Schedule

Subsequently we display schedule, organization and management, as well as planned travels and trainings for the proposed project. Besides, we have built a preliminary web-page devoted to the preparation of this project plan which includes all necessary information for the public, and which helps to promote the work for this NATO Science for Peace project.

The project will run 36 months will consist of seven steps, which will interlace. Figure 3 gives an overview of the timeline, and the individual steps are explained below.

Effective starting day T0 = 01. 11. 2013

:: Step 1

Project set up and realization of kick-off meeting

Duration: 6 months (T0 - T0+6).

Coordination: IS+SK

Involved partners: All

Description of actions related to this step:

Preparation and realization of a kick-off meeting. This first step will include signing pertinent documents, development of project implementation/communication plans for each co-director with particular tasks and appointment of responsible persons and dates, starting procedures for equipment acquisition and ordering necessary equipment (for example, for optimal group interoperability, all partners will use compatible FPGA evaluation boards).

Milestones:

M 1.1 Project setup, equipment ordering

M 1.2 Kick-off meeting

Deliverables:

D 1.1 Project WEB site


 

:: Step 2

Identification of suitable post-quantum cryptographic schemes, realization of selected algorithms in software, identification of functionality that should be implemented in hardware and preparation of test vectors

Duration: 9 months (T0 - T0+9)

Coordination: SK+USA

Involved partners: All

Description of actions related to this step:

The second step will start immediately with the beginning of the project (time T0). All partners involved in the project will analyze together in details existing solutions and identify suitable post-quantum cryptographic methods that should be studied/implemented/enhanced in the project. A software implementation is produced, and suitable parameter choices to thwart mathematical attacks are determined. The proposed software implementations will later be used for generating test vectors aimed at hardware simulations and tests. For this reason, the software implementations must give as outputs the intermediate results of internal operations. On the theoretical side, the complexity assumptions are explored with respect to their vulnerability against quantum algorithms, and the possibility of algorithmic countermeasures against side-channel attacks is explored.

Milestones:

M 2.1 – Software implementations of selected algorithms are expected to be available for generating test vectors necessary for hardware testing before Step 3 will start. The test vectors must correspond to intermediate results on a step-by-step basis for both simplified and complete versions of functions which should be implemented in hardware.

Deliverables:

D 2.1 – Software implementations (the source code) of selected algorithms

D 2.2 – Test vectors of functions that have to be implemented in hardware


 

:: Step 3

Hardware/software co-design of selected algorithms

Duration: 8 months (T0+7 - T0+15)

Coordination: FR

Involved partners: All

Description of actions related to this step:

The research team of the Hubert Curien Laboratory will implement in hardware cryptographic functions or parts of algorithms determined in Step 2. Test vectors delivered in Step 2 will be used for verification of correctness of these hardware implementations. Step 3 will start with the study and implementation of serial, partially parallel, fully parallel and pipelined implementations of multiplication in Galois fields, which is the main mathematical operation in all targeted systems. Next, using the developed construction elements, the French team in cooperation with other partners will realize as a hardware/software co-design the selected complete cryptographic algorithms, which will then be evaluated from the point of view of their possible parameters and complexity assumptions for side channel and fault injection attack countermeasures.

Milestones:

M 3.1 – Selected hardware functions (described in VHDL) and the software, which will call these hardware functions, must be available before realizations of attacks in Step 5.

Deliverables:

D 3.1 – Configuration files, VHDL code and description of functions implemented in hardware

D 3.2 – The code and executable files of the software implementing selected algorithms and running on the PC, while calling functions implemented in hardware


 

:: Step 4

Development of measuring equipment and methodology

Duration: 12 months (T0+7 - T0+19)

Coordination: FR+IS

Involved partners: All

Description of actions related to this step:

This step will construct the empirical measurement setup for measuring emanations from the hardware implementations, as explained above and depicted in Fig. 1. The Slovak, French and Israeli group will select and describe the methodology of measurements necessary to implement and to evaluate side channel and/or fault injection attacks. The French and Slovak teams will develop software aimed at controlling the target hardware (the board including FPGA) containing tested cryptographic functions: sending data, commands, receiving state words via selected data bus (e.g., USB bus). According to their available equipment (e.g., oscilloscope), all partners will develop software controlling the measuring equipment: automatic control of the oscilloscope, transfer of acquired data from oscilloscope to PC, etc.

Milestones:

M 4.1 – Fully operational setup to measure and process side-channel information such as power consumption

Deliverables:

D 4.1 – The code and executable files of the software aimed at controlling the measuring equipment


 

:: Step 5

Development and simulation of cryptanalytic attack algorithms

Duration: 12 months (T0+9 - T0+21)

Coordination: FR+IS+USA

Involved partners: All

Description of actions related to this step:

This step entails identification and development of attacks on the algorithms chosen in Step 2. On the theoretical side this includes attacks using quantum algorithms, which are to be explored by the U.S. partner. Moreover, side-channel attacks are to be implemented in software. These attacks will use statistical processing in order to guess the value of confidential parameters (e.g., the key). A particular focus will be on side-channel attacks (e.g., Differential Power Analysis), tested and evaluated using simulated leakage obtained by augmenting the software implementation of Step 3. These results will guide, on the one hand, the revision of algorithms and implementations, and on the other hand, the implementation of hardware attacks in subsequent steps.

Milestones:

M 5.1 – Capability to carry out side-channel attacks against algorithms chosen in Step 2, based on simulated leakage

Deliverables:

D 5.1 – Software to perform side-channel attacks based on simulated leakage


 

:: Step 6

Identification of parameters for side-channel attacks for selected algorithms and methods, implementation of attacks – experimental phase of the project

Duration: 12 months (T0+21 - T0+33)

Coordination: FR+IS+SK

Involved partners: All

Description of actions related to this step:

This step will implement power analysis attacks and collect data with various parameter choices. Promising attack strategies will be identified and optimized, and experimental data for the will be aggregated. Measurements will be carried out in Israel, France and Slovakia in close cooperation. For this step, young researchers from Israel are expected to visit partner institutions and as part of their training contribute to and participate in the experimental work. The aggregated traces obtained will be used to extract, through adequate statistical processing and software support, confidential data (such as a secret key). 

Milestones:

M 6.1 Traces and recommendations for mounting efficient side-channel attacks.

M 6.2 Capability to extract confidential data from experimental data.

Deliverables:

D 6.1. Aggregated data (traces for recommended parameter choice)

D 6.2. Software for extracting secret data from experimental data


 

:: Step 7

Collecting the results, identification of methods which are able to withstand side-channel attacks and which offer long term security in a post-quantum environment

Duration: 9 months (T0+27 - T0+36)

Coordination: USA

Involved partners: All

Description of actions related to this step:

Step 7 will collect all theoretical and experimental results, and derive design recommendations for secure implementations in a post-quantum setting. This step will start 27 months into the project. All results will be published continuously in close cooperation of all teams.

Milestones:

M 7.1. Dissemination of results to a broader audience in a conference organized by the project partners

Deliverables:

D 7.1. Meeting/conference with external participants