D6.8 Prototype of a secured device implementing crypto primitives

Contributing Partners

CEA

Executive Summary

PRISMACLOUD aims at bringing novel cryptographic concepts and methods to practical application to improve the security and privacy of cloud based services and makes them usable for providers and users.
The purpose of this report is to serve as an accompanying document for the release of the prototype device demonstrating the hardware secure implementation of crypto primitives. The prototype device implements a redactable signature scheme such as described in delivrable D4.4 [1] that is robust to attacks with quantum computers. Deliverable D6.7 [2] explains the choice of Keccak and BLISS as cryptographic primitives.
The hardware implementation of these primitives aims at providing more performance on speed and security. Hardware implementation generally offer tamper resistance to a wide variety of attacks including side channel attacks, provided that the right counter measures are implemented. After discussing these choices, the document focuses on architectural choices for the development of the prototype device: the choice for the target platform and the architectural choices. Eventually the document describes in details the implementation of the different blocks of the system.
The output of this study is a prototype that will be the target of a security study in task T6.4 where the hardware device will be analysed using a side channel test bench while the private key is being used during the BLISS signature.