Improving the Fault Resilience of Neural Network Applications Through Security Mechanisms

Numerous electronic systems store valuable intellectual property (IP) information inside non-volatile memories. In order to protect the integrity of such sensitive information from an unauthorized access or modification, encryption mechanisms are employed. From a reliability standpoint, such information can be vital to the system's functionality and thus, dedicated techniques are employed to detect possible reliability threats (e.g., transient faults in the memory content). In this paper we explore the capability of encryption mechanisms to guarantee protection from both unauthorized access and faults, while considering a Convolutional Neural Network application whose weights represent the valuable IP of the system. Experimental results show that it is possible to achieve very high fault detection rates, thus exploiting the benefits of security mechanisms for reliability purposes as well

A Survey on Security Threats and Countermeasures in IEEE Test Standards

International audienceEditor's note: Test infrastructure has been shown to be a portal for hackers. This article reviews the threats and countermeasures for IEEE test infrastructure standards

Correlation Electromagnetic Analysis on an FPGA Implementation of CRYSTALS-Kyber

Post-quantum cryptography represents a category of cryptosystems resistant to quantum algorithms. Recently, NIST launched a process to standardize one or more of such algorithms in the key encapsulation mechanism and signature categories. Such schemes are under the scrutiny of their mathematical security, but they are not side-channel secure at the algorithm level. That is why their side-channel vulnerabilities must be assessed by the research community. In this paper, we present a non-profiled correlation electromagnetic analysis against an FPGA implementation of the chosen NIST key-encapsulation mechanism standard, CRYSTALS-Kyber. The attack correlates an electromagnetic radiation model of the polynomial multiplication execution with the captured traces. With 166,620 traces, this attack correctly recovers 100% of the subkeys. Furthermore, a countermeasure is presented for securing the target implementation against the presented attack

Techniques pour la sécurisation des infrastructures de test

Test infrastructures are crucial to the modern Integrated Circuits (ICs) industry. The necessity of detecting manufacturing defects and preventing system failures in the field, makes their presence inevitable in every IC and its sub-modules. Unfortunately, test infrastructures also represent a security threat due to the augmented controllability and observability on the IC internals that they typically provide. In this thesis, we present a comprehensive analysis of the existing threats and the respective countermeasures, also providing a classification and a taxonomy of the state-of-the-art. Furthermore, we propose new security solutions, based on lightweight cryptography, for the design of test infrastructures. All proposed countermeasures belong to the category of scan encryption solutions and their purpose is to guarantee data confidentiality and user authentication. Each proposed solution is evaluated in terms of implementation costs and security capabilities. The works that have been carried out and are presented in this thesis, indicate that scan encryption is a promising solution for granting a secure design of test infrastructures.Les infrastructures de test sont essentielles pour l'industrie moderne des circuits intégrés. La nécessité de détecter les défauts de fabrication et de prévenir les défaillances des systèmes sur le terrain, rend leur présence inévitable dans chaque circuit intégré et ses sous-modules. Malheureusement, les infrastructures de test représentent également une menace pour la sécurité en raison de la contrôlabilité et de l'observabilité accrues qu'elles offrent généralement sur les circuits internes. Dans cette thèse, nous présentons une analyse complète des menaces existantes et des contre-mesures respectives, en fournissant également une classification et une taxonomie de l'état de l'art. En outre, nous proposons de nouvelles solutions de sécurité, basées sur la cryptographie légère, pour la conception d'infrastructures de test. Toutes les contre-mesures proposées appartiennent à la catégorie des solutions dit de scan encryption et leur but est de garantir la confidentialité des données et l'authentification des utilisateurs. Chaque solution proposée est évaluée en termes de coûts de mise en œuvre et de capacités de sécurité. Les travaux qui ont été réalisés et qui sont présentés dans cette thèse, indiquent que la scan encryption est une solution prometteuse pour garantir une conception sécurisée des infrastructures de test

Improving post-quantum cryptography coupling near-memory computing and RISC-V cores

International audienceNear-Memory Computing (NMC) is a promising architectural approach to accelerate and improve the efficiency of matrix products, since it drastically reduces the transfer of data between the CPU and the memory. In this paper, we propose to couple a NMC co-processor with a RISC-V based CPU to accelerate the matrix product in Post-Quantum Cryptography (PQC) algorithms. Experimental results on the matrix product of FrodoKEM PQC algorithm show a 4X improvement in performance with respect to the same implementation without the NMC approach

Improving post-quantum cryptography coupling near-memory computing and RISC-V cores

International audienceNear-Memory Computing (NMC) is a promising architectural approach to accelerate and improve the efficiency of matrix products, since it drastically reduces the transfer of data between the CPU and the memory. In this paper, we propose to couple a NMC co-processor with a RISC-V based CPU to accelerate the matrix product in Post-Quantum Cryptography (PQC) algorithms. Experimental results on the matrix product of FrodoKEM PQC algorithm show a 4X improvement in performance with respect to the same implementation without the NMC approach

Secure hardware NTT implementation against SASCA and CPA attacks

System on chip - Systèmes embarqués et objets connectésInternational audienc

Flexible and Portable Management of Secure Scan Implementations Exploiting P1687.1 Extensions

International audienceCurrent Design-for-Test solutions for scan-based testing such as IEEE 1687 offer rich and powerful access to embedded resources. While this is extremely helpful for testing purposes, it also raises serious security concerns as malicious users could exploit it to gain control of the chip or leak sensitive information. Current solutions, such as Scan Encryption, are all hardware based and incompatible with the Automated Test Flow, seriously limiting their applicability, portability and reuse. In this paper, we show how the features of the upcoming IEEE P1687.1 can be leveraged and extended to not only include Scan Encryption as a native feature but also as a portable Embedded IP block. The experimental results show that thanks to the new Standard, a fully Secure Automated Test Flow can be integrated inside existing tools without custom software modifications.</p

Secure hardware NTT implementation against SASCA and CPA attacks

System on chip - Systèmes embarqués et objets connectésInternational audienc