Biblio

In this paper we report on the results of selected horizontal SCA attacks against two open-source designs that implement hardware accelerators for elliptic curve cryptography. Both designs use the complete addition formula to make the point addition and point doubling operations indistinguishable. One of the designs uses in addition means to randomize the operation sequence as a countermeasure. We used the comparison to the mean and an automated SPA to attack both designs. Despite all these countermeasures, we were able to extract the keys processed with a correctness of 100%.

The separation of manufacturing and design processes in the integrated circuit industry to tackle the ever increasing circuit complexity and time to market issues has brought with it some major security challenges. Chief among them is IP piracy by untrusted parties. Hardware obfuscation which locks the functionality and modifies the structure of an IP core to protect it from malicious modifications or piracy has been proposed as a solution. In this paper, we develop an efficient hardware obfuscation method, called Mystic (Mystifying IP Cores), to protect IP cores from reverse engineering, IP overproduction, and IP piracy. The key idea behind Mystic is to add additional state transitions to the original/functional FSM (Finite State Machine) that are taken only when incorrect keys are applied to the circuit. Using the proposed Mystic obfuscation approach, the underlying functionality of the IP core is locked and normal FSM transitions are only available to authorized chip users. The synthesis results of ITC99 circuit benchmarks for ASIC 45nm technology reveal that the Mystic protection method imposes on average 5.14% area overhead, 5.21% delay overhead, and 8.06% power consumption overheads while it exponentially lowers the probability that an unauthorized user will gain access to or derive the chip functionality.

The readout of large pixellated detectors with good spectroscopic quality represents a challenge for both front-end and back-end electronics. The TRISTAN project for the search of the Sterile neutrino in the keV-scale, envisions the operation of 21 detection modules equipped with a monolithic array of 166 SDDs each, for β-decay spectroscopy in the KATRIN experiment's spectrometer. Since the trace of the sterile neutrino existence would manifest as a kink of \textbackslashtextless; 1ppm in the continuous spectrum, high accuracy in the acquisition is required. Within this framework, we present the design of a multichannel scalable analog processing and DAQ system named Kerberos, aimed to provide a simple and low-cost multichannel readout option in the early phase of the TRISTAN detector development. It is based on three 16-channel integrated programmable analog pulse processors (SFERA ASICs), high linearity ADCs, and an FPGA. The platform is able to acquire data from up to 48 pixels in parallel, providing also different readout and multiplexing strategies. The use of an analog ASIC-based solution instead of a Digital Pulse Processor, represents a viable and scalable processing solution at the price of slightly limited versatility and count rate.

Field-programmable gate arrays (FPGAs) are widely applied in various fields for its merit of reconfigurability. The reusable intellectual property (IP) design blocks are usually adopted in the more complex FPGA designs to shorten design cycle. IP infringement hence becomes a concern. In this paper, we propose a new pay-per-use scheme using the lock and key mechanism for the protection of FPGA IP. Physical Unclonable Function (PUF) is adopted to generate a unique ID for each IP instance. An extra Finite State Machine (FSM) is introduced for the secure retrieval of PUF information by the FPGA IP vendor. The lock is implemented on the original FSM. Only when the FPGA developer can provide a correct license, can the FSM be unlocked and start normal operation. The FPGA IP can hence be protected from illegal use or distribution. The scheme is applied on some benchmarks and the experimental results show that it just incurs acceptably low overhead while it can resist typical attacks.

Wide bandgap power semiconductors are key enablers for increasing the power density of switch-mode power supplies. However, they require new gate drive technologies. This paper examines and characterizes a fabricated gate-driver in a class-E resonant inverter. The gate-driver's total area of 1.2mm2 includes two high-voltage transistors for gate-driving, integrated complementary metal-oxide-semiconductor (CMOS) gate-drivers, high-speed floating level-shifter and reset circuitry. A prototype printed circuit board (PCB) was designed to assess the implications of an electrostatic discharge (ESD) diode, its parasitic capacitance and package bondwire connections. The parasitic capacitance was estimated using its discharge time from an initial voltage and the capacitance is 56.7 pF. Both bondwires and the diode's parasitic capacitance is neglegible. The gate-driver's functional behaviour is validated using a parallel LC resonant tank resembling a self-oscillating gate-drive. Measurements and simulations show the ESD diode clamps the output voltage to a minimum of -2V.

True random numbers have a fair role in modern digital transactions. In order to achieve secured authentication, true random numbers are generated as security keys which are highly unpredictable and non-repetitive. True random number generators are used mainly in the field of cryptography to generate random cryptographic keys for secure data transmission. The proposed work aims at the generation of true random numbers based on CMOS Boolean Chaotic Oscillator. As a part of this work, ASIC approach of CMOS Boolean Chaotic Oscillator is modelled and simulated using Cadence Virtuoso tool based on 45nm CMOS technology. Besides, prototype model has been implemented with circuit components and analysed using NI ELVIS platform. The strength of the generated random numbers was ensured by NIST (National Institute of Standards and Technology) Test Suite and ASIC approach was validated through various parameters by performing various analyses such as frequency, delay and power.

The Department of Homeland Security Cyber Security Division (CSD) chose Moving Target Defense as one of the fourteen primary Technical Topic Areas pertinent to securing federal networks and the larger Internet. Moving Target Defense over IPv6 (MT6D) employs an obscuration technique offering keyed access to hosts at a network level without altering existing network infrastructure. This is accomplished through cryptographic dynamic addressing, whereby a new network address is bound to an interface every few seconds in a coordinated manner. The goal of this research is to produce a Register Transfer Level (RTL) network security processor implementation to enable the production of an Application Specific Integrated Circuit (ASIC) variant of MT6D processor for wide deployment. RTL development is challenging in that it must provide system level functions that are normally provided by the Operating System's kernel and supported libraries. This paper presents the architectural design of a hardware engine for MT6D (HE-MT6D) and is complete in simulation. Unique contributions are an inline stream-based network packet processor with a Complex Instruction Set Computer (CISC) architecture, Network Time Protocol listener, and theoretical increased performance over previous software implementations.

A5-1 algorithm is a stream cipher used to encrypt voice data in GSM, which needs to be realized with high performance due to real-time requirements. Traditional implementation on FPGA or ASIC can't obtain a trade-off among performance, cost and flexibility. To this aim, this paper introduces CGRCA to implement A5-1, and in order to optimize the performance and resource consumption, this paper proposes a resource-based path seeking (RPS) algorithm to develop an advanced implementation. Experimental results show that final optimal throughput of A5-1 implemented on CGRCA is 162.87Mbps when the frequency is 162.87MHz, and the set-up time is merely 87 cycles, which is optimal among similar works.

The transition effect ring oscillator (TERO) based true random number generator (TRNG) was proposed by Varchola and Drutarovsky in 2010. There were several stochastic models for this advanced TRNG based on ring oscillator. This paper proposed an improved TERO based TRNG and implements both on Altera Cyclone series FPGA platform and on a 0.13um CMOS ASIC process. FPGA experimental results show that this balanced TERO TRNG is in good performance as the experimental data results past the national institute of standards and technology (NIST) test in 1M bit/s. The TRNG is feasible for a security SoC.

This work presents the proof of concept implementation for the first hardware-based design of Moving Target Defense over IPv6 (MT6D) in full Register Transfer Level (RTL) logic, with future sights on an embedded Application-Specified Integrated Circuit (ASIC) implementation. Contributions are an IEEE 802.3 Ethernet stream-based in-line network packet processor with a specialized Complex Instruction Set Computer (CISC) instruction set architecture, RTL-based Network Time Protocol v4 synchronization, and a modular crypto engine. Traditional static network addressing allows attackers the incredible advantage of taking time to plan and execute attacks against a network. To counter, MT6D provides a network host obfuscation technique that offers network-based keyed access to specific hosts without altering existing network infrastructure and is an excellent technique for protecting the Internet of Things, IPv6 over Low Power Wireless Personal Area Networks, and high value globally routable IPv6 interfaces. This is done by crypto-graphically altering IPv6 network addresses every few seconds in a synchronous manner at all endpoints. A border gateway device can be used to intercept select packets to unobtrusively perform this action. Software driven implementations have posed many challenges, namely, constant code maintenance to remain compliant with all library and kernel dependencies, the need for a host computing platform, and less than optimal throughput. This work seeks to overcome these challenges in a lightweight system to be developed for practical wide deployment.

This paper reports a research work on how to transmit a secured image data using Discrete Wavelet Transform (DWT) in combination of Advanced Encryption Standard (AES) with low power and high speed. This can have better quality secured image with reduced latency and improved throughput. A combined model of DWT and AES technique help in achieving higher compression ratio and simultaneously it provides high security while transmitting an image over the channels. The lifting scheme algorithm is realized using a single and serialized DT processor to compute up to 3-levels of decomposition for improving speed and security. An ASIC circuit is designed using RTL-GDSII to simulate proposed technique using 65 nm CMOS Technology. The ASIC circuit is implemented on an average area of about 0.76 mm2 and the power consumption is estimated in the range of 10.7-19.7 mW at a frequency of 333 MHz which is faster compared to other similar research work reported.

The secure hash algorithm (SHA)-3 has been selected in 2012 and will be used to provide security to any application which requires hashing, pseudo-random number generation, and integrity checking. This algorithm has been selected based on various benchmarks such as security, performance, and complexity. In this paper, in order to provide reliable architectures for this algorithm, an efficient concurrent error detection scheme for the selected SHA-3 algorithm, i.e., Keccak, is proposed. To the best of our knowledge, effective countermeasures for potential reliability issues in the hardware implementations of this algorithm have not been presented to date. In proposing the error detection approach, our aim is to have acceptable complexity and performance overheads while maintaining high error coverage. In this regard, we present a low-complexity recomputing with rotated operands-based scheme which is a step-forward toward reducing the hardware overhead of the proposed error detection approach. Moreover, we perform injection-based fault simulations and show that the error coverage of close to 100% is derived. Furthermore, we have designed the proposed scheme and through ASIC analysis, it is shown that acceptable complexity and performance overheads are reached. By utilizing the proposed high-performance concurrent error detection scheme, more reliable and robust hardware implementations for the newly-standardized SHA-3 are realized.
 

Detecting hardware Trojan is a difficult task in general. The context is that of a fabless design house that sells IP blocks as GDSII hard macros, and wants to check that final products have not been infected by Trojan during the foundry stage. In this paper we analyzed hardware Trojan horses insertion and detection in Scalable Encryption Algorithm (SEA) crypto. We inserted Trojan at different levels in the ASIC design flow of SEA crypto and most importantly we focused on Gate level and layout level Trojan insertions. We choose path delays in order to detect Trojan at both levels in design phase. Because the path delays detection technique is cost effective and efficient method to detect Trojan. The comparison of path delays makes small Trojan circuits significant from a delay point of view. We used typical, fast and slow 90nm libraries in order to estimate the efficiency of path delay technique in different operating conditions. The experiment's results show that the detection rate on payload Trojan is 100%.