Optimizing Linear Correctors: A Tight Output Min-Entropy Bound and Selection Technique

Post-processing of the raw bits produced by a true random number generator (TRNG) is always necessary when the entropy per bit is insufficient for security applications. In this paper, we derive a tight bound on the output min-entropy of the algorithmic post-processing module based on linear codes, known as linear correctors. Our bound is based on the codes' weight distributions, and we prove that it holds even for the real-world noise sources that produce independent but not identically distributed bits. Additionally, we present a method for identifying the optimal linear corrector for a given input min-entropy rate that maximizes the throughput of the post-processed bits while simultaneously achieving the needed security level. Our findings show that for an output min-entropy rate of $0.999$, the extraction efficiency of the linear correctors with the new bound can be up to $130.56\%$ higher when compared to the old bound, with an average improvement of $41.2\%$ over the entire input min-entropy range. On the other hand, the required min-entropy of the raw bits for the individual correctors can be reduced by up to $61.62\%$

10281 Abstracts Collection -- Dynamically Reconfigurable Architectures

From 11.07.10 to 16.07.10, Dagstuhl Seminar 10281 ``Dynamically Reconfigurable Architectures \u27\u27 was held in Schloss Dagstuhl~--~Leibniz Center for Informatics. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. The first section describes the seminar topics and goals in general. Links to extended abstracts or full papers are provided, if available

Efficient Pipelining for Modular Multiplication Architectures in Prime Fields

This paper presents a pipelined architecture of a modular Montgomery multiplier, which is suitable to be used in public key coprocessors. Starting from a baseline implementation of the Montgomery algorithm, a more compact pipelined version is derived. The design makes use of 16bit integer multiplication blocks that are available on recently manufactured FPGAs. The critical path is optimized by omitting the exact computation of intermediate results in the Montgomery algorithm using a 6-2 carry-save notation. This results in a high-speed architecture, which outperforms previously designed Montgomery multipliers. Because a very popular application of Montgomery multiplication is public key cryptography, we compare our implementation to the state-of-the-art in Montgomery multipliers on the basis of performance results for 1024-bit RSA

An energy and area efficient, all digital entropy source compatible with modern standards based on jitter pipelining

This paper proposes an energy and area efficient entropy source, suitable for true random number generation, accompanied with a stochastic model in a 28nm CMOS technology. The design uses a jitter pipelining architecture together with an increased timing resolution to achieve a maximal throughput of 298 Mbit/s and a best energy efficiency of 1.46 pJ/bit at a supply of 0.8V. The generated random bits pass the NIST SP 800-90B IID tests with a min entropy rate of 0.933 bit/bit, which is more than required by the AIS-31 standard. The all digital design allows for effortless transfer to other technology nodes, taking advantage of all benefits related to further technology scaling

Proxy Re-Encryption for Accelerator Confidentiality in FPGA-Accelerated Cloud

FPGAs offer many-fold acceleration to various application domains, and have become a part of cloud-based computation. However, their cloud-use introduce Cloud Service Provider (CSP) as trusted parties, who can access the hardware designs in plaintext. Therefore, the intellectual property of hardware designers is not protected against a dishonest cloud. In this paper, we propose a scheme for the confidentiality of accelerators on cloud, without limiting CSP to maintain their resources freely. Our proposed scheme is based on Proxy Re-Encryption which allows the developers to upload their accelerators to the CSPs under encryption. The CSPs cannot decrypt them; however, alter the encryption that allows the target FPGAs they pick to decrypt. In addition, our scheme allows metering the use of accelerators

Fault Injection Modeling Attacks on 65nm Arbiter and RO Sum PUFs via Environmental Changes

Physically Unclonable Functions (PUFs) are emerging as hardware security primitives. So-called strong PUFs provide a mechanism to authenticate chips which is inherently unique for every manufactured sample. To prevent cloning, modeling of the challenge-response pair (CRP) behavior should be infeasible. Machine learning (ML) algorithms are a well-known threat. Recently, repeatability imperfections of PUF responses have been identied as another threat. CMOS device noise renders a signicant fraction of the CRPs unstable, hereby providing a side channel for modeling attacks. In previous work, 65nm arbiter PUFs have been modeled as such with accuracies exceeding 97%. However, more PUF evaluations were required than for state-of-the-art ML approaches. In this work, we accelerate repeatability attacks by increasing the fraction of unstable CRPs. Response evaluation faults are triggered via environmental changes hereby. The attack speed, which is proportional to the fraction of unstable CRPs, increases with a factor 2.4 for both arbiter and ring oscillator (RO) sum PUFs. Data originates from a 65nm silicon chip and hence not from simulations

Charge Recycling Sense Amplifier Based Logic: Securing Low Power Security IC’s against Differential Power Analysis

Charge Recycling Sense Amplifier Based Logic is presented. This logic is derived from Sense Amplifier Based Logic, which is a logic style with signal independent power consumption that is capable to protect security devices such as Smart Cards against power attacks. Experimental results show that utilization of advanced circuit techniques save 20% in power consumption and 63% in peak supply current and that the logic style preserves the energy masking behavior