Two IP Protection Schemes for Multi-FPGA Systems

International audienceThis paper proposes two novel protection schemes for multi-FPGA systems providing high security of IP designs licensed by IP vendors to system integrators and installed remotely in a hostile environment. In the first scheme, these useful properties are achieved by storing two different configuration keys inside an FPGA, while in the second scheme, they are obtained using a hardware white-box cipher for creating a trusted environment. Thanks to the proposed principles, FPGA configurations coming from different IP owners cannot be cloned or reverse-engineered by any involved party, including system integrator and other IP owners. The proposed schemes can be directly implemented in recent FPGAs such as Xilinx Spartan 6 and Virtex 6

BIKE: Bit Flipping Key Encapsulation

Submission to the NIST post quantum standardization proces

On The Effect of Replacement Policies on The Security of Randomized Cache Architectures

International audienceRandomizing the mapping of addresses to cache entries has proven to be an effective technique for hardening caches against contention-based attacks like Prime+Prome. While attacks and defenses are still evolving, it is clear that randomized caches significantly increase the security against such attacks. However, one aspect that is missing from most analyses of randomized cache architectures is the choice of the replacement policy. Often, only the random- and LRU replacement policies are investigated. However, LRU is not applicable to randomized caches due to its immense hardware overhead, while the random replacement policy is not ideal from a performance and security perspective.In this paper, we explore replacement policies for randomized caches. We develop two new replacement policies and evaluate a total of five replacement policies regarding their security against Prime+Prune+Probe attackers. Moreover, we analyze the effect of the replacement policy on the system's performance and quantify the introduced hardware overhead. We implement randomized caches with configurable replacement policies in software and hardware using a custom cache simulator, gem5, and the CV32E40P RISC-V core. Among others, we show that the construction of eviction sets with our new policy, VARP-64, requires over 25-times more cache accesses than with the random replacement policy while also enhancing overall performance

CAKE: Code-based Algorithm for Key Encapsulation

International audienceCurrent widely-used key exchange (KE) mechanisms will be vulnerable to quantum attacks when sufficiently strong quantum computers become available. Therefore, devising quantum-resistant replacements that combine efficiency with solid security guarantees is an important and challenging task. This paper proposes several contributions towards this goal. First, we introduce " CAKE " , a key encapsulation algorithm based on the QC-MDPC McEliece encryption scheme, with two major improvements: a) the use of ephemeral keys that defeats a recent reaction attack against MDPC decoding of the corresponding encryption scheme and b) a highly efficient key generation procedure for QC-MDPC-based cryptosystems. Then, we present an authenticated key exchange protocol based on CAKE, which is suitable for the Internet Key Exchange (IKE) standard. We prove that CAKE is IND-CPA secure, that the protocol is SK-Secure, and suggest practical parameters. Compared to other post-quantum schemes, we believe that CAKE is a promising candidate for post-quantum key exchange standardization

Towards Secure Composition of Integrated Circuits and Electronic Systems: On the Role of EDA

International audienceModern electronic systems become evermore complex, yet remain modular, with integrated circuits (ICs) acting asversatile hardware components at their heart. Electronic design automation (EDA) for ICs has focused traditionally on power, performance, and area. However, given the rise of hardwarecentric security threats, we believe that EDA must also adopt related notions like secure by design and secure composition of hardware. Despite various promising studies, we argue that some aspects still require more efforts, for example: effective means for compilation of assumptions and constraints for security schemes, all the way from the system level down to the “bare metal”; modeling, evaluation, and consideration of securityrelevant metrics; or automated and holistic synthesis of various countermeasures, without inducing negative cross-effects. In this paper, we first introduce hardware security for the EDA community. Next we review prior (academic) art for EDA-driven security evaluation and implementation of countermeasures. We then discuss strategies and challenges for advancing research and development toward secure composition of circuits and systems