|
|
Software and Hardware Based Fault Injection Attacks against the CPU and MCU
Lörinc, Marek ; Hanáček, Petr (oponent) ; Perešíni, Martin (vedoucí práce)
The thesis deals with attacks that cause faults in CPU and MCU calculations. A short voltage change in CPU or MCU is used to trigger the error. The theoretical part of the thesis deals with the description of how to cause and exploit these errors. This section also describes the most well-known protection against hardware attacks, which is a trusted execution environment (TEE). Inject a fault to TEE is the primary target of fault attacks. The practical part deals with the replication of PlunderVolt and VoltPillager attacks on Intel processors with an activated TEE SGX. Several experiments were performed to trigger faults in RSA and AES encryption within the SGX enclave. To obtain the encryption key from these errors, known analysis methods were used. The practical part also deals with the replication of the attack on ARM microcontrollers with an active TEE TrustZone-M.
|
|
|
Semi-Centralized Cryptocurrency Based on the Blockchain and Trusted Computing
Handzuš, Jakub ; Veselý, Vladimír (oponent) ; Homoliak, Ivan (vedoucí práce)
The aim of this thesis is to create a concept of semi-centralized cryptocurrency that supports external interoperability. It is assumed that semi-centralized cryptocurrency is the future of cryptocurrencies in the banking sector, because even at the cost of partial centralization, the concept brings the benefits of a decentralized ledger. Since the simultaneous deployment of their own cryptocurrencies by various central authorities, such as central bank, it is necessary to establish a communication protocol for interbank transactions. The work is thus focused on extending the existing Aquareum solution with an interoperability protocol.
|
|
|
Centralized Cryptocurrency Exchange with Trusted Computing
Sasák, Tomáš ; Očenášek, Pavel (oponent) ; Homoliak, Ivan (vedoucí práce)
In this thesis, we propose, design, implement, and analyze a centralized cryptocurrency exchange using trusted computing. Most popular exchanges work in a way that requires the customer to fully rely on the exchange operators. Decentralized exchanges work on top of existing blockchains, which limits the number of tradable coins. Using a trusted computing platform, Intel SGX, it is possible for operators to make code open source, and the customer can attest that the exchange platform is running the published exchange code. Also, exchange private keys are encrypted in memory and safely stored on disk using SGX sealing. Combining this approach with a smart contract platform on a public blockchain, we can achieve non-equivocation of the exchange and create a better layer of security and transparency between the customer and the exchange. The exchange was implemented as a proof-of-concept using the programming language Go, using the EGo framework to build SGX enclave applications. For data storage, we combine key-value storage PebbleDB with relation database PostgreSQL, and exchange attempts to secure the integrity of these data. The exchange smart contract was implemented in Solidity and deployed on the Ethereum development environment. Our concept implementation is able to handle around 35 deposits per second and around 23 bids matched per second. We performed a security analysis on this model from outside, but also from inside. The single ledger update from the exchange in the smart contract costs 0.00255 ETH, which in total costs 3.6742 ETH per day.
|
|
|
Software and Hardware Based Fault Injection Attacks against the CPU and MCU
Lörinc, Marek ; Hanáček, Petr (oponent) ; Perešíni, Martin (vedoucí práce)
The thesis deals with attacks that cause faults in CPU and MCU calculations. A short voltage change in CPU or MCU is used to trigger the error. The theoretical part of the thesis deals with the description of how to cause and exploit these errors. This section also describes the most well-known protection against hardware attacks, which is a trusted execution environment (TEE). Inject a fault to TEE is the primary target of fault attacks. The practical part deals with the replication of PlunderVolt and VoltPillager attacks on Intel processors with an activated TEE SGX. Several experiments were performed to trigger faults in RSA and AES encryption within the SGX enclave. To obtain the encryption key from these errors, known analysis methods were used. The practical part also deals with the replication of the attack on ARM microcontrollers with an active TEE TrustZone-M.
|
|
|
Semi-Centralized Cryptocurrency Based on the Blockchain and Trusted Computing
Handzuš, Jakub ; Veselý, Vladimír (oponent) ; Homoliak, Ivan (vedoucí práce)
The aim of this thesis is to create a concept of semi-centralized cryptocurrency that supports external interoperability. It is assumed that semi-centralized cryptocurrency is the future of cryptocurrencies in the banking sector, because even at the cost of partial centralization, the concept brings the benefits of a decentralized ledger. Since the simultaneous deployment of their own cryptocurrencies by various central authorities, such as central bank, it is necessary to establish a communication protocol for interbank transactions. The work is thus focused on extending the existing Aquareum solution with an interoperability protocol.
|
host ::
RSS.