Pub Date : 2010-06-13DOI: 10.1109/HST.2010.5513120
B. Newgard, Colby Hoffman
Consistency and Traceability are the highest priority of the system architect in the world of high-assurance processing. Developing such a system requires the use of high assurance software and hardware working in a cohesive, well defined manner. To achieve and sustain high-assurance, the system must have the ability to continuously check and verify the proper hardware and software operation and execution.
{"title":"Using multiple processors in a single reconfigurable fabric for high-assurance applications","authors":"B. Newgard, Colby Hoffman","doi":"10.1109/HST.2010.5513120","DOIUrl":"https://doi.org/10.1109/HST.2010.5513120","url":null,"abstract":"Consistency and Traceability are the highest priority of the system architect in the world of high-assurance processing. Developing such a system requires the use of high assurance software and hardware working in a cohesive, well defined manner. To achieve and sustain high-assurance, the system must have the ability to continuously check and verify the proper hardware and software operation and execution.","PeriodicalId":6367,"journal":{"name":"2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST)","volume":"116 1","pages":"25-29"},"PeriodicalIF":0.0,"publicationDate":"2010-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82244162","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2010-06-13DOI: 10.1109/HST.2010.5513109
Jeyavijayan Rajendran, Hetal Borad, Shyam Mantravadi, R. Karri
Fault attacks, wherein faults are deliberately injected into cryptographic devices, can compromise their security. Moreover, in the emerging nanometer regime of VLSI, accidental faults will occur at very high rates. While straightforward hardware redundancy based concurrent error detection (CED) can detect transient and permanent faults, it entails 100% area overhead. On the other hand, time redundancy based CED can only detect transient faults with minimum area overhead but entails 100% time overhead. In this paper we present a general time redundancy based CED technique called SLICED for pipelined implementations of symmetric block cipher. SLICED SLIdes one encryption over another and compares their results for CED as a basis for protection against accidental faults and deliberate fault attacks.
{"title":"SLICED: Slide-based concurrent error detection technique for symmetric block ciphers","authors":"Jeyavijayan Rajendran, Hetal Borad, Shyam Mantravadi, R. Karri","doi":"10.1109/HST.2010.5513109","DOIUrl":"https://doi.org/10.1109/HST.2010.5513109","url":null,"abstract":"Fault attacks, wherein faults are deliberately injected into cryptographic devices, can compromise their security. Moreover, in the emerging nanometer regime of VLSI, accidental faults will occur at very high rates. While straightforward hardware redundancy based concurrent error detection (CED) can detect transient and permanent faults, it entails 100% area overhead. On the other hand, time redundancy based CED can only detect transient faults with minimum area overhead but entails 100% time overhead. In this paper we present a general time redundancy based CED technique called SLICED for pipelined implementations of symmetric block cipher. SLICED SLIdes one encryption over another and compares their results for CED as a basis for protection against accidental faults and deliberate fault attacks.","PeriodicalId":6367,"journal":{"name":"2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST)","volume":"43 1","pages":"70-75"},"PeriodicalIF":0.0,"publicationDate":"2010-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91115520","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2010-06-13DOI: 10.1109/HST.2010.5513118
Daniel Ziener, Florian Baueregger, J. Teich
In this paper, we present several enhancements to power watermarking that allow to simultaneously transmit and verify multiple signatures. Power watermarking of netlist IP cores for FPGA architectures is used for detecting IP fraud where the signature (watermark) is transmitted over the power supply pins of the FPGA. Many (watermarked) IP cores can be combined in an FPGA design, which raises the question of how multiple signatures can be detected using the same set of pins. As a solution, we propose multiplexing techniques for power side channel communication, so that all watermarked cores inside the FPGA can be identified to establish a proof of authorship. We analyze different multiplexing methods in order to adapt them to power watermarking and provide experimental results with several cores concurrently transmitting signatures.
{"title":"Multiplexing methods for power watermarking","authors":"Daniel Ziener, Florian Baueregger, J. Teich","doi":"10.1109/HST.2010.5513118","DOIUrl":"https://doi.org/10.1109/HST.2010.5513118","url":null,"abstract":"In this paper, we present several enhancements to power watermarking that allow to simultaneously transmit and verify multiple signatures. Power watermarking of netlist IP cores for FPGA architectures is used for detecting IP fraud where the signature (watermark) is transmitted over the power supply pins of the FPGA. Many (watermarked) IP cores can be combined in an FPGA design, which raises the question of how multiple signatures can be detected using the same set of pins. As a solution, we propose multiplexing techniques for power side channel communication, so that all watermarked cores inside the FPGA can be identified to establish a proof of authorship. We analyze different multiplexing methods in order to adapt them to power watermarking and provide experimental results with several cores concurrently transmitting signatures.","PeriodicalId":6367,"journal":{"name":"2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST)","volume":"76 1","pages":"36-41"},"PeriodicalIF":0.0,"publicationDate":"2010-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74018895","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2010-06-13DOI: 10.1109/HST.2010.5513103
Kurt Rosenfeld, Efstratios Gavas, R. Karri
We propose a novel variety of sensor that extends the functionality of conventional physical unclonable functions to provide authentication, unclonability, and verification of a sensed value. This new class of device addresses the vulnerability in typical sensing systems whereby an attacker can spoof measurements by interfering with the analog signals that pass from the sensor element to the embedded microprocessor. The concept can be applied to any type of analog sensor.
{"title":"Sensor physical unclonable functions","authors":"Kurt Rosenfeld, Efstratios Gavas, R. Karri","doi":"10.1109/HST.2010.5513103","DOIUrl":"https://doi.org/10.1109/HST.2010.5513103","url":null,"abstract":"We propose a novel variety of sensor that extends the functionality of conventional physical unclonable functions to provide authentication, unclonability, and verification of a sensed value. This new class of device addresses the vulnerability in typical sensing systems whereby an attacker can spoof measurements by interfering with the analog signals that pass from the sensor element to the embedded microprocessor. The concept can be applied to any type of analog sensor.","PeriodicalId":6367,"journal":{"name":"2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST)","volume":"30 1","pages":"112-117"},"PeriodicalIF":0.0,"publicationDate":"2010-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78266523","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2010-06-13DOI: 10.1109/HST.2010.5513119
C. J. Clark
This paper describes an anti-tamper JTAG Tap design which uses SHA256 secure hash and a true random number generator (TRNG) to create a low gate overhead challenge/response based access system for IC test and on-chip internals. The system may be used to enable 1149.1 TAP instructions or may control access to an IEEE P1687 on-chip instrument. The TAP owner (manufacturer of the IC) may then use DRM (Digital Rights Management) based JTAG software to manage which end users have access to the TAP or TAP accessible areas of the IC.
{"title":"Anti-tamper JTAG TAP design enables DRM to JTAG registers and P1687 on-chip instruments","authors":"C. J. Clark","doi":"10.1109/HST.2010.5513119","DOIUrl":"https://doi.org/10.1109/HST.2010.5513119","url":null,"abstract":"This paper describes an anti-tamper JTAG Tap design which uses SHA256 secure hash and a true random number generator (TRNG) to create a low gate overhead challenge/response based access system for IC test and on-chip internals. The system may be used to enable 1149.1 TAP instructions or may control access to an IEEE P1687 on-chip instrument. The TAP owner (manufacturer of the IC) may then use DRM (Digital Rights Management) based JTAG software to manage which end users have access to the TAP or TAP accessible areas of the IC.","PeriodicalId":6367,"journal":{"name":"2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST)","volume":"10 1","pages":"19-24"},"PeriodicalIF":0.0,"publicationDate":"2010-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78696260","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2010-06-13DOI: 10.1109/HST.2010.5513113
Kazuyuki Tanimura, N. Dutt
Differential Power Analysis (DPA) side-channel attacks pose serious threats for embedded system security. WDDL was proposed as a countermeasure that can be incorporated into a conventional ASIC design flow using standard cells. However, our spice simulations show that DPA attacks on WDDL still leak secret keys to adversaries despite the doubled area and energy overheads due to the use of complementary cells. This paper proposes ExCCel, a simulated annealing based method that automatically generates and explores combinations of complementary cells for reducing the power-consumption dependency and overheads using standard cells. Our experimental results on the AES S-Box circuit with our explored complementary cells requires 6.1%and 2.1%additional area and energy while WDDL requires 100.3% and 93.4%, respectively. Moreover, ExCCeL achieves higher DPA attack resistivity compared to WDDL in many cases.
{"title":"ExCCel: Exploration of complementary cells for efficient DPA attack resistivity","authors":"Kazuyuki Tanimura, N. Dutt","doi":"10.1109/HST.2010.5513113","DOIUrl":"https://doi.org/10.1109/HST.2010.5513113","url":null,"abstract":"Differential Power Analysis (DPA) side-channel attacks pose serious threats for embedded system security. WDDL was proposed as a countermeasure that can be incorporated into a conventional ASIC design flow using standard cells. However, our spice simulations show that DPA attacks on WDDL still leak secret keys to adversaries despite the doubled area and energy overheads due to the use of complementary cells. This paper proposes ExCCel, a simulated annealing based method that automatically generates and explores combinations of complementary cells for reducing the power-consumption dependency and overheads using standard cells. Our experimental results on the AES S-Box circuit with our explored complementary cells requires 6.1%and 2.1%additional area and energy while WDDL requires 100.3% and 93.4%, respectively. Moreover, ExCCeL achieves higher DPA attack resistivity compared to WDDL in many cases.","PeriodicalId":6367,"journal":{"name":"2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST)","volume":"31 1","pages":"52-55"},"PeriodicalIF":0.0,"publicationDate":"2010-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76893073","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2010-06-13DOI: 10.1109/HST.2010.5513105
C. Yin, G. Qu
The silicon physical unclonable functions (PUF) measure uncontrollable variations of the integrated circuit (IC) fabrication process to facilitate IC authentication. One of the most reliable silicon PUF structures is the ring oscillator (RO) PUF; however, the lack of efficient secret extraction schemes diminishes its practicality. In this work, we propose a longest increasing subsequence-based grouping algorithm (LISA) to enhance the hardware utilization. To analyze the performance of LISA, we introduce a hybrid architecture and formulate its cost and delay metrics; by solving the introduced hybrid coefficient, RO PUF designers can quickly determine the optimal hardware configuration. Finally, our claims are validated by a proof-of-the-concept FPGA-based implementation.
{"title":"LISA: Maximizing RO PUF's secret extraction","authors":"C. Yin, G. Qu","doi":"10.1109/HST.2010.5513105","DOIUrl":"https://doi.org/10.1109/HST.2010.5513105","url":null,"abstract":"The silicon physical unclonable functions (PUF) measure uncontrollable variations of the integrated circuit (IC) fabrication process to facilitate IC authentication. One of the most reliable silicon PUF structures is the ring oscillator (RO) PUF; however, the lack of efficient secret extraction schemes diminishes its practicality. In this work, we propose a longest increasing subsequence-based grouping algorithm (LISA) to enhance the hardware utilization. To analyze the performance of LISA, we introduce a hybrid architecture and formulate its cost and delay metrics; by solving the introduced hybrid coefficient, RO PUF designers can quickly determine the optimal hardware configuration. Finally, our claims are validated by a proof-of-the-concept FPGA-based implementation.","PeriodicalId":6367,"journal":{"name":"2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST)","volume":"23 1","pages":"100-105"},"PeriodicalIF":0.0,"publicationDate":"2010-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82533228","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2010-06-13DOI: 10.1109/HST.2010.5513124
Houssem Maghrebi, S. Guilley, J. Danger, Florent Flament
Recent works have shown that the mutual information is a generic side-channel distinguisher, since it detects any kind of statistical dependency between leakage observations and hypotheses on the secret. In this study the mutual information analysis (MIA) is tested in a noisy real world design. It indeed appears to be a powerful approach to break unprotected implementations. However, the MIA fails when applied on a DES cryptoprocessor with masked substitution boxes (Sboxes) in ROM. Nevertheless, this masking implementation remains sensitive to Higher-Order Differential Power Analysis (HO-DPA). For instance, an attack based on a variance analysis clearly shows the vulnerabilities of a first order masking countermeasure. We propose a novel approach to information-theoretic HO attacks, called the Entropy-based Power Analysis (EPA). This new attack gives a greatest importance to highly informative partitions and in the meantime better distinguishes between the key hypotheses. A thorough empirical evaluation of the proposed attack confirms the overwhelming advantage of this new approach when compared with MIA.
{"title":"Entropy-based power attack","authors":"Houssem Maghrebi, S. Guilley, J. Danger, Florent Flament","doi":"10.1109/HST.2010.5513124","DOIUrl":"https://doi.org/10.1109/HST.2010.5513124","url":null,"abstract":"Recent works have shown that the mutual information is a generic side-channel distinguisher, since it detects any kind of statistical dependency between leakage observations and hypotheses on the secret. In this study the mutual information analysis (MIA) is tested in a noisy real world design. It indeed appears to be a powerful approach to break unprotected implementations. However, the MIA fails when applied on a DES cryptoprocessor with masked substitution boxes (Sboxes) in ROM. Nevertheless, this masking implementation remains sensitive to Higher-Order Differential Power Analysis (HO-DPA). For instance, an attack based on a variance analysis clearly shows the vulnerabilities of a first order masking countermeasure. We propose a novel approach to information-theoretic HO attacks, called the Entropy-based Power Analysis (EPA). This new attack gives a greatest importance to highly informative partitions and in the meantime better distinguishes between the key hypotheses. A thorough empirical evaluation of the proposed attack confirms the overwhelming advantage of this new approach when compared with MIA.","PeriodicalId":6367,"journal":{"name":"2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST)","volume":"791 1","pages":"1-6"},"PeriodicalIF":0.0,"publicationDate":"2010-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76123211","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2010-06-13DOI: 10.1109/HST.2010.5513116
Xinxin Fan, G. Gong, Ken Lauffenburger, Troy N. Hicks
Hummingbird is a new ultra-lightweight cryptographic algorithm targeted for resource-constrained devices like RFID tags, smart cards, and wireless sensor nodes. In this paper, we describe efficient hardware implementations of a stand-alone Hummingbird component in field-programmable gate array (FPGA) devices. We implement an encryption only core and an encryption/decryption core on the low-cost Xilinx FPGA series Spartan-3 and compare our results with other reported lightweight block cipher implementations on the same series. Our experimental results highlight that in the context of low-cost FPGA implementation Hummingbird has favorable efficiency and low area requirements.
{"title":"FPGA implementations of the Hummingbird cryptographic algorithm","authors":"Xinxin Fan, G. Gong, Ken Lauffenburger, Troy N. Hicks","doi":"10.1109/HST.2010.5513116","DOIUrl":"https://doi.org/10.1109/HST.2010.5513116","url":null,"abstract":"Hummingbird is a new ultra-lightweight cryptographic algorithm targeted for resource-constrained devices like RFID tags, smart cards, and wireless sensor nodes. In this paper, we describe efficient hardware implementations of a stand-alone Hummingbird component in field-programmable gate array (FPGA) devices. We implement an encryption only core and an encryption/decryption core on the low-cost Xilinx FPGA series Spartan-3 and compare our results with other reported lightweight block cipher implementations on the same series. Our experimental results highlight that in the context of low-cost FPGA implementation Hummingbird has favorable efficiency and low area requirements.","PeriodicalId":6367,"journal":{"name":"2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST)","volume":"66 1","pages":"48-51"},"PeriodicalIF":0.0,"publicationDate":"2010-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80786515","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2010-06-13DOI: 10.1109/HST.2010.5513112
E. Menendez, K. Mai
Power analysis attacks are a common and effective method of defeating cryptographic systems. Many power-analysis-resistant digital circuit techniques have been previously proposed, leaving the circuit designer a myriad of choices without a simple way to compare and contrast the strengths and weaknesses of each technique. In this paper, we compare four promising power-analysis-resistant digital logic styles against a standard CMOS baseline. By comparing these techniques side by side in a consistent manner we present a clearer picture of the advantages and drawbacks of each. Results are presented for logic gate area, energy consumption, and power-analysis resistance. We also present a novel test structure suitable for measuring power-analysis resistance of individual logic gates in actual silicon.
{"title":"A comparison of power-analysis-resistant digital circuits","authors":"E. Menendez, K. Mai","doi":"10.1109/HST.2010.5513112","DOIUrl":"https://doi.org/10.1109/HST.2010.5513112","url":null,"abstract":"Power analysis attacks are a common and effective method of defeating cryptographic systems. Many power-analysis-resistant digital circuit techniques have been previously proposed, leaving the circuit designer a myriad of choices without a simple way to compare and contrast the strengths and weaknesses of each technique. In this paper, we compare four promising power-analysis-resistant digital logic styles against a standard CMOS baseline. By comparing these techniques side by side in a consistent manner we present a clearer picture of the advantages and drawbacks of each. Results are presented for logic gate area, energy consumption, and power-analysis resistance. We also present a novel test structure suitable for measuring power-analysis resistance of individual logic gates in actual silicon.","PeriodicalId":6367,"journal":{"name":"2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST)","volume":"54 1","pages":"64-69"},"PeriodicalIF":0.0,"publicationDate":"2010-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78674734","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: