Challenges and examples of in-situ memory content extraction techniques

We present embedded devices memory elements - from core registers to off chip-use, type and architecture before summarising their features regarding extraction techniques at scale. We list recent and on-going attack platform methodologies prior analysing their pros and cons. Particularly of importance, we address combined attack approaches, signal processing techniques and the challenges of low cost extraction methodologies. Above all, we characterise beam-based extraction techniques, starting from sample preparation before concluding on in-situ memory content extraction limits and countermeasures

Investigation into Photon Emissions as a Side-Channel Leakage in Two Microcontrollers: A Focus on SRAM Blocks

Microcontrollers are extensively utilized across a diverse range of applications. However, with the escalating usage of these devices, the risk to their security and the valuable data they process correspondingly intensifies. These devices could potentially be susceptible to various security threats, with side channel leakage standing out as a notable concern. Among the numerous types of side-channel leakages, photon emissions from active devices emerge as a potentially significant concern. These emissions, a characteristic of all semiconductor devices including microcontrollers, occur during their operation. Depending on the operating point and the internal state of the chip, these emissions can reflect the device’s internal operations. Therefore, a malicious individual could potentially exploit these emissions to gain insights into the computations being performed within the device. This dissertation delves into the investigation of photon emissions from the SRAM blocks of two distinct microcontrollers, utilizing a cost-effective setup. The aim is to extract information from these emissions, analyzing them as potential side-channel leakage points. In the first segment of the study, a PIC microcontroller variant is investigated. The quiescent photon emissions from the SRAM are examined. A correlation attack was successfully executed on these emissions, which led to the recovery of the AES encryption key. Furthermore, differential analysis was used to examine the location of SRAM bits. The combination of this information with the application of an image processing method, namely the Structural Similarity Index (SSIM), assisted in revealing the content of SRAM cells from photon emission images. The second segment of this study, for the first time, emphasizes on a RISC-V chip, examining the photon emissions of the SRAM during continuous reading. Probing the photon emissions from the row and column detectors led to the identification of a target word location, which is capable of revealing the AES key. Also, the content of target row was retrieved through the photon emissions originating from the drivers and the SRAM cells themselves. Additionally, the SSIM technique was utilized to determine the address of a targeted word in RISC-V photon emissions which cannot be analyzed through visual inspection. The insights gained from this research contribute to a deeper understanding of side-channel leakage via photon emissions and demonstrate its potential potency in extracting critical information from digital devices. Moreover, this information significantly contributes to the development of innovative security measures, an aspect becoming increasingly crucial in our progressively digitized world

Multi-Photon Entanglement

Major efforts in quantum information science are devoted to the development of methods that are superior to the one of classical information processing, for example the quantum computer or quantum simulations. For these purposes, superposition and entangled states are considered a decisive resource. Furthermore, since the early days of quantum mechanics, entanglement has revealed the discrepancy between the quantum mechanical and the everyday life perception of the physical world. This combination of fundamental science and application-oriented research makes the realization, characterization, and application of entanglement a challenge pursued by many researchers. In this work, the observation of entangled states of polarization encoded photonic qubits is pushed forward in two directions: flexibility in state observation and increase in photon rate. To achieve flexibility two different schemes are developed: setup-based and entanglement-based observation of inequivalent multi-photon states. The setup-based scheme relies on multi-photon interference at a polarizing beam splitter with prior polarization manipulations. It allows the observation of a family of important four-photon entangled states. The entanglement-based scheme exploits the rich properties of Dicke states under particle projections or loss in order to obtain inequivalent multi-photon entangled states. The observed states are characterized using the fidelity and entanglement witnesses. An increase in photon rate is crucial to achieve entanglement of higher photon numbers. This holds especially, when photon sources are utilized that emit photons spontaneously. To this end, a new photon source is presented based on a femtosecond ultraviolet enhancement cavity and applied to the observation of the six-photon Dicke state with three excitations. The implemented schemes not only allow the observation of inequivalent types of entanglement, but also the realization of various quantum information tasks. In this work, the four-photon GHZ state has been used in a quantum simulation of a minimal instance of the toric code. This code enables the demonstration of basic properties of anyons, which are quasiparticles distinct from bosons and fermions. Further, the six-photon Dicke state has been applied for quantum metrology: It allows one to estimate a phase shift with a higher precision than by using only classical resources. Altogether, a whole series of experiments for observing inequivalent multi-photon entangled states can now be substituted by a single experimental setup based on the designs developed in this work. In addition to this new approach of photon processing, a novel photon source has been implemented, paving the way to realizations of applications requiring higher photon numbers.This material is posted here with permission of the IEEE. Such permission of the IEEE does not in any way imply IEEE endorsement of any of the Ludwig-Maximilians-Universität München's products or services. Internal or personal use of this material is permitted. However, permission to reprint republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from the IEEE by writing to [email protected]. By choosing to view this material, you agree to all provisions of the copyright laws protecting it

Why Cryptography Should Not Rely on Physical Attack Complexity

This book presents two practical physical attacks. It shows how attackers can reveal the secret key of symmetric as well as asymmetric cryptographic algorithms based on these attacks, and presents countermeasures on the software and the hardware level that can help to prevent them in the future. Though their theory has been known for several years now, since neither attack has yet been successfully implemented in practice, they have generally not been considered a serious threat. In short, their physical attack complexity has been overestimated and the implied security threat has been underestimated. First, the book introduces the photonic side channel, which offers not only temporal resolution, but also the highest possible spatial resolution. Due to the high cost of its initial implementation, it has not been taken seriously. The work shows both simple and differential photonic side channel analyses. Then, it presents a fault attack against pairing-based cryptography. Due to the need for at least two independent precise faults in a single pairing computation, it has not been taken seriously either. Based on these two attacks, the book demonstrates that the assessment of physical attack complexity is error-prone, and as such cryptography should not rely on it. Cryptographic technologies have to be protected against all physical attacks, whether they have already been successfully implemented or not. The development of countermeasures does not require the successful execution of an attack but can already be carried out as soon as the principle of a side channel or a fault attack is sufficiently understood

Storing, single photons in broadband vapor cell quantum memories

Single photons are an essential resource for realizing quantum technologies. Together with compatible quantum memories granting control over when a photon arrives, they form a foundational component both of quantum communication and quantum information processing. Quality solid-state single photon sources deliver on the high bandwidths and rates required for scalable quantum technology, but require memories that match these operational parameters. In this thesis, I report on quantum memories based on electromagnetically induced transparency and built in warm rubidium vapor, with such fast and high bandwidth interfaces in mind. I also present work on a heralded single photon source based on parametric downconversion in an optical cavity, operated in a bandwidth regime of a few 100s of megahertz. The systems are characterized on their own and together in a functional interface. As the photon generation process is spontaneous, the memory is implemented as a fully reactive device, capable of storing and retrieving photons in response to an asynchronous external trigger. The combined system is used to demonstrate the storage and retrieval of single photons in and from the quantum memory. Using polarization selection rules in the Zeeman substructure of the atoms, the read-out noise of the memory is considerably reduced from what is common in ground-state storage schemes in warm vapor. Critically, the quantum signature in the photon number statistics of the retrieved photons is successfully maintained, proving that the emission from the memory is dominated by single photons. We observe a retrieved single-photon state accuracy of $g_{c,\,\text{ret}}^{(2)}=0.177(23)$ for short storage times, which remains $g_{c,\,\text{ret}}^{(2)}<0.5$ throughout the memory lifetime of $680(50)\,$ns. The end-to-end efficiency of the memory interfaced with the photon source is $\eta_{e2e}=1.1(2)\,\%$, which will be further improved in the future by optimizing the operating regime. With its operation bandwidth of $370\,$MHz, our system opens up new possibilities for single-photon synchronization and local quantum networking experiments at high repetition rates

A novel low-temperature growth method of silicon structures and application in flash memory.

Flash memories are solid-state non-volatile memories. They play a vital role especially in information storage in a wide range of consumer electronic devices and applications including smart phones, digital cameras, laptop computers, and satellite navigators. The demand for high density flash has surged as a result of the proliferation of these consumer electronic portable gadgets and the more features they offer – wireless internet, touch screen, video capabilities. The increase in the density of flash memory devices over the years has come as a result of continuous memory cell-size reduction. This size scaling is however approaching a dead end and it is widely agreed that further reduction beyond the 20 nm technological node is going to be very difficult, as it would result to challenges such as cross-talk or cell-to-cell interference, a high statistical variation in the number of stored electrons in the floating gate and high leakage currents due to thinner tunnel oxides. Because of these challenges a wide range of solutions in form of materials and device architectures are being investigated. Among them is three-dimensional (3-D) flash, which is widely acclaimed as the ideal solution, as they promise the integration of long-time retention and ultra-high density cells without compromising device reliability. However, current high temperature (>600 °C) growth techniques of the Polycrystalline silicon floating gate material are incompatible with 3-D flash memory; with vertically stacked memory layers, which require process temperatures to be ≤ 400 °C. There already exist some low temperature techniques for producing polycrystalline silicon such as laser annealing, solid-phase crystallization of amorphous silicon and metal-induced crystallization. However, these have some short-comings which make them not suitable for use in 3-D flash memory, e.g. the high furnace annealing temperatures (700 °C) in solid-phase crystallization of amorphous silicon which could potentially damage underlying memory layers in 3-D flash, and the metal contaminants in metal-induced crystallization which is a potential source of high leakage currents. There is therefore a need for alternative low temperature techniques that would be most suitable for flash memory purposes. With reference to the above, the main objective of this research was to develop a novel low temperature method for growing silicon structures at ≤ 400 °C. This thesis thus describes the development of a low-temperature method for polycrystalline silicon growth and the application of the technique in a capacitor-like flash memory device. It has been demonstrated that silicon structures with polycrystalline silicon-like properties can be grown at ≤ 400 °C in a 13.56 MHz radio frequency (RF) plasma-enhanced chemical vapour deposition (PECVD) reactor with the aid of Nickel Formate Dihydrate (NFD). It is also shown that the NFD coated on the substrates, thermally decomposes in-situ during the deposition process forming Ni particles that act as nucleation and growth sites of polycrystalline silicon. Silicon films grown by this technique and without annealing, have exhibited optical band gaps of ~ 1.2 eV compared to 1.78 eV for films grown under identical conditions but without the substrate being coated. These values were determined from UV-Vis spectroscopy and Tauc plots. These optical band gaps correspond to polycrystalline silicon and amorphous silicon respectively, meaning that the films grown on NFD-coated substrates are polycrystalline silicon while those grown on uncoated substrates remain amorphous. Moreover, this novel technique has been used to fabricate a capacitor-like flash memory that has exhibited hysteresis width corresponding to charge storage density in the order of 1012 cm-2 with a retention time well above 20 days for a device with silicon films grown at 300 °C. Films grown on uncoated films have not exhibit any significant hysteresis, and thus no flash memory-like behaviour. Given that all process temperatures throughout the fabrication of the devices are less than 400 °C and that no annealing of any sort was done on the material and devices, this growth method is thermal budget efficient and meets the crucial process temperature requirements of 3-D flash memory. Furthermore, the technique is glass compatible, which could prove a major step towards the acquisition of flash memory-integrated systems on glass, as well as other applications requiring low temperature polycrystalline silicon

Scanning near-field photon emission microscopy

Ph.DDOCTOR OF PHILOSOPH

A Structural and Optical Insight on Ge-Sb-Te based Nano-composites

Electronic memory and computing devices currently rules our digital lives, creating and consuming more than 10^21 bytes of data per year. This amount is expected to grow exponentially, questing for a so-called \u201chardware revolution\u201d. Bit size-reduction governed the development of solid-state-memory and semiconductor technologies in the last decades. Yet, the innovative concept of an \u201cuniversal memory\u201d emerged for transcending the size-node. Indeed, this novel system combines high-speed computation and high-density storage skills. Memory devices based on Phase-Change Materials (PCMs) may serve to the scope, defying to scale reduction and both having a competitive erase/read speed with respect to the primary memory systems -as Static/Dynamic Random Access Memory (SRAM, DRAM)- and the large capacity of non-volatile secondary/tertiary storage systems -as Solid State Disk (SSD), Hard Disk Drive (HDD), Digital Video Disc (DVD). The appeal of Phase-Change Materials arises from their ability to rapidly and reversibly switch between the amorphous and crystalline states, via optical or electrical pulses. Interestingly, the two structural phases own significantly different physical properties, in particular in terms of reflectivity and conductivity. Many binary or ternary compounds display phase-change features, still Ge-Sb-Te (GST) alloys are the prominent members of this class of materials and are largely employed in industry. However, the main drawback is the PCMs relatively high operation power consumption, in the form of energy required for the phase transformation and of energy dissipation through -primarily- thermal diffusion. This thesis follows a GST dimensional strategy for power optimization -while maintaining advanced performances- for future integration in novel memory devices. The followed approach includes the case of 2-D highly-textured superlattice structures -of alternately deposited GeTe bilayers and Sb2Te3 quintuple layers- and of 0-D Ge2Sb2Te5 nanoparticles. Chapter 1 reviews the state-of-the-art of Phase-Change Materials, that stimulated the research questions addressed in the present work. Extended X-Ray Absorption Spectroscopy (EXAFS) -briefly presented in the first part of Chapter 2- is a powerful experimental tool for investigating a material\u2019s atomic structure. As described in Chapter 3, one of the two allotrope crystalline phases of (GeTe)-(Sb2Te3) superlattices is revealed in details via EXAFS measurements performed at the Ge and Sb K-edges. The emerged structural picture is commented in light of the proposed models in literature, advising a power-saving yet over-simplified switching process occurring in the superlattice structure. Chapter 4 tackles the problem of power consumption by experimentally demonstrating the energy boost on the optical phase-change process occurring in 0-D Ge2Sb2Te5 nanoparticles. Here, a stable but reversible transition from the crystalline to the amorphous state of nanoparticles is induced with a single low-fluence femtosecond laser pulse. Thermodynamic, optical and structural considerations corroborate the experimental evidence. The laser source together with the setup used for the optical measurements are described in the second part of Chapter 2. The optical arrangement -conceived for time-resolved measurements- led to follow also the relaxation pathways of photo-excited nanoparticles below the threshold fluence for permanent amorphization. The results of this study are unveiled in Chapter 5. The ultrafast dynamics are compared to theoretical simulation and modelled with a phenomenological rate equation. Remarks on the resulting time-scales and the underlying interaction mechanisms -questioning the nature of the resonant bonding- close the Chapter