diff --git a/chapter-ihsm/chapter.tex b/chapter-ihsm/chapter.tex index 8f04356..409bed1 100644 --- a/chapter-ihsm/chapter.tex +++ b/chapter-ihsm/chapter.tex @@ -343,12 +343,16 @@ shaft penetrates the mesh to simplify mechanical construction. The spinning mesh must be designed to cover the entire surface of the payload, but it suffices if it sweeps over every part of the payload once per rotation. This means we can design longitudinal gaps into the mesh that allow outside air to flow through to the payload. In traditional boundary-sensing HSMs, cooling of the payload processor is a serious -issue since any air duct or heat pipe would have to penetrate the HSM's security boundary. This problem can only be -solved with complex and costly siphon-style constructions, so in commercial systems, heat conduction is used -exclusively~\cite{isaacs2013}. This limits the maximum power dissipation of the payload and thus its processing power. -Using longitudinal gaps in the mesh, our setup allows direct air cooling of regular heatsinks. This unlocks much more -powerful processing capabilities that greatly increase the maximum possible power dissipation of the payload. In an -evolution of our design, the spinning mesh could even be designed to \emph{be} a cooling fan. +issue since any air duct or heat pipe would have to penetrate the HSM's security boundary~\cite{ + petriePartIITechnical, + curetHardwareSecurityModule2025, + zhangTamperrespondentAssembliesPorous2023, + dragoneVentedTamperrespondentAssemblies2020}. +This problem can only be solved with complex and costly siphon-style constructions, so in commercial systems, heat +conduction is used exclusively~\cite{isaacs2013}. This limits the maximum power dissipation of the payload and thus its +processing power. Using longitudinal gaps in the mesh, our setup allows direct air cooling of regular heatsinks. This +unlocks much more powerful processing capabilities that greatly increase the maximum possible power dissipation of the +payload. In an evolution of our design, the spinning mesh could even be designed to \emph{be} a cooling fan. Conventional HSMs are limited by the construction of their security meshes which rely on plastics as their main structural material. The security mesh has to fit the highest components inside the HSM. Since creating a security mesh diff --git a/chapter-smpc/chapter.tex b/chapter-smpc/chapter.tex index 1564bc2..0b537d6 100644 --- a/chapter-smpc/chapter.tex +++ b/chapter-smpc/chapter.tex @@ -8,18 +8,29 @@ \label{chapter-smpc} Inertial Hardware Security Modules do not only support much larger payloads compared to conventional HSMs, they also -support much higher power dissipation since they allow for direct air cooling of their payload. Because they rotate at -high speed, IHSM meshes do not need to be contiguous to provide adequate security. While a non-contiuous rotating mesh -might theoretically allow a stationary attack tool to quickly penetrate, then retract through one of the mesh's gaps -while the mesh is rotating, the time available for such an attack would be too short for a practical attack. For a mesh -with three vertical connecting segments (cf.\ Figure~\ref{fig_proto_mesh} in Chapter~\ref{chapter-ihsm}) rotating at -\qty{1000}{\rpm}, this time would be in the order of \qty{20}{\milli\second}. Conventional HSM monitoring circuits often -require a similar amount of time to react to an attack~\cite{obermaier2018}. +support much higher power dissipation since they allow for direct air cooling of their payload. The tamper-sensing +membrane of a conventional HSM must be continuous to provide security, so any heat dissipated by the payload must pass +through it. Since the polymers used in tamper sensing membranes are poor conductors of heat, and since security benefits +from a thicker tamper sensing assembly (cf.\ Chapter~\ref{chapter-survey}), power dissipation in conventional HSMs is +limited~\cite{ + petriePartIITechnical, + curetHardwareSecurityModule2025, + zhangTamperrespondentAssembliesPorous2023, + dragoneVentedTamperrespondentAssemblies2020}. -Similar to how the increase in payload \emph{size} unlocks new applications such as the Quantum Key Distribution relay -use case we presented in Chapter~\ref{chapter-qkd}, this increase in sustainable power dissipation by a factor of -several hundred also unlocks a number of new applications. Especially applications that require large amounts of -computing power benefit from IHSM technology, as their needs fundamentally cannot be met by conventional HSMs. +Because IHSMs rotate at high speed, IHSM meshes do not need to be contiguous to provide adequate security. While a +non-contiguous rotating mesh might theoretically allow a stationary attack tool to quickly penetrate, then retract +through one of the mesh's gaps while the mesh is rotating, the time available for such an attack would be too short for +a practical attack. For a mesh with three vertical connecting segments (cf.\ Figure~\ref{fig_proto_mesh} in +Chapter~\ref{chapter-ihsm}) rotating at \qty{1000}{\rpm}, this time would be in the order of \qty{20}{\milli\second}. +Conventional HSM monitoring circuits would likely require a similar amount of time to react to an +attack~\cite{obermaier2018}. + +Similar to how the increase in payload \emph{sizew} of IHSMs compared to conventional HSMs unlocks new applications such +as the Quantum Key Distribution relay use case we presented in Chapter~\ref{chapter-qkd}, the increase in sustainable +power dissipation enabled by air cooling also unlocks a number of new applications. Especially applications that require +large amounts of computing power benefit from IHSM technology, as their needs fundamentally cannot be met by +conventional HSMs. One such application that does not translate to conventional HSMs due to its need for large amounts of computing power is Multiparty Computation (MPC). MPC is a cryptographic construct that allows several networked parties to jointly diff --git a/chapter-smpc/figures/setup_0001.jpg b/chapter-smpc/figures/setup_0001.jpg new file mode 100644 index 0000000..f5c0a1a Binary files /dev/null and b/chapter-smpc/figures/setup_0001.jpg differ diff --git a/chapter-smpc/figures/setup_0002.jpg b/chapter-smpc/figures/setup_0002.jpg new file mode 100644 index 0000000..8d0c91d Binary files /dev/null and b/chapter-smpc/figures/setup_0002.jpg differ diff --git a/main.bib b/main.bib index 1586a4e..ceb4056 100644 --- a/main.bib +++ b/main.bib @@ -45,7 +45,7 @@ urldate = {2021-04-01} } -@online{adhikariDonLookUbiquitous2022, +@online{adhikariDontLookUbiquitous2022, title = {Don't {{Look Up}}: {{Ubiquitous Data Exfiltration Pathways}} in {{Commercial Spaces}}}, shorttitle = {Don't {{Look Up}}}, author = {Adhikari, Anku and Guo, Samuel and Smaragdis, Paris and Winslett, Marianne}, @@ -285,7 +285,7 @@ location = {London}, doi = {10.4324/9781003220534}, abstract = {Cypherpunk Ethics explores the moral worldview of the cypherpunks, a movement that advocates the use of strong digital cryptography—or crypto, for short—to defend individual privacy and promote institutional transparency in the digital age. Focusing on the writings of Timothy May and Julian Assange, two of the most prolific and influential cypherpunks, the book examines two competing paradigms of cypherpunk philosophy—crypto anarchy and crypto justice—and examines the implications of cypherpunk ethics for a range of contemporary moral issues, including surveillance, privacy, whistleblowing, cryptocurrencies, journalism, democracy, censorship, intellectual property, and power. Rooted in theory but with very real applications, this volume will appeal not only to students and scholars of digital media, communication, journalism, philosophy, political science, critical data studies, sociology, and the history of technology but also to technologists and activists around the world.}, - isbn = {978-1-00-322053-4}, + isbn = {978-1-003-22053-4}, pagetotal = {142} } @@ -334,7 +334,7 @@ isbn = {978-1-4503-4139-4} } -@inproceedings{arpPrivacyThreatsUltrasonic2017a, +@inproceedings{arpPrivacyThreatsUltrasonic2017, title = {Privacy {{Threats}} through {{Ultrasonic Side Channels}} on {{Mobile Devices}}}, booktitle = {2017 {{IEEE European Symposium}} on {{Security}} and {{Privacy}} ({{EuroS}}\&{{P}})}, author = {Arp, Daniel and Quiring, Erwin and Wressnegger, Christian and Rieck, Konrad}, @@ -584,8 +584,8 @@ } @incollection{baumMoz$$mathbbZ_2^k$$arellaEfficient2022, - title = {Moz\$\$\textbackslash mathbb \{\vphantom\}{{Z}}\vphantom\{\}\_\{2\textasciicircum k\}\$\$arella: {{Efficient Vector-OLE}} and {{Zero-Knowledge Proofs}} over \$\$\textbackslash mathbb \{\vphantom\}{{Z}}\vphantom\{\}\_\{2\textasciicircum k\}\$\$}, - shorttitle = {Moz\$\$\textbackslash mathbb \{\vphantom\}{{Z}}\vphantom\{\}\_\{2\textasciicircum k\}\$\$arella}, + title = {Moz\$\$\textbackslash mathbb \{{{Z}}\}\_\{2\textasciicircum k\}\$\$arella: {{Efficient Vector-OLE}} and {{Zero-Knowledge Proofs}} over \$\$\textbackslash mathbb \{{{Z}}\}\_\{2\textasciicircum k\}\$\$}, + shorttitle = {Moz\$\$\textbackslash mathbb \{{{Z}}\}\_\{2\textasciicircum k\}\$\$arella}, booktitle = {Advances in {{Cryptology}} – {{CRYPTO}} 2022}, author = {Baum, Carsten and Braun, Lennart and Munch-Hansen, Alexander and Scholl, Peter}, editor = {Dodis, Yevgeniy and Shrimpton, Thomas}, @@ -731,7 +731,7 @@ langid = {english} } -@inproceedings{bhargavanPracticalSecurity64bit2016, +@inproceedings{bhargavanPracticalInSecurity64bit2016, title = {On the {{Practical}} ({{In-}}){{Security}} of 64-Bit {{Block Ciphers}}: {{Collision Attacks}} on {{HTTP}} over {{TLS}} and {{OpenVPN}}}, shorttitle = {On the {{Practical}} ({{In-}}){{Security}} of 64-Bit {{Block Ciphers}}}, booktitle = {Proceedings of the 2016 {{ACM SIGSAC Conference}} on {{Computer}} and {{Communications Security}}}, @@ -1544,7 +1544,7 @@ url = {https://ieeexplore.ieee.org/document/9152700/}, urldate = {2023-01-19}, eventtitle = {2020 {{IEEE Symposium}} on {{Security}} and {{Privacy}} ({{SP}})}, - isbn = {978-1-72813-497-0} + isbn = {978-1-7281-3497-0} } @book{constantinouAppliedResearchPolicing2021, @@ -1637,6 +1637,18 @@ abstract = {An experimental program aimed at defining the effects of applied stress, temperature, humidity, and buffer coating on the static fatigue behavior of optical fibers in bending configurations is in progress. Data are presented below which demonstrate that the static fatigue behavior of fiber is strongly dependent on the polymeric buffer coating. Furthermore, the effect of humidity is readily evident by the comparison of times to failure at 30\% RH and in water immersion. The ultimate objective of this research is to determine an allowable bend radius for fiber optic cable which is based on measurements of both static fatigue and strength in bending and which will assure reliable performance of the fiber over the design lifetime.} } +@patent{curetHardwareSecurityModule2025, + type = {patentus}, + title = {Hardware Security Module Adapter System, Method and Device}, + author = {Curet, Jon Cameron Grant and Wong, Daniel}, + holder = {{Marvell Asia Pte Ltd}}, + date = {2025-05-20}, + number = {12309267B1}, + url = {https://patents.google.com/patent/US12309267B1/en?q=(hardware+security+module+heatsink)&oq=hardware+security+module+heatsink}, + urldate = {2025-12-03}, + keywords = {circuit board,contact pads,encryption,mesh,printed circuit} +} + @article{curranModelingCharacterizationPCB2015, title = {Modeling and Characterization of {{PCB}} Coils for Inductive Wireless Charging}, author = {Curran, Brian and Maaß, Uwe and Fotheringham, Gerhard and Stevens, Nobby and Ndip, Ivan and Lang, Klaus-Dieter}, @@ -1820,7 +1832,7 @@ location = {Singapore}, doi = {10.1007/978-981-99-8721-4_1}, abstract = {A Universal Circuit~(UC) is a Boolean circuit of size~\$\$\textbackslash varTheta (n \textbackslash log n)\$\$Θ(nlogn)that can simulate any Boolean function up to a certain size~n. Valiant (STOC’76) provided the first two UC constructions of asymptotic sizes \$\$\textbackslash sim 5 n\textbackslash log n\$\$∼5nlognand \$\$\textbackslash sim 4.75 n\textbackslash log n\$\$∼4.75nlogn, and today’s most efficient construction of Liu et al.~(CRYPTO’21) has size~\$\$\textbackslash sim 3n\textbackslash log n\$\$∼3nlogn. Evaluating a public UC with a secure Multi-Party Computation~(MPC) protocol allows efficient Private Function Evaluation~(PFE), where a private function is evaluated on private data.}, - isbn = {978-981-9987-21-4}, + isbn = {978-981-99-8721-4}, langid = {english}, keywords = {multi-party computation,private function evaluation,universal circuit} } @@ -1879,6 +1891,19 @@ langid = {english} } +@patent{dragoneVentedTamperrespondentAssemblies2020, + type = {patentus}, + title = {Vented Tamper-Respondent Assemblies}, + author = {Dragone, Silvio and Oggioni, Stefano S. and Santiago-Fernandez, William}, + holder = {{International Business Machines Corp}}, + date = {2020-05-26}, + number = {10667389B2}, + url = {https://patents.google.com/patent/US10667389B2/en?q=(hardware+security+module+heatsink)&assignee=International+Business+Machines+Corporation}, + urldate = {2025-12-03}, + langid = {english}, + keywords = {circuit board,multilayer circuit,secure volume,tamper,vent} +} + @inproceedings{drimer2008, title = {Thinking inside the Box: System-Level Failures of Tamper Proofing}, booktitle = {2008 {{IEEE}} Symposium on Security and Privacy (Sp 2008)}, @@ -1918,7 +1943,7 @@ keywords = {Computer Science - Cryptography and Security,Quantum Physics} } -@article{dumitruImpostorUSOffPath, +@article{dumitruImpostorUSBOffPath, title = {The {{Impostor Among US}}({{B}}): {{Off-Path Injection Attacks}} on {{USB Communications}}}, author = {Dumitru, Robert and Genkin, Daniel and Wabnitz, Andrew and Yarom, Yuval}, abstract = {USB is the most prevalent peripheral interface in modern computer systems and its inherent insecurities make it an appealing attack vector. A well-known limitation of USB is that traffic is not encrypted. This allows on-path adversaries to trivially perform man-in-the-middle attacks. Off-path attacks that compromise the confidentiality of communications have also been shown to be possible. However, so far no off-path attacks that breach USB communications integrity have been demonstrated.}, @@ -2968,7 +2993,7 @@ url = {https://www.youtube.com/watch?v=LD9e73BYAnI} } -@article{heathGRAMLog2Overhead, +@article{heathGRAMOlog2Overhead, title = {{{GRAM}} with {{O}}(Log2 n) {{Overhead}}}, author = {Heath, David and Kolesnikov, Vladimir and Ostrovsky, Rafail}, abstract = {Garbled RAM (GRAM) is a powerful technique introduced by Lu and Ostrovsky that equips Garbled Circuit (GC) with a sublinear cost RAM without adding rounds of interaction. While multiple GRAM constructions are known, none are suitable for practice, due to costs that have high constants and poor scaling.}, @@ -3148,19 +3173,19 @@ keywords = {Analytical algorithm,CMOS integrated circuits,CMOS technology,Inductors,Layout,minimum resistance,on-chip inductor,Radiofrequency integrated circuits,Resistance,variable width} } -@online{HttpsArxivOrg, +@online{HttpsArxivorgPdf, title = {{{https://arxiv.org/pdf/1909.13770}}}, url = {https://arxiv.org/pdf/1909.13770}, urldate = {2024-05-21} } -@online{HttpsWebArchive, +@online{HttpsWebarchiveorgWeb, title = {{{https://web.archive.org/web/20160421023836id\_/http://people.seas.harvard.edu/\textasciitilde bgoldberg/documents/Papers/ICRA14\_Goldberg.pdf}}}, url = {https://web.archive.org/web/20160421023836id_/http://people.seas.harvard.edu/~bgoldberg/documents/Papers/ICRA14_Goldberg.pdf}, urldate = {2024-07-25} } -@online{HttpsWwwEuroix, +@online{HttpsWwweuroixnetMedia, title = {{{https://www.euro-ix.net/media/filer\_public/1f/74/1f7457be-afd8-471b-b333-2cb7958f9d0b/demystify\_quantum\_key\_distribution\_euro-ix.pdf}}}, url = {https://www.euro-ix.net/media/filer_public/1f/74/1f7457be-afd8-471b-b333-2cb7958f9d0b/demystify_quantum_key_distribution_euro-ix.pdf}, urldate = {2024-06-28} @@ -3274,13 +3299,13 @@ @online{IEEEXploreFullTexta, title = {{{IEEE Xplore Full-Text PDF}}:}, - url = {https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=6520632}, + url = {https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=8558378}, urldate = {2024-09-10} } @online{IEEEXploreFullTextb, title = {{{IEEE Xplore Full-Text PDF}}:}, - url = {https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=8558378}, + url = {https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=6520632}, urldate = {2024-09-10} } @@ -3487,7 +3512,7 @@ url = {https://doi.org/10.1201/9781003123675}, urldate = {2025-11-18}, abstract = {The crypto wars have raged for half a century. In the 1970s, digital privacy activists prophesied the emergence of an Orwellian State, made possible by computer-mediated mass surveillance. The antidote: digital encryption. The U.S. government warned encryption would not only prevent surveillance of law-abiding citizens, but of criminals, terrorists, and foreign spies, ushering in a rival dystopian future. Both parties fought to defend the citizenry from what they believed the most perilous threats. The government tried to control encryption to preserve its surveillance capabilities; privacy activists armed citizens with cryptographic tools and challenged encryption regulations in the courts. No clear victor has emerged from the crypto wars. Governments have failed to forge a framework to govern the, at times conflicting, civil liberties of privacy and security in the digital age—an age when such liberties have an outsized influence on the citizen–State power balance. Solving this problem is more urgent than ever. Digital privacy will be one of the most important factors in how we architect twenty-first century societies—its management is paramount to our stewardship of democracy for future generations. We must elevate the quality of debate on cryptography, on how we govern security and privacy in our technology-infused world. Failure to end the crypto wars will result in societies sleepwalking into a future where the citizen–State power balance is determined by a twentieth-century status quo unfit for this century, endangering both our privacy and security. This book provides a history of the crypto wars, with the hope its chronicling sets a foundation for peace.}, - isbn = {978-1-00-312367-5} + isbn = {978-1-003-12367-5} } @inproceedings{jiangGhostTypeLimitsUsing2024, @@ -3840,7 +3865,7 @@ urldate = {2024-07-31}, abstract = {Most common user authentication methods use some form of password or a combination of passwords. However, encryption schemes are generally not directly compatible with user passwords and thus, Password-Based Key Derivation Functions (PBKDFs) are used to convert user passwords into cryptographic keys. In this paper, we analyze the theoretical security of PBKDF2 and present two vulnerabilities, γ-collision and δ-collision. Using AES-128 as our exemplar, we show that due to γ-collision, text encrypted with one user password can be decrypted with γ − 1 different passwords. We also provide a proof that finding a collision in the derived key for AES-128 requires δ lesser calls to PBKDF2 than the known Birthday attack. Due to this, it is possible to break password-based AES-128 in O(264) calls, which is equivalent to brute-forcing DES.}, eventtitle = {2021 {{IEEE International Conference}} on {{Cyber Security}} and {{Resilience}} ({{CSR}})}, - isbn = {978-1-66540-285-9}, + isbn = {978-1-6654-0285-9}, langid = {english} } @@ -3970,7 +3995,7 @@ pages = {1955--1971}, doi = {10.1109/SP40001.2021.00029}, url = {http://arxiv.org/abs/2009.04263}, - urldate = {2024-01-08}, + urldate = {2024-07-25}, abstract = {Due to its sound theoretical basis and practical efficiency, masking has become the most prominent countermeasure to protect cryptographic implementations against physical sidechannel attacks (SCAs). The core idea of masking is to randomly split every sensitive intermediate variable during computation into at least t+1 shares, where t denotes the maximum number of shares that are allowed to be observed by an adversary without learning any sensitive information. In other words, it is assumed that the adversary is bounded either by the possessed number of probes (e.g., microprobe needles) or by the order of statistical analyses while conducting higher-order SCA attacks (e.g., differential power analysis). Such bounded models are employed to prove the SCA security of the corresponding implementations. Consequently, it is believed that given a sufficiently large number of shares, the vast majority of known SCA attacks are mitigated. In this work, we present a novel laser-assisted SCA technique, called Laser Logic State Imaging (LLSI), which offers an unlimited number of contactless probes, and therefore, violates the probing security model assumption. This technique enables us to take snapshots of hardware implementations, i.e., extract the logical state of all registers at any arbitrary clock cycle with a single measurement. To validate this, we mount our attack on masked AES hardware implementations and practically demonstrate the extraction of the full-length key in two different scenarios. First, we assume that the location of the registers (key and/or state) is known, and hence, their content can be directly read by a single snapshot. Second, we consider an implementation with unknown register locations, where we make use of multiple snapshots and a SAT solver to reveal the secrets.}, langid = {english}, keywords = {Computer Science - Cryptography and Security} @@ -3988,7 +4013,7 @@ pages = {1955--1971}, doi = {10.1109/SP40001.2021.00029}, url = {http://arxiv.org/abs/2009.04263}, - urldate = {2024-07-25}, + urldate = {2024-01-08}, abstract = {Due to its sound theoretical basis and practical efficiency, masking has become the most prominent countermeasure to protect cryptographic implementations against physical sidechannel attacks (SCAs). The core idea of masking is to randomly split every sensitive intermediate variable during computation into at least t+1 shares, where t denotes the maximum number of shares that are allowed to be observed by an adversary without learning any sensitive information. In other words, it is assumed that the adversary is bounded either by the possessed number of probes (e.g., microprobe needles) or by the order of statistical analyses while conducting higher-order SCA attacks (e.g., differential power analysis). Such bounded models are employed to prove the SCA security of the corresponding implementations. Consequently, it is believed that given a sufficiently large number of shares, the vast majority of known SCA attacks are mitigated. In this work, we present a novel laser-assisted SCA technique, called Laser Logic State Imaging (LLSI), which offers an unlimited number of contactless probes, and therefore, violates the probing security model assumption. This technique enables us to take snapshots of hardware implementations, i.e., extract the logical state of all registers at any arbitrary clock cycle with a single measurement. To validate this, we mount our attack on masked AES hardware implementations and practically demonstrate the extraction of the full-length key in two different scenarios. First, we assume that the location of the registers (key and/or state) is known, and hence, their content can be directly read by a single snapshot. Second, we consider an implementation with unknown register locations, where we make use of multiple snapshots and a SAT solver to reveal the secrets.}, langid = {english}, keywords = {Computer Science - Cryptography and Security} @@ -4120,7 +4145,7 @@ issn = {2511-9044, 2511-9044}, doi = {10.1002/qute.201800011}, url = {http://arxiv.org/abs/1703.09278}, - urldate = {2024-05-27}, + urldate = {2024-07-15}, abstract = {Quantum key distribution using weak coherent states and homodyne detection is a promising candidate for practical quantum-cryptographic implementations due to its compatibility with existing telecom equipment and high detection efficiencies. However, despite the actual simplicity of the protocol, the security analysis of this method is rather involved compared to discrete-variable QKD. In this article we review the theoretical foundations of continuous-variable quantum key distribution (CV-QKD) with Gaussian modulation and rederive the essential relations from scratch in a pedagogical way. The aim of this paper is to be as comprehensive and self-contained as possible in order to be well intelligible even for readers with little pre-knowledge on the subject. Although the present article is a theoretical discussion of CV-QKD, its focus lies on practical implementations, taking into account various kinds of hardware imperfections and suggesting practical methods to perform the security analysis subsequent to the key exchange. Apart from a review of well known results, this manuscript presents a set of new original noise models which are helpful to get an estimate of how well a given set of hardware will perform in practice.}, langid = {english}, keywords = {Quantum Physics} @@ -4141,7 +4166,7 @@ issn = {2511-9044, 2511-9044}, doi = {10.1002/qute.201800011}, url = {http://arxiv.org/abs/1703.09278}, - urldate = {2024-05-02}, + urldate = {2024-05-27}, abstract = {Quantum key distribution using weak coherent states and homodyne detection is a promising candidate for practical quantum-cryptographic implementations due to its compatibility with existing telecom equipment and high detection efficiencies. However, despite the actual simplicity of the protocol, the security analysis of this method is rather involved compared to discrete-variable QKD. In this article we review the theoretical foundations of continuous-variable quantum key distribution (CV-QKD) with Gaussian modulation and rederive the essential relations from scratch in a pedagogical way. The aim of this paper is to be as comprehensive and self-contained as possible in order to be well intelligible even for readers with little pre-knowledge on the subject. Although the present article is a theoretical discussion of CV-QKD, its focus lies on practical implementations, taking into account various kinds of hardware imperfections and suggesting practical methods to perform the security analysis subsequent to the key exchange. Apart from a review of well known results, this manuscript presents a set of new original noise models which are helpful to get an estimate of how well a given set of hardware will perform in practice.}, langid = {english}, keywords = {Quantum Physics} @@ -4162,7 +4187,7 @@ issn = {2511-9044, 2511-9044}, doi = {10.1002/qute.201800011}, url = {http://arxiv.org/abs/1703.09278}, - urldate = {2024-07-15}, + urldate = {2024-05-02}, abstract = {Quantum key distribution using weak coherent states and homodyne detection is a promising candidate for practical quantum-cryptographic implementations due to its compatibility with existing telecom equipment and high detection efficiencies. However, despite the actual simplicity of the protocol, the security analysis of this method is rather involved compared to discrete-variable QKD. In this article we review the theoretical foundations of continuous-variable quantum key distribution (CV-QKD) with Gaussian modulation and rederive the essential relations from scratch in a pedagogical way. The aim of this paper is to be as comprehensive and self-contained as possible in order to be well intelligible even for readers with little pre-knowledge on the subject. Although the present article is a theoretical discussion of CV-QKD, its focus lies on practical implementations, taking into account various kinds of hardware imperfections and suggesting practical methods to perform the security analysis subsequent to the key exchange. Apart from a review of well known results, this manuscript presents a set of new original noise models which are helpful to get an estimate of how well a given set of hardware will perform in practice.}, langid = {english}, keywords = {Quantum Physics} @@ -4224,7 +4249,7 @@ langid = {english} } -@article{leePrintedSpiralWinding2011a, +@article{leePrintedSpiralWinding2011, title = {Printed {{Spiral Winding Inductor With Wide Frequency Bandwidth}}}, author = {Lee, Chi Kwan and Su, Y. P. and Ron Hui, S. Y.}, date = {2011-10}, @@ -4424,7 +4449,7 @@ langid = {english} } -@article{lopeFirstSelfResonant2021, +@article{lopeFirstSelfresonantFrequency2021, title = {First Self‐resonant Frequency of Power Inductors Based on Approximated Corrected Stray Capacitances}, author = {Lope, Ignacio and Carretero, Claudio and Acero, Jesus}, date = {2021-02}, @@ -4527,8 +4552,8 @@ location = {Cham}, doi = {10.1007/978-3-030-88428-4_34}, url = {https://link.springer.com/10.1007/978-3-030-88428-4_34}, - urldate = {2024-07-15}, - abstract = {With the advancement of the trusted execution environment (TEE) technologies, hardware-supported secure computing becomes increasingly popular due to its e ciency. During the protocol execution, typically, the players need to contact a third-party server for remote a estation, ensuring the validity of the involved trusted hardware component, such as Intel SGX, as well as the integrity of the computation result. When the hardware manufacturer is not fully trusted, sensitive information may be leaked to the third-party server through backdoors, steganography, and kleptography, etc. In this work, we introduce a new security notion called semi-trusted hardware model, where the adversary is allowed to passively or maliciously corrupt the hardware. erefore, she can learn the input of the hardware component and might also tamper its output. We then show how to utilize such semi-trusted hardwares for correlated randomness teleportation. When the semi-trusted hardware is instantiated by Intel SGX, to generate 10k random OT’s, our protocol is 24X and 450X faster than the EMP-IKNP-ROT in the LAN and WAN se ing, respectively. When SGX is used to teleport garbled circuits, the resulting two-party computation protocol is 5.3-5.7X and 43-47X faster than the EMP-SH2PC in the LAN and WAN se ing, respectively, for the AES-128, SHA-256, and SHA-512 evaluation. We also show how to achieve malicious security with li le overhead.}, + urldate = {2025-08-13}, + abstract = {With the advancement of the trusted execution environment (TEE) technologies, hardware-supported secure computing becomes increasingly popular due to its efficiency. During the protocol execution, typically, the players need to contact a third-party server for remote attestation, ensuring the validity of the involved trusted hardware component, such as Intel SGX, as well as the integrity of the computation result. When the hardware manufacturer is not fully trusted, sensitive information may be leaked to the third-party server through backdoors, steganography, and kleptography, etc. In this work, we introduce a new security notion called semi-trusted hardware model, where the adversary is allowed to passively or maliciously corrupt the hardware. Therefore, she can learn the input of the hardware component and might also tamper its output. We then show how to utilize such semi-trusted hardwares for correlated randomness teleportation. When the semi-trusted hardware is instantiated by Intel SGX, to generate 10k random OT’s, our protocol is 24X and 450X faster than the EMP-IKNP-ROT in the LAN and WAN setting, respectively. When SGX is used to teleport Garbled circuits, the resulting two-party computation protocol is 5.3-5.7X and 43-47X faster than the EMP-SH2PC in the LAN and WAN setting, respectively, for the AES-128, SHA-256, and SHA-512 evaluation. We also show how to achieve malicious security with little overhead.}, isbn = {978-3-030-88427-7 978-3-030-88428-4}, langid = {english} } @@ -4545,8 +4570,8 @@ location = {Cham}, doi = {10.1007/978-3-030-88428-4_34}, url = {https://link.springer.com/10.1007/978-3-030-88428-4_34}, - urldate = {2025-08-13}, - abstract = {With the advancement of the trusted execution environment (TEE) technologies, hardware-supported secure computing becomes increasingly popular due to its efficiency. During the protocol execution, typically, the players need to contact a third-party server for remote attestation, ensuring the validity of the involved trusted hardware component, such as Intel SGX, as well as the integrity of the computation result. When the hardware manufacturer is not fully trusted, sensitive information may be leaked to the third-party server through backdoors, steganography, and kleptography, etc. In this work, we introduce a new security notion called semi-trusted hardware model, where the adversary is allowed to passively or maliciously corrupt the hardware. Therefore, she can learn the input of the hardware component and might also tamper its output. We then show how to utilize such semi-trusted hardwares for correlated randomness teleportation. When the semi-trusted hardware is instantiated by Intel SGX, to generate 10k random OT’s, our protocol is 24X and 450X faster than the EMP-IKNP-ROT in the LAN and WAN setting, respectively. When SGX is used to teleport Garbled circuits, the resulting two-party computation protocol is 5.3-5.7X and 43-47X faster than the EMP-SH2PC in the LAN and WAN setting, respectively, for the AES-128, SHA-256, and SHA-512 evaluation. We also show how to achieve malicious security with little overhead.}, + urldate = {2024-07-15}, + abstract = {With the advancement of the trusted execution environment (TEE) technologies, hardware-supported secure computing becomes increasingly popular due to its e ciency. During the protocol execution, typically, the players need to contact a third-party server for remote a estation, ensuring the validity of the involved trusted hardware component, such as Intel SGX, as well as the integrity of the computation result. When the hardware manufacturer is not fully trusted, sensitive information may be leaked to the third-party server through backdoors, steganography, and kleptography, etc. In this work, we introduce a new security notion called semi-trusted hardware model, where the adversary is allowed to passively or maliciously corrupt the hardware. erefore, she can learn the input of the hardware component and might also tamper its output. We then show how to utilize such semi-trusted hardwares for correlated randomness teleportation. When the semi-trusted hardware is instantiated by Intel SGX, to generate 10k random OT’s, our protocol is 24X and 450X faster than the EMP-IKNP-ROT in the LAN and WAN se ing, respectively. When SGX is used to teleport garbled circuits, the resulting two-party computation protocol is 5.3-5.7X and 43-47X faster than the EMP-SH2PC in the LAN and WAN se ing, respectively, for the AES-128, SHA-256, and SHA-512 evaluation. We also show how to achieve malicious security with li le overhead.}, isbn = {978-3-030-88427-7 978-3-030-88428-4}, langid = {english} } @@ -4643,7 +4668,7 @@ volume = {13}, number = {2}, eprint = {1}, - eprinttype = {pmid}, + eprinttype = {pubmed}, pages = {117--126}, issn = {0006-2944}, doi = {10.1016/0006-2944(75)90147-7}, @@ -4763,7 +4788,7 @@ urldate = {2023-12-21}, abstract = {Paper documents, where digital signatures are not directly applicable, are still widely utilized due to usability and legal reasons. We propose a novel approach to authenticating paper documents by taking short videos of them with smartphones. Our solution combines cryptographic and image comparison techniques to detect and highlight semantic-changing attacks on rich documents, containing text and graphics. We provide geometrical arguments for the security of our novel comparison algorithm, and prove that its combination with a cryptographic protocol is secure against strong adversaries capable of compromising different system components. We also measure its accuracy on a set of 128 videos of paper documents and a set of 960 synthetically generated warped documents, half containing subtle forgeries. Our algorithm finds all forgeries accurately with no false positives. The highlighted regions are large enough to be visible to users, but small enough to precisely locate forgeries.}, eventtitle = {{{ACSAC}} '23: {{Annual Computer Security Applications Conference}}}, - isbn = {9798400708862}, + isbn = {979-8-4007-0886-2}, langid = {english} } @@ -4991,7 +5016,7 @@ url = {https://doi.org/10.1145/3576915.3623092}, urldate = {2024-07-25}, abstract = {The threats of physical side-channel attacks and their countermeasures have been widely researched. Most physical side-channel attacks rely on the unavoidable influence of computation or storage on current consumption or voltage drop on a chip. Such data-dependent influence can be exploited by, for instance, power or electromagnetic analysis. In this work, we introduce a novel non-invasive physical side-channel attack, which exploits the data-dependent changes in the impedance of the chip. Our attack relies on the fact that the temporarily stored contents in registers alter the physical characteristics of the circuit, which results in changes in the die's impedance. To sense such impedance variations, we deploy a well-known RF/microwave method called scattering parameter analysis, in which we inject sine wave signals with high frequencies into the system's power distribution network (PDN) and measure the echo of the signals. We demonstrate that according to the content bits and physical location of a register, the reflected signal is modulated differently at various frequency points enabling the simultaneous and independent probing of individual registers. Such side-channel leakage challenges the t-probing security model assumption used in masking, which is a prominent side-channel countermeasure. To validate our claims, we mount non-profiled and profiled impedance analysis attacks on hardware implementations of unprotected and high-order masked AES. We show that in the case of the profiled attack, only a single trace is required to recover the secret key. Finally, we discuss how a specific class of hiding countermeasures might be effective against impedance leakage.}, - isbn = {9798400700507} + isbn = {979-8-4007-0050-7} } @article{mooreApplicationsWirelessPower2019, @@ -5019,7 +5044,7 @@ journaltitle = {Thermochimica Acta}, shortjournal = {Thermochimica Acta}, volume = {442}, - number = {1-2}, + number = {1--2}, pages = {14--17}, issn = {00406031}, doi = {10.1016/j.tca.2005.11.020}, @@ -5193,7 +5218,7 @@ urldate = {2023-12-21}, abstract = {Most terminal devices authenticate users only once at the time of initial login, leaving the terminal unprotected during an active session when the original user leaves it unattended. To address this issue, continuous authentication has been proposed by automatically locking the terminal after a period of inactivity. However, it does not fully eliminate the risk of unauthorized access before the session expires. Recent research has also investigated the feasibility of using physiological and behavioral patterns as biometrics. This study presents a novel two-factor continuous authentication that explores a new form of signal called human-induced electric potential captured by wearables in contact with the user’s body. By analyzing this signal, we can determine the time of user-terminal interactions and compare it with information recorded by the terminal’s OS. If the original user remains on the same terminal, the two-source readings would match. Additionally, the proposed scheme includes an extra layer of protection by extracting terminal’s physical fingerprints from the human-induced electric potential to defend against advanced mimicry attacks. To test the effectiveness of our design, a low-cost wearable prototype is developed. Through extensive experiments, it is found that the proposed scheme has a low error rate of 2.3\%, with minimal computational and energy requirements.}, eventtitle = {{{ACSAC}} '23: {{Annual Computer Security Applications Conference}}}, - isbn = {9798400708862}, + isbn = {979-8-4007-0886-2}, langid = {english} } @@ -5680,7 +5705,7 @@ keywords = {Acceleration,Cloud computing,Cloud Service,Cryptography,Data Center,Field programmable gate arrays,FPGA,Hardware,Logic gates,Machine learning,Machine Learning,Matrix Multiplication,Multiparty Computation,Secret Sharing,Secure Computation} } -@article{patraABY2ImprovedMixedProtocol, +@article{patraABY20ImprovedMixedProtocol, title = {{{ABY2}}.0: {{Improved Mixed-Protocol Secure Two-Party Computation}}}, author = {Patra, Arpita and Schneider, Thomas and Suresh, Ajith and Yalame, Hossein}, abstract = {Secure Multi-party Computation (MPC) allows a set of mutually distrusting parties to jointly evaluate a function on their private inputs while maintaining input privacy. In this work, we improve semi-honest secure two-party computation (2PC) over rings, with a focus on the efficiency of the online phase.}, @@ -5692,7 +5717,15 @@ langid = {english} } -@standard{pcisecuritystandardscouncilPaymentCardIndustry2021, +@misc{pcisecuritystandardscouncilPaymentCardIndustry2021, + title = {Payment {{Card Industry PIN Transaction Security Hardware Security Module Modular Derived Test Requirements}}}, + author = {{PCI Security Standards Council}}, + date = {2021-12}, + url = {https://docs-prv.pcisecuritystandards.org/PTS/Derived%20Test%20Requirements/PCI_HSM_DTRs_v4.pdf}, + urldate = {2025-04-09} +} + +@standard{pcisecuritystandardscouncilPaymentCardIndustry2021a, title = {Payment {{Card Industry PIN Transaction Security Hardware Security Module Modular Security Requirements}}}, author = {{PCI Security Standards Council}}, date = {2021-12}, @@ -5702,14 +5735,6 @@ version = {4.0} } -@misc{pcisecuritystandardscouncilPaymentCardIndustry2021a, - title = {Payment {{Card Industry PIN Transaction Security Hardware Security Module Modular Derived Test Requirements}}}, - author = {{PCI Security Standards Council}}, - date = {2021-12}, - url = {https://docs-prv.pcisecuritystandards.org/PTS/Derived%20Test%20Requirements/PCI_HSM_DTRs_v4.pdf}, - urldate = {2025-04-09} -} - @standard{pcisecuritystandardscouncilPaymentCardIndustry2025, title = {Payment {{Card Industry PIN Transaction Security Device Testing}} and {{Approval Program Guide}}}, author = {{PCI Security Standards Council}}, @@ -5772,6 +5797,13 @@ Website contains OCR'ed original source and a translation} } +@misc{petriePartIITechnical, + title = {Flexible {{Hardware-Enabled Guarantees Part II}}: {{Technical Options}}}, + author = {Petrie, James and Aarne, Onni}, + langid = {english}, + organization = {(UK) Advanced Research and Innovation Agency} +} + @patent{phamAntitamperMesh2011, type = {patentus}, title = {Anti-Tamper Mesh}, @@ -6291,7 +6323,7 @@ Website contains OCR'ed original source and a translation} url = {https://dl.acm.org/doi/10.1145/3627106.3627192}, urldate = {2023-12-21}, eventtitle = {{{ACSAC}} '23: {{Annual Computer Security Applications Conference}}}, - isbn = {9798400708862}, + isbn = {979-8-4007-0886-2}, langid = {english} } @@ -6476,11 +6508,11 @@ Website contains OCR'ed original source and a translation} keywords = {Dielectric waveguides,Fiber lasers,laser amplifiers,Laser modes,Loss measurement,optical fiber amplifiers,Optical fiber amplifiers,optical fiber lasers,Optical fiber losses,Optical fiber polarization,Optical fibers,Optical propagation,optical waveguide theory,Optical waveguides,Propagation losses,waveguide bends} } -@online{schmiegGoogleThreatModel2024, +@online{schmiegGooglesThreatModel2024, type = {Blog Article}, title = {Google's {{Threat}} Model for {{Post-Quantum Cryptography}}}, author = {Schmieg, Sophie and Kölbl, Stefan and Endignoux, Guillaume}, - date = {2024-03-11}, + date = {2024-11-03}, url = {https://bughunters.google.com/blog/5108747984306176/google-s-threat-model-for-post-quantum-cryptography}, urldate = {2024-06-27}, abstract = {Read on to understand how Google currently evaluates the threat landscape related to post-quantum cryptography, and what implications this has for migrating from classical cryptographic algorithms to PQC.}, @@ -7031,7 +7063,7 @@ Archive 2: https://web.archive.org/web/20250510104017/https://de.linkedin.com/pu langid = {english} } -@incollection{TamperResistance2020a, +@incollection{TamperResistance2020, title = {Tamper {{Resistance}}}, booktitle = {Security {{Engineering}}}, date = {2020}, @@ -7894,7 +7926,7 @@ Archive 2: https://web.archive.org/web/20250510104017/https://de.linkedin.com/pu volume = {66}, number = {4}, eprint = {4}, - eprinttype = {pmid}, + eprinttype = {pubmed}, pages = {1338--1343}, issn = {1090-2104}, doi = {10.1016/0006-291x(75)90506-9}, @@ -7928,7 +7960,7 @@ Archive 2: https://web.archive.org/web/20250510104017/https://de.linkedin.com/pu volume = {30}, number = {2}, eprint = {35}, - eprinttype = {pmid}, + eprinttype = {pubmed}, pages = {225--231}, issn = {0007-1048}, doi = {10.1111/j.1365-2141.1975.tb00536.x}, @@ -8325,7 +8357,7 @@ Archive 2: https://web.archive.org/web/20250510104017/https://de.linkedin.com/pu issn = {2375-1053}, doi = {10.1109/VTS.2015.7116294}, url = {https://ieeexplore.ieee.org/document/7116294/?arnumber=7116294}, - urldate = {2024-10-04}, + urldate = {2024-10-31}, abstract = {The long and distributed supply chain of printed circuit boards (PCBs) makes them vulnerable to different forms of counterfeiting attacks. Existing chip-level integrity validation approaches cannot be readily extended to PCB. In this paper, we address this issue with a novel PCB authentication approach that creates robust, unique signatures from a PCB based on process-induced variations in its trace impedances. The approach comes at virtually zero design and hardware overhead and can be applied to legacy PCBs. Experiments with two sets of commercial PCBs as well as a set of custom designed PCBs show that the proposed approach can obtain unique authentication signature with inter-PCB hamming distance of 47.94\% or higher.}, eventtitle = {2015 {{IEEE}} 33rd {{VLSI Test Symposium}} ({{VTS}})}, keywords = {Authentication,Copper,Counterfeiting,Electrical resistance measurement,High definition video,Impedance,Impedance measurement,Piracy,Printed Circuit Board (PCB),Probes,PUF,Trust} @@ -8340,12 +8372,25 @@ Archive 2: https://web.archive.org/web/20250510104017/https://de.linkedin.com/pu issn = {2375-1053}, doi = {10.1109/VTS.2015.7116294}, url = {https://ieeexplore.ieee.org/document/7116294/?arnumber=7116294}, - urldate = {2024-10-31}, + urldate = {2024-10-04}, abstract = {The long and distributed supply chain of printed circuit boards (PCBs) makes them vulnerable to different forms of counterfeiting attacks. Existing chip-level integrity validation approaches cannot be readily extended to PCB. In this paper, we address this issue with a novel PCB authentication approach that creates robust, unique signatures from a PCB based on process-induced variations in its trace impedances. The approach comes at virtually zero design and hardware overhead and can be applied to legacy PCBs. Experiments with two sets of commercial PCBs as well as a set of custom designed PCBs show that the proposed approach can obtain unique authentication signature with inter-PCB hamming distance of 47.94\% or higher.}, eventtitle = {2015 {{IEEE}} 33rd {{VLSI Test Symposium}} ({{VTS}})}, keywords = {Authentication,Copper,Counterfeiting,Electrical resistance measurement,High definition video,Impedance,Impedance measurement,Piracy,Printed Circuit Board (PCB),Probes,PUF,Trust} } +@patent{zhangTamperrespondentAssembliesPorous2023, + type = {patentus}, + title = {Tamper-Respondent Assemblies with Porous Heat Transfer Element(s)}, + author = {Zhang, Hongqing and HIGBY, Arthur J. and Lewison, David J. and REGO, Philipp K. BUCHLING and Bunt, Jay A. and Busby, James and Campbell, Levi}, + holder = {{International Business Machines Corp}}, + date = {2023-08-01}, + number = {11716808B2}, + url = {https://patents.google.com/patent/US11716808B2/en?q=(hardware+security+module+heatsink)&assignee=International+Business+Machines+Corporation}, + urldate = {2025-12-03}, + langid = {english}, + keywords = {circuit board,electronic component,enclosure,tamper,thermally conductive} +} + @article{zhangWirelessPowerTransfer2019, title = {Wireless {{Power Transfer}}—{{An Overview}}}, author = {Zhang, Zhen and Pang, Hongliang and Georgiadis, Apostolos and Cecati, Carlo}, @@ -8411,23 +8456,6 @@ Archive 2: https://web.archive.org/web/20250510104017/https://de.linkedin.com/pu } @inproceedings{zhouPPMLACHighPerformance2022, - title = {{{PPMLAC}}: High Performance Chipset Architecture for Secure Multi-Party Computation}, - shorttitle = {{{PPMLAC}}}, - booktitle = {Proceedings of the 49th {{Annual International Symposium}} on {{Computer Architecture}}}, - author = {Zhou, Xing and Xu, Zhilei and Wang, Cong and Gao, Mingyu}, - date = {2022-06-11}, - series = {{{ISCA}} '22}, - pages = {87--101}, - publisher = {Association for Computing Machinery}, - location = {New York, NY, USA}, - doi = {10.1145/3470496.3527392}, - url = {https://doi.org/10.1145/3470496.3527392}, - urldate = {2024-07-25}, - abstract = {Privacy issue is a main concern restricting data sharing and cross-organization collaborations. While Privacy-Preserving Machine Learning techniques such as Multi-Party Computations (MPC), Homomorphic Encryption, and Federated Learning are proposed to solve this problem, no solution exists with both strong security and high performance to run large-scale, complex machine learning models. This paper presents PPMLAC, a novel chipset architecture to accelerate MPC, which combines MPC's strong security and hardware's high performance, eliminates the communication bottleneck from MPC, and achieves several orders of magnitudes speed up over software-based MPC. It is carefully designed to only rely on a minimum set of simple hardware components in the trusted domain, thus is robust against side-channel attacks and malicious adversaries. Our FPGA prototype can run mainstream large-scale ML models like ResNet in near real-time under a practical network environment with non-negligible latency, which is impossible for existing MPC solutions.}, - isbn = {978-1-4503-8610-4} -} - -@inproceedings{zhouPPMLACHighPerformance2022a, title = {{{PPMLAC}}: High Performance Chipset Architecture for Secure Multi-Party Computation}, shorttitle = {{{PPMLAC}}}, booktitle = {Proceedings of the 49th {{Annual International Symposium}} on {{Computer Architecture}}}, @@ -8445,6 +8473,23 @@ Archive 2: https://web.archive.org/web/20250510104017/https://de.linkedin.com/pu langid = {english} } +@inproceedings{zhouPPMLACHighPerformance2022a, + title = {{{PPMLAC}}: High Performance Chipset Architecture for Secure Multi-Party Computation}, + shorttitle = {{{PPMLAC}}}, + booktitle = {Proceedings of the 49th {{Annual International Symposium}} on {{Computer Architecture}}}, + author = {Zhou, Xing and Xu, Zhilei and Wang, Cong and Gao, Mingyu}, + date = {2022-06-11}, + series = {{{ISCA}} '22}, + pages = {87--101}, + publisher = {Association for Computing Machinery}, + location = {New York, NY, USA}, + doi = {10.1145/3470496.3527392}, + url = {https://doi.org/10.1145/3470496.3527392}, + urldate = {2024-07-25}, + abstract = {Privacy issue is a main concern restricting data sharing and cross-organization collaborations. While Privacy-Preserving Machine Learning techniques such as Multi-Party Computations (MPC), Homomorphic Encryption, and Federated Learning are proposed to solve this problem, no solution exists with both strong security and high performance to run large-scale, complex machine learning models. This paper presents PPMLAC, a novel chipset architecture to accelerate MPC, which combines MPC's strong security and hardware's high performance, eliminates the communication bottleneck from MPC, and achieves several orders of magnitudes speed up over software-based MPC. It is carefully designed to only rely on a minimum set of simple hardware components in the trusted domain, thus is robust against side-channel attacks and malicious adversaries. Our FPGA prototype can run mainstream large-scale ML models like ResNet in near real-time under a practical network environment with non-negligible latency, which is impossible for existing MPC solutions.}, + isbn = {978-1-4503-8610-4} +} + @inproceedings{zhouPrintListenerUncoveringVulnerability2024, title = {{{PrintListener}}: {{Uncovering}} the {{Vulnerability}} of {{Fingerprint Authentication}} via the {{Finger Friction Sound}}}, shorttitle = {{{PrintListener}}},