SPACE 2024: Fourteenth International Conference on
Security, Privacy and Applied Cryptographic Engineering
December 14-17, 2024, Kerala / Indian Institute of Information Technology Kottayam, India

SPACE-2024

Kerala/IIIT Kottayam, India

Registration


Click for Details

Check previous SPACE proceedings on SpringerLink

Program Chairs

Domenic Forte, University of Florida
Johann Knechtel, New York University, Abu Dhabi
Urbi Chatterjee, Indian Institute of Technology Kanpur

General Chair

Anupam Chattopadhyay, Nanyang Technological University Singapore
Chester Rebeiro, Indian Institute of Technology Madras

Organsing Chair

Panchami V, Indian Institute of Information Technology Kottayam

Poster Chair

Chandan Karfa, IIT Guwahati
Sayandeep Saha, IIT Bombay

Web Chair

Debapriya Basu Roy, Indian Institute of Technology Kanpur

Steering Committee

Debdeep Mukhopadhyay, Indian Institute of Technology Kharagpur
Chester Rebeiro, Indian Institute of Technology Madras
Veezhinathan Kamakoti, Indian Institute of Technology Madras
Ulrich Rührmair, Technical University Berlin and University of Connecticut

Tutorial
Speaker Dr. Sayandeep Saha, IIT Bombay
Title New Era of Faults: Attacks, Tools and Countermeasures
Abstract Even after (almost) two decades of its discovery, fault attacks remain relevant to security engineers. Tools for fault injections have been revolutionalized and today even a hobbyist can afford to hack sophisticated systems like Starlink. It is, therefore, crucial to design countermeasures against such attacks. The popular belief is that fault attacks can be prevented by simply doing some redundant computation. In this tutorial, we shall challenge this belief.

Starting with a brief recap of classical differential fault attacks and redundancy-based countermeasures, we shall move into the new era of fault attacks, which shows how to break all existing countermeasures against faults with faults. The attacks eventually generalize a new class of attacks, called combined attacks, which uses both fault and side-channel leakage to break a cryptosystem. Next, we show how to counter such attacks. We shall also answer another challenging engineering question -- how do you know your countermeasure is good? In this regard, we shall present the first generation of automated tools to test fault attack countermeasures and outline future challenges.

Workshop
Speaker Dr. Debapriya Basu Roy, IIT Kanpur
Title FPGA based Hardware Accelerator for Elliptic Curve and Lattice Based Cryptography
Abstract Public key algorithm plays a key role in ensuring confidentiality, integrity and non-repudiation property of secure communication channel. However, the computationally intensive nature of these algorithms make their software implementation slow and often create a bottleneck for speed-critical applications. This is true for both pre-quantum public key algorithms like elliptic curve cryptography and post-quantum public key algorithms, based on lattice based cryptography. In this workshop we will focus on the basic skills that are essentials to construct efficient and fast hardware accelerators for these algorithms on modern FPGAs. The main takeaways from this workshop will be following:
  1. Understanding modern FPGAs: How to use FPGA hard-IPs properly
  2. Constructing efficient finite field arithmetic modules for elliptic curves on FPGAs
  3. A Case study on Curve25519 implementation
  4. Introduction to CRYSTALS-Kyber
  5. Implementation aspects of CRYSTALS-Kyber
  6. Number Theoretic Transformation (NTT) implementation of CRYSTALS-Kyber
The candidate will do some assignments on design of modular adder and multipliers in GF(p). Additionally, the candidate will be doing some python implementation of NTT and CRYSTALS-Kyber.

Tutorial
Speaker Dr. Utsav Banerjee, IISC Bangalore
Title Energy-Efficient ASIC Design for Cryptographic Hardware Acceleration
Abstract Hardware security has emerged as a growing concern with the advent of the Internet of Things (IoT) which consists of large networks of wireless-connected embedded devices. Although the growth of IoT has enabled novel applications, they have also become attractive targets for cyber attackers. Securing these resource-constrained embedded systems involves circuits, architectures and algorithms with low computation and storage overheads as well as countermeasures against physical attacks. A widely adopted approach is the design of efficient cryptographic hardware accelerators for IoT applications. This talk will provide an overview of design considerations and custom hardware architectures for modern public key cryptography based on lattices and elliptic curves. ASIC implementation results will be presented, along with examples of software-hardware co-design, system-level integration and demonstration of end-to-end security protocols. This talk will summarize key results and emerging directions of research in the implementation aspects of cryptography and hardware security.

Tutorial
Speaker Dr. Adithya Vadapalli, IIT Kanpur
Title A Brief History of ORAMs: From Theory to Practice
Abstract Oblivious Random Access Memory (ORAMs) is a way to encrypt access patterns provably. ORAMs were first introduced by Goldreich and Ostrovsky in the 1980s. They studied ORAMs in the context of Software Security. However, the ORAMs in the earlier works were mainly a theoretical construct and were not very practical. ORAMs have now come a long way — In fact, they are used by the Instant Messaging Service Signal to do contact dscovery in a private manner. This talk will cover the journey of ORAMs from a purely theoretical construct to a cryptographic tool that can solve the privacy problems of day-to-day users.

Tutorial
Speaker Dr. Johann Knechtel, NYU, Abu Dhabi
Title Securing the Heart of Hardware: A Tutorial on Design-Time Security Closure for Integrated Circuits
Abstract Modern integrated circuit (IC) design relies on complex, globalized supply chains, introducing significant security vulnerabilities throughout the IC lifecycle. This tutorial focuses on design-time security closure, a proactive approach to mitigate threats like hardware Trojans, malicious probing, and side-channel attacks before IC fabrication. We will explore various demonstrated techniques, including:

  • Layout Hardening: Strategically placing and routing components to minimize the opportunities for inserting malicious circuitry (Trojans) and increase resistance to physical attacks like probing.
  • Layout Locking: Protect intellectual property and prevent unauthorized modification by locking the circuit's functionality with key-gates strategically placed at the layout level.
  • Security-Aware Logic Synthesis: Guide synthesis processes to minimize vulnerabilities to machine learning-based attacks on locking and enhance the effectiveness of power side-channel countermeasures
  • Security-Aware Design: Circuitry and design techniques like tuning of supply voltages and driver strengths to disrupt power side-channel attacks, and consideration of reliability effects against advanced attacks.

This tutorial will draw upon recent research and competitive community efforts, including the 2022 and 2023 ISPD contests for security closure and other prominent works, to showcase real-world attack and defense strategies. We will delve into CAD frameworks like DEFense and TroLLoc, and discuss the challenges and opportunities in integrating security considerations into traditional power, performance, and area (PPA) optimization.

This tutorial equips participants with the knowledge and tools necessary to design secure and trustworthy ICs in the face of evolving threats.

Keynote
Speaker Dr. Navid Asadi, University of Florida
Title Physical assurance for advanced packaging
Abstract Advanced packaging and heterogeneous integration have made the semiconductor industry more complicated and susceptible to trust and security issues. Hardware Trojans, i.e., malicious modification to electronic systems, can violate the root of trust when the device or systems are fabricated/assembled in untrusted facilities. As the imaging and failure analysis tools excel in resolution and capability, physical inspection-based methods become more attractive in verifying such trust issues. On the contrary, such physical inspection methods are opening new capabilities for an adversary to extract sensitive information like secret keys, memory content or intellectual property (IP) compromising confidentiality and integrity. Different countermeasures have been proposed, however, there are still many unanswered questions. This talk will focus on the state-of-the-art physical inspection/assurance methods, the existing countermeasures, related challenges to develop new countermeasures and a research roadmap for this emerging field.

Tutorial
Speaker Dr. Domenic Forte, University of Florida
Title Counterfeit IC Detection and Avoidance
Abstract Counterfeit electronic components are electronic parts that are misrepresented in terms of their authenticity, class, and/or quality. Due to their substandard specifications and quality, they represent a significant danger if incorporated into safety- and mission-critical systems such as military/defense, space and aircraft navigation, life support, etc. Counterfeit electronics can also infringe the legitimate producer's trademark rights, impact the market reputation of semiconductor and electronics companies, harm the world economy, and finance criminals. Reports of counterfeits have grown over the last several decades because of critical infrastructure’s reliance on commercial-off-the-shelf (COTS) components and obsolete components as well as the rate at which electronics are being discarded. Unfortunately, this problem has shown no signs of slowing down.

In this tutorial, we will cover (1) Counterfeit electronic part sources, motivation, and risks; (2) Counterfeit IC type taxonomy (recycled, remarked, overproduced, cloned, etc.); (3) Counterfeit defect taxonomy (procedural, mechanical, environmental, and electrical); (4) Counterfeit detection taxonomy (physical, electrical, design-for-anti-counterfeit; (5) Basic parametric/functional tests for counterfeit component detection; (6) More advanced detection approaches that explicitly target counterfeit SoCs, memories (SRAM, DRAM, and Flash), field programmable gate arrays (FPGAs), and AMS ICs; (7) Design-for-anti-counterfeit primitives such as physical unclonable functions (PUFs) and silicon odometers, and their benefits; (8) International standards and commercially available tools; (9) Barriers to the adoption of counterfeit detection tests and avoidance circuits; and (10) Future directions in research, infrastructure, standards, and policy-making to improve the accuracy, cost, scalability, and adoption of counterfeit mitigation techniques.

Keynote
Speaker Dr. Benedikt Gierlichs, KU Leuven
Title Higher-Order Time Sharing Masking
Abstract At CHES 2024 Time Sharing Masking (TSM) was introduced as a novel low-latency masking technique for hardware circuits. TSM offers area and randomness efficiency as well as glitch-extended PINI security, but it is limited to first-order security. We address this limitation and generalize TSM to higher-order security, while maintaining all of TSM’s advantages. In addition, we propose an area-latency tradeoff. We prove HO-TSM glitch-extended PINI secure and successfully evaluate our circuits using formal verification tools. We demonstrate area and latency efficient implementations of the AES S-box which do not exhibit leakage in TVLA on FPGA. Our proposed tradeoff enables a first-order secure implementation of a complete AES-128 encryption core with 92~kGE, 920 random bits per round and 20 cycles latency, which does not exhibit leakage in TVLA on FPGA.

Tutorial
Speaker Dr. Sarani Bhattacharya, IIT Kharagpur
Title Micro-architectural Security and Trust: An Overview on Intel’s Trusted Domain Extensions
Abstract The evolution of computer architecture has taken place through several inventions of sophisticated and ingenious techniques, like out-of-order execution, caching mechanism, branch-prediction, speculative execution, and a host of other optimizations to maximize throughput and enhance performance. While it is imperative to imbibe and develop these artifacts in our modern-day machines, it is equally necessary to understand the security threats posed by these mechanisms, particularly on the execution of cryptographic programs operating on sensitive data. However, with the growing impetus of security in applications where modern computing finds usages, these optimizations need a closer investigation. As the foremost criteria of these architectural components have been performance, a multitude of microarchitectural attacks have been unearthed, which exploits information leakage due to the functioning of these artifacts. Beginning with an examination of fundamental concepts in micro-architecture, the research elucidates the role of hardware in shaping the security posture of a system. It explores various vulnerabilities inherent in micro-architectural elements and analyzes their implications on overall system security.

The tutorial would start with an overview on the Trusted Execution Environments, the security architecture of trusted environments and security guarantees of the TEE. Trusted Execution Environments (TEEs) are secure areas within a processor that ensure sensitive data and computations are protected from external threats, including malicious software. They provide isolated execution, secure storage, and integrity checks, enhancing trust in computing platforms. Commercial processor vendors have introduced various types of TEEs which include hardware-based TEEs, such as Intel SGX and ARM TrustZone, which leverage specialized processor features for isolation, and software-based TEEs, like those relying on hypervisors or secure containers, providing logical separation within the system. Each type varies in complexity, performance, and security guarantees. The tutorial would provide a brief overview on the progress of this genre of security architecture. The tutorial finally delves into the security architecture of Trusted Domain Extensions. Intel’s Trusted Domain Extensions (TDX) are designed to enhance security by creating isolated execution environments called "Trusted Domains" on virtualized platforms. TDX ensures confidentiality and integrity of workloads by protecting them from access by the hypervisor or other domains. It combines hardware-based isolation with cryptographic protections, making it ideal for secure cloud computing.