16 results sorted by ID
Possible spell-corrected query: oscillator
Stealthy Logic Misuse for Power Analysis Attacks in Multi-Tenant FPGAs (Extended Version)
Vincent Meyers, Dennis R. E. Gnad, Nguyen Minh Dang, Falk Schellenberg, Amir Moradi, Mehdi B. Tahoori
Implementation
FPGAs have been used in the cloud since several years, as accelerators for various workloads such as machine learning, database processes and security tasks. As for other cloud services, a highly desired feature is virtualization in which multiple tenants can share a single FPGA to increase utilization and by that efficiency. By solely using standard FPGA logic in the untrusted tenant, on-chip logic sensors allow remote power analysis side-channel and covert channel attacks on the victim...
A Closer Look at the Chaotic Ring Oscillators based TRNG Design
Shuqin Su, Bohan Yang, Vladimir Rožić, Mingyuan Yang, Min Zhu, Shaojun Wei, Leibo Liu
Implementation
TRNG is an essential component for security applications. A vulnerable TRNG could be exploited to facilitate potential attacks or be related to a reduced key space, and eventually results in a compromised cryptographic system. A digital FIRO-/GARO-based TRNG with high throughput and high entropy rate was introduced by Jovan Dj. Golić (TC’06). However, the fact that periodic oscillation is a main failure of FIRO-/GARO-based TRNGs is noticed in the paper (Markus Dichtl, ePrint’15). We verify...
Programmable RO (PRO): A Multipurpose Countermeasure against Side-channel and Fault Injection Attacks
Yuan Yao, Pantea Kiaei, Richa Singh, Shahin Tajik, Patrick Schaumont
Implementation
Side-channel and fault injection attacks reveal secret information by monitoring or manipulating the physical effects of computations involving secret variables. Circuit-level countermeasures help to deter these attacks, and traditionally such countermeasures have been developed for each attack vector separately. We demonstrate a multipurpose ring oscillator design - Programmable Ring Oscillator (PRO) to address both fault attacks and side-channel attacks in a generic,...
Nonintrusive and Adaptive Monitoring for Locating Voltage Attacks in Virtualized FPGAs
Seyedeh Sharareh Mirzargar, Gaiëtan Renault, Andrea Guerrieri, Mirjana Stojilović
Applications
With every new generation, high-end FPGAs are becoming richer in features and resources, making the usage model of
single-user per FPGA decreasingly cost-efficient. Although virtualized FPGAs enable multiple users to share the same
FPGA, this multi-tenancy is not employed in practice because of potential security threats, such as voltage attacks.
These attacks use power-wasting circuits to exercise excessive switching activity on the target FPGA to cause extreme voltage
fluctuations, which...
Active Fences against Voltage-based Side Channels in Multi-Tenant FPGAs
Jonas Krautter, Dennis R. E. Gnad, Falk Schellenberg, Amir Moradi, Mehdi B. Tahoori
Applications
Dynamic and partial reconfiguration together with hardware parallelism make FPGAs attractive as virtualized accelerators. However, recently it has been shown that multi-tenant FPGAs are vulnerable to remote side-channel attacks (SCA) from malicious users, allowing them to extract secret keys without a logical connection to the victim core. Typical mitigations against such attacks are hiding and masking schemes, to increase attackers’ efforts in terms of side-channel measurements. However,...
Transient Effect Ring Oscillators Leak Too
Ugo Mureddu, Brice Colombier, Nathalie Bochard, Lilian Bossuet, Viktor Fischer
Implementation
Up to now, the transient effect ring oscillator (TERO) seemed to be a better building block for PUFs than a standard ring oscillator, since it was thought to be immune to electromagnetic analysis. Here, we report for the first time that TERO PUFs are in fact vulnerable to electromagnetic analysis too. First, we propose a spectral model of a TERO cell output, showing how to fit it to experimental data obtained with the help of a spectrum analyser to recover the number of oscillations of a...
On the Entropy of Oscillator-Based True Random Number Generators
Yuan Ma, Jingqiang Lin, Jiwu Jing
Implementation
True random number generators (TRNGs) are essential for cryptographic systems, and they are usually evaluated by the concept of entropy. In general, the entropy of a TRNG is estimated from its stochastic model, and reflected in the statistical results of the generated raw bits. Oscillator-based TRNGs are widely used in practical cryptographic systems due to its elegant structure, and its stochastic model has been studied in different aspects. In this paper, we investigate the applicability...
Physical Unclonable Functions based on Temperature Compensated Ring Oscillators
Sha Tao, Elena Dubrova
Implementation
Physical unclonable functions (PUFs) are promising hardware security primitives suitable for low-cost cryptographic applications.Ring oscillator (RO) PUF is a well-received silicon PUF solution due to its ease of implementation and entropy evaluation. However, the responses of RO-PUFs are susceptible to environmental changes, in particular, to temperature variations. Additionally, a conventional RO-PUF implementation is usually more power-hungry than other PUF alternatives. This paper...
2015/623
Last updated: 2017-05-23
Design, Evaluation and Optimization of Physical Unclonable Functions based on Transient Effect Ring Oscillators
Abdelkarim Cherkaoui, Lilian Bossuet, Cédric Marchand
Applications
This paper proposes a theoretical study and a full overview of the design, evaluation and optimization of a PUF based on transient element ring oscillators (TERO-PUF). We show how, by following some simple design rules and strategies, designers can build and optimize a TERO-PUF with state of the art PUF characteristics in a standard CMOS technology. To this end, we analyzed the uniqueness, steadiness and randomness of responses generated from 30 test chips in a CMOS 350nm process in nominal...
A Physical Approach for Stochastic Modeling of TERO-based TRNG
Patrick HADDAD, Viktor FISCHER, Florent BERNARD, Jean NICOLAI
Security in random number generation for cryptography is closely related to the entropy rate at the generator output. This rate has to be evaluated using an appropriate stochastic model. The stochastic model proposed in this paper is dedicated to the transition effect ring oscillator (TERO) based true random number generator (TRNG) proposed by Varchola and Drutarovsky in 2010. The advantage and originality of this model is that it is derived from a physical model based on a detailed study...
FROPUF: How to Extract More Entropy from Two Ring Oscillators in FPGA-Based PUFs
Qinglong Zhang, Zongbin Liu, Cunqing Ma, Changting Li, Jiwu Jing
Foundations
Ring oscillator (RO) based physically unclonable function
(PUF) on FPGAs is crucial and popular for its nice properties and easy
implementation. The compensated measurement based on the ratio of
two ring oscillators’ frequencies proves to be particularly effective to extract
entropy of process variations. However from two ring oscillators
only one bit entropy is extracted and RO PUFs will occupy numerous
resource with the size of private information increasing. Motivated by this
inefficient...
Fibonacci Ring Oscillators as True Random Number Generators - A Security Risk
Markus Dichtl
Implementation
Fibonacci ring oscillators are shown to have a risk to oscillate periodically instead of chaotically. The security implications of this are discussed. The probability of the occurrence of the periodic oscillations is determined experimentally on an FPGA for Fibonacci ring oscillators of lengths 16 and 32. Means to overcome the problem of the periodic oscillations are also discussed.
EM Attack Is Non-Invasive? - Design Methodology and Validity Verification of EM Attack Sensor
Naofumi Homma, Yu-ichi Hayashi, Noriyuki Miura, Daisuke Fujimoto, Daichi Tanaka, Makoto Nagata, Takafumi Aoki
Implementation
This paper presents a standard-cell-based semi-automatic design methodology of a new conceptual countermeasure against electromagnetic (EM) analysis and fault-injection attacks. The countermeasure namely EM attack sensor utilizes LC oscillators which detect variations in the EM field around a cryptographic LSI caused by a micro probe brought near the LSI. A dual-coil sensor architecture with an LUT-programming-based digital calibration can prevent a variety of microprobe-based EM attacks...
Synchronous Sampling and Clock Recovery of Internal Oscillators for Side Channel Analysis
Colin O'Flynn, Zhizhang (David) Chen
Implementation
Measuring power consumption for side-channel analysis typically uses an oscilloscope, which measures the data relative to an internal sample clock. By synchronizing the sampling clock to the clock of the target device, the sample rate requirements are considerably relaxed; the attack will succeed with a much lower sample rate.
This work measures the performance of a synchronous sampling system attacking a modern microcontroller running a software AES implementation. This attack is...
Random Number Generation Based on Oscillatory Metastability in Ring Circuits
Laszlo Hars
Applications
Random number generator designs are discussed, which utilize oscillatory metastability, induced by switching between two stable states of ring-connected digital gates. For a short time after the switch-over the circuits behave quite randomly, influenced by the circuit noise. We provide simple programs, which simulate the fundamental behavior of our circuits. We also present a mathematical model and theoretical explanations of the underlying physical phenomena, the random phase drift and...
New paradigms for digital generation and post-processing of random data
Jovan Dj. Golic
Foundations
A new method for digital true random number generation based on asynchronous logic circuits with feedback is
introduced. In particular, a concrete technique using the so-called Fibonacci and Galois ring oscillators is
developed and experimentally tested in FPGA technology. The generated
random binary sequences inherently have a high speed and a very high and robust entropy
rate in comparison with previous proposals for digital random number generators.
A new method for digital...
FPGAs have been used in the cloud since several years, as accelerators for various workloads such as machine learning, database processes and security tasks. As for other cloud services, a highly desired feature is virtualization in which multiple tenants can share a single FPGA to increase utilization and by that efficiency. By solely using standard FPGA logic in the untrusted tenant, on-chip logic sensors allow remote power analysis side-channel and covert channel attacks on the victim...
TRNG is an essential component for security applications. A vulnerable TRNG could be exploited to facilitate potential attacks or be related to a reduced key space, and eventually results in a compromised cryptographic system. A digital FIRO-/GARO-based TRNG with high throughput and high entropy rate was introduced by Jovan Dj. Golić (TC’06). However, the fact that periodic oscillation is a main failure of FIRO-/GARO-based TRNGs is noticed in the paper (Markus Dichtl, ePrint’15). We verify...
Side-channel and fault injection attacks reveal secret information by monitoring or manipulating the physical effects of computations involving secret variables. Circuit-level countermeasures help to deter these attacks, and traditionally such countermeasures have been developed for each attack vector separately. We demonstrate a multipurpose ring oscillator design - Programmable Ring Oscillator (PRO) to address both fault attacks and side-channel attacks in a generic,...
With every new generation, high-end FPGAs are becoming richer in features and resources, making the usage model of single-user per FPGA decreasingly cost-efficient. Although virtualized FPGAs enable multiple users to share the same FPGA, this multi-tenancy is not employed in practice because of potential security threats, such as voltage attacks. These attacks use power-wasting circuits to exercise excessive switching activity on the target FPGA to cause extreme voltage fluctuations, which...
Dynamic and partial reconfiguration together with hardware parallelism make FPGAs attractive as virtualized accelerators. However, recently it has been shown that multi-tenant FPGAs are vulnerable to remote side-channel attacks (SCA) from malicious users, allowing them to extract secret keys without a logical connection to the victim core. Typical mitigations against such attacks are hiding and masking schemes, to increase attackers’ efforts in terms of side-channel measurements. However,...
Up to now, the transient effect ring oscillator (TERO) seemed to be a better building block for PUFs than a standard ring oscillator, since it was thought to be immune to electromagnetic analysis. Here, we report for the first time that TERO PUFs are in fact vulnerable to electromagnetic analysis too. First, we propose a spectral model of a TERO cell output, showing how to fit it to experimental data obtained with the help of a spectrum analyser to recover the number of oscillations of a...
True random number generators (TRNGs) are essential for cryptographic systems, and they are usually evaluated by the concept of entropy. In general, the entropy of a TRNG is estimated from its stochastic model, and reflected in the statistical results of the generated raw bits. Oscillator-based TRNGs are widely used in practical cryptographic systems due to its elegant structure, and its stochastic model has been studied in different aspects. In this paper, we investigate the applicability...
Physical unclonable functions (PUFs) are promising hardware security primitives suitable for low-cost cryptographic applications.Ring oscillator (RO) PUF is a well-received silicon PUF solution due to its ease of implementation and entropy evaluation. However, the responses of RO-PUFs are susceptible to environmental changes, in particular, to temperature variations. Additionally, a conventional RO-PUF implementation is usually more power-hungry than other PUF alternatives. This paper...
This paper proposes a theoretical study and a full overview of the design, evaluation and optimization of a PUF based on transient element ring oscillators (TERO-PUF). We show how, by following some simple design rules and strategies, designers can build and optimize a TERO-PUF with state of the art PUF characteristics in a standard CMOS technology. To this end, we analyzed the uniqueness, steadiness and randomness of responses generated from 30 test chips in a CMOS 350nm process in nominal...
Security in random number generation for cryptography is closely related to the entropy rate at the generator output. This rate has to be evaluated using an appropriate stochastic model. The stochastic model proposed in this paper is dedicated to the transition effect ring oscillator (TERO) based true random number generator (TRNG) proposed by Varchola and Drutarovsky in 2010. The advantage and originality of this model is that it is derived from a physical model based on a detailed study...
Ring oscillator (RO) based physically unclonable function (PUF) on FPGAs is crucial and popular for its nice properties and easy implementation. The compensated measurement based on the ratio of two ring oscillators’ frequencies proves to be particularly effective to extract entropy of process variations. However from two ring oscillators only one bit entropy is extracted and RO PUFs will occupy numerous resource with the size of private information increasing. Motivated by this inefficient...
Fibonacci ring oscillators are shown to have a risk to oscillate periodically instead of chaotically. The security implications of this are discussed. The probability of the occurrence of the periodic oscillations is determined experimentally on an FPGA for Fibonacci ring oscillators of lengths 16 and 32. Means to overcome the problem of the periodic oscillations are also discussed.
This paper presents a standard-cell-based semi-automatic design methodology of a new conceptual countermeasure against electromagnetic (EM) analysis and fault-injection attacks. The countermeasure namely EM attack sensor utilizes LC oscillators which detect variations in the EM field around a cryptographic LSI caused by a micro probe brought near the LSI. A dual-coil sensor architecture with an LUT-programming-based digital calibration can prevent a variety of microprobe-based EM attacks...
Measuring power consumption for side-channel analysis typically uses an oscilloscope, which measures the data relative to an internal sample clock. By synchronizing the sampling clock to the clock of the target device, the sample rate requirements are considerably relaxed; the attack will succeed with a much lower sample rate. This work measures the performance of a synchronous sampling system attacking a modern microcontroller running a software AES implementation. This attack is...
Random number generator designs are discussed, which utilize oscillatory metastability, induced by switching between two stable states of ring-connected digital gates. For a short time after the switch-over the circuits behave quite randomly, influenced by the circuit noise. We provide simple programs, which simulate the fundamental behavior of our circuits. We also present a mathematical model and theoretical explanations of the underlying physical phenomena, the random phase drift and...
A new method for digital true random number generation based on asynchronous logic circuits with feedback is introduced. In particular, a concrete technique using the so-called Fibonacci and Galois ring oscillators is developed and experimentally tested in FPGA technology. The generated random binary sequences inherently have a high speed and a very high and robust entropy rate in comparison with previous proposals for digital random number generators. A new method for digital...