发布求助
文献互助 智能选刊 最新文献

2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)最新文献

筛选
英文 中文
Fresh re-keying with strong PUFs: A new approach to side-channel security 具有强puf的新密钥更新:一种侧通道安全的新方法
2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST) Pub Date : 2018-04-01 DOI: 10.1109/HST.2018.8383899
Xiaodan Xi, Aydin Aysu, M. Orshansky
{"title":"Fresh re-keying with strong PUFs: A new approach to side-channel security","authors":"Xiaodan Xi, Aydin Aysu, M. Orshansky","doi":"10.1109/HST.2018.8383899","DOIUrl":"https://doi.org/10.1109/HST.2018.8383899","url":null,"abstract":"Side-channel attacks on cryptographic implementations threaten system security via the loss of the secret key. Fresh re-keying techniques aim to mitigate these attacks by regularly updating the key so that the side-channel exposure for each key is minimized. Existing key update schemes generate fresh keys by processing a root key with arithmetic operations which have, unfortunately, been demonstrated to be also vulnerable to side-channel attacks. We propose a novel approach to fresh re-keying that replaces the arithmetic key update function with a strong Physically Unclonable Function (PUF). We show that the security of our scheme hinges on the resilience of the PUF to a power side-channel attack and propose a realization based on a Subthreshold Current Array (SCA) PUF. We show that SCA-PUF is resistant to simple power analysis and that it is resilient to a modeling attack that uses machine learning on the power side-channel. We target an insecure device and secure server encryption scenario for which we provide an efficient and scalable method of PUF enrollment. We finally propose an end-to-end encryption system with the PUF-based fresh re-keying scheme, using a reverse fuzzy extractor construction.","PeriodicalId":6574,"journal":{"name":"2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","volume":"32 1","pages":"118-125"},"PeriodicalIF":0.0,"publicationDate":"2018-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87553011","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Self-authenticating secure boot for FPGAs fpga的自认证安全引导
2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST) Pub Date : 2018-04-01 DOI: 10.1109/HST.2018.8383919
Goutham Pocklassery, Wenjie Che, F. Saqib, Matthew Areno, J. Plusquellic
{"title":"Self-authenticating secure boot for FPGAs","authors":"Goutham Pocklassery, Wenjie Che, F. Saqib, Matthew Areno, J. Plusquellic","doi":"10.1109/HST.2018.8383919","DOIUrl":"https://doi.org/10.1109/HST.2018.8383919","url":null,"abstract":"Secure boot within an FPGA environment is traditionally implemented using hardwired embedded cryptographic primitives and NVM-based keys, whereby an encrypted bitstream is decrypted as it is loaded from an external storage medium, e.g., Flash memory. A novel technique is proposed in this paper that self-authenticates an unencrypted FPGA configuration bitstream loaded into the FPGA during startup. The power-on process of an FPGA loads an unencrypted bitstream into the programmable logic portion which embeds the self-authenticating PUF architecture. Challenges are applied to the components of the PUF engine both as a means of generating a key and performing self-authentication. Any modifications made to the PUF architecture results in key generation failure, and failure of subsequent stages of the secure boot process. The generated key is used in the second stage of the boot process to decrypt the programmable logic portion of the design as well as components of the software, e.g., Linux operating system and applications, that run on the processor side of the FPGA.","PeriodicalId":6574,"journal":{"name":"2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","volume":"65 1","pages":"221-226"},"PeriodicalIF":0.0,"publicationDate":"2018-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86041654","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Securing interconnected PUF network with reconfigurability 通过可重构性保护互联PUF网络
2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST) Pub Date : 2018-04-01 DOI: 10.1109/HST.2018.8383921
Hongxiang Gu, M. Potkonjak
{"title":"Securing interconnected PUF network with reconfigurability","authors":"Hongxiang Gu, M. Potkonjak","doi":"10.1109/HST.2018.8383921","DOIUrl":"https://doi.org/10.1109/HST.2018.8383921","url":null,"abstract":"Physical Unclonable Functions (PUFs) are known for their unclonability and light-weight design. Recent advancement in technology has significantly compromised the security of PUFs. Machine learning-based attacks have been proven to be able to construct numerical models that predict various types of PUFs with high accuracy with a small set of challenge-response pairs (CRPs). To address the problem, we present a reconfigurable interconnected PUF network (IPN) design that significantly strengthens the security and unclonability of strong PUFs. While the IPN structure itself provides high resilience against modeling attacks, the reconfiguration mechanism remaps the input-output mapping before an attacker could collect sufficient CRPs. Experimental results show that all tested state-of-the-art machine learning attack methods have prediction accuracy of around 50% on a single bit output of a reconfigurable IPN.","PeriodicalId":6574,"journal":{"name":"2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","volume":"1 1","pages":"231-234"},"PeriodicalIF":0.0,"publicationDate":"2018-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89182325","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Repurposing SoC analog circuitry for additional COTS hardware security 为额外的COTS硬件安全性重新利用SoC模拟电路
2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST) Pub Date : 2018-04-01 DOI: 10.1109/HST.2018.8383915
Adam Duncan, Lei Jiang, M. Swany
{"title":"Repurposing SoC analog circuitry for additional COTS hardware security","authors":"Adam Duncan, Lei Jiang, M. Swany","doi":"10.1109/HST.2018.8383915","DOIUrl":"https://doi.org/10.1109/HST.2018.8383915","url":null,"abstract":"This paper introduces a new methodology to generate additional hardware security in commercial off-the-shelf (COTS) system-on-a-chip (SoC) integrated circuits (ICs) that have already been fabricated and packaged. On-chip analog hardware blocks such as analog to digital converters (ADCs), digital to analog converters (DACs) and comparators residing within an SoC are repurposed and connected to one another to generate unique physically unclonable function (PUF) responses. The PUF responses are digitized and processed on-chip to create keys for use in encryption and device authentication activities. Key generation and processing algorithms are presented that minimize the effects of voltage and temperature fluctuations to maximize the repeatability of a key within a device. Experimental results utilizing multiple on-chip analog blocks inside a common COTS microcontroller show reliable key generation with minimal overhead.","PeriodicalId":6574,"journal":{"name":"2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","volume":"85 1","pages":"201-204"},"PeriodicalIF":0.0,"publicationDate":"2018-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84047477","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Independent detection of recycled flash memory: Challenges and solutions 回收闪存的独立检测:挑战和解决方案
2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST) Pub Date : 2018-04-01 DOI: 10.1109/HST.2018.8383895
P. Kumari, B. M. S. B. Talukder, S. Sakib, B. Ray, Md. Tauhidur Rahman
{"title":"Independent detection of recycled flash memory: Challenges and solutions","authors":"P. Kumari, B. M. S. B. Talukder, S. Sakib, B. Ray, Md. Tauhidur Rahman","doi":"10.1109/HST.2018.8383895","DOIUrl":"https://doi.org/10.1109/HST.2018.8383895","url":null,"abstract":"Counterfeiting electronic components is a serious problem for the security and reliability of any electronic systems. Use of counterfeit or reused components not only impacts profit but also has a detrimental impact on several critical applications including aerospace, medical, and defense. To worsen the situation the number of counterfeiting components has increased considerably after the introduction of horizontal semiconductor supply chain. In this paper, we will focus on detecting recycled Flash memory, a major target of the counterfeiters because of its presence in the most electronic systems. Failure of the Flash memory in critical applications can have catastrophic effects. Detection of recycled Flash with high confidence i s challenging due to the variability among the different Flash chips caused by process variations. There is very few work on detecting recycled memory chips, and unfortunately, all of them require an extensive database to maintain which is impossible for several electronic systems. In this paper, we propose a new method for detecting fake Flash memory without the need for any prior database. Our method is based on statistical distribution of various Flash timing characteristics such as erase, program and read time on a fresh Flash IC. It has been found that timing characteristics are highly sensitive to memory usage (typically quantified as the program-erase count of a memory block) compared to the process variations. We demonstrate our method by characterizing the block to block timing variation on commercial off the shelf Flash ICs and compared it with the recycled or used one. Our method can identify a recycled IC of minimal usage (∼3.0%) with nearly 100% accuracy without requiring any prior database.","PeriodicalId":6574,"journal":{"name":"2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","volume":"34 1","pages":"89-95"},"PeriodicalIF":0.0,"publicationDate":"2018-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87946198","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 14
Dividing the threshold: Multi-probe localized EM analysis on threshold implementations 划分阈值:阈值实现的多探针局部EM分析
2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST) Pub Date : 2018-04-01 DOI: 10.1109/HST.2018.8383888
Robert Specht, Vincent Immler, Florian Unterstein, Johann Heyszl, G. Sigl
{"title":"Dividing the threshold: Multi-probe localized EM analysis on threshold implementations","authors":"Robert Specht, Vincent Immler, Florian Unterstein, Johann Heyszl, G. Sigl","doi":"10.1109/HST.2018.8383888","DOIUrl":"https://doi.org/10.1109/HST.2018.8383888","url":null,"abstract":"Cryptographic implementations typically need to be secured to retain their secrets in the presence of attacks. As a countermeasure to prevent side-channel attacks, threshold implementations are a commonly encountered concept. They resemble a multi-party computation, where the value is split in independent shares and processed separately. In this work, we challenge the underlying security assumption that observing these individually processed values is difficult. We observe leakage by spatially separating the shares on an FPGA using multiple electro-magnetic (EM) probes simultaneously for localized EM analysis. We experimentally verify that the security gain is 238 times less with this method when compared to the power side-channel. In total, we only need 4,300 traces to break a second-order secure implementation. Moreover, such a reduction in protection level is only possible when using multiple probes and applying our attack strategy which is based on state-of-the-art template attacks. This attack can easily be carried out by any attacker at the expense of buying more probes which emphasizes the danger of such attacks.","PeriodicalId":6574,"journal":{"name":"2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","volume":"15 1","pages":"33-40"},"PeriodicalIF":0.0,"publicationDate":"2018-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78350682","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
Prefetch-guard: Leveraging hardware prefetches to defend against cache timing channels 预取保护:利用硬件预取来防御缓存定时通道
2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST) Pub Date : 2018-04-01 DOI: 10.1109/HST.2018.8383912
Hongyu Fang, Sai Santosh Dayapule, Fan Yao, M. Doroslovački, Guru Venkataramani
{"title":"Prefetch-guard: Leveraging hardware prefetches to defend against cache timing channels","authors":"Hongyu Fang, Sai Santosh Dayapule, Fan Yao, M. Doroslovački, Guru Venkataramani","doi":"10.1109/HST.2018.8383912","DOIUrl":"https://doi.org/10.1109/HST.2018.8383912","url":null,"abstract":"Cache timing channels are a form of information leakage that operate through modulating cache access latencies and ultimately exfiltrate sensitive user information to adversaries. Among the many forms of timing channels, covert channels are particularly dangerous as they involve two insider processes (trojan and spy) colluding with each other to send out sensitive information, and are often difficult to detect or prevent. In this paper, we propose Prefetch-guard, an efficient and low-cost mitigation mechanism against cache-based timing channels. Prefetch-guard leverages hardware prefetchers to obfuscate the effect of timing modulation intentionally created by the trojan and spy. Our detection mechanism identifies the target cache sets that are being exploited for information leakage, and cache blocks are prefetched to fuzz the pattern of cache misses and hits created to construct timing channel between the trojan and the spy. With prefetch-guard, we observe that the cache timing channels suffer a 53% bit error rate which makes it very hard or impossible for the spy to decipher any useful information.","PeriodicalId":6574,"journal":{"name":"2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","volume":"14 1","pages":"187-190"},"PeriodicalIF":0.0,"publicationDate":"2018-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78880903","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 36
The CAESAR-API in the real world — Towards a fair evaluation of hardware CAESAR candidates 现实世界中的CAESAR- api——实现对硬件CAESAR候选者的公平评估
2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST) Pub Date : 2018-04-01 DOI: 10.1109/HST.2018.8383893
Michael Tempelmeier, F. D. Santis, G. Sigl, J. Kaps
{"title":"The CAESAR-API in the real world — Towards a fair evaluation of hardware CAESAR candidates","authors":"Michael Tempelmeier, F. D. Santis, G. Sigl, J. Kaps","doi":"10.1109/HST.2018.8383893","DOIUrl":"https://doi.org/10.1109/HST.2018.8383893","url":null,"abstract":"In 2013 the Competition for Authenticated Encryption: Security, Applicability, and Robustness (CAESAR) was started. It aims at determining a portfolio of ciphers for authenticated encryption that has advantages over AES-GCM in terms of performance, security, and ease of implementation. This competition, for the first time, provides a standardized hardware API, which allows a fair comparison of hardware implementations. However, the community still lacks a common platform to automatically test hardware implementations, confirm implementation claims, and benchmark performance figures on real hardware in terms of runtime, area, power and energy consumption. In this work, we present a common platform using the CAESAR-API in a Xilinx Zynq-7000 System on Chip (SoC) with ARM processors and an AXI interface. This reflects a typical real world usage scenario for hardware-accelerators and thus extends the work for a fair comparison of hardware implementations in three dimensions: first the API is evaluated on a real SoC, which shows, e.g. the performance of the API. Second, it provides a hardware platform to test the proposed implementations of the candidates easily. This can be used by future designers, as we will provide it as open source hardware. Finally, we ran all published hardware implementations of the current 3rd-round candidates during which we identified several implementation weaknesses, e.g. presumably unintended latches in the design, hence emphasizing the importance of testing hardware proposals on real hardware.","PeriodicalId":6574,"journal":{"name":"2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","volume":"67 1","pages":"73-80"},"PeriodicalIF":0.0,"publicationDate":"2018-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91304168","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
Fault-assisted side-channel analysis of masked implementations 掩码实现的故障辅助侧信道分析
2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST) Pub Date : 2018-04-01 DOI: 10.1109/HST.2018.8383891
Y. Yao, Mo Yang, C. Patrick, Bilgiday Yuce, P. Schaumont
{"title":"Fault-assisted side-channel analysis of masked implementations","authors":"Y. Yao, Mo Yang, C. Patrick, Bilgiday Yuce, P. Schaumont","doi":"10.1109/HST.2018.8383891","DOIUrl":"https://doi.org/10.1109/HST.2018.8383891","url":null,"abstract":"Masking is a side-channel countermeasure technique that uses random masks to split sensitive cryptographic variables into multiple shares. The side-channel leakage from individual shares does not reveal the sensitive variable because the random masks are secret. We propose a methodology to identify the generation and integration of random masks in cryptographic software by means of side-channel analysis. We then disable the randomizing effect of masking by targeted fault injection, and we break the masking countermeasure using first-order side-channel analysis. This attack is practically demonstrated on a RISC-V core for two different masked AES software implementations. We achieve full key recovery using 300 traces and 230 traces for a byte-level masked AES and a bit-sliced masked AES implementation respectively. The proposed attack methodology is independent of the cryptographic kernel. It targets the transfer of random masks into the masked cryptographic algorithm. This paper highlights the vulnerability of random number generation in masked implementations.","PeriodicalId":6574,"journal":{"name":"2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","volume":"51 1","pages":"57-64"},"PeriodicalIF":0.0,"publicationDate":"2018-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85243462","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 31
On state encoding against power analysis attacks for finite state controllers 有限状态控制器抗功率分析攻击的状态编码
2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST) Pub Date : 2018-04-01 DOI: 10.1109/HST.2018.8383911
Richa Agrawal, R. Vemuri
{"title":"On state encoding against power analysis attacks for finite state controllers","authors":"Richa Agrawal, R. Vemuri","doi":"10.1109/HST.2018.8383911","DOIUrl":"https://doi.org/10.1109/HST.2018.8383911","url":null,"abstract":"Finite-state controllers are central to the design of numerous small-scale electronic appliances used in home automation, environment/infrastructure monitoring, health care and emerging safety-critical systems such as drones and self-driven cars. It is estimated that there will be 50 billion small-scale IoT devices by 2020. These devices, however, are extremely vulnerable to side-channel attacks, therefore low-cost, low-power defense methods are highly desirable. This paper presents an effective method for secure state encoding of finite-state machine (FSM) based controllers to defend against power analysis attacks. Given a user-defined graded security metric, we derive constrained state encoding for the FSM controllers to mitigate information leakage through the power side-channel, resulting in low-power designs. Experimental results using over 100 FSMs from BenGen and MCNC benchmark suites show a graded increase in encoding length (40–70% for restructured FSMs) depending on the level of security chosen. The mutual information between power side-channel and both Hamming attack models varies between 0 and 2.","PeriodicalId":6574,"journal":{"name":"2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","volume":"1 1","pages":"181-186"},"PeriodicalIF":0.0,"publicationDate":"2018-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78621665","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信