Filetype
In this paper, we introduce an oracle version of the Restricted Syndrome Decoding Problem (RSDP) and propose novel authentication protocols based on the hardness of this problem. They follow the basic structure of the HB-family of authentication protocols and later improvements but demonstrate several advantages.An appropriate choice of multiplicative subgroup and ring structure gives rise to a ve
The Learning with Errors (LWE) problem receives much attention in cryptography, mainly due to its fundamental significance in post-quantum cryptography. Among its solving algorithms, the Blum-Kalai-Wasserman (BKW) algorithm, originally proposed for solving the Learning Parity with Noise (LPN) problem, performs well, especially for certain parameter settings with cryptographic importance. The BKW a
The problem of decoding random codes is a fundamental problem for code-based cryptography, including recent code-based candidates in the NIST post-quantum standardization process. In this paper, we present a novel Sieving-style Information-set Decoding algorithm, addressing the task of solving the syndrome decoding problem. Our approach involves maintaining a list of weight-2p solution vectors to
The Module Learning With Errors (MLWE)-based Key Encapsulation Mechanism (KEM) Kyber is NIST's new standard scheme for post-quantum encryption. As a building block, Kyber uses a Chosen Plaintext Attack (CPA)-secure Public Key Encryption (PKE) scheme, referred to as Kyber.CPAPKE. In this paper we study the robustness of Kyber.CPAPKE against key mismatch attacks.We demonstrate that Kyber's security
This thesis unfolds a journey into the realm of cloud integrated systems. More specifically, it explores the transformational role of diverse cloud infrastructure, be it public or private, centralized or edge-based, when integrated into traditional systems. In this transformation, the cloud assumes the vital role of controllers. Inevitably, this shift towards cloud integration also brings into pla
Lattice-based cryptography is in the process of being standardized. Several proposals to deal with side-channel information using lattice reduction exist. However, it has been shown that algorithms based on Bayesian updating are often more favorable in practice. In this work, we define distribution hints; a type of hint that allows modelling probabilistic information. These hints generalize most p
Mission-critical applications such as industrial control processes are evolving towards a new development paradigm by offloading their heavy computations to the edge of the emerging Fifth Generation Wireless Specifications (5G) network. In this manner, the applications can gain the economical and efficiency benefits of cloud computing, as well as reliable communication from the 5G network. However
We uncover a critical side-channel vulnerability in the Hamming Quasi-Cyclic (HQC) round 4 optimized implementation arising due to the use of the modulo operator. In some cases, compilers optimize uses of the modulo operator with compiletime known divisors into constant-time Barrett reductions. However, this optimization is not guaranteed: for example, when a modulo operation is used in a loop the
Well before large-scale quantum computers will be available, traditional cryptosystems must be transitioned to post-quantum (PQ) secure schemes. The NIST PQC competition aims to standardize suitable cryptographic schemes. Candidates are evaluated not only on their formal security strengths, but are also judged based on the security with regard to resistance against side-channel attacks. Although r
In this paper, we propose the first key-recovery side-channel attack on Classic McEliece, a KEM finalist in the NIST Post-quantum Cryptography Standardization Project. Our novel idea is to design an attack algorithm where we submit special ciphertexts to the decryption oracle that correspond to cases of single errors. Decoding of such ciphertexts involves only a single entry in a large secret perm
A new Grain stream cipher, denoted Grain-128AEAD is presented, with support for authenticated encryption with associated data. The cipher takes a 128-bit key and a 96-bit IV and produces a pseudo random sequence that is used for encryption and authentication of messages. The design is based on Grain-128a but introduces a few changes in order to increase the security and protect against recent crypA new Grain stream cipher, denoted Grain-128AEAD is presented, with support for authenticated encryption with associated data. The cipher takes a 128-bit key and a 96-bit IV and produces a pseudo random sequence that is used for encryption and authentication of messages. The design is based on Grain-128a but introduces a few changes in order to increase the security and protect against recent cryp
Massive MIMO is one of the leading technologies for connecting very large numbers of energy-constrained nodes, as it offers both extensive spatial multiplexing and large array gain. A challenge resides in partitioning the many nodes into groups that can communicate simultaneously such that the mutual interference is minimized. Here we propose node partitioning strategies that do not require full c
In recent years, because the cloud can provide huge advantages regarding storage and computing resources, industry has been motivated to move industrial control systems to the cloud. However, the cloud also introduces major security challenges, since moving control systems to the cloud can enable attackers to infiltrate the system and establish an attack that can lead to damages and disruptions wi
The physical layer foundations of cell-free massive MIMO (CF-mMIMO) have been well-established. As a next step, researchers are investigating practical and energy-efficient network implementations. This paper focuses on multiple sets of access points (APs) where user equipments (UEs) are served in each set, termed a federation, without inter-federation interference. The combination of federations
Processing of personal data within researchThe lawful ground for personal data processing within research is almost always that it is carried out in the public interest. This means that it is permitted to process personal data if it is necessary for a research project.Depending on the purpose of the research project, you determine which types of personal data need to be processed. Collecting and p
Cloud-RAN (C-RAN) is a promising paradigm for the next generation radio access network infrastructure, which offers centralized and coordinated base-band signal processing. On the other hand, this requires extremely low latency fronthaul links to achieve real-time centralized signal processing. In this paper, we investigate massive MIMO pilot scheduling in a C- RAN infrastructure. Three commonly u
Now more than ever, optimizing resource allocation in cloud computing is becoming more critical due to the growth of cloud computing consumers and meeting the computing demands of modern technology. Cloud infrastructures typically consist of heterogeneous servers, hosting multiple virtual machines with potentially different specifications, and volatile resource usage. This makes the resource alloc
The cloud control systems (CCs) are inseparable parts of industry 4.0. The cloud, by providing storage and computing resources, allows the controllers to evaluate complex problems that are too computationally demanding to perform locally. However, connecting physical systems to the cloud through the network can provide an entry point for attackers to infiltrate the system and cause damage with pot
While a naive algorithm for multiplying two 2 × 2 matrices requires eight multiplications and four additions, Strassen showed how to compute the same matrix product using seven multiplications and 18 additions. Winograd reduced the number of additions to 15, which was assumed to be optimal. However, by introducing a change of basis, Karstadt and Schwartz showed how to lower the number of additions
