References of "Liu, Zhe"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailLightweight EdDSA Signature Verification for the Ultra-Low-Power Internet of Things
Groszschädl, Johann UL; Franck, Christian UL; Liu, Zhe

in Deng, Robert; Bao, Feng; Wang, Guilin (Eds.) et al Information Security Practice and Experience, 16th International Conference, ISPEC 2021, Nanjing, China, December 17–19, 2021, Proceedings (2021, December)

EdDSA is a digital signature scheme based on elliptic curves in Edwards form that is supported in the latest incarnation of the TLS protocol (i.e. TLS version 1.3). The straightforward way of verifying an ... [more ▼]

EdDSA is a digital signature scheme based on elliptic curves in Edwards form that is supported in the latest incarnation of the TLS protocol (i.e. TLS version 1.3). The straightforward way of verifying an EdDSA signature involves a costly double-scalar multiplication of the form kP - lQ where P is a "fixed" point (namely the generator of the underlying elliptic-curve group) and Q is only known at run time. This computation makes a verification not only much slower than a signature generation, but also more memory demanding. In the present paper we compare two implementations of EdDSA verification using Ed25519 as case study; the first is speed-optimized, while the other aims to achieve low RAM footprint. The speed-optimized variant performs the double-scalar multiplication in a simultaneous fashion and uses a Joint-Sparse Form (JSF) representation for the two scalars. On the other hand, the memory-optimized variant splits the computation of kP - lQ into two separate parts, namely a fixed-base scalar multiplication that is carried out using a standard comb method with eight pre-computed points, and a variable-base scalar multiplication, which is executed by means of the conventional Montgomery ladder on the birationally-equivalent Montgomery curve. Our experiments with a 16-bit ultra-low-power MSP430 microcontroller show that the separated method is 24% slower than the simultaneous technique, but reduces the RAM footprint by 40%. This makes the separated method attractive for "lightweight" cryptographic libraries, in particular if both Ed25519 signature generation/verification and X25519 key exchange need to be supported. [less ▲]

Detailed reference viewed: 34 (7 UL)
Full Text
Peer Reviewed
See detailRevisiting Test Cases to Boost Generate-and-Validate Program Repair
Zhang, Jingtang; Liu, Kui; Kim, Dongsun et al

in IEEE International Conference on Software Maintenance and Evolution (ICSME) (2021, September)

Detailed reference viewed: 37 (1 UL)
Full Text
Peer Reviewed
See detailSmartGift: Learning to Generate Practical Inputs for Testing Smart Contracts
Zhou, Teng; Liu, Kui; Li, Li et al

in IEEE International Conference on Software Maintenance and Evolution (ICSME) (2021, September)

Detailed reference viewed: 37 (0 UL)
Full Text
Peer Reviewed
See detailA critical review on the evaluation of automated program repair systems
Kui, Liu; Li, Li; Koyuncu, Anil UL et al

in Journal of Systems and Software (2021)

Detailed reference viewed: 126 (5 UL)
Full Text
Peer Reviewed
See detailParallel Implementation of SM2 Elliptic Curve Cryptography on Intel Processors with AVX2
Huang, Junhao; Liu, Zhe; Hu, Zhi et al

in Liu, Joseph K.; Cui, Hui (Eds.) Information Security and Privacy, 25th Australasian Conference, ACISP 2020, Perth, WA, Australia, November 30 - December 2, 2020, Proceedings (2020, November)

This paper presents an efficient and secure implementation of SM2, the Chinese elliptic curve cryptography standard that has been adopted by the International Organization of Standardization (ISO) as ISO ... [more ▼]

This paper presents an efficient and secure implementation of SM2, the Chinese elliptic curve cryptography standard that has been adopted by the International Organization of Standardization (ISO) as ISO/IEC 14888-3:2018. Our SM2 implementation uses Intel’s Advanced Vector Extensions version 2.0 (AVX2), a family of three-operand SIMD instructions operating on vectors of 8, 16, 32, or 64-bit data elements in 256-bit registers, and is resistant against timing attacks. To exploit the parallel processing capabilities of AVX2, we studied the execution flows of Co-Z Jacobian point arithmetic operations and introduce a parallel 2-way Co-Z addition, Co-Z conjugate addition, and Co-Z ladder algorithm, which allow for fast Co-Z scalar multiplication. Furthermore, we developed an efficient 2-way prime-field arithmetic library using AVX2 to support our Co-Z Jacobian point operations. Both the field and the point operations utilize branch-free (i.e. constant-time) implementation techniques, which increase their ability to resist Simple Power Analysis (SPA) and timing attacks. Our software for scalar multiplication on the SM2 curve is, to our knowledge, the first constant-time implementation of the Co-Z based ladder that leverages the parallelism of AVX2. [less ▲]

Detailed reference viewed: 93 (4 UL)
Full Text
Peer Reviewed
See detailHigh-Performance Ideal Lattice-Based Cryptography on 8-Bit AVR Microcontrollers
Liu, Zhe; Pöppelmann, Thomas; Oder, Tobias et al

in ACM Transactions on Embedded Computing Systems (2017), 16(4), 117

Over recent years lattice-based cryptography has received much attention due to versatile average-case problems like Ring-LWE or Ring-SIS that appear to be intractable by quantum computers. In this work ... [more ▼]

Over recent years lattice-based cryptography has received much attention due to versatile average-case problems like Ring-LWE or Ring-SIS that appear to be intractable by quantum computers. In this work, we evaluate and compare implementations of Ring-LWE encryption and the bimodal lattice signature scheme (BLISS) on an 8-bit Atmel ATxmega128 microcontroller. Our implementation of Ring-LWE encryption provides comprehensive protection against timing side-channels and takes 24.9ms for encryption and 6.7ms for decryption. To compute a BLISS signature, our software takes 317ms and 86ms for verification. These results underline the feasibility of lattice-based cryptography on constrained devices. [less ▲]

Detailed reference viewed: 131 (3 UL)