paper, we present an imp...

Radio-frequency identification (RFID) technology is the enabler for applications like the future internet of things (IoT), where security plays an important role. When integrating security to RFID tags, not only the cryptographic algorithms need to be secure but also their implementation. In this work we present differential power analysis (DPA) an...

In this paper, we propose a setup that improves the performance of implementation attacks by exploiting the difference of side-channel leakages. The main idea of our setup is to use two cryptographic devices and to measure the difference of their physical leakages, e.g., their power consumption. This increases the signal-to-noise ratio of the measu...

In this chapter, the authors explore the feasibility of Elliptic Curve Cryptography (ECC) on Wireless Identification and Sensing Platforms (WISPs). ECC is a public-key based cryptographic primitive that has been widely adopted in embedded systems and Wireless Sensor Networks (WSNs). In order to demonstrate the practicability of ECC on such platform...

In this paper, we answer the question whether binary extension field or prime-field based processors doing multi-precision arithmetic are better in the terms of area, speed, power, and energy. This is done by implementing and optimizing two distinct custom-made 16-bit processor designs and comparing our solutions on different abstraction levels: fi...

Multi-precision multiplication is one of the most fundamental operations on microprocessors to allow public-key cryptography such as RSA and Elliptic Curve Cryptography (ECC). In this paper, we present a novel multiplication technique that increases the performance of multiplication by sophisticated caching of operands. Our method significantly red...

A way to classify the security level of a cryptographic device is to estimate the effort an adversary has to invest in an attack to be successful. While there are metrics and mathematical models to determine the complexity of attacks on cryptographic algorithms and protocols, estimating the security level of an implementation is more complicated. T...

Elliptic Curve Cryptography (ECC) based processors have gained large attention in the context of embedded-system design due to their ability of efficient implementation. In this paper, we present a low-resource processor that supports ECC operations for less than 9 kGEs. We base our design on an optimized 16-bit microcontroller that provides high f...

RFID and NFC are widely spread contactless communication systems and are commonly used in security-critical applications such as payment and keyless-entry systems. Relay attacks pose a serious threat in this context that are not addressed by most of the RFID applications in use today. The attacks circumvent application-layer security and they canno...

It has been recently shown that sharing a common coordinate in elliptic curve cryptography implementations improves the performance of scalar multiplication. This paper presents new formulæ for elliptic curves over prime fields that provide efficient point addition and doubling using the Montgomery ladder. All computations are performed in a common...

The Wireless Identification and Sensing Platform (WISP) can be used to demonstrate and evaluate new RFID applications. In this paper, we present practical results of an implementation of elliptic curve cryptography (ECC) running on the WISP. Our implementation is based on the smallest recommended NIST elliptic curve over prime fields. We meet the l...

The Elliptic Curve Digital Signature Algorithm (ECDSA) and the Advanced Encryption Standard (AES) are two of the most popular cryptographic algorithms used worldwide. In this paper, we present a hardware implementation of a low-resource cryptographic processor that provides both digital signature generation using ECDSA and encryption/decryption ser...

Remote Attestation, as devised by the Trusted Computing Group, is based on a secure hardware component—the Trusted Platform Module (TPM). It allows to reach trust decisions between different network hosts. However, attestation cannot be applied in an important field of application—the identification of physically encountered, public computer platfo...

In the last few years RFID technology has become a major driver of various businesses like logistics, supply-chain management and access control. Many of these applications base on the successful implementation of security services on the RFID tag side but also on the reader side. In this paper we present an efficient tool for early prototype imple...

Near Field Communication (NFC) has become widely available on smart phones. It helps users to intuitively establish communication between local devices. Accessing devices such as public terminals raises several security concerns in terms of confidentiality and trust. To overcome this issue, NFC can be used to leverage the trusted-computing protocol...

In the last few years, a lot of research has been made to bring asymmetric cryptography on low-cost RFID tags. Many of the proposed implementations include elliptic-curve based coprocessors to provide entity-authentication services through for example identification schemes. This paper presents first results of an 192-bit Elliptic Curve Digital Sig...

More and more embedded devices store sensitive information that is protected by means of cryptography. The confidentiality of this data is threatened by information leakage via side channels like the power consumption or the electromagnetic radiation. In this paper, we show that the side-channel leakage in the power consumption is not limited to th...

Radio-Frequency Identification (RFID) is a wireless technology that already plays an important role in security-related applications. As soon as cryptographic features are integrated into RFID-enabled devices, the issue of implementation security becomes highly important. Implementation attacks exploit potential weaknesses of such devices and allow...

In the last decade, many articles have been published that demonstrate the susceptibility of cryptographic devices against implementation attacks. Usually, such devices draw their energy from a contact-based power supply. This power-supply connection is often exploited to extract the secret key by applying fault-injection methods and power-analysis...

Microprocessors are the heart of the devices we rely on every day. However, their non-volatile memory, which often contains sensitive information, can be manipulated by ultraviolet (UV) irradiation. This paper gives practical results demonstrating that the non-volatile memory can be erased with UV light by investigating the effects of UV-Clight wit...

Web-based management solutions have become an increasingly important and promising approach especially for small and embedded environments. This article presents the design and implementation of an embedded system that leverages the Web-based enterprise management (WBEM) solution. WBEM has been designed to manage large heterogeneous environments bu...

The elliptic curve digital signature algorithm (ECDSA) is used in many devices to provide authentication. In the last few years, more and more ECDSA implementations have been proposed that allow the integration into resource-constrained devices like RFID tags. Their resistance against power-analysis attacks has not been scrutinized so far. In this...

Security-enabled RFID tags become more and more important and integrated in our daily life. While the tags implement cryptographic algorithms that are secure in a mathematical sense, their implementation is susceptible to attacks. Physical side channels leak information about the processed secrets. This article focuses on practical analysis of elec...

Authentication of RFID tags is a challenging task due to the resource-constrained environment they are operating in. In this article, we present a top-down evaluation survey for RFID-tag authentication based on elliptic curves. First, we describe a general model to characterize different state-of-the-art public-key techniques that provide entity an...

One of the most important challenges in the last few years has been the integration of authentication services to low-cost RFID tags. Especially elliptic-curve-based implementations have proven to be a good option for asymmetric and light-weight cryptography. In this article, we evaluate two elliptic-curve based versions of the Schnorr and GPS iden...

Side-channel analysis (SCA) attacks are a powerful technique to reveal secrets of cryptographic devices due to implementation weaknesses. In order to make SCA less effective, countermeasures are integrated in cryptographic devices. In this work, we have built a low-cost shielding device to enhance SCA measurements. Our objectives have been to reduc...

Radio Frequency Identification (RFID) is a rapidly upcoming technology that has become more and more important also in security-related applications. In this article, we discuss the impact of faults on this kind of devices. We have analyzed conventional passive RFID tags from different vendors operating in the High Frequency (HF) and Ultra-High Fre...

We present a fully operable security gateway prototype, integrating quantum key distribution and realised as a system-on-chip. It is implemented on a field-programmable gate array and provides a virtual private network with low latency and gigabit throughput. The seamless hard- and software integration of a quantum key distribution layer enables hi...

Security-enabled RFID tags become more and more impor-tant and integrated in our daily life. While the tags implement crypto-graphic algorithms that are secure in a mathematical sense, their imple-mentation is not and physical side channels leak information about the secrets. This article focuses on the analysis of electromagnetic side chan-nels an...

During the last years, more and more security applications have been developed that are based on passive 13.56 MHz RFID devices. Among the most prominent applications are electronic passports and contactless payment systems. This article discusses the effectiveness of power and EM attacks on this kind of devices. It provides an overview of differen...

RSA is a well-known algorithm that is used in various cryptographic systems like smart cards and e-commerce applications. This article presents practical attacks on implementations of RSA that use the Chinese Remainder Theorem (CRT). The attacks have been performed by inducing faults into a cryptographic device through optical and electromagnetic i...

The Internet of Things (IoT) is a very promising paradigm which can be seen as the process of integrating intelligence into the surrounding artefacts with their subsequent interconnection via the Internet in order to provide (possible new) services to the user. Despite bringing in undeniable bene-fits, it raises serious security and privacy concern...