Amir Rahmati

DRV-Fingerprinting: using data retention voltage of SRAM cells for chip identification

Physical unclonable functions (PUFs) produce outputs that are a function of minute random physical variations. Promoted for low-cost authentication and resistance to counterfeiting, many varieties of PUFs have been used to enhance the security and privacy of RFID tags. To different extents, applications for both identification and authentication require a PUF to produce a consistent output over time. As the sensing of minute variations is a fundamentally noisy process, much effort is spent on error correction of PUF outputs. We propose a new variant of PUF that uses well-understood properties of common memory cells as a fingerprint. Our method of fingerprinting SRAM cells by their data retention voltage improves the success rate of identification by 28% over fingerprints based on power-up state.

Reliable Physical Unclonable Functions Using Data Retention Voltage of SRAM Cells

Physical unclonable functions (PUFs) are circuits that produce outputs determined by random physical variations from fabrication. The PUF studied in this paper utilizes the variation sensitivity of static random access memory (SRAM) data retention voltage (DRV), the minimum voltage at which each cell can retain state. Prior work shows that DRV can uniquely identify circuit instances with 28% greater success than SRAM power-up states that are used in PUFs [1]. However, DRV is highly sensitive to temperature, and until now this makes it unreliable and unsuitable for use in a PUF. In this paper, we enable DRV PUFs by proposing a DRV-based hash function that is insensitive to temperature. The new hash function, denoted DRV-based hashing (DH), is reliable across temperatures because it utilizes the temperature-insensitive ordering of DRVs across cells, instead of using the DRVs in absolute terms. To evaluate the security and performance of the DRV PUF, we use DRV measurements from commercially available SRAM chips, and use data from a novel DRV prediction algorithm. The prediction algorithm uses machine learning for fast and accurate simulation-free estimation of any cells DRV, and the prediction error in comparison to circuit simulation has a standard deviation of 0.35 mV. We demonstrate the DRV PUF using two applications-secret key generation and identification. In secret key generation, we introduce a new circuit-level reliability knob as an alternative to error correcting codes. In the identification application, our approach is compared to prior work and shown to result in a smaller false-positive identification rate for any desired true-positive identification rate.

Probable cause: the deanonymizing effects of approximate DRAM

Approximate computing research seeks to trade-off the accuracy of computation for increases in performance or reductions in power consumption. The observation driving approximate computing is that many applications tolerate small amounts of error which allows for an opportunistic relaxation of guard bands (e.g., clock rate and voltage). Besides affecting performance and power, reducing guard bands exposes analog properties of traditionally digital components. For DRAM, one analog property exposed by approximation is the variability of memory cell decay times. In this paper, we show how the differing cell decay times of approximate DRAM creates an error pattern that serves as a system identifying fingerprint. To validate this observation, we build an approximate memory platform and perform experiments that show that the fingerprint due to approximation is device dependent and resilient to changes in environment and level of approximation. To identify a DRAM chip given an approximate output, we develop a distance metric that yields a two-orders-of-magnitude difference in the distance between approximate results produced by the same DRAM chip and those produced by other DRAM chips. We use these results to create a mathematical model of approximate DRAM that we leverage to explore the end-to-end deanonymizing effects of approximate memory using a commodity system running an image manipulation program. The results from our experiment show that given less than 100 approximate outputs, the fingerprint for an approximate DRAM begins to converge to a single, machine identifying fingerprint.

Persistent Clocks for Batteryless Sensing Devices

Sensing platforms are becoming batteryless to enable the vision of the Internet of Things, where trillions of devices collect data, interact with each other, and interact with people. However, these batteryless sensing platforms—that rely purely on energy harvesting—are rarely able to maintain a sense of time after a power failure. This makes working with sensor data that is time sensitive especially difficult. We propose two novel, zero-power timekeepers that use remanence decay to measure the time elapsed between power failures. Our approaches compute the elapsed time from the amount of decay of a capacitive device, either on-chip Static Random-Access Memory (SRAM) or a dedicated capacitor. This enables hourglass-like timers that give intermittently powered sensing devices a persistent sense of time. Our evaluation shows that applications using either timekeeper can keep time accurately through power failures as long as 45s with low overhead.

Internet of Things Security Research: A Rehash of Old Ideas or New Intellectual Challenges?

The Internet of Things (IoT) is a new computing paradigm that spans wearable devices, homes, hospitals, cities, transportation, and critical infrastructure. Building security into this new computing paradigm is a major technical challenge. What IoT security problems can we solve using existing security principles? And, what new problems and challenges in this space will require new security mechanisms?

Heimdall: A Privacy-Respecting Implicit Preference Collection Framework

Many of the everyday decisions a user makes rely on the suggestions of online recommendation systems. These systems amass implicit (e.g.,location, purchase history, browsing history) and explicit (e.g.,reviews, ratings) feedback from multiple users, produce a general consensus, and provide suggestions based on that consensus. However, due to privacy concerns, users are uncomfortable with implicit data collection, thus requiring recommendation systems to be overly dependent on explicit feedback. Unfortunately, users do not frequently provide explicit feedback. This hampers the ability of recommendation systems to provide high-quality suggestions. We introduce Heimdall, the first privacy-respecting implicit preference collection framework that enables recommendation systems to extract user preferences from their activities in a privacy respecting manner. The key insight is to enable recommendation systems to run a collector on a users device and precisely control the information a collector transmits to the recommendation system back-end. Heimdall introduces immutable blobs as a mechanism to guarantee this property. We implemented Heimdall on the Android platform and wrote three example collectors to enhance recommendation systems with implicit feedback. Our performance results suggest that the overhead of immutable blobs is minimal, and a user study of 166 participants indicates that privacy concerns are significantly less when collectors record only specific information--a property that Heimdall enables.

Towards Comprehensive Repositories of Opinions

Despite the popularity of recommendation services (such as Yelp, Healthgrades, and Angie’s List), for a majority of entities listed on these services, one has to rely on opinions shared by a few users. We argue that this paucity of reviews for most entities stems from the fact that the vast majority of users largely consume opinions shared by others but seldom post reviews themselves. Therefore, leveraging the trend that services are increasingly accessed from a client-side app rather than over the Web, we propose augmenting recommendation services to implicitly infer any user’s opinions based on observations of the user’s activities. Implicit inference of many of a user’s recommendations are feasible due to the rich sensory capabilities of smartphones and wearables as well as the digital footprints left behind by many activities in the physical world. However, implicit inference of opinions is inherently uncertain and automated sharing of inferences raises significant privacy and security concerns. In this paper, we discuss how to tackle these challenges so that users looking for recommendations can draw upon a more comprehensive set of opinions than is the case today.

Applying the Opacified Computation Model to Enforce Information Flow Policies in IoT Applications

Enforcing flow-control is an important, albeit difficult to achieve security goal in practical applications. In this paper, we consider the problem of flow-control in IoT applications and present an approach to enforce information flow policies on them. We describe a model called Opacified Computation and its implementation, FlowFence, and show how to port an existing IoT application (without flow policy enforcement) to one that uses FlowFence to guarantee protection against data leakage. Finally, we report on performance overhead and discuss directions for future work.