Design of Discrete-time Chaos-Based Systems for Hardware Security Applications

Security of systems has become a major concern with the advent of technology. Researchers are proposing new security solutions every day in order to meet the area, power and performance specifications of the systems. The additional circuit required for security purposes can consume significant area and power. This work proposes a solution which utilizes discrete-time chaos-based logic gates to build a system which addresses multiple hardware security issues. The nonlinear dynamics of chaotic maps is leveraged to build a system that mitigates IC counterfeiting, IP piracy, overbuilding, disables hardware Trojan insertion and enables authentication of connecting devices (such as IoT and mobile). Chaos-based systems are also used to generate pseudo-random numbers for cryptographic applications.The chaotic map is the building block for the design of discrete-time chaos-based oscillator. The analog output of the oscillator is converted to digital value using a comparator in order to build logic gates. The logic gate is reconfigurable since different parameters in the circuit topology can be altered to implement multiple Boolean functions using the same system. The tuning parameters are control input, bifurcation parameter, iteration number and threshold voltage of the comparator. The proposed system is a hybrid between standard CMOS logic gates and reconfigurable chaos-based logic gates where original gates are replaced by chaos-based gates. The system works in two modes: logic locking and authentication. In logic locking mode, the goal is to ensure that the system achieves logic obfuscation in order to mitigate IC counterfeiting. The secret key for logic locking is made up of the tuning parameters of the chaotic oscillator. Each gate has 10-bit key which ensures that the key space is large which exponentially increases the computational complexity of any attack. In authentication mode, the aim of the system is to provide authentication of devices so that adversaries cannot connect to devices to learn confidential information. Chaos-based computing system is susceptible to process variation which can be leveraged to build a chaos-based PUF. The proposed system demonstrates near ideal PUF characteristics which means systems with large number of primary outputs can be used for authenticating devices

A Deep Analysis of Hybrid-Multikey-PUF

Unique key generation is essential for encryption purposes between Internet of Things (IoT) devices. To produce a unique key for this encryption, Physical Unclonable Functions (PUFs) might be employed. Also, the Random Number Generator (RNG) is used in many different domains; nonetheless, security is one of the most important areas that require the best RNG. In this article, We investigate the quality of random numbers generated by Physical Unclonable Functions (PUFs). We have analyzed three Figures of Merit (FoMs), Uniqueness, Randomness, and Reliability of PUFs implemented on different FPGAs. In our experiments, we have operated the test devices at different temperatures (20{\deg}F, 40{\deg}F, 60{\deg}F, 80{\deg}F, 120{\deg}F, 140{\deg}F). In the PUF that we have analyzed, the key is generated in 1 second on average. We also have analyzed and described the essential properties of random number generator that is most vital considering things to secure our Internet of Things(IoT) devices.Comment: 6,8th IEEE World Forum on Internet of Things (IEEE WFIoT2022

FPGA-Based PUF Designs: A Comprehensive Review and Comparative Analysis

Field-programmable gate arrays (FPGAs) have firmly established themselves as dynamic platforms for the implementation of physical unclonable functions (PUFs). Their intrinsic reconfigurability and profound implications for enhancing hardware security make them an invaluable asset in this realm. This groundbreaking study not only dives deep into the universe of FPGA-based PUF designs but also offers a comprehensive overview coupled with a discerning comparative analysis. PUFs are the bedrock of device authentication and key generation and the fortification of secure cryptographic protocols. Unleashing the potential of FPGA technology expands the horizons of PUF integration across diverse hardware systems. We set out to understand the fundamental ideas behind PUF and how crucially important it is to current security paradigms. Different FPGA-based PUF solutions, including static, dynamic, and hybrid systems, are closely examined. Each design paradigm is painstakingly examined to reveal its special qualities, functional nuances, and weaknesses. We closely assess a variety of performance metrics, including those related to distinctiveness, reliability, and resilience against hostile threats. We compare various FPGA-based PUF systems against one another to expose their unique advantages and disadvantages. This study provides system designers and security professionals with the crucial information they need to choose the best PUF design for their particular applications. Our paper provides a comprehensive view of the functionality, security capabilities, and prospective applications of FPGA-based PUF systems. The depth of knowledge gained from this research advances the field of hardware security, enabling security practitioners, researchers, and designers to make wise decisions when deciding on and implementing FPGA-based PUF solutions.publishedVersio

Stochastic Memory Devices for Security and Computing

With the widespread use of mobile computing and internet of things, secured communication and chip authentication have become extremely important. Hardware-based security concepts generally provide the best performance in terms of a good standard of security, low power consumption, and large-area density. In these concepts, the stochastic properties of nanoscale devices, such as the physical and geometrical variations of the process, are harnessed for true random number generators (TRNGs) and physical unclonable functions (PUFs). Emerging memory devices, such as resistive-switching memory (RRAM), phase-change memory (PCM), and spin-transfer torque magnetic memory (STT-MRAM), rely on a unique combination of physical mechanisms for transport and switching, thus appear to be an ideal source of entropy for TRNGs and PUFs. An overview of stochastic phenomena in memory devices and their use for developing security and computing primitives is provided. First, a broad classification of methods to generate true random numbers via the stochastic properties of nanoscale devices is presented. Then, practical implementations of stochastic TRNGs, such as hardware security and stochastic computing, are shown. Finally, future challenges to stochastic memory development are discussed

Design of secure and trustworthy system-on-chip architectures using hardware-based root-of-trust techniques

Cyber-security is now a critical concern in a wide range of embedded computing modules, communications systems, and connected devices. These devices are used in medical electronics, automotive systems, power grid systems, robotics, and avionics. The general consensus today is that conventional approaches and software-only schemes are not sufficient to provide desired security protections and trustworthiness. Comprehensive hardware-software security solutions so far have remained elusive. One major challenge is that in current system-on-chip (SoCs) designs, processing elements (PEs) and executable codes with varying levels of trust, are all integrated on the same computing platform to share resources. This interdependency of modules creates a fertile attack ground and represents the Achilles’ heel of heterogeneous SoC architectures. The salient research question addressed in this dissertation is “can one design a secure computer system out of non-secure or untrusted computing IP components and cores?”. In response to this question, we establish a generalized, user/designer-centric set of design principles which intend to advance the construction of secure heterogeneous multi-core computing systems. We develop algorithms, models of computation, and hardware security primitives to integrate secure and non-secure processing elements into the same chip design while aiming for: (a) maintaining individual core’s security; (b) preventing data leakage and corruption; (c) promoting data and resource sharing among the cores; and (d) tolerating malicious behaviors from untrusted processing elements and software applications. The key contributions of this thesis are: 1. The introduction of a new architectural model for integrating processing elements with different security and trust levels, i.e., secure and non-secure cores with trusted and untrusted provenances; 2. A generalized process isolation design methodology for the new architecture model that covers both the software and hardware layers to (i) create hardware-assisted virtual logical zones, and (ii) perform both static and runtime security, privilege level and trust authentication checks; 3. A set of secure protocols and hardware root-of-trust (RoT) primitives to support the process isolation design and to provide the following functionalities: (i) hardware immutable identities – using physical unclonable functions, (ii) core hijacking and impersonation resistance – through a blind signature scheme, (iii) threshold-based data access control – with a robust and adaptive secure secret sharing algorithm, (iv) privacy-preserving authorization verification – by proposing a group anonymous authentication algorithm, and (v) denial of resource or denial of service attack avoidance – by developing an interconnect network routing algorithm and a memory access mechanism according to user-defined security policies. 4. An evaluation of the security of the proposed hardware primitives in the post-quantum era, and possible extensions and algorithmic modifications for their post-quantum resistance. In this dissertation, we advance the practicality of secure-by-construction methodologies in SoC architecture design. The methodology allows for the use of unsecured or untrusted processing elements in the construction of these secure architectures and tries to extend their effectiveness into the post-quantum computing era

Subwavelength Engineering of Silicon Photonic Waveguides

The dissertation demonstrates subwavelength engineering of silicon photonic waveguides in the form of two different structures or avenues: (i) a novel ultra-low mode area v-groove waveguide to enhance light-matter interaction; and (ii) a nanoscale sidewall crystalline grating performed as physical unclonable function to achieve hardware and information security. With the advancement of modern technology and modern supply chain throughout the globe, silicon photonics is set to lead the global semiconductor foundries, thanks to its abundance in nature and a mature and well-established industry. Since, the silicon waveguide is the heart of silicon photonics, it can be considered as the core building block of modern integrated photonic systems. Subwavelength structuring of silicon waveguides shows immense promise in a variety of field of study, such as, tailoring electromagnetic near fields, enhancing light-matter interactions, engineering anisotropy and effective medium effects, modal and dispersion engineering, nanoscale sensitivity etc. In this work, we are going to exploit the boundary conditions of modern silicon photonics through subwavelength engineering by means of novel ultra-low mode area v-groove waveguide to answer long-lasting challenges, such as, fabrication of such sophisticated structure while ensuring efficient coupling of light between dissimilar modes. Moreover, physical unclonable function derived from our nanoscale sidewall crystalline gratings should give us a fast and reliable optical security solution with improved information density. This research should enable new avenues of subwavelength engineered silicon photonic waveguide and answer to many unsolved questions of silicon photonics foundries

D2.1 - Report on Selected TRNG and PUF Principles

This report represents the final version of Deliverable 2.1 of the HECTOR work package WP2. It is a result of discussions and work on Task 2.1 of all HECTOR partners involved in WP2. The aim of the Deliverable 2.1 is to select principles of random number generators (RNGs) and physical unclonable functions (PUFs) that fulfill strict technology, design and security criteria. For example, the selected RNGs must be suitable for implementation in logic devices according to the German AIS20/31 standard. Correspondingly, the selected PUFs must be suitable for applying similar security approach. A standard PUF evaluation approach does not exist, yet, but it should be proposed in the framework of the project. Selected RNGs and PUFs should be then thoroughly evaluated from the point of view of security and the most suitable principles should be implemented in logic devices, such as Field Programmable Logic Arrays (FPGAs) and Application Specific Integrated Circuits (ASICs) during the next phases of the project

Security and privacy issues of physical objects in the IoT: Challenges and opportunities

In the Internet of Things (IoT), security and privacy issues of physical objects are crucial to the related applications. In order to clarify the complicated security and privacy issues, the life cycle of a physical object is divided into three stages of pre-working, in-working, and post-working. On this basis, a physical object-based security architecture for the IoT is put forward. According to the security architecture, security and privacy requirements and related protecting technologies for physical objects in different working stages are analyzed in detail. Considering the development of IoT technologies, potential security and privacy challenges that IoT objects may face in the pervasive computing environment are summarized. At the same time, possible directions for dealing with these challenges are also pointed out