Andreas Ibing

Clustering Algorithms for Non-Profiled Single-Execution Attacks on Exponentiations

Most implementations of public key cryptography employ exponentiation algorithms. Side-channel attacks on secret exponents are typically bound to the leakage of single executions due to cryptographic protocols or side-channel countermeasures such as blinding. We propose for the first time, to use a well-established class of algorithms, i.e. unsupervised cluster classification algorithms such as the k-means algorithm to attack cryptographic exponentiations and recover secret exponents without any prior profiling, manual tuning or leakage models. Not requiring profiling is of significant advantage to attackers, as are well-established algorithms. The proposed non-profiled single-execution attack is able to exploit any available single-execution leakage and provides a straight-forward option to combine simultaneous measurements to increase the available leakage. We present empirical results from attacking an FPGA-based elliptic curve scalar multiplication using the \(k\)-means clustering algorithm and successfully exploit location-based leakage from high-resolution electromagnetic field measurements to achieve a low remaining brute-force complexity of the secret exponent. A simulated multi-channel measurement even enables an error-free recovery of the exponent.

Performance evaluation of a 3GPP LTE terminal receiver

In this paper we present the evaluation of a receiver signal processing chain for a 3GPP long term evolution (LTE) terminal, including coarse synchronisation, channel estimation, fine syncronisation (tracking), MIMO equalization and detection. Algorithm blocks are first individually explained and simulatively evaluated with a realistic channel model. Adjustments of the blocks to each other for improved robustness are described, like interaction between time synchronization and channel estimation performance. After joint optimization, the performance of the complete chain is evaluated. Practical tradeoffs between complexity and performance are investigated and low-complexity algorithms are used. The presented receiver achieves an implementation loss of about 2 dB compared to perfect synchronization and channel estimation conditions.

12x12 MIMO-OFDM realtime implementation for 3GPP LTE+ on a Cell Processor

We present a realtime implementation of the time-critical core functions for 12 times 12 MIMO-OFDM (12 data streams) with LTE parameters on a cell broadband engine processor. An MMSE equalizer matrix update interval of 1 ms (high mobility) is achieved with less than 50% CPU utilization. Concurrent bidirectional processing (precoding and postprocessing) is shown to be feasible with this update rate.

Parallel SMT-Constrained Symbolic Execution for Eclipse CDT/Codan

This paper presents a parallel symbolic execution engine as a plug-in extension to Eclipse CDT/Codan. It uses the CDT parser and the control flow graph builder from CDT’s code analysis framework (Codan). Path satisfiability and bug conditions are checked with an SMT solver in the logic of arrays, uninterpreted functions and nonlinear integer and real arithmetic (AUFNIRA). Each worker of the parallel engine keeps the symbolic program states along its current program path in memory, to allow for quick backtracking. Dynamic redistribution of work between workers is enabled by splitting a worker’s partition of the execution tree at the partition’s top decision node, where a partition is defined by the start path leading to its root control flow decision node. The runtime behaviour of the parallel symbolic execution engine is evaluated by running it on buffer overflow test programs from the NSA’s Juliet test suite for static analyzers. Both the speedup of backtracking the symbolic program state over a previous single-threaded implementation with path replay and the speedup with an increasing number of workers are investigated.

Joint Transmission and Detection in Hexagonal Grid for 3GPP LTE

Cooperative joint transmission and detection algorithms have a high potential to increase the capacity of cellular radio systems. This paper proposes a mapping of areas of joint signal processing into the cellular hexagonal grid architecture, balancing network load, computational load and physical layer overhead versus interference reduction gain. The proposed communication architecture is shown to be realizable with off- the-shelf hardware.

On Predicting Convergence of Iterative MIMO Detection-Decoding With Concatenated Codes

We evaluate the applicability of methods from stochastic decoding analysis to convergence prediction of iterative multiple-input-multiple-output (MIMO) detection decoding. The one-parametric conditional Gaussian log-likelihood ratio (LLR) distribution model, which underlies EXtrinsic Information Transfer (EXIT) charts, is not adequate for some practically relevant scenarios such as fading MIMO channels. A more recent two-parametric Gaussian model, which better fits arbitrary distributions, can be combined with an offset compensation to allow for a chart-based prediction of the convergence of iterative receiver processing in these cases.

Automated Generation of Buffer Overflow Quick Fixes Using Symbolic Execution and SMT

In many C programs, debugging requires significant effort and can consume a lot of time. Even if the bugs cause is known, detecting a bug in such programs and generating a bug fix patch manually is a tedious task. In this paper, we present a novel approach used to generate bug fixes for buffer overflow automatically using static execution, code patch patterns, quick fix locations, user input saturation and Satisfiability Modulo Theories SMT. The generated patches are syntactically correct, can be semi-automatically inserted into code and do not need additional human refinement. We evaluated our approach on 58i¾?C open source programs contained in the Juliet test suite and measured an overhead of 0.59i¾?% with respect to the bug detection time. We think that our approach is generalizable and can be applied with other bug checkers that we developed.

Context-sensitive detection of information exposure bugs with symbolic execution

Static analysis tools used for detecting information exposure bugs can help software engineers detecting bugs without introducing run-time overhead. Such tools can make the detection of information-flow bugs faster and cheaper without having to provide user input in order to trigger the bug detection. In this paper we present a bug-detection tool for detecting information exposure bugs in C/C++ programs. Our tool is context-sensitive and uses static code analysis for bug detection. We developed our bug finding tool as a Eclipse plug-in in order to easily integrate it in software development work flows. The bug reports provide user friendly visualizations that can be easily traced back to the location where the bug was detected. We discuss one static analysis approach for detecting information exposure bugs and relate briefly the usability of our bug testing tool to empirical research. We conducted an empirical evaluation based on 90 test programs which were selected from the Juliet test suite for C/C++ code. We reached a true-positive coverage of 94.4% in 121 seconds for 90 test programs having a total of 12589 source code lines.

On the Relation of MIMO APP Detection and SIMO Maximum Ratio Combining

In classical non-iterative MIMO detection a soft-output MIMO detector computes likelihoods of the transmit bits being 1 or 0, given the received symbol vector. In iterative MIMO detection-decoding, detection performance is improved by exploiting apriori information about bit probabilities from the decoder. Transmit bits are viewed as random variables and the optimum detector performs Bayesian updating of transmit bit probabilities to compute the aposteriori probabilities (APP). We show that with growing apriori knowledge APP and max-log-APP MIMO detector performance increases up to the performance of maximum ratio combining (MRC) for SIMO transmission of BPSK modulation, when transmitting with the same energy per symbol. This is an upper bound for detector performance in iterative detection-decoding (Turbo MIMO receiver).

A novel low-complexity algorithm for linear MMSE MIMO receivers

Computation of MIMO equalization matrices is a critical and computationally intensive part of todaypsilas and future MIMO-OFDM receivers. We present a novel algorithm for computation of the MMSE MIMO equalizer matrix which, compared with the state of art, reduces the number of multiplications by 10% while also featuring innermost loops of a fixed length, allowing for unrolling and easy implementation in custom hardware or on vector processors.