23,381 research outputs found
IDPAL – A Partially-Adiabatic Energy-Efficient Logic Family: Theory and Applications to Secure Computing
Low-power circuits and issues associated with them have gained a significant amount of attention in recent years due to the boom in portable electronic devices. Historically, low-power operation relied heavily on technology scaling and reduced operating voltage, however this trend has been slowing down recently due to the increased power density on chips. This dissertation introduces a new very-low power partially-adiabatic logic family called Input-Decoupled Partially-Adiabatic Logic (IDPAL) with applications in low-power circuits. Experimental results show that IDPAL reduces energy usage by 79% compared to equivalent CMOS implementations and by 25% when compared to the best adiabatic implementation. Experiments ranging from a simple buffer/inverter up to a 32-bit multiplier are explored and result in consistent energy savings, showing that IDPAL could be a viable candidate for a low-power circuit implementation.
This work also shows an application of IDPAL to secure low-power circuits against power analysis attacks. It is often assumed that encryption algorithms are perfectly secure against attacks, however, most times attacks using side channels on the hardware implementation of an encryption operation are not investigated. Power analysis attacks are a subset of side channel attacks and can be implemented by measuring the power used by a circuit during an encryption operation in order to obtain secret information from the circuit under attack. Most of the previously proposed solutions for power analysis attacks use a large amount of power and are unsuitable for a low-power application. The almost-equal energy consumption for any given input in an IDPAL circuit suggests that this logic family is a good candidate for securing low-power circuits again power analysis attacks. Experimental results ranging from small circuits to large multipliers are performed and the power-analysis attack resistance of IDPAL is investigated. Results show that IDPAL circuits are not only low-power but also the most secure against power analysis attacks when compared to other adiabatic low-power circuits.
Finally, a hybrid adiabatic-CMOS microprocessor design is presented. The proposed microprocessor uses IDPAL for the implementation of circuits with high switching activity (e.g. ALU) and CMOS logic for other circuits (e.g. memory, controller). An adiabatic-CMOS interface for transforming adiabatic signals to square-wave signals is presented and issues associated with a hybrid implementation and their solutions are also discussed
Subthreshold circuits: Design, implementation and application
Digital circuits operating in the subthreshold region of the transistor are being used as an ideal option for ultra low power complementary metal-oxide-semiconductor (CMOS) design. The use of subthreshold circuit design in cryptographic systems is gaining importance as a counter measure to power analysis attacks. A power analysis attack is a non-invasive side channel attack in which the power consumption of the cryptographic system can be analyzed to retrieve the encrypted data. A number of techniques to increase the resistance to power attacks have been proposed at algorithmic and hardware levels, but these techniques suffer from large area and power overheads. The main aim of this research is to understand the viability of implementing subthreshold systems for cryptographic applications. Standard cell libraries in subthreshold are designed and a methodology to identify the minimum energy point, aspect ratio, frequency range and operating voltage for CMOS standard cells is defined. As scalar multiplication is the fundamental operation in elliptic curve cryptographic systems, a digit-level gaussian normal basis (GNB) multiplier is implemented using the aforementioned standard cells. A similar standard-cell library is designed for the multiplier to operate in the superthreshold regime. The subthreshold and superthreshold multipliers are then subjected to a differential power analysis attack. Power performance and signal-to-noise ratio (SNR) of both these systems are compared to evaluate the usefulness of the subthreshold design. The power consumption of the subthreshold multiplier is 4.554 uW, the speed of the multiplier is 65.1 KHz and the SNR is 40 dB. The superthreshold multiplier has a power consumption of 4.005 mW, the speed of the multiplier is 330 MHz and the SNR is 200 dB. Reduced power consumption, hence reduced SNR, increases the resistance of the subthreshold multiplier against power analysis attacks. (Refer to PDF for exact formulas)
Modeling and Detecting False Data Injection Attacks against Railway Traction Power Systems
Modern urban railways extensively use computerized sensing and control
technologies to achieve safe, reliable, and well-timed operations. However, the
use of these technologies may provide a convenient leverage to cyber-attackers
who have bypassed the air gaps and aim at causing safety incidents and service
disruptions. In this paper, we study false data injection (FDI) attacks against
railways' traction power systems (TPSes). Specifically, we analyze two types of
FDI attacks on the train-borne voltage, current, and position sensor
measurements - which we call efficiency attack and safety attack -- that (i)
maximize the system's total power consumption and (ii) mislead trains' local
voltages to exceed given safety-critical thresholds, respectively. To
counteract, we develop a global attack detection (GAD) system that serializes a
bad data detector and a novel secondary attack detector designed based on
unique TPS characteristics. With intact position data of trains, our detection
system can effectively detect the FDI attacks on trains' voltage and current
measurements even if the attacker has full and accurate knowledge of the TPS,
attack detection, and real-time system state. In particular, the GAD system
features an adaptive mechanism that ensures low false positive and negative
rates in detecting the attacks under noisy system measurements. Extensive
simulations driven by realistic running profiles of trains verify that a TPS
setup is vulnerable to the FDI attacks, but these attacks can be detected
effectively by the proposed GAD while ensuring a low false positive rate.Comment: IEEE/IFIP DSN-2016 and ACM Trans. on Cyber-Physical System
Optimal Attack against Cyber-Physical Control Systems with Reactive Attack Mitigation
This paper studies the performance and resilience of a cyber-physical control
system (CPCS) with attack detection and reactive attack mitigation. It
addresses the problem of deriving an optimal sequence of false data injection
attacks that maximizes the state estimation error of the system. The results
provide basic understanding about the limit of the attack impact. The design of
the optimal attack is based on a Markov decision process (MDP) formulation,
which is solved efficiently using the value iteration method. Using the
proposed framework, we quantify the effect of false positives and
mis-detections on the system performance, which can help the joint design of
the attack detection and mitigation. To demonstrate the use of the proposed
framework in a real-world CPCS, we consider the voltage control system of power
grids, and run extensive simulations using PowerWorld, a high-fidelity power
system simulator, to validate our analysis. The results show that by carefully
designing the attack sequence using our proposed approach, the attacker can
cause a large deviation of the bus voltages from the desired setpoint. Further,
the results verify the optimality of the derived attack sequence and show that,
to cause maximum impact, the attacker must carefully craft his attack to strike
a balance between the attack magnitude and stealthiness, due to the
simultaneous presence of attack detection and mitigation
Trick or Heat? Manipulating Critical Temperature-Based Control Systems Using Rectification Attacks
Temperature sensing and control systems are widely used in the closed-loop
control of critical processes such as maintaining the thermal stability of
patients, or in alarm systems for detecting temperature-related hazards.
However, the security of these systems has yet to be completely explored,
leaving potential attack surfaces that can be exploited to take control over
critical systems.
In this paper we investigate the reliability of temperature-based control
systems from a security and safety perspective. We show how unexpected
consequences and safety risks can be induced by physical-level attacks on
analog temperature sensing components. For instance, we demonstrate that an
adversary could remotely manipulate the temperature sensor measurements of an
infant incubator to cause potential safety issues, without tampering with the
victim system or triggering automatic temperature alarms. This attack exploits
the unintended rectification effect that can be induced in operational and
instrumentation amplifiers to control the sensor output, tricking the internal
control loop of the victim system to heat up or cool down. Furthermore, we show
how the exploit of this hardware-level vulnerability could affect different
classes of analog sensors that share similar signal conditioning processes.
Our experimental results indicate that conventional defenses commonly
deployed in these systems are not sufficient to mitigate the threat, so we
propose a prototype design of a low-cost anomaly detector for critical
applications to ensure the integrity of temperature sensor signals.Comment: Accepted at the ACM Conference on Computer and Communications
Security (CCS), 201
A Low-Cost Unified Experimental FPGA Board for Cryptography Applications
This paper describes the evaluation of available
experimental boards, the comparison of their supported set
of experiments and other aspects. The second part of this
evaluation is focused on the design process of the PCB (Printed
Circuit Board) for an FPGA (Field Programmable Gate Array)
based cryptography environment suitable for evaluating the latest
trends in the IC (Integrated Circuit) security like Side–Channel
Attacks (SCA) or Physically Unclonable Function (PUF). It
leads to many criteria affecting the design process and also the
suitability for evaluating and measuring results of the attacks and
their countermeasures. The developed system should be open,
versatile and unrestricted by the U.S. law [1]
- …