Null Convention Logic applications of asynchronous design in nanotechnology and cryptographic security

This dissertation presents two Null Convention Logic (NCL) applications of asynchronous logic circuit design in nanotechnology and cryptographic security. The first application is the Asynchronous Nanowire Reconfigurable Crossbar Architecture (ANRCA); the second one is an asynchronous S-Box design for cryptographic system against Side-Channel Attacks (SCA). The following are the contributions of the first application: 1) Proposed a diode- and resistor-based ANRCA (DR-ANRCA). Three configurable logic block (CLB) structures were designed to efficiently reconfigure a given DR-PGMB as one of the 27 arbitrary NCL threshold gates. A hierarchical architecture was also proposed to implement the higher level logic that requires a large number of DR-PGMBs, such as multiple-bit NCL registers. 2) Proposed a memristor look-up-table based ANRCA (MLUT-ANRCA). An equivalent circuit simulation model has been presented in VHDL and simulated in Quartus II. Meanwhile, the comparison between these two ANRCAs have been analyzed numerically. 3) Presented the defect-tolerance and repair strategies for both DR-ANRCA and MLUT-ANRCA. The following are the contributions of the second application: 1) Designed an NCL based S-Box for Advanced Encryption Standard (AES). Functional verification has been done using Modelsim and Field-Programmable Gate Array (FPGA). 2) Implemented two different power analysis attacks on both NCL S-Box and conventional synchronous S-Box. 3) Developed a novel approach based on stochastic logics to enhance the resistance against DPA and CPA attacks. The functionality of the proposed design has been verified using an 8-bit AES S-box design. The effects of decision weight, bitstream length, and input repetition times on error rates have been also studied. Experimental results shows that the proposed approach enhances the resistance to against the CPA attack by successfully protecting the hidden key --Abstract, page iii

AN ARCHITECTURAL APPROACH FOR REDUCINGPOWER AND INCREASING SECURITY OF RFID TAGS

Radio Frequency Identification (RFID) technology is currently employed for a variety of applications such as RFID-based wireless payment, healthcare, homeland security, asset management,etc. Due to newer privacy requirements and increasingly secure applications, typical RFID tags are required to expand security features such as data encryption and safe transactions. However, RFID tags have extremely strict low-power consumption requirements. Thus, reduced power consumption and secure data transactions are two main problems for the next generation RFID tags.This dissertation presents an architectural approach to address these two main problems.This dissertation provides a multi-domain solution to improve the power consumption andsecurity, while also reducing design time and verification time of the system. In particular, Idescribe (1)a smart buffering technique to allow a tag to remain in a standby mode until addressed,(2)a multi-layer, low-power technique that transcends the passive-transaction, physical, and data layers to provide secure transactions, (3) an FPGA-based traffic profiler system to generate traces of RFID communications for both tag verification and power analysis without the need of actual hardware, and (4) a design automation technique to create physical layer encoding and decoding blocks in hardware suitable for RFID tags.This dissertation presents four contributions: (1) As a result, based on a Markov Process energymodel, the smart buffering technique is shown to reduce power consumption by 85% over a traditionalactive tag; (2) The multi-layer, low-power security technique provides protection againstmalicious reader attacks to disable the tag, to steal the information stored in or communicatedto the device. The power consumption overhead for implementing these layers of security is increased approximately 13% over the basic tag controller; (3) In addition, the FPGA-based traffic profiler system has been able to generate traces for ISO 18000 part 6C (EPC Gen2) protocol; and (4) The designs of endocing/decoding blocks are generated automatically by the Physical LayerSynthesis tool for five protocols used in or related to RFID. Consequently, any power consumption of five designs is less than 5 £gW. Furthermore, compared with five designs implemented by hand, the difference of the power consumption between two of them is less than 7% at most

Evaluación de la seguridad de sistemas embebidos ante ataques EMA

Los sistemas embebidos de bajo consumo y alto rendimiento, cuya principal aplicación son los dispositivos portátiles tales como: teléfonos móviles, tabletas, consolas de juego, reproductores de música, lectores de libros etc. han experimentado un tremendo auge en los últimos años. Estos dispositivos, además de contener información confidencial (contraseñas, fotos, números de teléfono…) permiten, en su gran mayoría, realizar operaciones bajo redes inalámbricas poco seguras: como transacciones, envío de datos, acceso a cuentas personales etc. Por tanto, se hace imprescindible el análisis del nivel de seguridad alcanzado por estos dispositivos. Sin embargo, a la espera de futuros desarrollos de la estadística, todavía no existe un marco de evaluación de la seguridad totalmente satisfactorio e internacionalmente reconocido. Así por primera vez en este trabajo se evalúa la seguridad relativa de varios microprocesadores representativos del mercado de aplicaciones embebidas de bajo consumo, comparando su respuesta ante un ataque por canal lateral electromagnético. Los dispositivos seleccionados para su evaluación son: 8051 con arquitectura de 8 bits evolucionada (C8051F303 de Silicon Labs). ARM7TDMI-S de 32 bits (LPC2124 de NXP). Dos ARMCortexM3 de 32 bits nunca antes analizados ante ataques por canal lateral: con diseño de alto rendimiento (LPC1769 de NXP) y bajo consumo (STM32L152 de STMicroelectronics). Para la realización de los experimentos se desarrolla un setup propio de medida, altamente automatizado, robusto ante vibraciones y con una capacidad de muestreo superior a lo publicado hasta ahora en la bibliografía. También se propone una nueva métrica para comparar la respuesta de los dispositivos ante ataques por canal lateral, y que se apoya en la correlación estadística. Uno de los elementos cruciales en un ataque por canal lateral electromagnético es el dispositivo o sonda de medida. Las publicaciones de autores que sugieren la utilización de algún tipo de sonda, no aportan datos concluyentes. Este trabajo compara de forma novedosa la respuesta de tres tipos de sondas: dos fabricadas y comercializadas por Electrometrics EM6995 y Langer MFA-R y una tercera fabricada ad-hoc, y manualmente. Como resultado se concluye que cualquier tipo de sonda es factible de ser usada en un ataque electromagnético, aunque son mejores aquellas de alta precisión como la MFA-R de cabeza milimétrica y preamplificador integrado, que sin embargo requieren una preparación y un setup más elaborado. Como resultado final del estudio, se concluye que los dispositivos actuales ARM Cortex M3, ofrecen una seguridad inherente muy superior a la de otros microprocesadores de diseño menos elaborado, y en consecuencia es recomendable usarlos para aquellas aplicaciones cuyos requisitos de seguridad sean elevados. -------------The low power and high performance embedded systems used in mobile devices like mobile phones, tablet computers, music readers, handheld game consoles, book readers… have achieved a great success in the last years. These devices contain confidence information (keys, photographs, telephone numbers…) and usually let us doing operations over unsafe wireless networks: banking transactions, sending data, accessing to personal accounts etc. In consequence, the analysis of the security level reached by these devices is indispensable. However, there isn’t a satisfactory and internationally recognized methodology to assess security. For first time, this work assesses the relative security of several representative low power embedded microprocessors, comparing their response against Electromagnetic Side Channel Attack. The selected devices for this evaluation are: 8051 with new 8 bits architecture (Silicon Labs C8051F303). ARM7TDMI-S of 32 bits (NXP LPC2124). Two 32 bits ARMCortexM3 never before analysed against Side Channel Attacks: with high performance (NXP LPC1769) and low power specifications (STMicroelectronics STM32L152). A measurement setup has been developed to carry out this study. It’s highly automatized, robustly against vibrations and with a higher sampling rate than rest of setups showed in bibliography. Also, a new metric is proposed. It allows to compare device response against correlation side channel attack using statistical correlation. One of the essential elements of an electromagnetic side channel attack is the near field probe. The authors, whose studies suggest the use of some type of probe, do not include conclusion results. This work compares the response of three probes in a new way: Electrometrics EM6995, Langer MFA-R and ones handmade. It concludes that any type of probe is useful in an electromagnetic attack, although the use of high precision probes is recommended. For example, the MFA-R with tiny head and integrated preamplifier. Nevertheless, it requires more training and a precise setup. This study finds out that the updated devices ARM Cortex M3, have a very high security, higher than traditional ones. Therefore, the use of this type of devices in sensitive applications is advisable