Hardware Security Primitives using Passive RRAM Crossbar Array: Novel TRNG and PUF Designs

With rapid advancements in electronic gadgets, the security and privacy aspects of these devices are significant. For the design of secure systems, physical unclonable function (PUF) and true random number generator (TRNG) are critical hardware security primitives for security applications. This paper proposes novel implementations of PUF and TRNGs on the RRAM crossbar structure. Firstly, two techniques to implement the TRNG in the RRAM crossbar are presented based on write-back and 50% switching probability pulse. The randomness of the proposed TRNGs is evaluated using the NIST test suite. Next, an architecture to implement the PUF in the RRAM crossbar is presented. The initial entropy source for the PUF is used from TRNGs, and challenge-response pairs (CRPs) are collected. The proposed PUF exploits the device variations and sneak-path current to produce unique CRPs. We demonstrate, through extensive experiments, reliability of 100%, uniqueness of 47.78%, uniformity of 49.79%, and bit-aliasing of 48.57% without any post-processing techniques. Finally, the design is compared with the literature to evaluate its implementation efficiency, which is clearly found to be superior to the state-of-the-art.Comment: To appear at ASP-DAC 202

Integrated Architecture for Neural Networks and Security Primitives using RRAM Crossbar

This paper proposes an architecture that integrates neural networks (NNs) and hardware security modules using a single resistive random access memory (RRAM) crossbar. The proposed architecture enables using a single crossbar to implement NN, true random number generator (TRNG), and physical unclonable function (PUF) applications while exploiting the multi-state storage characteristic of the RRAM crossbar for the vector-matrix multiplication operation required for the implementation of NN. The TRNG is implemented by utilizing the crossbar's variation in device switching thresholds to generate random bits. The PUF is implemented using the same crossbar initialized as an entropy source for the TRNG. Additionally, the weights locking concept is introduced to enhance the security of NNs by preventing unauthorized access to the NN weights. The proposed architecture provides flexibility to configure the RRAM device in multiple modes to suit different applications. It shows promise in achieving a more efficient and compact design for the hardware implementation of NNs and security primitives

Opto-mechatronics instrumentation of a specialty optical fiber based optogenetic probe

The neurodegenerative diseases are considered to be incurable as it is caused due to the progressive degradation of the function or death of neuronal cells and loss of structure of neurons. The recent advancement in the research of optogenetics is considered to be of greater significance as it is a new path for researchers to understand the comprehensive function of the brain to find a therapy for neurodegenerative diseases. The discovery of light-gated proteins that can be expressed with neuronal cells for targeted stimulation made optogenetics a powerful tool. Recently, the integration of fiber bundle as a waveguide made it possible for optogenetics to move from in vitro slide studies to the in vivo brain stimulation studies. The galvanometric mirrors in the conventional targeted neuronal stimulation studies were replaced by the Spatial Light Modulators (SLM) in the state of the art optogenetics system due to its superior beam modulation options and response time. However, most of the SLM integrated with the optogenetic systems using coherent fiber bundle are the reflective type which suffers from a major drawback of complex optical configuration. In this dissertation, a high-resolution optogenetic system using Transmissive LC SLM to selectively illuminate the fibers inside the fiber bundle for targeted neuronal stimulation studies was developed. The developed system has several advantages over the reflective SLM system in terms of size, weight and complexity. The individual pixel control of the LC SLM is desirable to understand how the LC SLM can be used with the fiber bundle for neuronal stimulation. Hence a MATLAB based tool was also developed in this work for LC SLM and it was verified experimentally that the developed tool can be used to control the individual LC SLM pixels. Finally, a reference scheme was proposed for the developed system to identify the pixels that need to be activated in the LC SLM for selective illumination of fibers inside the fiber bundle.Master of Science (Green Electronics

Pushing the Limits of Generic Side-Channel Attacks on LWE-based KEMs - Parallel PC Oracle Attacks on Kyber KEM and Beyond

In this work, we propose generic and novel adaptations to the binary Plaintext-Checking (PC) oracle based side-channel attacks for Kyber KEM. These attacks operate in a chosen-ciphertext setting, and are fairly generic and easy to mount on a given target, as the attacker requires very minimal information about the target device. However, these attacks have an inherent disadvantage of requiring a few thousand traces to perform full key recovery. This is due to the fact that these attacks typically work by recovering a single bit of information about the secret key per query/trace. In this respect, we propose novel parallel PC oracle based side-channel attacks, which are capable of recovering a generic P number of bits of information about the secret key in a single query/trace. We propose novel techniques to build chosen-ciphertexts so as to efficiently realize a parallel PC oracle for Kyber KEM. We also build a multi-class classifier, which is capable of realizing a practical side-channel based parallel PC oracle with very high success rate. We experimentally validated the proposed attacks (upto P = 10) on the fastest implementation of unprotected Kyber KEM in the pqm4 library. Our experiments yielded improvements in the range of 2.89× and 7.65× in the number of queries, compared to state-of-the-art binary PC oracle attacks, while arbitrarily higher improvements are possible for a motivated attacker, given the generic nature of the proposed attacks. We further conduct a thorough study on applicability to different scenarios, based on the presence/absence of a clone device, and also partial key recovery. Finally, we also show that the proposed attacks are able to achieve the lowest number of queries for key recovery, even for implementations protected with low-cost countermeasures such as shuffling. Our work therefore, concretely demonstrates the power of PC oracle attacks on Kyber KEM, thereby stressing the need for concrete countermeasures such as masking for Kyber and other lattice-based KEMs