Reconfigurable Security Primitive for Embedded Systems

Embedded systems present significant security challenges due to their limited resources, power constraints and a variety of inherent vulnerabilities. In this paper, we propose a reconfigurable security primitive for secure embedded systems that leverages the capabilities of reconfigurable hardware to provide efficient and flexible architectural support to both security standards and a range of attacks. This paper stresses design challenges for secure embedded systems and argues the case for reconfigurable architectural support for security. The reconfigurable security primitive is based on two main ideas: 1) an adaptable datapath, and 2) a hierarchy of controllers at the primitive and system level. The first controller manages the performance policy while the second one deals with the security policy. The AES cryptography algorithm has been considered to show the benefit of our approach compared to hardware and software solutions

Systolic VLSI chip for implementing orthogonal transforms, A

Includes bibliographical references.This paper describes the design of a systolic VLSI chip for the implementation of signal processing algorithms that may be decomposed into a product of simple real rotations. These include orthogonal transformations. Applications of this chip include projections, discrete Fourier and cosine transforms, and geometrical transformations. Large transforms may be computed by "tiling" together many chips for increased throughput. A CMOS VLSI chip containing 138 000 transistors in a 5x3 array of rotators has been designed, fabricated, and tested. The chip has a 32-MHz clock and performs real rotations at a rate of 30 MHz. The systolic nature of the chip makes use of fully synchronous bit-serial interconnect and a very regular structure at the rotator and bit levels. A distributed arithmetic scheme is used to implement the matrix-vector multiplication of the rotation.This work was supported by Ball Aerospace, Boulder, CO, and by the Office of Naval Research, Electronics Branch, Arlington, VA, under Contract ONR 85-K-0693

Security Evaluation and Enhancement of Bistable Ring PUFs

The Bistable Ring (BR) Physical Unclonable Function (PUF) is a newly proposed hardware security primitive in the PUF family. In this work, we comprehensively evaluate its resilience against Machine Learning (ML) modeling attacks. Based on the success of ML attacks, we propose XOR strategies to enhance the security of BR PUFs. Our results show that the XOR BR PUF with more than four parallel BR PUFs is able to resist the ML modeling methods in this work. We also evaluate the other PUF metrics of reliability, uniqueness and uniformity, and find that the XOR function is also effective in improving the uniformity of BR PUFs

LCOGT Network Observatory Operations

We describe the operational capabilities of the Las Cumbres Observatory Global Telescope Network. We summarize our hardware and software for maintaining and monitoring network health. We focus on methodologies to utilize the automated system to monitor availability of sites, instruments and telescopes, to monitor performance, permit automatic recovery, and provide automatic error reporting. The same jTCS control system is used on telescopes of apertures 0.4m, 0.8m, 1m and 2m, and for multiple instruments on each. We describe our network operational model, including workloads, and illustrate our current tools, and operational performance indicators, including telemetry and metrics reporting from on-site reductions. The system was conceived and designed to establish effective, reliable autonomous operations, with automatic monitoring and recovery - minimizing human intervention while maintaining quality. We illustrate how far we have been able to achieve that.Comment: 13 pages, 9 figure

Fully Integrated Biochip Platforms for Advanced Healthcare

Recent advances in microelectronics and biosensors are enabling developments of innovative biochips for advanced healthcare by providing fully integrated platforms for continuous monitoring of a large set of human disease biomarkers. Continuous monitoring of several human metabolites can be addressed by using fully integrated and minimally invasive devices located in the sub-cutis, typically in the peritoneal region. This extends the techniques of continuous monitoring of glucose currently being pursued with diabetic patients. However, several issues have to be considered in order to succeed in developing fully integrated and minimally invasive implantable devices. These innovative devices require a high-degree of integration, minimal invasive surgery, long-term biocompatibility, security and privacy in data transmission, high reliability, high reproducibility, high specificity, low detection limit and high sensitivity. Recent advances in the field have already proposed possible solutions for several of these issues. The aim of the present paper is to present a broad spectrum of recent results and to propose future directions of development in order to obtain fully implantable systems for the continuous monitoring of the human metabolism in advanced healthcare applications

Redshift: Manipulating Signal Propagation Delay via Continuous-Wave Lasers

We propose a new laser injection attack Redshift that manipulates signal propagation delay, allowing for precise control of oscillator frequencies and other behaviors in delay-sensitive circuits. The target circuits have a significant sensitivity to light, and a low-power continuous-wave laser, similar to a laser pointer, is sufficient for the attack. This is in contrast to previous fault injection attacks that use highpowered laser pulses to flip digital bits. This significantly reduces the cost of the attack and extends the range of possible attackers. Moreover, the attack potentially evades sensor-based countermeasures configured for conventional pulse lasers. To demonstrate Redshift, we target ring-oscillator and arbiter PUFs that are used in cryptographic applications. By precisely controlling signal propagation delays within these circuits, an attacker can control the output of a PUF to perform a state-recovery attack and reveal a secret key. We finally discuss the physical causality of the attack and potential countermeasures

PLayPUF: Programmable Logically Erasable PUFs for Forward and Backward Secure Key Management

A silicon Physical Unclonable Function (PUF) is a hardware security primitive which implements a unique and unclonable function on a chip which, given a challenge as input, computes a response by measuring and leveraging (semiconductor process) manufacturing variations which differ from PUF to PUF. In this paper, we observe that by equipping a PUF with a small, constant-sized, tamper-resistant state, whose content cannot be modified, but can be read by adversaries, new and powerful cryptographic applications of PUFs become feasible. In particular, we show a new hardware concept which we call a Programmable Logically erasable PUF (PLayPUF). Its distinctive feature is that it allows the selective erasure of single challenge-response pairs (CRPs) without altering any other PUF-CRPs. The selective erasure of a CRP can be programmed a-priori by using a counter to indicate how many times the CRP can be read out before erasure. We show PLayPUFs can realize forward and {\it backward} secure key management schemes for public key encryption. The new notion of backward security informally means that even if an attacker uncovers a session key through the key management interface, the legitimate user will detect this leakage before he will ever use the session key. Backward security and its implementation via PLayPUFs allow the construction of novel, self-recovering certificate authorities (CAs) without relying on a digital master key. Our new CAs immediately detect key exposure through their interfaces, and recover from it without stopping their service, and without ever issuing certificates based on such exposed keys. This is a crucial step forward in implementing secure key management. We deliver a full proof-of-concept implementation of our new scheme on FPGA together with detailed performance data, as well as formal definitions of our new concepts, including the first definition of stateful PUFs

PUF Modeling Attacks on Simulated and Silicon Data

We discuss numerical modeling attacks on several proposed strong physical unclonable functions (PUFs). Given a set of challenge-response pairs (CRPs) of a Strong PUF, the goal of our attacks is to construct a computer algorithm which behaves indistinguishably from the original PUF on almost all CRPs. If successful, this algorithm can subsequently impersonate the Strong PUF, and can be cloned and distributed arbitrarily. It breaks the security of any applications that rest on the Strong PUF's unpredictability and physical unclonability. Our method is less relevant for other PUF types such as Weak PUFs. The Strong PUFs that we could attack successfully include standard Arbiter PUFs of essentially arbitrary sizes, and XOR Arbiter PUFs, Lightweight Secure PUFs, and Feed-Forward Arbiter PUFs up to certain sizes and complexities. We also investigate the hardness of certain Ring Oscillator PUF architectures in typical Strong PUF applications. Our attacks are based upon various machine learning techniques, including a specially tailored variant of logistic regression and evolution strategies. Our results are mostly obtained on CRPs from numerical simulations that use established digital models of the respective PUFs. For a subset of the considered PUFs-namely standard Arbiter PUFs and XOR Arbiter PUFs-we also lead proofs of concept on silicon data from both FPGAs and ASICs. Over four million silicon CRPs are used in this process. The performance on silicon CRPs is very close to simulated CRPs, confirming a conjecture from earlier versions of this work. Our findings lead to new design requirements for secure electrical Strong PUFs, and will be useful to PUF designers and attackers alike.National Science Foundation (U.S.) (Grant CNS 0923313)National Science Foundation (U.S.) (Grant CNS 0964641

Power and Timing Side Channels for PUFs and their Efficient Exploitation

We discuss the first power and timing side channels on Strong Physical Unclonable Functions (Strong PUFs) in the literature, and describe their efficient exploitation via adapted machine learning (ML) techniques. Our method is illustrated by the example of the two currently most secure (CCS 2010, IEEE T-IFS 2013) electrical Strong PUFs, so-called XOR Arbiter PUFs and Lightweight PUFs. It allows us for the first time to tackle these two architectures with a polynomial attack complexity. In greater detail, our power and timing side channels provide information on the single outputs of the many parallel Arbiter PUFs inside an XOR Arbiter PUF or Lightweight PUF. They indicate how many of these single outputs (in sum) were equal to one (and how many were equal to zero) before the outputs entered the final XOR gate. Taken for itself, this side channel information is of little value, since it does not tell which of the single outputs were zero or one, respectively. But we show that if combined with suitably adapted machine learning techniques, it allows very efficient attacks on the two above PUFs, i.e., attacks that merely use linearly many challenge-response pairs and lowdegree polynomial computation times. Without countermeasures, the two PUFs can hence no longer be called secure, regardless of their sizes. For comparison, the best-performing pure modeling attacks on the above two PUFs are known to have an exponential complexity (CCS 2010, IEEE T-IFS 2013). The practical viability of new our attacks is firstly demonstrated by ML experiments on numerically simulated CRPs. We thereby confirm attacks on the two above PUFs for up to 16 XORs and challenge bitlengths of up to 512. Secondly, we execute a full experimental proof-of-concept for our timing side channel, successfully attacking FPGA-implementations of the two above PUF types for 8, 12, and 16 XORs, and bitlengths 64, 128, 256 and 512. In earlier works (CCS 2010, IEEE T-IFS 2013), 8 XOR architectures with bitlength 512 had been explicitly suggested as secure and beyond the reach of foreseeable attacks. Besides the abovementioned new power and timing side channels, two other central innovations of our paper are our tailormade, polynomial ML-algorithm that integrates the side channel information, and the implementation of Arbiter PUF variants with up to 16 XORs and bitlength 512 in silicon. To our knowledge, such sizes have never been implemented before in the literature. Finally, we discuss efficient countermeasures against our power and timing side channels. They could and should be used to secure future Arbiter PUF generations against the latter