Exploitation of Vulnerabilities in Cloud-Storage

The paper presents the vulnerabilities of cloudstorage and various possible attacks exploiting thesevulnerabilities that relate to cloud security, which is one of thechallenging features of cloud computing. The attacks areclassified into three broad categories of which the socialnetworking based attacks are the recent attacks which areevolving out of existing technologies such as P2P file sharing.The study is extended to available defence mechanisms andcurrent research areas of cloud storage. Based on the study,simple cloud storage is implemented and the major aspectssuch as login mechanism, encryption techniques and keymanagement techniques are evaluated against the presentedattacks. The study proves that the cloud storage consumers arestill dependent on the trust and contracts agreed with theservice provider and there is no hard way of proven defensemechanisms against the attacks. Further down, the emergingtechnologies could possibly break down all key basedencryption mechanisms

Design of a Scan Chain for Side Channel Attacks on AES Cryptosystem for Improved Security

Scan chain-based attacks are side-channel attacks focusing on one of the most significant features of hardware test circuitry. A technique called Design for Testability (DfT) involves integrating certain testability components into a hardware design. However, this creates a side channel for cryptanalysis, providing crypto devices vulnerable to scan-based attacks. Advanced Encryption Standard (AES) has been proven as the most powerful and secure symmetric encryption algorithm announced by USA Government and it outperforms all other existing cryptographic algorithms. Furthermore, the on-chip implementation of private key algorithms like AES has faced scan-based side-channel attacks. With the aim of protecting the data for secure communication, a new hybrid pipelined AES algorithm with enhanced security features is implemented. This paper proposes testing an AES core with unpredictable response compaction and bit level-masking throughout the scan chain process. A bit-level scan flipflop focused on masking as a scan protection solution for secure testing. The experimental results show that the best security is provided by the randomized addition of masked scan flipflop through the scan chain and also provides minimal design difficulty and power expansion overhead with some negligible delay measures. Thus, the proposed technique outperforms the state-of-the-art LUT-based S-box and the composite sub-byte transformation model regarding throughput rate 2 times and 15 times respectively. And security measured in the avalanche effect for the sub-pipelined model has been increased up to 95 per cent with reduced computational complexity. Also, the proposed sub-pipelined S-box utilizing a composite field arithmetic scheme achieves 7 per cent area effectiveness and 2.5 times the hardware complexity compared to the LUT-based model

Design-for-Security vs. Design-for-Testability: A Case Study on DFT Chain in Cryptographic Circuits

Abstract-Relying on a recently developed gate-level information assurance scheme, we formally analyze the security of design-for-test (DFT) scan chains, the industrial standard testing methods for fabricated chips and, for the first time, formally prove that a circuit with scan chain inserted can violate security properties. The same security assessment method is then applied to a built-in-self-test (BIST) structure where it is shown that even BIST structures can cause security vulnerabilities. To balance trustworthiness and testability, a new design-for-security (DFS) methodology is proposed which, through the modification of scan chain structure, can achieve high security without compromising the testability of the inserted scan structure. To support the task of secure scan chain insertion, a method of scan chain reshuffling is introduced. Using an AES encryption core as the testing platform, we elaborated the security assessment procedure as well as the DFS technique in balancing security and testability of cryptographic circuits

Securing IEEE P1687 On-chip Instrumentation Access Using PUF

As the complexity of VLSI designs grows, the amount of embedded instrumentation in system-on-a-chip designs increases at an exponential rate. Such structures serve various purposes throughout the life-cycle of VLSI circuits, e.g. in post-silicon validation and debug, production test and diagnosis, as well as during in-field test and maintenance. Reliable access mechanisms for embedded instruments are therefore key to rapid chip development and secure system maintenance. Reconfigurable scan networks defined by IEEE Std. P1687 emerge as a scalable and cost-effective access medium for on-chip instrumentation. The accessibility offered by reconfigurable scan networks contradicts security and safety requirements for embedded instrumentation. Embedded instrumentation is an integral system component that remains functional throughout the lifetime of a chip. To prevent harmful activities, such as tampering with safety-critical systems, and reduce the risk of intellectual property infringement, the access to embedded instrumentation requires protection. This thesis provides a novel, Physical Unclonable Function (PUF) based secure access method for on-chip instruments which enhances the security of IJTAG network at low hardware cost and with less routing congestion

Secure and Robust Key-Trapped Design-for-Security Architecture for Protecting Obfuscated Logic

Having access to the scan chain of Integrated Circuits (ICs) is an integral requirement of the debug/testability process within the supply chain. However, the access to the scan chain raises big concerns regarding the security of the chip, particularly when the secret information, such as the key of logic obfuscation, is embedded/stored inside the chip. Hence, to relieve such concerns, numerous secure scan chain architectures have been proposed in the literature to show not only how to prevent any unauthorized access to the scan chain but also how to keep the availability of the scan chain for debug/testability. In this paper, we first provide a holistic overview of all secure scan chain architectures. Then, we discuss the key leakage possibility and some substantial architectural drawbacks that moderately affect both test flow and design constraints in the state-of-the-art published design-for-security (DFS) architectures. Then, we propose a new key-trapped DFS (kt-DFS) architecture for building a secure scan chain architecture while addressing the potential of key leakage. The proposed kt-DFS architecture allows the designer to perform the structural test with no limitation, enabling an untrusted foundry to utilize the scan chain for manufacturing fault testing without needing to access the scan chain. Finally, we evaluate and compare the proposed architecture with state-of-the-art ones in terms of security, testability time and complexity, and area/power/delay overhead

A Physical Unclonable Function derived from the power distribution system of an integrated circuit

Hardware support for security mechanisms such as authentication, cryptographic protocols, digital rights management and hardware metering depend heavily on the security of embedded secret keys. The current practice of embedding these keys as digital data in the Integrated Circuit (IC) weakens security because the keys can be learned through attacks. Physical Unclonable Functions (PUFs) are a recently- proposed alternative to storing digital keys on the IC. A PUF leverages the inherent manufacturing variations of an IC to define a random function. However, poor performance under PUF quality criteria such as the level of randomness and reproducibility in the responses have detracted from their adoption and widespread use. In this dissertation, I propose several ways to define a novel PUF using the Power Distribution System (PDS) of an IC. First, I describe the hardware primitive and test setup that is required to obtain the PUF responses. Then, I evaluate the analog PUF responses from silicon against standard PUF quality metrics in order to qualify the strengths and weaknesses of the proposed PUF. I show that the analog PUFs ex- hibit very high levels of randomness and reproducibility, but are sensitive to changes in temperature. Next, I propose extensions to our PUF that enable an exponential number of Challenge/Response Pairs (CRPs) with respect to the number of hardware resources, as well as yielding a marginal increase in the level of randomness. I also use these same analog measurements from silicon to simulate an integrated implementation of the PUF that takes a digital challenge and returns a digital response. I show that the integrated architecture also exhibits high levels of randomness and reproducibility, and is also resistant to changes in temperature. Future work includes designing and building a new IC that implements a more powerful hardware primitive that will improve both the number and accuracy of the measurements, as well as additional hardware that will allow the challenge and response generation to be performed on-chip