Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
3.6
1.6
Journals
Cryptography
Special Issues
Feature Papers in Hardware Security II
share announcement

Special Issue "Feature Papers in Hardware Security II"

A special issue of Cryptography (ISSN 2410-387X). This special issue belongs to the section "Hardware Security".

Deadline for manuscript submissions: 20 October 2023 | Viewed by 18846

Special Issue Editor

Prof. Dr. Jim Plusquellic

E-Mail Website
Guest Editor
Department of Electrical and Computer Engineering, University of New Mexico, Albuquerque, NM 87131, USA
Interests: hardware security and trust and design for manufacturability
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleagues,

This is a Special Issue for high-quality papers by Editorial Board Members and papers invited by the Editorial Office and the Editor-in-Chief.

Papers will be published free of charge in an open access form after peer review.

We invite authors to submit research papers on topics related to hardware-based authentication; encryption and secure boot protocols for resource-constrained embedded systems, on novel side-channel analysis attacks and countermeasures, on PUFs for ICs and printed circuit boards (PCBs) capable of providing security, trust and detection of tamper, on hardware Trojan attacks, analysis, detection methods and countermeasures, on supply-chain authentication and hardware assurance methods, on hardware-based security and trust primitives for RFID (radio frequency identification); IoT; autonomous vehicles; embedded medical; and industrial control; communication and other types of critical infrastructure; and on reverse engineering techniques and countermeasures to protect ICs and IPs through obfuscation and active metering schemes.

Prof. Dr. Jim Plusquellic
Guest Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Cryptography is an international peer-reviewed open access quarterly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • hardware security and trust
  • physical unclonable functions
  • side channel attacks and countermeasures
  • microprocessor security.

Published Papers (10 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

Jump to: Review

get_app
Article
Timing-Attack-Resistant Acceleration of NTRU Round 3 Encryption on Resource-Constrained Embedded Systems
by
Eros Camacho-Ruiz
,
Macarena C. Martínez-Rodríguez
,
Santiago Sánchez-Solano
and
Piedad Brox
Cryptography 2023, 7(2), 29; https://doi.org/10.3390/cryptography7020029 - 01 Jun 2023
Viewed by 1147
Abstract
The advent of quantum computing with high processing capabilities will enable brute force attacks in short periods of time, threatening current secure communication channels. To mitigate this situation, post-quantum cryptography (PQC) algorithms have emerged. Among the algorithms evaluated by NIST in the third [...] Read more.
The advent of quantum computing with high processing capabilities will enable brute force attacks in short periods of time, threatening current secure communication channels. To mitigate this situation, post-quantum cryptography (PQC) algorithms have emerged. Among the algorithms evaluated by NIST in the third round of its PQC contest was the NTRU cryptosystem. The main drawback of this algorithm is the enormous amount of time required for the multiplication of polynomials in both the encryption and decryption processes. Therefore, the strategy of speeding up this algorithm using hardware/software co-design techniques where this operation is executed on specific hardware arises. Using these techniques, this work focuses on the acceleration of polynomial multiplication in the encryption process for resource-constrained devices. For this purpose, several hardware multiplications are analyzed following different strategies, taking into account the fact that there are no possible timing information leaks and that the available resources are optimized as much as possible. The designed multiplier is encapsulated as a fully reusable and parametrizable IP module with standard AXI4-Stream interconnection buses, which makes it easy to integrate into embedded systems implemented on programmable devices from different manufacturers. Depending on the resource constraints imposed, accelerations of up to 30–45 times with respect to the software-level multiplication runtime can be achieved using dedicated hardware, with a device occupancy of around 5%. Full article
(This article belongs to the Special Issue Feature Papers in Hardware Security II)
Show Figures

Figure 1

get_app
Article
A Novel FPGA Implementation of the NAND-PUF with Minimal Resource Usage and High Reliability
by
Riccardo Della Sala
and
Giuseppe Scotti
Cryptography 2023, 7(2), 18; https://doi.org/10.3390/cryptography7020018 - 03 Apr 2023
Cited by 1 | Viewed by 1312
Abstract
In this work we propose a novel implementation on recent Xilinx FPGA platforms of a PUF architecture based on the NAND SR-latch (referred to as NAND-PUF in the following) which achieves an extremely low resource usage with very good overall performance. More specifically, [...] Read more.
In this work we propose a novel implementation on recent Xilinx FPGA platforms of a PUF architecture based on the NAND SR-latch (referred to as NAND-PUF in the following) which achieves an extremely low resource usage with very good overall performance. More specifically, a 4 bit NAND-PUF macro has been designed referring to the Artix-7 platform occupying only 2 slices. The optimum excitation sequence has been determined by analysing the reliability versus the excitation time of the PUF cells under supply voltage variations. A 128 bit NAND-PUF has been tested on 16 FPGA boards under supply voltage and temperature variations and measured performances have been compared against state-of-the-art PUFs from the literature. The comparison has shown that the proposed PUF implementation exhibits the best reliability performance while occupying the minimum FPGA resource usage achieved in the PUF literature. Full article
(This article belongs to the Special Issue Feature Papers in Hardware Security II)
Show Figures

Figure 1

get_app
Article
SCANN: Side Channel Analysis of Spiking Neural Networks
by
Karthikeyan Nagarajan
,
Rupshali Roy
,
Rasit Onur Topaloglu
,
Sachhidh Kannan
and
Swaroop Ghosh
Cryptography 2023, 7(2), 17; https://doi.org/10.3390/cryptography7020017 - 27 Mar 2023
Viewed by 1488
Abstract
Spiking neural networks (SNNs) are quickly gaining traction as a viable alternative to deep neural networks (DNNs). Compared to DNNs, SNNs are computationally more powerful and energy efficient. The design metrics (synaptic weights, membrane threshold, etc.) chosen for such SNN architectures are often [...] Read more.
Spiking neural networks (SNNs) are quickly gaining traction as a viable alternative to deep neural networks (DNNs). Compared to DNNs, SNNs are computationally more powerful and energy efficient. The design metrics (synaptic weights, membrane threshold, etc.) chosen for such SNN architectures are often proprietary and constitute confidential intellectual property (IP). Our study indicates that SNN architectures implemented using conventional analog neurons are susceptible to side channel attack (SCA). Unlike the conventional SCAs that are aimed to leak private keys from cryptographic implementations, SCANN (SCA̲ of spiking n̲eural n̲etworks) can reveal the sensitive IP implemented within the SNN through the power side channel. We demonstrate eight unique SCANN attacks by taking a common analog neuron (axon hillock neuron) as the test case. We chose this particular model since it is biologically plausible and is hence a good fit for SNNs. Simulation results indicate that different synaptic weights, neurons/layer, neuron membrane thresholds, and neuron capacitor sizes (which are the building blocks of SNN) yield distinct power and spike timing signatures, making them vulnerable to SCA. We show that an adversary can use templates (using foundry-calibrated simulations or fabricating known design parameters in test chips) and analysis to identify the specifications of the implemented SNN. Full article
(This article belongs to the Special Issue Feature Papers in Hardware Security II)
Show Figures

Figure 1

get_app
Article
Early Detection of Clustered Trojan Attacks on Integrated Circuits Using Transition Delay Fault Model
by
Navya Mohan
and
J. P. Anita
Cryptography 2023, 7(1), 4; https://doi.org/10.3390/cryptography7010004 - 28 Jan 2023
Viewed by 1245
Abstract
The chances of detecting a malicious reliability attack induced by an offshore foundry are grim. The hardware Trojans affecting a circuit’s reliability do not tend to alter the circuit layout. These Trojans often manifest as an increased delay in certain parts of the [...] Read more.
The chances of detecting a malicious reliability attack induced by an offshore foundry are grim. The hardware Trojans affecting a circuit’s reliability do not tend to alter the circuit layout. These Trojans often manifest as an increased delay in certain parts of the circuit. These delay faults easily escape during the integrated circuits (IC) testing phase, hence are difficult to detect. If additional patterns to detect delay faults are generated during the test pattern generation stage, then reliability attacks can be detected early without any hardware overhead. This paper proposes a novel method to generate patterns that trigger Trojans without altering the circuit model. The generated patterns’ ability to diagnose clustered Trojans are also analyzed. The proposed method uses only single fault simulation to detect clustered Trojans, thereby reducing the computational complexity. Experimental results show that the proposed algorithm has a detection ratio of 99.99% when applied on ISCAS’89, ITC’99 and IWLS’05 benchmark circuits. Experiments on clustered Trojans indicate a 46% and 34% improvement in accuracy and resolution compared to a standard Automatic Test Pattern Generator (ATPG)Tool. Full article
(This article belongs to the Special Issue Feature Papers in Hardware Security II)
Show Figures

Figure 1

get_app
Article
Shift Register, Reconvergent-Fanout (SiRF) PUF Implementation on an FPGA
by
Jim Plusquellic
Cryptography 2022, 6(4), 59; https://doi.org/10.3390/cryptography6040059 - 11 Nov 2022
Viewed by 1355
Abstract
Physical unclonable functions (PUFs) are gaining traction as an attractive alternative to generating and storing device keying material over traditional secure non-volatile memory (NVM) technologies. In this paper, we propose an engineered delay-based PUF called the shift-register, reconvergent-fanout (SiRF) PUF, and present an [...] Read more.
Physical unclonable functions (PUFs) are gaining traction as an attractive alternative to generating and storing device keying material over traditional secure non-volatile memory (NVM) technologies. In this paper, we propose an engineered delay-based PUF called the shift-register, reconvergent-fanout (SiRF) PUF, and present an analysis of the statistical quality of its bitstrings using data collected from a set of FPGAs subjected to extended industrial temperature-voltage environmental conditions. The SiRF PUF utilizes the Xilinx shift register primitive and an engineered network of logic gates that are designed to distribute signal paths over a wide region of the FPGA fabric using a MUXing scheme similar in principle to the shift-rows permutation function within the Advanced Encryption Standard algorithm. The shift register is utilized in a unique fashion to enable individual paths through a Xilinx 5-input LUT to be selected as a source of entropy by the challenge. The engineered logic gate network utilizes reconvergent-fanout as a means of adding entropy, eliminating bias and increasing uncertainty with respect to which paths are actually being timed and used in post-processing to produce the secret key or authentication bitstring. The SiRF PUF is a strong PUF build on top of a network with 10’s of millions of possible paths. Full article
(This article belongs to the Special Issue Feature Papers in Hardware Security II)
Show Figures

Figure 1

get_app
Article
Hardware Limitations of Lightweight Cryptographic Designs for IoT in Healthcare
by
Kyriaki Tsantikidou
and
Nicolas Sklavos
Cryptography 2022, 6(3), 45; https://doi.org/10.3390/cryptography6030045 - 01 Sep 2022
Cited by 3 | Viewed by 2781
Abstract
Security is an important aspect of healthcare applications that employ Internet of Things (IoT) technology. More specifically, providing privacy and ensuring the confidentiality, integrity and authenticity of IoT-based designs are crucial in the health domain because the collected data are sensitive, and the [...] Read more.
Security is an important aspect of healthcare applications that employ Internet of Things (IoT) technology. More specifically, providing privacy and ensuring the confidentiality, integrity and authenticity of IoT-based designs are crucial in the health domain because the collected data are sensitive, and the continuous availability of the system is critical for the user’s wellbeing. However, the IoT consists of resource-constrained devices that increase the difficulty of implementing high-level-security schemes. Therefore, in the current paper, renowned lightweight cryptographic primitives and their most recent architecture, to the best of the authors’ knowledge, are investigated. Their security, architecture characteristics and overall hardware limitations are analyzed and collected in tables. Finally, all the algorithms are compared based on their effectiveness in securing healthcare applications, the utilized device and the overall implementation efficiency. Full article
(This article belongs to the Special Issue Feature Papers in Hardware Security II)
Show Figures

Figure 1

get_app
Article
Node Monitoring as a Fault Detection Countermeasure against Information Leakage within a RISC-V Microprocessor
by
Donald E. Owen, Jr.
,
Jithin Joseph
,
Jim Plusquellic
,
Tom J. Mannos
and
Brian Dziki
Cryptography 2022, 6(3), 38; https://doi.org/10.3390/cryptography6030038 - 03 Aug 2022
Cited by 1 | Viewed by 1856
Abstract
Advanced, superscalar microprocessors (μP) are highly susceptible to wear-out failures because of their highly complex, densely packed circuit structure and extreme operational frequencies. Although many types of fault detection and mitigation strategies have been proposed, none have addressed the specific [...] Read more.
Advanced, superscalar microprocessors (μP) are highly susceptible to wear-out failures because of their highly complex, densely packed circuit structure and extreme operational frequencies. Although many types of fault detection and mitigation strategies have been proposed, none have addressed the specific problem of detecting faults that lead to information leakage events on I/O channels of the μP. Information leakage can be defined very generally as any type of output that the executing program did not intend to produce. In this work, we restrict this definition to output that represents a security concern, and in particular, to the leakage of plaintext or encryption keys, and propose a counter-based countermeasure to detect faults that cause this type of leakage event. Fault injection (FI) experiments are carried out on two RISC-V microprocessors emulated as soft cores on a Xilinx multi-processor System-on-chip (MPSoC) FPGA. The μP designs are instrumented with a set of counters that records the number of transitions that occur on internal nodes. The transition counts are collected from all internal nodes under both fault-free and faulty conditions, and are analyzed to determine which counters provide the highest fault coverage and lowest latency for detecting leakage faults. We show that complete coverage of all leakage faults is possible using only a single counter strategically placed within the branch compare logic of the μPs. Full article
(This article belongs to the Special Issue Feature Papers in Hardware Security II)
Show Figures

Figure 1

get_app
Article
Side-Channel Attacks on Masked Bitsliced Implementations of AES
by
Anca Rădulescu
and
Marios O. Choudary
Cryptography 2022, 6(3), 31; https://doi.org/10.3390/cryptography6030031 - 28 Jun 2022
Viewed by 2097
Abstract
In this paper, we provide a detailed analysis of CPA and Template Attacks on masked implementations of bitsliced AES, targeting a 32-bit platform through the ChipWhisperer side-channel acquisition tool. Our results show that Template Attacks can recover the full AES key successfully within [...] Read more.
In this paper, we provide a detailed analysis of CPA and Template Attacks on masked implementations of bitsliced AES, targeting a 32-bit platform through the ChipWhisperer side-channel acquisition tool. Our results show that Template Attacks can recover the full AES key successfully within 300 attack traces even on the masked implementation when using a first-order attack (no pre-processing). Furthermore, we confirm that the SubBytes operation is overall a better target for Template Attacks due to its non-linearity, even in the case of bitsliced implementations, where we can only use two bits per key byte target. However, we also show that targeting the AddRoundKey can be used to attack bitsliced implementations and that, in some cases, it can be more efficient than the SubBytes attack. Full article
(This article belongs to the Special Issue Feature Papers in Hardware Security II)
Show Figures

Figure 1

get_app
Article
A Memory Hierarchy Protected against Side-Channel Attacks
by
Ezinam Bertrand Talaki
,
Olivier Savry
,
Mathieu Bouvier Des Noes
and
David Hely
Cryptography 2022, 6(2), 19; https://doi.org/10.3390/cryptography6020019 - 20 Apr 2022
Cited by 1 | Viewed by 2533
Abstract
In the vulnerability analysis of System on Chips, memory hierarchy is considered among the most valuable element to protect against information theft. Many first-order side-channel attacks have been reported on all its components from the main memory to the CPU registers. In this [...] Read more.
In the vulnerability analysis of System on Chips, memory hierarchy is considered among the most valuable element to protect against information theft. Many first-order side-channel attacks have been reported on all its components from the main memory to the CPU registers. In this context, memory hierarchy encryption is widely used to ensure data confidentiality. Yet, this solution suffers from both memory and area overhead along with performance losses (timing delays), which is especially critical for cache memories that already occupy a large part of the spatial footprint of a processor. In this paper, we propose a secure and lightweight scheme to ensure the data confidentiality through the whole memory hierarchy. This is done by masking the data in cache memories with a lightweight mask generator that provides masks at each clock cycle without having to store them. Only 8-bit Initialization Vectors are stored for each mask value to enable further recomputation of the masks. The overall security of the masking scheme is assessed through a mutual information estimation that helped evaluate the minimum number of attack traces needed to succeed a profiling side-channel attack to 592 K traces in the attacking phase, which provides an acceptable security level in an analysis where an example of Signal to Noise Ratio of 0.02 is taken. The lightweight aspect of the generator has been confirmed by a hardware implementation that led to resource utilization of 400 LUTs. Full article
(This article belongs to the Special Issue Feature Papers in Hardware Security II)
Show Figures

Figure 1

Review

Jump to: Research

get_app
Review
Secure Firmware Update: Challenges and Solutions
by
Luigi Catuogno
and
Clemente Galdi
Cryptography 2023, 7(2), 30; https://doi.org/10.3390/cryptography7020030 - 01 Jun 2023
Viewed by 1223
Abstract
The pervasiveness of IoT and embedded devices allows the deployment of services that were unthinkable only few years ago. Such devices are typically small, run unattended, possibly on batteries and need to have a low cost of production. As all software systems, this [...] Read more.
The pervasiveness of IoT and embedded devices allows the deployment of services that were unthinkable only few years ago. Such devices are typically small, run unattended, possibly on batteries and need to have a low cost of production. As all software systems, this type of devices need to be updated for different reasons, e.g., introducing new features, improving/correcting existing functionalities or fixing security flaws. At the same time, because of their low-complexity, standard software distribution platforms and techniques cannot be used to update the software. In this paper we review the current limitations posed to software distribution systems for embedded/IoT devices, consider challenges that the researchers in this area have been identifying and propose the corresponding solutions. Full article
(This article belongs to the Special Issue Feature Papers in Hardware Security II)
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-10
Back to TopTop