Search for: All records

Chaotic systems, such as Lorenz systems or logistic functions, are known for their rapid divergence property. Even the smallest change in the initial condition will lead to vastly different outputs. This property renders the short-term behavior, i.e., output values, of these systems very hard to predict. Because of this divergence feature, lorenz systems are often used in cryptographic applications, particularly in key agreement protocols and encryptions. Yet, these chaotic systems do exhibit long-term deterministic behaviors - i.e., fit into a known shape over time. In this work, we propose a fast dynamic device authentication scheme that leverages both the divergence and convergence features of the Lorenz systems. In the scheme, a device proves its legitimacy by showing authentication tags belonging to a pre-determined trajectory of a given Lorenz chaotic system. The security of the proposed technique resides in the fact that the short-range function output values are hard for an attacker to predict, but easy for a verifier to validate because the function is deterministic. In addition, in a multi-verifier scenario such as a mobile phone switching among base stations, the device does not have to re-initiate a separate authentication procedure each time. Instead, it just needs to prove the consistency of its chaotic behavior in an iterative manner, making the procedure very efficient in terms of execution time and computing resources. 

To enable next-generation distributed and connected computing systems, we must address the context-aware chip authentication challenge. An important remaining gap in the design of these systems is the enabling of multi-personality authentication to support applications or schemes requiring a single device to own manifold legitimate identities. In this work, we propose a Multi-identity Physical Unclonable Function (Mi-PUF) assisted weighted group decision making scheme. The Mi-PUF approach enables individual devices to be authenticated and associated with multiple identities in order to hold different number of ballots. Hence, devices with higher impact in a decision making network will have more weight than the less influential ones. Besides the introduction of the scheme, the design and FPGA implementation details of the Mi-PUF are explored and presented. 

Chaotic systems such as Lorenz functions have been proposed as cryptographic primitives due to their short-range divergence attributes. They are commonly used in pseudo random number generators, key agreement protocols, and certain classes of encryption procedures. These functions are typically used for their chaotic behavior. However, two of their key properties are often overlooked: (1) their long-range convergence behavior is seldom used, and (2) the static nature of their system parameters is disregarded. The static nature of the system parameters, i.e., core secret, renders these functions vulnerable to a number of attacks when they are deployed in security applications. In this work, we examine these usage gaps and discover compelling security applications for these chaotic systems, in particular, Lorenz chaotic systems. In this paper, we propose an adaptive and dynamic authentication scheme based on discrete Lorenz chaotic systems. The scheme leverages Lorenz function's convergence to achieve a fast and lightweight authentication protocol. We also devise a dynamic parameter configuration technique to enhance the security of the protocol. 

The separation of manufacturing and design processes in the integrated circuit industry to tackle the ever increasing circuit complexity and time to market issues has brought with it some major security challenges. Chief among them is IP piracy by untrusted parties. Hardware obfuscation which locks the functionality and modifies the structure of an IP core to protect it from malicious modifications or piracy has been proposed as a solution. In this paper, we develop an efficient hardware obfuscation method, called Mystic (Mystifying IP Cores), to protect IP cores from reverse engineering, IP over- production, and IP piracy. The key idea behind Mystic is to add additional state transitions to the original/functional FSM (Finite State Machine) that are taken only when incorrect keys are applied to the circuit. Using the proposed Mystic obfuscation approach, the underlying functionality of the IP core is locked and normal FSM transitions are only available to authorized chip users. The synthesis results of ITC99 circuit benchmarks for ASIC 45nm technology reveal that the Mystic protection method imposes on average 5.14% area overhead, 5.21% delay overhead, and 8.06% power consumption overheads while it exponentially lowers the probability that an unauthorized user will gain access to or derive the chip functionality. 

Over the next decade, processor design will encounter a number of challenges. The ongoing miniaturization of semiconductor manufacturing technologies that has enabled the integration of hundreds to thousands of processing cores on a single chip is pushing the limits of physical laws. The fabrication process has also grown more complex and globalized with widespread use of third-party IPs (intellectual properties). This development ecosystem has complicated the security and trust view of processors. Some of the pressing processor architecture design questions are: (1) how to use reconfiguration and redundancy to improve reliability without introducing additional and potentially insecure system states, (2) what analytical models lend themselves best to the joint implementation of reliability and security in these systems, and (3) how to optimally and securely share resources and data among processing elements with high degree of reliability. In this work, we present and discuss (1) principal reliability approaches - error correction code, modular redundancy, (2) processor architecture specific reliability, (3) major secure processor architectures. We also highlight key features of a small representative class of the secure and reliable architectures. 

The Advanced Encryption Standard (AES) enables secure transmission of confidential messages. Since its invention, there have been many proposed attacks against the scheme. For example, one can inject errors or faults to acquire the encryption keys. It has been shown that the AES algorithm itself does not provide a protection against these types of attacks. Therefore, additional techniques like error control codes (ECCs) have been proposed to detect active attacks. However, not all the proposed solutions show the adequate efficacy. For instance, linear ECCs have some critical limitations, especially when the injected errors are beyond their fault detection or tolerance capabilities. In this paper, we propose a new method based on a non-linear code to protect all four internal stages of the AES hardware implementation. With this method, the protected AES system is able to (a) detect all multiplicity of errors with a high probability and (b) correct them if the errors follow certain patterns or frequencies. Results shows that the proposed method provides much higher security and reliability to the AES hardware implementation with minimal overhead. 

Reliability of modern multicore and many-core chips is tightly coupled with the reliability of their on-chip networks. Communication channels in current Network-on-Chips (NoCs) are extremely susceptible to crosstalk faults. In this work, we propose a set of rules for generating classes of crosstalk free coding systems to protect communication channels in NoCs against crosstalk faults. Codewords generated through these rules are free of '101' and '010' bit patterns, which are the main sources of crosstalk faults in NoC communication channels. The proposed rules determine: (1) the weights of different bit positions in a coding system to reach crosstalk free codings, and (2) how the coding might be utilized in an NoC to prevent crosstalk generating bit patterns in NoC channels. Using the proposed set of rules, designers can obtain coding systems which are crosstalk free for any widths of communication channels. Compared to conventional Forbidden Pattern Free (FPF) systems, the proposed methodology is able to provide unique representation to any input values at the lower bound of the codeword lengths. Analyses show that the proposed rules, along with the proposed encoding/decoding mechanisms, are effective in preventing forbidden pattern coding systems for network-on-chips of any arbitrary channel width. 

Robust Adaptive Secure Secret Sharing (RASSS) is a protocol for reconstructing secrets and information in distributed computing systems even in the presence of a large number of untrusted participants. Since the original Shamir's Secret Sharing scheme, there have been efforts to secure the technique against dishonest shareholders. Early on, researchers determined that the Reed-Solomon encoding property of the Shamir's share distribution equation and its decoding algorithm could tolerate cheaters up to one third of the total shareholders. However, if the number of cheaters grows beyond the error correcting capability (distance) of the Reed-Solomon codes, the reconstruction of the secret is hindered. Untrusted participants or cheaters could hide in the decoding procedure, or even frame up the honest parties. In this paper, we solve this challenge and propose a secure protocol that is no longer constrained by the limitations of the Reed-Solomon codes. As long as there are a minimum number of honest shareholders, the RASSS protocol is able to identify the cheaters and retrieve the correct secret or information in a distributed system with a probability close to 1 with less than 60% of hardware overhead. Furthermore, the adaptive nature of the protocol enables considerable hardware and timing resource savings and makes RASSS highly practical.