Search for: All records

In this paper, a monotonic power side-channel attack (PSA) is proposed to analyze the security vulnerabilities of flash analog-to-digital converters (ADC), where the digital output of a flash ADC is determined by characterizing the monotonic relationship between the traces of the power consumed and the applied input signals. A novel technique that leverages clock phase division is proposed to secure the power side channel information of a 4-bit flash ADC. The proposed technique adds randomness to decorrelate the input signal from the given power trace as the execution phase of each comparator depends on a thermometer code computed from the previous seven clock cycles. The monotonic PSA is executed on both a secured and unsecured ADC, with results indicating 1.9 bits of information leakage from an unprotected ADC and no data leakage from a protected ADC as the bit-wise accuracy is approximately 50% when secured. The monotonic PSA is more effective at attacking a flash ADC architecture than either a convolutional neural network based PSA or a correlation template PSA. The secured ADC core occupies approximately 2% more area than a non-secure ADC in a 65 nm process, and provides a sampling frequency of up to 500 MHz at a supply voltage of 1.2 V. Index Terms—power side-channel, ADC, 

A novel simulation-based framework that applies classification with adaptive labeling thresholds (CALT) is developed that auto-generates the component sizes of an analog integrated circuit. Classifiers are applied to predict whether the target specifications are satisfied. To address the lack of data points with positive labels due to the large dimensionality of the parameter space, the labeling threshold is adaptively set to a certain percentile of the distribution of a given circuit performance metric in the dataset. Random forest classifiers are executed for surrogate prediction modeling that provide a ranking of the design parameters. For each iteration of the simulation loop, optimization is utilized to determine new query points. CALT is applied to the design of a low noise amplifier (LNA) in a 65 nm technology. Qualified design solutions are generated for two sets of specifications with an average execution of 4 and 17 iterations of the optimization loop, which require an average of 1287 and 2190 simulation samples, and an average execution time of 5.4 hours and 23.2 hours, respectively. CALT is a specification-driven design framework to automate the sizing of the components (transistors, capacitors, inductors, etc.) of an analog circuit. CALT generates interpretable models and achieves high sample efficiency without requiring the use of prior circuit models. 

Vulnerabilities of key based analog obfuscation methodologies that modify the transistor dimensions of a circuit are evaluated. Two attack vectors on a common source amplifier, differential amplifier, operational amplifier, and voltage controlled oscillator are developed. The first attack exploits the lack of possible key combinations permitted around the correct key, which is a result of requiring a unique key to lock the circuit. An average of 5 possible key combinations were returned in an average of 5.47 seconds when executing the key spacing attack. The second attack vector utilizes the monotonic relationship between the sizing of the transistors and the functional response of the circuit to determine the correct key. The average time to execute the attack, while assuming process, voltage, and temperature (PVT) variation of 10%, was 1.18 seconds. Both equal key spacing and non-monotonic key dependencies are discussed as ways to mitigate the threats to future analog obfuscation techniques. 

In this paper, an approach is described for enhancing the security of analog circuits using Satisfiability Modulo theory (SMT) based design space exploration. The technique takes as inputs generic circuit equations and performance constraints and, by exhaustively exploring the design space, outputs transistor sizes that satisfy the given constraints. The analog satisfiability (aSAT) methodology is applied to parameter biasing obfuscation, where the width of a transistor is obfuscated to mask circuit properties, while also limiting the number of keys that produce the target performance requirements. The proposed methodology is used in the design of a differential amplifier and a two stage amplifier. The widths determined through aSAT analysis are shown to meet the gain, phase margin, and power consumption requirements for both a differential amplifier and a two-stage amplifier. However, a 7 MHz offset in the gain-bandwidth of the two-stage amplifier is observed from the target value of 30 MHz. The total gain of the two stage amplifier is masked with a 24 bit encryption key that results in a probability of 5.96x10-08 to determine the correct key. The simulated results indicate that the proposed analog design methodology quickly and accurately determines transistor sizes for target specifications, while also accounting for obfuscation of analog circuit parameters. 

A technique to enhance the security of analog circuits using Satisfiability Modulo Theory (SMT) based design space exploration is described. The analog satisfiability (aSAT) technique takes as inputs generic circuit equations and performance constraints and, by exhaustively exploring the design space, outputs transistor sizes that satisfy the given constraints. The aSAT methodology is applied to parameter biasing obfuscation, where the width and length of a transistor are obfuscated to mask circuit properties. The proposed methodology was used in the design of a differential amplifier and an operational amplifier, where the widths and lengths determined through aSAT analysis were shown to meet the target circuit specifications. For the operational amplifier, transistor dimensions determined through aSAT analysis for a set of performance constraints were characterized and were found to meet the performance targets, however, there was a 7 MHz reduction in the gain bandwidth product. The simulated results indicate that the developed design methodology achieves a fast and accurate determination of transistor sizes for target specifications.