Jem Berkes: Academic / university work

Thesis: Side-Channel Monitoring of Contactless Java Cards (2008)

Published in the University of Waterloo - Electronic Theses and Dissertations

Smart cards are small, portable, tamper-resistant computers used in security-sensitive applications ranging from identification and access control to payment systems. Side-channel attacks, which use clues from timing, power consumption, or even electromagnetic (EM) signals, can compromise the security of these devices and have been an active research area since 1996. Newer "contactless" cards communicate using radio frequency (RF), without physical contact. These contactless smart cards are sometimes grouped with radio frequency identification (RFID) devices in popular usage of the term. This thesis investigates devices that use the ISO 14443 (proximity card) protocol, a large class of contactless/RFID devices. Although contactless smart cards are increasingly common, very few reproducible practical attacks have been published. Presently, there are no known documented side-channel attacks against contactless Java Cards (open standard multi-application cards) using generic unmodified hardware. This thesis develops a research-friendly platform for investigating side-channel attacks on ISO 14443 contactless smart cards. New techniques for measurement and analysis, as well as the first fully documented EM side-channel monitoring procedure, are presented for a contactless Java Card. These techniques use unmodified, commercial off-the-shelf hardware and are both practical and broadly applicable to a wide range of ISO 14443 devices, including many payment cards and electronic passports.

Paper: Hardware Attacks on Cryptographic Devices: Implementation Attacks on Embedded Systems and Other Portable Hardware (2006)

An introduction to hardware attacks on cryptographic devices. These implementation attacks are physical, not algorithmic, and typically pose a threat when security-related embedded systems are operating in hostile environments that permit the attackers physical access to the device. This technical report offers a summary of side-channel attacks (including differential power and EM attacks) as well as fault and other invasive attacks.

Paper: Design of a DDoS Attack-Resistant Distributed Spam Blocklist (November 2004)

Published in Proceedings of 2nd IASTED International Conference on Communication and Computer Networks (CCN), Cambridge, MA, November 2004. [presentation]

Abstract: "This paper introduces the high-level design for a novel distributed spam blocklist system based on Peer-to-Peer architecture. Deployed on the Internet, this blocklist would be resistant to Distributed Denial of Service (DDoS) attacks without requiring costly investments in server resources. Digital signatures make widespread network participation possible without compromising data integrity. This paper offers a much-needed solution for serving spam blocklists in hostile environments and outlines the constituent software and protocols required. The proposed system requires minimal modification to existing servers, as it can operate alongside current software."

Paper: Design of a Voice over IP System that Circumvents NAT (March 2004)

Completed for group design project, graduation requirement in Department of Electrical and Computer Engineering.

Abstract: "Voice-over-IP (VoIP) provides convenient, low-cost telephone calls over the Internet and has the potential to supercede analogue telephone systems. Current VoIP systems cannot deliver low latency communications between two firewall or Network Address Translation (NAT) protected hosts, which has impeded its widespread adoption among residential Internet users. This report describes the design and implementation of a functional peer-to-peer VoIP system targeted for home PC users on residential Internet connections. A suitable VoIP protocol was developed through network testing and experimentation. This protocol was built into software using modules implementing connection establishment, audio compression, encryption, packet queuing and audio processing. A novel connection establishment scheme that provides direct communication between hosts irrespective of firewalls or NAT was employed to eliminate the need for a centralized architecture, attaining the lower latency inherent to peer-to-peer architectures. The decentralized system scales well since each conversation occupies its own connection independent of any other communications. An external hardware device, capable of interfacing with both the computer and the analogue telephone lines, provides a bridge between our VoIP software and conventional telephone lines. The graphical user interface designed for home PC users allows people to place telephone calls over the Internet and optionally dial real telephone numbers via the hardware interface. The resulting complete system, with the help of user directory facilities, succeeds in providing the full VoIP usability as originally intended."

Paper: Does "subliminal perception" (perception without awareness) occur, and how can it be measured? (December 2004)

(Psychology). This paper investigates what is frequently called "subliminal perception", briefly covering the history behind psychology research into the field and experiments raising questions about existence of the effect. There is an in-depth examination of the debate over the phenomenon including recent experiments and opinions from experts.

Paper: Decentralized Peer-to-Peer Network Architecture: Gnutella and Freenet (April 2003)

An overview of the emerging file sharing networks at the time, with a focus on architecture.

Lab report: Final Lab Report: Microprocessor Interfacing (December 2002)

Abstract: "This lab explores the details of interfacing the 68000 with analog-to-digital (A/D) and digital-to-analog (D/A) converters. Successive approximation, which makes use of a D/A converter to achieve A/D is thoroughly examined. The lab also explores companding. While designing systems that interface with the real world, it is often necessary to get analog data from the real world into the computer for processing and similarly to bring digital data out of the computer back into analog form. These processes describe A/D and D/A conversion, respectively. This lab explores the hardware and software components and the processes used to accomplish such conversions."

Computer Science project: Critical Mass game [Download game] or [Download source] (April 2002)

The game is coded in C++ and uses the Win32 API for its graphical user interface. There is strong artificial intelligence included.

Essay: Language in George Orwell's Nineteen Eighty-Four (1984) (May 2000)

Abstract: "In his novel Nineteen Eighty-Four, George Orwell shows the potential of language as a political tool and weapon. This essay explores the language theme in Nineteen Eighty-Four and presents some background as well as follow-up to the ideas presented."