FPGA based remote code integrity verification of programs in distributed embedded systems

The explosive growth of networked embedded systems has made ubiquitous and pervasive computing a reality. However, there are still a number of new challenges to its widespread adoption that include scalability, availability, and, especially, security of software. Among the different challenges in software security, the problem of remote-code integrity verification is still waiting for efficient solutions. This paper proposes the use of reconfigurable computing to build a consistent architecture for generation of attestations (proofs) of code integrity for an executing program as well as to deliver them to the designated verification entity. Remote dynamic update of reconfigurable devices is also exploited to increase the complexity of mounting attacks in a real-word environment. The proposed solution perfectly fits embedded devices that are nowadays commonly equipped with reconfigurable hardware components that are exploited to solve different computational problems

Low-power emerging memristive designs towards secure hardware systems for applications in internet of things

Emerging memristive devices offer enormous advantages for applications such as non-volatile memories and in-memory computing (IMC), but there is a rising interest in using memristive technologies for security applications in the era of internet of things (IoT). In this review article, for achieving secure hardware systems in IoT, low-power design techniques based on emerging memristive technology for hardware security primitives/systems are presented. By reviewing the state-of-the-art in three highlighted memristive application areas, i.e. memristive non-volatile memory, memristive reconfigurable logic computing and memristive artificial intelligent computing, their application-level impacts on the novel implementations of secret key generation, crypto functions and machine learning attacks are explored, respectively. For the low-power security applications in IoT, it is essential to understand how to best realize cryptographic circuitry using memristive circuitries, and to assess the implications of memristive crypto implementations on security and to develop novel computing paradigms that will enhance their security. This review article aims to help researchers to explore security solutions, to analyze new possible threats and to develop corresponding protections for the secure hardware systems based on low-cost memristive circuit designs

Platform for Testing and Evaluation of PUF and TRNG Implementations in FPGAs

Implementation of cryptographic primitives like Physical Unclonable Functions (PUFs) and True Random Number Generators (TRNGs) depends significantly on the underlying hardware. Common evaluation boards offered by FPGA vendors are not suitable for a fair benchmarking, since they have different vendor dependent configuration and contain noisy switching power supplies. The proposed hardware platform is primary aimed at testing and evaluation of cryptographic primitives across different FPGA and ASIC families. The modular platform consists of a motherboard and exchangeable daughter board modules. These are designed to be as simple as possible to allow cheap and independent evaluation of cryptographic blocks and namely PUFs. The motherboard is based on the Microsemi SmartFusion 2 SoC FPGA. It features a low-noise power supply, which simplifies evaluation of vulnerability to the side channel attacks. It provides also means of communication between the PC and the daughter module. Available software tools can be easily customized, for example to collect data from the random number generator located in the daughter module and to read it via USB interface. The daughter module can be plugged into the motherboard or connected using an HDMI cable to be placed inside a Faraday cage or a temperature control chamber. The whole platform was designed and optimized to fullfil the European HECTOR project (H2020) requirements

An Energy-Efficient Reconfigurable DTLS Cryptographic Engine for End-to-End Security in IoT Applications

This paper presents a reconfigurable cryptographic engine that implements the DTLS protocol to enable end-to-end security for IoT. This implementation of the DTLS engine demonstrates 10x reduction in code size and 438x improvement in energy-efficiency over software. Our ECC primitive is 237x and 9x more energy-efficient compared to software and state-of-the-art hardware respectively. Pairing the DTLS engine with an on-chip RISC-V allows us to demonstrate applications beyond DTLS with up to 2 orders of magnitude energy savings.Comment: Published in 2018 IEEE International Solid-State Circuits Conference (ISSCC

An Energy-Efficient Reconfigurable DTLS Cryptographic Engine for End-to-End Security in IoT Applications

This paper presents a reconfigurable cryptographic engine that implements the DTLS protocol to enable end-to-end security for IoT. This implementation of the DTLS engine demonstrates 10x reduction in code size and 438x improvement in energy-efficiency over software. Our ECC primitive is 237x and 9x more energy-efficient compared to software and state-of-the-art hardware respectively. Pairing the DTLS engine with an on-chip RISC-V allows us to demonstrate applications beyond DTLS with up to 2 orders of magnitude energy savings.Comment: Published in 2018 IEEE International Solid-State Circuits Conference (ISSCC