The Advanced Encryption Standard is used in almost every new embedded application that needs a symmetric-key cipher. In such embedded applications, high-performance as well as resistance against implementation attacks is mandatory. In this paper, we compare and contrast three different software implementations of AES. The first two are based on cryptographic lookup tables, while the third uses bit-slicing. We analyze the performance and side-channel resistance of each implementation on two different FPGA platforms, one based on a PowerPC processor, and the second based on a LEON-3 soft-core processor. Our measurements show that, on embedded platforms, a bit-sliced AES implementation does not always outperform a lookup-table based AES implementation. We also present a detailed analysis of the side-channel resistance and the source of side-channel leakage, and show that our bit-sliced implementation has eight times more side-channel leakage than the lookup-table implementations. Hence, we conclude that a variation on the implementation style for embedded software implementation of AES will not only affect performance, but also embedded system security.
{"title":"A comprehensive analysis of performance and side-channel-leakage of AES SBOX implementations in embedded software","authors":"A. Sinha, Zhimin Chen, P. Schaumont","doi":"10.1145/1873548.1873553","DOIUrl":"https://doi.org/10.1145/1873548.1873553","url":null,"abstract":"The Advanced Encryption Standard is used in almost every new embedded application that needs a symmetric-key cipher. In such embedded applications, high-performance as well as resistance against implementation attacks is mandatory. In this paper, we compare and contrast three different software implementations of AES. The first two are based on cryptographic lookup tables, while the third uses bit-slicing. We analyze the performance and side-channel resistance of each implementation on two different FPGA platforms, one based on a PowerPC processor, and the second based on a LEON-3 soft-core processor. Our measurements show that, on embedded platforms, a bit-sliced AES implementation does not always outperform a lookup-table based AES implementation. We also present a detailed analysis of the side-channel resistance and the source of side-channel leakage, and show that our bit-sliced implementation has eight times more side-channel leakage than the lookup-table implementations. Hence, we conclude that a variation on the implementation style for embedded software implementation of AES will not only affect performance, but also embedded system security.","PeriodicalId":114446,"journal":{"name":"WESS '10","volume":"232 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114231266","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Secure software execution on chip-multiprocessor platforms is compromised by threats such as software-based side channel attacks that expose information from shared memory. The increasing amount of shared (memory or computational) resources on emerging chip-multiprocessors further exacerbates security threats, highlighting the need for secure policies to manage on-chip resources. We present PoliMakE, a methodology that enables exploration and generation of customized policies to guarantee secure software execution on a chip-multiprocessor system in the presence of software-based side channel attacks. PoliMakE analyzes an application's security needs and generates a series of custom policies that dictate how to safely execute tasks and efficiently manage the computational, communication, and memory resources. Our experimental results on DRM, JPEG as well as some synthetic applications show that PoliMakE enables secure software execution with minimal performance overhead, while reducing power consumption, since the policies are customized to efficiently utilize the available on-chip resources. For the case study of running DRM in secure mode concurrently with JPEG encoding, we are able to observe 61% performance improvement when compared to standard approaches. Our policy generation engine is able to generate policies in only a matter of minutes for secure applications with hundreds of tasks. Unsecure applications were observed to resume execution up to 99% faster than with the traditional halt approach.
{"title":"PoliMakE: a policy making engine for secure embedded software execution on chip-multiprocessors","authors":"L. A. Bathen, N. Dutt","doi":"10.1145/1873548.1873550","DOIUrl":"https://doi.org/10.1145/1873548.1873550","url":null,"abstract":"Secure software execution on chip-multiprocessor platforms is compromised by threats such as software-based side channel attacks that expose information from shared memory. The increasing amount of shared (memory or computational) resources on emerging chip-multiprocessors further exacerbates security threats, highlighting the need for secure policies to manage on-chip resources. We present PoliMakE, a methodology that enables exploration and generation of customized policies to guarantee secure software execution on a chip-multiprocessor system in the presence of software-based side channel attacks. PoliMakE analyzes an application's security needs and generates a series of custom policies that dictate how to safely execute tasks and efficiently manage the computational, communication, and memory resources. Our experimental results on DRM, JPEG as well as some synthetic applications show that PoliMakE enables secure software execution with minimal performance overhead, while reducing power consumption, since the policies are customized to efficiently utilize the available on-chip resources. For the case study of running DRM in secure mode concurrently with JPEG encoding, we are able to observe 61% performance improvement when compared to standard approaches. Our policy generation engine is able to generate policies in only a matter of minutes for secure applications with hundreds of tasks. Unsecure applications were observed to resume execution up to 99% faster than with the traditional halt approach.","PeriodicalId":114446,"journal":{"name":"WESS '10","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115800775","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
S. Bhasin, S. Guilley, Florent Flament, Nidhal Selmane, J. Danger
Wave Dynamic Differential Logic (WDDL) is a hiding countermeasure to thrawt side channel attacks (SCA). It suffers from a vulnerability called Early Evaluation, i.e. calculating output before all inputs are valid. This causes delay biases in WDDL even when synthesized with positive gates. s a consequence, the design can be attacked, although with extra effort, through side channel. However, WDDL is an appealing logic since it has already been reported to natively resist against multiple asymmetric faults. In this article, we suggest a Dual Rail Precharge Logic (DPL), similar to WDDL, free from early evaluation by design. We demonstrate practically that the early evaluation accounts for major part of the leakage. We also provide basic guidelines for designing such a DPL. This DPL can resist against side channel attacks and fault attacks at the same time. In line with the current security evaluation methodology, we use differential power analysis and mutual information to compare the modified WDDL with the traditional WDDL. To compare robustness w.r.t security, we conduct a proof-of-concept experiment that compares the two logics with identical implementations (P&R) apart from the logic style. The sensitive side channel leakage is reduced by half in the DPL without the early evaluation flaw.
{"title":"Countering early evaluation: an approach towards robust dual-rail precharge logic","authors":"S. Bhasin, S. Guilley, Florent Flament, Nidhal Selmane, J. Danger","doi":"10.1145/1873548.1873554","DOIUrl":"https://doi.org/10.1145/1873548.1873554","url":null,"abstract":"Wave Dynamic Differential Logic (WDDL) is a hiding countermeasure to thrawt side channel attacks (SCA). It suffers from a vulnerability called Early Evaluation, i.e. calculating output before all inputs are valid. This causes delay biases in WDDL even when synthesized with positive gates. s a consequence, the design can be attacked, although with extra effort, through side channel. However, WDDL is an appealing logic since it has already been reported to natively resist against multiple asymmetric faults. In this article, we suggest a Dual Rail Precharge Logic (DPL), similar to WDDL, free from early evaluation by design. We demonstrate practically that the early evaluation accounts for major part of the leakage. We also provide basic guidelines for designing such a DPL. This DPL can resist against side channel attacks and fault attacks at the same time. In line with the current security evaluation methodology, we use differential power analysis and mutual information to compare the modified WDDL with the traditional WDDL. To compare robustness w.r.t security, we conduct a proof-of-concept experiment that compares the two logics with identical implementations (P&R) apart from the logic style. The sensitive side channel leakage is reduced by half in the DPL without the early evaluation flaw.","PeriodicalId":114446,"journal":{"name":"WESS '10","volume":"53 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116149330","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
CRT-RSA is widely deployed in embedded devices to accelerate the RSA signature generation by about four times compared to regular RSA. However, since the Bellcore attack of 1996, research into securing CRT-RSA has remained active as countermeasures are themselves attacked. In this paper, we propose a new countermeasure designed with a powerful attacker in mind. The attacker may inject multiple precise/random faults and may alter the program counter to skip one or more instructions.� The strength of our countermeasure derives from combining signature validation with signature unblinding modulo n.
{"title":"A new CRT-RSA algorithm resistant to powerful fault attacks","authors":"N. Ebeid, Rob Lambert","doi":"10.1145/1873548.1873556","DOIUrl":"https://doi.org/10.1145/1873548.1873556","url":null,"abstract":"CRT-RSA is widely deployed in embedded devices to accelerate the RSA signature generation by about four times compared to regular RSA. However, since the Bellcore attack of 1996, research into securing CRT-RSA has remained active as countermeasures are themselves attacked. In this paper, we propose a new countermeasure designed with a powerful attacker in mind. The attacker may inject multiple precise/random faults and may alter the program counter to skip one or more instructions.\u0000 The strength of our countermeasure derives from combining signature validation with signature unblinding modulo n.","PeriodicalId":114446,"journal":{"name":"WESS '10","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123867141","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Leandro Fiorin, A. Ferrante, Konstantinos Padarnitsas, S. Carucci
As computing and communications increasingly pervade our lives, security and protection of sensitive data and systems are emerging as extremely important issues. This is especially true for embedded systems, often operating in non-secure environments, and with limited amount of computational, storage, and communication resources available. In servers and desktop systems, Security Enhanced Linux (SELinux) is currently used as a method to enhance security by enforcing a security control based on policies that confine user programs, or processes, to the minimum amount of privileges that they require for their execution. While providing a powerful mean for enhancing security in UNIX-like systems, SELinux still remains a feature that is too heavy to be fully supported by constrained devices. In this paper, we propose a hardware architecture for enhancing security and accelerating retrieval and applications of SELinux policies in embedded processors. We describe the general ideas behind our work, discussing motivations, advantages, and limits of the solution proposed, while suggesting the main steps needed to implement the described architecture on common embedded processors.
{"title":"Hardware-assisted security enhanced Linux in embedded systems: a proposal","authors":"Leandro Fiorin, A. Ferrante, Konstantinos Padarnitsas, S. Carucci","doi":"10.1145/1873548.1873551","DOIUrl":"https://doi.org/10.1145/1873548.1873551","url":null,"abstract":"As computing and communications increasingly pervade our lives, security and protection of sensitive data and systems are emerging as extremely important issues. This is especially true for embedded systems, often operating in non-secure environments, and with limited amount of computational, storage, and communication resources available. In servers and desktop systems, Security Enhanced Linux (SELinux) is currently used as a method to enhance security by enforcing a security control based on policies that confine user programs, or processes, to the minimum amount of privileges that they require for their execution. While providing a powerful mean for enhancing security in UNIX-like systems, SELinux still remains a feature that is too heavy to be fully supported by constrained devices. In this paper, we propose a hardware architecture for enhancing security and accelerating retrieval and applications of SELinux policies in embedded processors. We describe the general ideas behind our work, discussing motivations, advantages, and limits of the solution proposed, while suggesting the main steps needed to implement the described architecture on common embedded processors.","PeriodicalId":114446,"journal":{"name":"WESS '10","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132755183","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Network-on-Chip (NoC) has emerged as a promising solution for scalable communication among steadily growing number of cores integrated in MultiProcessor System-on-Chips (MPSoCs). The increasing system heterogeneity together with the possibility of reconfiguration makes the overall system security one of the major concerns in MPSoC design. On the other hand, modular and scalable design of NoCs enables their enhancements in various directions for supporting services other than simple data routing.� In this work we propose and implement a solution to secure attached processing units from a buffer overflow type of the attacks that comes in a form of a protection module that is embedded into the Network Interface of the NoC. At the same time, our solution prevents potential propagation of the attack through the NoC towards other processors. We prove feasibility via prototype realization in FPGA technology for a MicroBlaze processor on Xilinx Virtex-II Pro board.
{"title":"Enhancing network-on-chip components to support security of processing elements","authors":"S. Lukovic, Nikolaos Christianos","doi":"10.1145/1873548.1873560","DOIUrl":"https://doi.org/10.1145/1873548.1873560","url":null,"abstract":"Network-on-Chip (NoC) has emerged as a promising solution for scalable communication among steadily growing number of cores integrated in MultiProcessor System-on-Chips (MPSoCs). The increasing system heterogeneity together with the possibility of reconfiguration makes the overall system security one of the major concerns in MPSoC design. On the other hand, modular and scalable design of NoCs enables their enhancements in various directions for supporting services other than simple data routing.\u0000 In this work we propose and implement a solution to secure attached processing units from a buffer overflow type of the attacks that comes in a form of a protection module that is embedded into the Network Interface of the NoC. At the same time, our solution prevents potential propagation of the attack through the NoC towards other processors. We prove feasibility via prototype realization in FPGA technology for a MicroBlaze processor on Xilinx Virtex-II Pro board.","PeriodicalId":114446,"journal":{"name":"WESS '10","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132885317","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Abdourhamane Idrissa, A. Aubert, T. Fournel, V. Fischer
Industrial companies lose large sums of money because of counterfeits and they need to efficiently protect their trademarks. Most of them implement their own anti-counterfeiting policy to deal with the menace. A number of technologies, such as holograms, smart cards, biometric markers and inks, can be employed to protect and authenticate genuine products. Instead of using markers and additional identification means, one of the recent methods use a PUF-like authentication method based on image processing. However, in order to authenticate the object (e.g. a trademark product), the method needs direct access to the database system containing the object's "fingerprint". The paper presents a new secure method to remotely authenticate the object without communication with the database server. In this method, an autonomous and secure embedded system called authentication device authenticates the product by extracting its morphometric fingerprint and comparing it with a signed original morphometric fingerprint printed on the object. However, we show that in order to secure the protocol, the authentication hardware needs to be authenticated, too. For this reason, we propose security protocols that allow to authenticate the authentication device and remotely check its integrity. The proposed security protocols are shown to be sure using formal methods of security protocol evaluation.
{"title":"Secure protocols for serverless remote product authentication","authors":"Abdourhamane Idrissa, A. Aubert, T. Fournel, V. Fischer","doi":"10.1145/1873548.1873559","DOIUrl":"https://doi.org/10.1145/1873548.1873559","url":null,"abstract":"Industrial companies lose large sums of money because of counterfeits and they need to efficiently protect their trademarks. Most of them implement their own anti-counterfeiting policy to deal with the menace. A number of technologies, such as holograms, smart cards, biometric markers and inks, can be employed to protect and authenticate genuine products. Instead of using markers and additional identification means, one of the recent methods use a PUF-like authentication method based on image processing. However, in order to authenticate the object (e.g. a trademark product), the method needs direct access to the database system containing the object's \"fingerprint\". The paper presents a new secure method to remotely authenticate the object without communication with the database server. In this method, an autonomous and secure embedded system called authentication device authenticates the product by extracting its morphometric fingerprint and comparing it with a signed original morphometric fingerprint printed on the object. However, we show that in order to secure the protocol, the authentication hardware needs to be authenticated, too. For this reason, we propose security protocols that allow to authenticate the authentication device and remotely check its integrity. The proposed security protocols are shown to be sure using formal methods of security protocol evaluation.","PeriodicalId":114446,"journal":{"name":"WESS '10","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122619156","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Security in embedded computing systems is now an important concern for a diverse set of applications. However, the embedded hardware implementation may unintentionally leak information, through its electromagnetic emanations or current draw, which may lead to the revelation of secrets used in the cryptographic computations being performed. This paper presents an attack methodology and an empirical study, based on Correlation Analysis in the Frequency domain (CAF) with pre-characterization of the embedded system. Unlike previous research this analysis exploits the fact that a few frequencies are more likely to leak computing information, and are independent of the system clock (rather a function of the technology). Results indicate that the secret key can be reliably extracted from both hardware and software implementations of AES. The analysis presented is additionally tolerant to trace misalignments and has been tested with real power and electromagnetic (EM) traces used to extract 8-bit keys and full 128-bit keys. This research is important for providing more secure cryptographic computations necessary in many embedded systems.
{"title":"A new correlation frequency analysis of the side channel","authors":"Edgar Mateos, C. Gebotys","doi":"10.1145/1873548.1873552","DOIUrl":"https://doi.org/10.1145/1873548.1873552","url":null,"abstract":"Security in embedded computing systems is now an important concern for a diverse set of applications. However, the embedded hardware implementation may unintentionally leak information, through its electromagnetic emanations or current draw, which may lead to the revelation of secrets used in the cryptographic computations being performed. This paper presents an attack methodology and an empirical study, based on Correlation Analysis in the Frequency domain (CAF) with pre-characterization of the embedded system. Unlike previous research this analysis exploits the fact that a few frequencies are more likely to leak computing information, and are independent of the system clock (rather a function of the technology). Results indicate that the secret key can be reliably extracted from both hardware and software implementations of AES. The analysis presented is additionally tolerant to trace misalignments and has been tested with real power and electromagnetic (EM) traces used to extract 8-bit keys and full 128-bit keys. This research is important for providing more secure cryptographic computations necessary in many embedded systems.","PeriodicalId":114446,"journal":{"name":"WESS '10","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134291306","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Ted Huffmire, T. Levin, Michael Bilzor, C. Irvine, Jonathan Valamehr, Mohit Tiwari, T. Sherwood, R. Kastner
3-D circuit-level integration is a chip fabrication technique in which two or more dies are stacked and combined into a single circuit through the use of vertical electroconductive posts. Since the dies may be manufactured separately, 3-D circuit integration offers the option of enhancing a commodity processor with a variety of security functions. This paper examines the 3-D design approach and provides an analysis concluding that the commodity die system need not be independently trustworthy for the system of joined dies to provide certain trustworthy functions. In addition to describing the range of possible security enhancements (such as cryptographic services), we describe the ways in which multiple-die subsystems can depend on each other, and a set of processing abstractions and general design constraints with examples to address these dependencies.
{"title":"Hardware trust implications of 3-D integration","authors":"Ted Huffmire, T. Levin, Michael Bilzor, C. Irvine, Jonathan Valamehr, Mohit Tiwari, T. Sherwood, R. Kastner","doi":"10.1145/1873548.1873549","DOIUrl":"https://doi.org/10.1145/1873548.1873549","url":null,"abstract":"3-D circuit-level integration is a chip fabrication technique in which two or more dies are stacked and combined into a single circuit through the use of vertical electroconductive posts. Since the dies may be manufactured separately, 3-D circuit integration offers the option of enhancing a commodity processor with a variety of security functions. This paper examines the 3-D design approach and provides an analysis concluding that the commodity die system need not be independently trustworthy for the system of joined dies to provide certain trustworthy functions. In addition to describing the range of possible security enhancements (such as cryptographic services), we describe the ways in which multiple-die subsystems can depend on each other, and a set of processing abstractions and general design constraints with examples to address these dependencies.","PeriodicalId":114446,"journal":{"name":"WESS '10","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130396709","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Physical Unclonable Functions (PUFs) based on Ring Oscillators (ROs) are a promising primitive for FPGA security. However, the quality of their implementation depends on several design parameters. In this paper, we show that ring oscillator frequencies strongly depend on surrounding logic. Based on these findings, we propose a strategy for improving the quality of RO PUF designs by placing and comparing ROs in a chain-like structure. We also show that an increased RO runtime and RO disabling has a clear positive effect on the quality of a RO PUF. We implemented a RO PUF key generation system on an FPGA using our design strategy. Our results clearly indicate that our proposed design strategy can significantly improve the quality of a RO PUF implementation.
{"title":"Improving the quality of ring oscillator PUFs on FPGAs","authors":"D. Merli, F. Stumpf, C. Eckert","doi":"10.1145/1873548.1873557","DOIUrl":"https://doi.org/10.1145/1873548.1873557","url":null,"abstract":"Physical Unclonable Functions (PUFs) based on Ring Oscillators (ROs) are a promising primitive for FPGA security. However, the quality of their implementation depends on several design parameters. In this paper, we show that ring oscillator frequencies strongly depend on surrounding logic. Based on these findings, we propose a strategy for improving the quality of RO PUF designs by placing and comparing ROs in a chain-like structure. We also show that an increased RO runtime and RO disabling has a clear positive effect on the quality of a RO PUF. We implemented a RO PUF key generation system on an FPGA using our design strategy. Our results clearly indicate that our proposed design strategy can significantly improve the quality of a RO PUF implementation.","PeriodicalId":114446,"journal":{"name":"WESS '10","volume":"309 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132642623","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: