With the exponential growth of cyber-physical systems (CPSs), new security challenges have emerged. Various vulnerabilities, threats, attacks, and controls been introduced for generation CPS. However, there lacks a systematic review CPS literature. In particular, heterogeneity components diversity made it difficult to study problem with one generalized model. this paper, we systematize existing research on under unified framework. The framework consists three orthogonal coordinates: 1) from...

Cryptography plays an important role in computer and communication security. In practical implementations of cryptosystems, the cryptographic keys are usually loaded into memory as plaintext, then used algorithms. Therefore, private subject to disclosure attacks that read unauthorized data from RAM. Such could be performed through software methods (e.g., Open SSL Heart bleed) even when integrity victim system's executable binaries is maintained. They also physical Cold-boot on RAM chips)...

Cryptographic systems are essential for computer and communication security, instance, RSA is used in PGP Email clients AES employed full disk encryption. In practice, the cryptographic keys loaded stored RAM as plain-text, therefore vulnerable to physical memory attacks (e.g., cold-boot attacks). To tackle this problem, we propose Copker, which implements asymmetric cryptosystems entirely within CPU, without storing plain-text private RAM. its active mode, Copker stores kilobytes of...

To detect fraudulent TLS server certificates and improve the accountability of certification authorities (CAs), certificate transparency (CT) is proposed to record in publicly-visible logs, from which monitors fetch all watch for suspicious ones. However, if monitors, either domain owners themselves or third-party services, fail return a complete set issued interest, potentially may not be detected then CT framework becomes less reliable. This paper presents first systematic study on...

Kyber is a promising candidate in post-quantum cryptography standardization process. In this paper, we propose targeted optimization strategy and implement processor for on FPGAs. By merging the operations, cut off 29.4% clock cycles Kyber512 33.3% Kyber1024 compared with textbook implementations. We utilize Gentlemen-Sande (GS) butterfly to optimize Number-Theoretic Transform (NTT) implementation. The bottleneck of memory access broken taking advantage dual-column sequential scheme. further...

True random number generators (TRNGs) are widely used in cryptographic systems, and their security is the base of many algorithms protocols. At present, entropy estimation based on a stochastic model well-recommended approach to evaluate specific TRNG structure. Besides, generation speed also an important property for TRNGs. For this purpose, analog-to-digital converter (ADC) can be employed sample noisy signal achieve high bit rate. However, no research focuses basis toward ADC sampling. In...

Driven by artificial intelligence and computer vision industries, Graphics Processing Units (GPUs) are now rapidly achieving extraordinary computing power. In particular, the NVIDIA Tegra K1/X1/X2 embedded GPU platforms, which also treated as edge devices, widely used in environments such mobile phones, game consoles, vehicle-mounted systems to support high-dimension display, auto-pilot, so on. Meanwhile, with rise of Internet Things (IoT), demand for cryptographic operations secure...

Fuzzing is one of the most effective approaches to finding software flaws. However, applying it microcontroller firmware incurs many challenges. For example, rehosting-based solutions cannot accurately model peripheral behaviors and thus be used fuzz corresponding driver code. In this work, we present $\mu$AFL, a hardware-in-the-loop approach fuzzing firmware. It leverages debugging tools in existing embedded system development construct an AFL-compatible framework. Specifically, use debug...

The DNS privacy protection mechanisms, over TLS (DoT) and HTTPS (DoH), only work correctly if both the server client support Strict Privacy profile no vulnerability exists in implemented TLS/HTTPS. A natural question then arises: what is landscape of Privacy? To this end, we provide first longitudinal comprehensive measurement DoT/DoH deployments recursive resolvers, authoritative servers, browsers. With collected data, find number servers increased substantially during our ten-month-long...

The remarkable performance capabilities of AI accelerators offer promising opportunities for accelerating cryptographic algorithms, particularly in the context lattice-based cryptography. However, current approaches to leveraging often remain at a rudimentary level implementation, overlooking intricate internal mechanisms these devices. Consequently, significant number computational resources is underutilized.In this paper, we present comprehensive exploration NVIDIA Tensor Cores and...

Widely used as fundamental security components in most cryptographic applications, random number generators (RNGs) rely mainly on randomness provided by entropy sources. If the is less than expected, RNGs may be compromised and thus impair of whole applications. However, common assumptions (e.g., outputs are independent identically distributed, i.e., IID) not always hold. For example, many sources based some physical phenomena that fragile sensitive to external factors temperature), which...

Driven by artificial intelligence (AI) and computer vision industries, Graphics Processing Units (GPUs) are now rapidly achieving extraordinary computing power. In particular, the floating-point power, which is heavily relied on graphics rendering AI computation workload, developing much faster in GPUs. Meanwhile, many fields such as ecommerce online finance, demand for cryptographic operations secure communications authentication also expanding.In this contribution, targeting important...

True random number generator (TRNG) as one essential hardware primitive is widely used in cryptography, Monte Carlo simulation, and gambling. To evaluate the security of TRNG, entropy TRNG's output usually estimated by stochastic model theory or measured off-chip after fabrication. However, sufficiency difficult to be guaranteed practice due facts: 1) inaccuracy model-based jitter measurement method; 2) variations chip manufacturing process operating environments (such supply voltage...

Finding bugs in microcontroller (MCU) firmware is challenging, even for device manufacturers who own the source code. The MCU runs different instruction sets than x86 and exposes a very development environment. This invalidates many existing sophisticated software testing tools on x86. To maintain unified developing environment, straightforward way to re-compile code into native executable commodity machine (called rehosting). However, ad-hoc re-hosting daunting tedious task subject issues...

With the wide deployment of RFID applications, security issues are drawing more and attention. The grouping proof aims to provide a verifiable evidence that two or tags were scanned simultaneously. It extends yoking for tags, prove coexistence set (e.g., some drugs can only be sold in existence prescription). In many scenarios, time when was generated is critical judge whether transaction legal not, protocol usually should work offline mode. Although lots protocols with various features have...

The increasing growth of cybercrimes targeting mobile devices urges an efficient malware analysis platform. With the emergence evasive malware, which is capable detecting that it being analyzed in virtualized environments, bare-metal has become definitive resort. Existing works mainly focus on extracting malicious behaviors exposed during analysis. However, after analysis, equally important to quickly restore system a clean state examine next sample. Unfortunately, state-of-the-art solutions...