Towards Implementation of Robust and Low-Cost Security Primitives for Resource-Constrained IoT Devices

In recent years, due to the trend in globalization, system integrators have had to deal with integrated circuit (IC)/intellectual property (IP) counterfeiting more than ever. These counterfeit hardware issues counterfeit hardware that have driven the need for more secure chip authentication. High entropy random numbers from physical sources are a critical component in authentication and encryption processes within secure systems [6]. Secure encryption is dependent on sources of truly random numbers for generating keys, and there is a need for an on chip random number generator to achieve adequate security. Furthermore, the Internet of Things (IoT) adopts a large number of these hardware-based security and prevention solutions in order to securely exchange data in resource efficient manner. In this work, we have developed several methodologies of hardware-based random functions in order to address the issues and enhance the security and trust of ICs: a novel DRAM-based intrinsic Physical Unclonable Function (PUF) [13] for system level security and authentication along with analysis of the impact of various environmental conditions, particularly silicon aging; a DRAM remanence based True Random Number Generation (TRNG) to produce random sequences with a very low overhead; a DRAM TRNG model using its startup value behavior for creating random bit streams; an efficient power supply noise based TRNG model for generating an infinite number of random bits which has been evaluated as a cost effective technique; architectures and hardware security solutions for the Internet of Things (IoT) environment. Since IoT devices are heavily resource constrained, our proposed designs can alleviate the concerns of establishing trustworthy and security in an efficient and low-cost manner.Comment: 7 pages, 6 figures, 1 tabl

DRAMNet: Authentication based on Physical Unique Features of DRAM Using Deep Convolutional Neural Networks

Nowadays, there is an increasing interest in the development of Autonomous Vehicles (AV). However, there are two types of attack challenges that can affect AVs and are yet to be resolved, i.e., sensor attacks and vehicle access attacks. This paper, to the best of our knowledge, is the first work that proposes a novel authentication scheme involving DRAM power-up unique features using deep Convolutional Neural Network (CNN), which can be used to implement secure access control of autonomous vehicles. Our approach consists of two parts. First, we convert raw power-up sequence data from DRAM cells into a two-dimensional (2D) format to generate a DRAM image structure. Second, we apply deep CNN to DRAM images, in order to extract unique features from each memory to classify them for authentication. To evaluate our proposed approach, we utilize data from three Commercial-Off-The-Shelf (COTS) DRAMs taken under various environmental and other conditions (high/low temperature, high/low supply voltage and aging effects). Based on our results, our proposed authentication method ``DRAMNet'' achieves 98.63% accuracy and 98.49% precision. In comparison to other state-of-the-art CNN architectures, such as the AlexNet and VGGNet models, our DRAMNet approach fares equally well or better than them

Attacks on Lightweight Hardware-Based Security Primitives

In today's digital age, the ease of data collection, transfer, and storage continue to shape modern society and the ways we interact with our world. The advantages are numerous, but there is also an increased risk of information unintentionally falling into the wrong hands. Finding methods of protecting sensitive information at the hardware level is of utmost importance, and in this paper, we aim to provide a survey on recent developments in attacks on lightweight hardware-based security primitives (LHSPs) designed to do just that. Specifically, we provide an analysis of the attack resilience of these proposed LHSPs in an attempt to bring awareness to any vulnerabilities that may exist. We do this in the hope that it will encourage the continued development of attack countermeasures as well as completely new methods of data protection in order to prevent the discussed methods of attack from remaining viable in the future. The types of LHSPs discussed include physical unclonable functions (PUFs) and true random number generators (TRNGs), with a primary emphasis placed on PUFs