IDPAL – A Partially-Adiabatic Energy-Efficient Logic Family: Theory and Applications to Secure Computing

Low-power circuits and issues associated with them have gained a significant amount of attention in recent years due to the boom in portable electronic devices. Historically, low-power operation relied heavily on technology scaling and reduced operating voltage, however this trend has been slowing down recently due to the increased power density on chips. This dissertation introduces a new very-low power partially-adiabatic logic family called Input-Decoupled Partially-Adiabatic Logic (IDPAL) with applications in low-power circuits. Experimental results show that IDPAL reduces energy usage by 79% compared to equivalent CMOS implementations and by 25% when compared to the best adiabatic implementation. Experiments ranging from a simple buffer/inverter up to a 32-bit multiplier are explored and result in consistent energy savings, showing that IDPAL could be a viable candidate for a low-power circuit implementation. This work also shows an application of IDPAL to secure low-power circuits against power analysis attacks. It is often assumed that encryption algorithms are perfectly secure against attacks, however, most times attacks using side channels on the hardware implementation of an encryption operation are not investigated. Power analysis attacks are a subset of side channel attacks and can be implemented by measuring the power used by a circuit during an encryption operation in order to obtain secret information from the circuit under attack. Most of the previously proposed solutions for power analysis attacks use a large amount of power and are unsuitable for a low-power application. The almost-equal energy consumption for any given input in an IDPAL circuit suggests that this logic family is a good candidate for securing low-power circuits again power analysis attacks. Experimental results ranging from small circuits to large multipliers are performed and the power-analysis attack resistance of IDPAL is investigated. Results show that IDPAL circuits are not only low-power but also the most secure against power analysis attacks when compared to other adiabatic low-power circuits. Finally, a hybrid adiabatic-CMOS microprocessor design is presented. The proposed microprocessor uses IDPAL for the implementation of circuits with high switching activity (e.g. ALU) and CMOS logic for other circuits (e.g. memory, controller). An adiabatic-CMOS interface for transforming adiabatic signals to square-wave signals is presented and issues associated with a hybrid implementation and their solutions are also discussed

Side Channel Information Leakage: Design and Implementation of Hardware Countermeasure

Deployment of Dynamic Differential Logics (DDL) appears to be a promising choice for providing resistance against leakage of side channel information. However, the resistance provided by these logics is too costly for widespread area-constrained applications. Implementation of a secure DDL-based countermeasure also requires a complex layout methodology for balancing the load at the differential outputs. This thesis, unlike previous logic level approaches, presents a novel exploitation of static and single-ended logic for designing the side channel countermeasure. The proposed technique is used in the implementation of a protected crypto core consisting of the AES “AddRoundKey” and “SubByte” transformation. The test chip including the protected and unprotected crypto cores is fabricated in 180nm CMOS technology. A correlation analysis on the unprotected core results in revealing the key at the output of the combinational networks and the registers. The quality of the measurements is further improved by introducing an enhanced data capturing method that inserts a minimum power consuming input as a reference vector. In comparison, no key-related information is leaked from the protected core even with an order of magnitude increase in the number of averaged traces. For the first time, fabricated chip results are used to validate a new logic level side channel countermeasure that offers lower area and reduced circuit design complexity compared to the DDL-based countermeasures. This thesis also provides insight into the side channel vulnerability of cryptosystems in sub-90nm CMOS technology nodes. In particular, data dependency of leakage power is analyzed. The number of traces to disclose the key is seen to decrease by 35% from 90nm to 45nm CMOS technology nodes. Analysis shows that the temperature dependency of the subthreshold leakage has an important role in increasing the ability to attack future nanoscale crypto cores. For the first time, the effectiveness of a circuit-based leakage reduction technique is examined for side channel security. This investigation demonstrates that high threshold voltage transistor assignment improves resistance against information leakage. The analysis initiated in this thesis is crucial for rolling out the guidelines of side channel security for the next generation of Cryptosystem.1 yea

New hardware and software technologies for real-time control in nuclear fusion experiments

The current machines for the study of nuclear fusion does not produce energy, and their output is substantially a large amount of data. The accuracy of the data collected, and their density within narrow temporal samples, can determine the effectiveness of the real time control systems to install in future reactors. We set ourselves the objective to design and test a high-speed and high-density data acquisition system based on the latest generation FPGA technologies. in the thesis is used the latest products released by Xilinx to design a acquire stream system of signals from generic probes (specifically magnetic probes). The Zynq 7000 family is nowadays state of the art of sistemy SoC that integrating a powerful and extensive FPGA section with an ARM mullticore. Of fundamental importance will be the drastic reduction of signal cables between the sensory apparatus and acquisition systems with the dual objective of eliminating the noise induced and drastically lower installation costs. Magnetic field configuration in RFX is characterised by fast variations of all the three field components during the pulse, with relevant non axis-symmetry in toroidal direction. Typical spectra exhibit modes up to n=15 in toroidal direction and mainly m=0 and m=1 in poloidal direction. As a consequence, probe signals have a large dynamic (more than 60 dB), and extended frequency spectrum (several tens of kHz). Therefore, a large number of probes are required to correctly identify the complex spatial structure of the plasma column. To reduce shielding effects, probes must be installed inside the stabilising shell. The three components of field outside the vacuum vessel can be very different in amplitude. At the same time, one can reach 0.8 T and another can be typically lower than some mT. Furthermore, they vary very quickly. The probes to be installed have to guarantee an uncertainty less than 1 mT to correctly reconstruct the plasma behaviour. These two specifications are particularly stringent and require an accurate calibration and a careful probe alignment to minimise the spurious effect of unwanted components. A further design specification for the sensors is due to the maximum operation temperature of the vacuum vessel (200 °C). The analogic acquires systems must exhibit high isolation, high speed and resolution, but above all a low noise level. The noise must be below minimum margins throughout the frequency spectrum contained in the signals provided by magnetic probes. The main topic of the thesis is to verify the suitability of the ATCA MIMO ISOL modules in the upper and lower part of the signal spectrum of bi-axis magnetic probes in order to be able to be integrated into the new FPGA acquisition and realtime control in RFX systems

Security of Contactless Smart Card Protocols

Tato práce analyzuje hrozby pro protokoly využívající bezkontaktní čipové karty a představuje metodu pro poloautomatické hledání zranitelností v takových protokolech pomocí model checkingu. Návrh a implementace bezpečných aplikací jsou obtížné úkoly, i když je použit bezpečný hardware. Specifikace na vysoké úrovni abstrakce může vést k různým implementacím. Je důležité používat čipovou kartu správně, nevhodná implementace protokolu může přinést zranitelnosti, i když je protokol sám o sobě bezpečný. Cílem této práce je poskytnout metodu, která může být využita vývojáři protokolů k vytvoření modelu libovolné čipové karty, se zaměřením na bezkontaktní čipové karty, k vytvoření modelu protokolu a k použití model checkingu pro nalezení útoků v tomto modelu. Útok může být následně proveden a pokud není úspěšný, model je upraven pro další běh model checkingu. Pro formální verifikaci byla použita platforma AVANTSSAR, modely jsou psány v jazyce ASLan++. Jsou poskytnuty příklady pro demonstraci použitelnosti navrhované metody. Tato metoda byla použita k nalezení slabiny bezkontaktní čipové karty Mifare DESFire. Tato práce se dále zabývá hrozbami, které není možné pokrýt navrhovanou metodou, jako jsou útoky relay. This thesis analyses contactless smart card protocol threats and presents a method of semi-automated vulnerability finding in such protocols using model checking. Designing and implementing secure applications is difficult even when secure hardware is used. High level application specifications may lead to different implementations. It is important to use the smart card correctly, inappropriate protocol implementation may introduce a vulnerability, even if the protocol is secure by itself. The goal of this thesis is to provide a method that can be used by protocol developers to create a model of arbitrary smart card, with focus on contactless smart cards, to create a model of the protocol, and to use model checking to find attacks in this model. The attack can be then executed and if not successful, the model is refined for another model checker run. The AVANTSSAR platform was used for the formal verification, models are written in the ASLan++ language. Examples are provided to demonstrate usability of the proposed method. This method was used to find a weakness of Mifare DESFire contactless smart card. This thesis also deals with threats not possible to cover by the proposed method, such as relay attacks.

Exploiting Dual-Output Programmable Blocks to Balance Secure Dual-Rail Logics

FPGA design of side-channel analysis countermeasures using unmasked dual-rail with precharge logic appears to be a great challenge. Indeed, the robustness of such a solution relies on careful differential placement and routing whereas both FPGA layout and FPGA EDA tools are not developed for such purposes. However, assessing the security level which can be achieved with them is an important issue, as it is directly related to the suitability to use commercial FPGA instead of proprietary custom FPGA for this kind of protection. In this article, we experimentally gave evidence that differential placement and routing of an FPGA implementation can be done with a granularity fine enough to improve the security gain. However, so far, this gain turned out to be lower for FPGAs than for ASICs. The solutions demonstrated in this article exploit the dual-output of modern FPGAs to achieve a better balance of dual-rail interconnections. However, we expect that an in-depth analysis of routing resources power consumption could still help reduce the interconnect differential leakage

Circuits and Systems Advances in Near Threshold Computing

Modern society is witnessing a sea change in ubiquitous computing, in which people have embraced computing systems as an indispensable part of day-to-day existence. Computation, storage, and communication abilities of smartphones, for example, have undergone monumental changes over the past decade. However, global emphasis on creating and sustaining green environments is leading to a rapid and ongoing proliferation of edge computing systems and applications. As a broad spectrum of healthcare, home, and transport applications shift to the edge of the network, near-threshold computing (NTC) is emerging as one of the promising low-power computing platforms. An NTC device sets its supply voltage close to its threshold voltage, dramatically reducing the energy consumption. Despite showing substantial promise in terms of energy efficiency, NTC is yet to see widescale commercial adoption. This is because circuits and systems operating with NTC suffer from several problems, including increased sensitivity to process variation, reliability problems, performance degradation, and security vulnerabilities, to name a few. To realize its potential, we need designs, techniques, and solutions to overcome these challenges associated with NTC circuits and systems. The readers of this book will be able to familiarize themselves with recent advances in electronics systems, focusing on near-threshold computing

Fault and Defect Tolerant Computer Architectures: Reliable Computing With Unreliable Devices

This research addresses design of a reliable computer from unreliable device technologies. A system architecture is developed for a fault and defect tolerant (FDT) computer. Trade-offs between different techniques are studied and yield and hardware cost models are developed. Fault and defect tolerant designs are created for the processor and the cache memory. Simulation results for the content-addressable memory (CAM)-based cache show 90% yield with device failure probabilities of 3 x 10(-6), three orders of magnitude better than non fault tolerant caches of the same size. The entire processor achieves 70% yield with device failure probabilities exceeding 10(-6). The required hardware redundancy is approximately 15 times that of a non-fault tolerant design. While larger than current FT designs, this architecture allows the use of devices much more likely to fail than silicon CMOS. As part of model development, an improved model is derived for NAND Multiplexing. The model is the first accurate model for small and medium amounts of redundancy. Previous models are extended to account for dependence between the inputs and produce more accurate results