Applying FPGA Runtime Reconfiguration to Multi-Hash Proof-of-Work Algorithms

In the cryptocurrency mining field, algorithms have been developed to discourage the development of ASICs that greatly out-compete general-purpose hardware in both perfor- mance and power efficiency. A class of algorithms that claims to be ASIC-resistant is the class of randomised multi-hash proof-of-work algorithms, such as X16R. For these algo- rithms, the result of one iteration depends on the chained application of several randomly selected hash functions, which has the effect of disadvantaging fixed-function ASICs due to their inflexibility. FPGAs lie between GPUs and ASICs in terms of raw performance and flexibility. We investigate the use of FPGAs for this type of proof-of-work, in partic- ular, by leveraging the ability of modern FPGAs to quickly reconfigure at runtime. We implemented a design that runs the X16R algorithm by partially reconfiguring the FPGA for every hash function in the chain and processing the data in batches. We show that our system achieves better performance when compared to GPUs that are manufactured on the same semiconductor process technology node, while being several times more power ef- ficient. The two key takeaways from this work are that FPGA runtime reconfiguration can be used to effectively accelerate algorithms for which the demand for different processing elements changes over time, and that proof-of-work algorithm designers should consider FPGAs as a class of computing device that is separate from fixed-function ASICs

Design of Special Function Units in Modern Microprocessors

Today’s computing systems demand high performance for applications such as cloud computing, web-based search engines, network applications, and social media tasks. Such software applications involve an extensive use of hashing and arithmetic operations in their computation. In this thesis, we explore the use of new special function units (SFUs) for modern microprocessors, to accelerate such workloads. First, we design an SFU for hashing. Hashing can reduce the complexity of search and lookup from O(p) to O(p/n), where n bins are used and p items are being processed. In modern microprocessors, hashing is done in software. In our work, we propose a novel hardware hash unit design for use in modern microprocessors. Since the hash unit is designed at the hardware level, several advantages are obtained by our approach. First, a hardware-based hash unit executes a single hash instruction to perform a hash operation. In a software-based hashing in modern microprocessors, a hash operation is compiled into multiple instructions, thereby degrading performance. Second, software-based hashing stores hash data in a DRAM (also, hash operation entries can be stored in one of the cache levels). In a hardware-based hash unit, hash data is stored in a dedicated memory module (a hardware hash table), which improves performance. Third, today’s operating systems execute multiple applications (processes) in parallel, which entail high memory utilization. Hence the operating systems require many context switching between different processes, which results in many cache misses. In a hardware-based hash unit, the cache misses is reduced significantly using the dedicated memory module (hash table). These advantages all reduce the power consumption and increase the overall system performance significantly with a minimal increase in the microprocessor’s die area. We evaluate our hardware-based hash unit and compare its performance with software-based hashing. We start by evaluating our design approach at the micro-architecture level in terms of system performance. After that, we design our approach at the circuit level design to obtain the area overhead. Also, we analyze our design’s power and delay for each hash operation. These results are compared with a traditional hashing implementation. Then, we present an FPGA-based coprocessor for hash unit acceleration, applied to a virus checking application. Second, we present an SFU to speed up arithmetic operations. We call this arithmetic SFU a programmable arithmetic unit (PAU). In modern microprocessors, applications that require heavy arithmetic computations are done in software. To improve the performance for such computations, we present a programmable arithmetic unit (PAU), a partially reconfigurable methodology for arithmetic applications. The PAU consists of a set of IP blocks connected to a reconfigurable FPGA controller via a fast mesh-based interconnect. The IP blocks in the PAU can be any IP block such as adders, subtractors, multipliers, comparators and sign extension units. The PAU can have one or more copies of the same IP block (for example, 5 adders and 7 multipliers). The FPGA controller is an on-chip FPGA-based reconfigurable control fabric. The FPGA controller enables different arithmetic applications to be embedded on the PAU. The FPGA controller is programmed for different applications. The reconfigurable logic is based on a LUT-based design like a traditional FPGA. The FPGA controller and the IP blocks in the PAU communicate via a high speed ring data fabric. In our work, we use the PAU as an SFU in modern microprocessors. We compare the performance of different hardware-based arithmetic applications in the PAU with software-based implementations in modern microprocessors

The PHOTON Family of Lightweight Hash Functions

RFID security is currently one of the major challenges cryptography has to face, often solved by protocols assuming that an on-tag hash function is available. In this article we present the PHOTON lightweight hash-function family, available in many different flavors and suitable for extremely constrained devices such as passive RFID tags. Our proposal uses a sponge-like construction as domain extension algorithm and an AES-like primitive as internal unkeyed permutation. This allows us to obtain the most compact hash function known so far (about 1120 GE for 64-bit collision resistance security), reaching areas very close to the theoretical optimum (derived from the minimal internal state memory size). Moreover, the speed achieved by PHOTON also compares quite favorably to its competitors. This is mostly due to the fact that unlike for previously proposed schemes, our proposal is very simple to analyze and one can derive tight AES-like bounds on the number of active Sboxes. This kind of AES-like primitive is usually not well suited for ultra constrained environments, but we describe in this paper a new method for generating the column mixing layer in a serial way, lowering drastically the area required. Finally, we slightly extend the sponge framework in order to offer interesting trade-offs between speed and preimage security for small messages, the classical use-case in hardware

Energy Harvesting and Sensor Based Hardware Security Primitives for Cyber-Physical Systems

The last few decades have seen a large proliferation in the prevalence of cyber-physical systems. Although cyber-physical systems can offer numerous advantages to society, their large scale adoption does not come without risks. Internet of Things (IoT) devices can be considered a significant component within cyber-physical systems. They can provide network communication in addition to controlling the various sensors and actuators that exist within the larger cyber-physical system. The adoption of IoT features can also provide attackers with new potential avenues to access and exploit a system\u27s vulnerabilities. Previously, existing systems could more or less be considered a closed system with few potential points of access for attackers. Security was thus not typically a core consideration when these systems were originally designed. The cumulative effect is that these systems are now vulnerable to new security risks without having native security countermeasures that can easily address these vulnerabilities. Even just adding standard security features to these systems is itself not a simple task. The devices that make up these systems tend to have strict resource constraints in the form of power consumption and processing power. In this dissertation, we explore how security devices known as Physically Unclonable Functions (PUFs) could be used to address these concerns. PUFs are a class of circuits that are unique and unclonable due to inherent variations caused by the device manufacturing process. We can take advantage of these PUF properties by using the outputs of PUFs to generate secret keys or pseudonyms that are similarly unique and unclonable. Existing PUF designs are commonly based around transistor level variations in a special purpose integrated circuit (IC). Integrating these designs within a system would still require additional hardware along with system modification to interact with the device. We address these concerns by proposing a novel PUF design methodology for the creation of PUFs whose integration within these systems would minimize the cost of redesigning the system by reducing the need to add additional hardware. This goal is achieved by creating PUF designs from components that may already exist within these systems. A PUF designed from existing components creates the possibility of adding a PUF (and thus security features) to the system without actually adding any additional hardware. This could allow PUFs to become a more attractive security option for integration with resource constrained devices. Our proposed approach specifically targets sensors and energy harvesting devices since they can provide core functions within cyber-physical systems such as power generation and sensing capabilities. These components are known to exhibit variations due to the manufacturing process and could thus be utilized to design a PUF. Our first contribution is the proposal of a novel PUF design methodology based on using components which are already commonly found within cyber-physical systems. The proposed methodology uses eight sensors or energy harvesting devices along with a microcontroller. It is unlikely that single type of sensor or energy harvester will exist in all possible cyber-physical systems. Therefore, it is important to create a range of designs in order to reach a greater portion of cyber-physical systems. The second contribution of this work is the design of a PUF based on piezo sensors. Our third contribution is the design of a PUF that utilizes thermistor temperature sensors. The fourth contribution of this work is a proposed solar cell based PUF design. Furthermore, as a fifth contribution of this dissertation we evaluate a selection of common solar cell materials to establish which type of solar cell would be best suited to the creation of a PUF based on the operating conditions. The viability of the proposed designs is evaluated through testing in terms of reliability and uniformity. In addition, Monte Carlo simulations are performed to evaluate the uniqueness property of the designs. For our final contribution we illustrate the security benefits that can be achieved through the adoption of PUFs by cyber-physical systems. For this purpose we chose to highlight vehicles since they are a very popular example of a cyber-physical system and they face unique security challenges which are not readily solvable by standard solutions. Our contribution is the proposal of a novel controller area network (CAN) security framework that is based on PUFs. The framework does not require any changes to the underlying CAN protocol and also minimizes the amount of additional message passing overhead needed for its operation. The proposed framework is a good example of how the cost associated with implementing such a framework could be further reduced through the adoption of our proposed PUF designs. The end result is a method which could introduce security to an inherently insecure system while also making its integration as seamless as possible by attempting to minimize the need for additional hardware