A Physical Unclonable Function derived from the power distribution system of an integrated circuit

Hardware support for security mechanisms such as authentication, cryptographic protocols, digital rights management and hardware metering depend heavily on the security of embedded secret keys. The current practice of embedding these keys as digital data in the Integrated Circuit (IC) weakens security because the keys can be learned through attacks. Physical Unclonable Functions (PUFs) are a recently- proposed alternative to storing digital keys on the IC. A PUF leverages the inherent manufacturing variations of an IC to define a random function. However, poor performance under PUF quality criteria such as the level of randomness and reproducibility in the responses have detracted from their adoption and widespread use. In this dissertation, I propose several ways to define a novel PUF using the Power Distribution System (PDS) of an IC. First, I describe the hardware primitive and test setup that is required to obtain the PUF responses. Then, I evaluate the analog PUF responses from silicon against standard PUF quality metrics in order to qualify the strengths and weaknesses of the proposed PUF. I show that the analog PUFs ex- hibit very high levels of randomness and reproducibility, but are sensitive to changes in temperature. Next, I propose extensions to our PUF that enable an exponential number of Challenge/Response Pairs (CRPs) with respect to the number of hardware resources, as well as yielding a marginal increase in the level of randomness. I also use these same analog measurements from silicon to simulate an integrated implementation of the PUF that takes a digital challenge and returns a digital response. I show that the integrated architecture also exhibits high levels of randomness and reproducibility, and is also resistant to changes in temperature. Future work includes designing and building a new IC that implements a more powerful hardware primitive that will improve both the number and accuracy of the measurements, as well as additional hardware that will allow the challenge and response generation to be performed on-chip

Auditable, Available and Resilient Private Computation on the Blockchain via MPC

Simple but mission-critical internet-based applications that require extremely high reliability, availability, and verifiability (e.g., auditability) could benefit from running on robust public programmable blockchain platforms such as Ethereum. Unfortunately, program code running on such blockchains is normally publicly viewable, rendering these platforms unsuitable for applications requiring strict privacy of application code, data, and results. In this work, we investigate using MPC techniques to protect the privacy of a blockchain computation. While our main goal is to hide both the data and the computed function itself, we also consider the standard MPC setting where the function is public. We describe GABLE (Garbled Autonomous Bots Leveraging Ethereum), a blockchain MPC architecture and system. The GABLE architecture specifies the roles and capabilities of the players. GABLE includes two approaches for implementing MPC over blockchain: Garbled Circuits (GC), evaluating universal circuits, and Garbled Finite State Automata (GFSA). We formally model and prove the security of GABLE implemented over garbling schemes, a popular abstraction of GC and GFSA from (Bellare et al, CCS 2012). We analyze in detail the performance (including Ethereum gas costs) of both approaches and discuss the trade-offs. We implement a simple prototype of GABLE and report on the implementation issues and experience

A Physical Unclonable Function derived from the power distribution system of an integrated circuit

Hardware support for security mechanisms such as authentication, cryptographic protocols, digital rights management and hardware metering depend heavily on the security of embedded secret keys. The current practice of embedding these keys as digital data in the Integrated Circuit (IC) weakens security because the keys can be learned through attacks. Physical Unclonable Functions (PUFs) are a recently- proposed alternative to storing digital keys on the IC. A PUF leverages the inherent manufacturing variations of an IC to define a random function. However, poor performance under PUF quality criteria such as the level of randomness and reproducibility in the responses have detracted from their adoption and widespread use. In this dissertation, I propose several ways to define a novel PUF using the Power Distribution System (PDS) of an IC. First, I describe the hardware primitive and test setup that is required to obtain the PUF responses. Then, I evaluate the analog PUF responses from silicon against standard PUF quality metrics in order to qualify the strengths and weaknesses of the proposed PUF. I show that the analog PUFs ex- hibit very high levels of randomness and reproducibility, but are sensitive to changes in temperature. Next, I propose extensions to our PUF that enable an exponential number of Challenge/Response Pairs (CRPs) with respect to the number of hardware resources, as well as yielding a marginal increase in the level of randomness. I also use these same analog measurements from silicon to simulate an integrated implementation of the PUF that takes a digital challenge and returns a digital response. I show that the integrated architecture also exhibits high levels of randomness and reproducibility, and is also resistant to changes in temperature. Future work includes designing and building a new IC that implements a more powerful hardware primitive that will improve both the number and accuracy of the measurements, as well as additional hardware that will allow the challenge and response generation to be performed on-chip.International Business Machines (IBM), The National Science Foundation (NSF), The University of New Mexico (UNM), The Metal Oxide Semiconductor Implementation Service (MOSIS)Computer EngineeringDoctoralUniversity of New Mexico. Dept. of Electrical and Computer EngineeringPlusquellic, JimZarkesh-Ha, PaymanCrandall, JedAcharyya, Dhruv

Measuring Power Distribution System Resistance Variations for Application to Design for Manufacturability and Physical Unclonable Functions

Metal resistance variations in back-end-of-line processes can be significant, particularly during process bring-up. In this thesis, I propose a simple method to measure resistance variations in the Power Distribution System (PDS) of an IC, and describe how these measurements can be applied to a Physical Unclonable Function (PUF). Our technique exploits the PDS, which is an existing distributed resource in all ICs, and provides a means of characterizing metal resistance in the context of an actual circuit design. By applying a sequence of tests using small on-chip support circuits attached to the PDS, the resistance of components of the PDS can be obtained from the solution to a set of simultaneous equations. The results from hardware experiments involving two sets of test chips fabricated in an IBM 65nm technology show significant changes in the resistance variation of some components of the PDS as the process evolved. This process variation data can be applied to hardware security by forming a PUF from the various resistance components of the PDS.We demonstrate that this PUF signature can then be used to uniquely identify each IC, even in the more evolved set of test chips. Based on a population of 24 ICs, we have determined that the PUF is capable of distinguishing all but 47 out of 10,000 ICs. The signature may require only 46 bytes per IC

Small Delay Defect Detection Using Self-Relative Timing

A novel testing strategy is proposed that is designed to detect small delay defects by creating internal signal races. The races are created by launching transitions along two paths simultaneously, a reference path and a test path. The arrival times of the transitions on a common or ‘convergence’ gate determine the result of the race. The presence of a small delay defect on the test path creates a static hazard on the output of the convergence gate that is directed to the input of a scan-latch. A glitch detector is added to the scan latch to record the presence or absence of the glitch. Advancement of technology to nanometer feature sizes and new materials is changing the pareto of defect types, making defects such as resistive open vias, mouse bites an

Dynamic defense workshop : from research to practice.

On September 5th and 6th, 2012, the Dynamic Defense Workshop: From Research to Practice brought together researchers from academia, industry, and Sandia with the goals of increasing collaboration between Sandia National Laboratories and external organizations, de ning and un- derstanding dynamic, or moving target, defense concepts and directions, and gaining a greater understanding of the state of the art for dynamic defense. Through the workshop, we broadened and re ned our de nition and understanding, identi ed new approaches to inherent challenges, and de ned principles of dynamic defense. Half of the workshop was devoted to presentations of current state-of-the-art work. Presentation topics included areas such as the failure of current defenses, threats, techniques, goals of dynamic defense, theory, foundations of dynamic defense, future directions and open research questions related to dynamic defense. The remainder of the workshop was discussion, which was broken down into sessions on de ning challenges, applications to host or mobile environments, applications to enterprise network environments, exploring research and operational taxonomies, and determining how to apply scienti c rigor to and investigating the eld of dynamic defense