Anand Rajan

Challenges in Data Quality Assurance in Pervasive Health Monitoring Systems

Wearable, portable, and implantable medical sensors have ushered in a new paradigm for healthcare in which patients can take greater responsibility and caregivers can make well-informed, timely decisions. Health-monitoring systems built on such sensors have huge potential benefit to the quality of healthcare and quality of life for many people, such as patients with chronic medical conditions (such as blood-sugar sensors for diabetics), people seeking to change unhealthy behavior (such as losing weight or quitting smoking), or athletes wishing to monitor their condition and performance. To be effective, however, these systems must provide assurances about the quality of the sensor data. The sensors must be applied to the patient by a human, and the sensor data may be transported across multiple networks and devices before it is presented to the medical team. While no system can guarantee data quality, we anticipate that it will help for the system to annotate data with some measure of confidence. In this paper, we take a deeper look at potential health-monitoring usage scenarios and highlight research challenges required to ensure and assess quality of sensor data in health-monitoring systems.

Entropy loss in PUF-based key generation schemes: The repetition code pitfall

One of the promising usages of Physically Unclonable Functions (PUFs) is to generate cryptographic keys from PUFs for secure storage of key material. This usage has attractive properties such as physical unclonability and enhanced resistance against hardware attacks. In order to extract a reliable cryptographic key from a noisy PUF response a fuzzy extractor is used to convert non-uniform random PUF responses into nearly uniform randomness. Bösch et al. in 2008 proposed a fuzzy extractor suitable for efficient hardware implementation using two-stage concatenated codes, where the inner stage is a conventional error correcting code and the outer stage is a repetition code. In this paper we show that the combination of PUFs with repetition code approaches is not without risk and must be approached carefully. For example, PUFs with min-entropy lower than 66% may yield zero leftover entropy in the generated key for some repetition code configurations. In addition, we find that many of the fuzzy extractor designs in the literature are too optimistic with respect to entropy estimation. For high security applications, we recommend a conservative estimation of entropy loss based on the theoretical work of fuzzy extractors and present parameters for generating 128-bit keys from memory based PUFs.

Mobile Trusted Computing

Trusted computing technologies for mobile devices have been researched, developed, and deployed over the past decade. Although their use has been limited so far, ongoing standardization may change this by opening up these technologies for easy access by developers and users. In this survey, we describe the current state of trusted computing solutions for mobile devices from research, standardization, and deployment perspectives.

A practical device authentication scheme using SRAM PUFs

The contamination of electronic component supply chains by counterfeit hardware devices is a serious and growing risk in todays globalized marketplace. Current practice for detecting counterfeit semiconductors includes visual checking, electrical testing, and reliability testing which can require significant investments in expertise, equipment, and time. Additionally, best practices have been developed in industry worldwide to combat counterfeiting in many of its variants. Although the current approaches improve the situation significantly, they do not provide extensive technical means to detect counterfeiting. However, new approaches in this area are beginning to emerge. Suh and Devadas recently proposed a low cost device authentication scheme which relies on Physically Unclonable Functions (PUFs) to implement a challenge-response authentication protocol. There are several constraints in their authentication scheme, e.g., their scheme requires a secure online database and relies on PUF constructions that exhibit a large number of challenge-response pairs. In this paper, we introduce a new device authentication scheme using PUFs for device anticounterfeiting. Our scheme is simple and practical as it does not require any online databases and is not tied to any PUF implementations. For hardware devices which already have SRAM and non-volatile storage embedded, our scheme takes almost no additional cost.

Exploiting Fully Integrated Inductive Voltage Regulators to Improve Side Channel Resistance of Encryption Engines

This paper explores fully integrated inductive voltage regulators (FIVR) as a technique to improve the side channel resistance of encryption engines. We propose security aware design modes for low passive FIVR to improve robustness of an encryption-engine against statistical power attacks in time and frequency domain. A Correlation Power Analysis is used to attack a 128-bit AES engine synthesized in 130nm CMOS. The original design requires ~250 Measurements to Disclose (MTD) the 1st byte of key; but with security-aware FIVR, the CPA was unsuccessful even after 20,000 traces. We present a reversibility based threat model for the FIVR-based protection improvement and show the robustness of security aware FIVR against such threat.

Client-based authentication technology: user-centric authentication using secure containers

Todays authentication suffers from unsolved problems in security and usability. Adversaries have multiple attack vectors with which to steal user credentials, including phishing, malware, and attacks on service providers. Current security practices such as password-complexity policies and idle timeouts often compromise usability. We propose our solution, Client-Based Authentication Technology (CBAT), to simultaneously improve security and usability in authentication. The main component of CBAT is our Trusted Identity Manager (TIM), which resides within a hardware-based secure container on the users system. The TIM asserts the users authentication to local and remote service providers without releasing the users credentials. In addition, the TIM non-intrusively monitors the users physical presence and locks the system if the user leaves. We provide architectural and implementation details of CBAT in hopes of improving current methods of authentication.

Modeling the Runtime Integrity of Cloud Servers: A Scoped Invariant Perspective

One of the underpinnings of Cloud Computing security is the runtime integrity of individual Cloud servers. Due to the on-going discovery of runtime software vulnerabilities like buffer overflows, it is critical to be able to gauge the integrity of a Cloud server as it operates. In this paper, we propose scoped invariants as a primitive for analyzing the software system for its integrity properties. We report our experience with the modeling and detection of scoped invariants. The Xen Virtual Machine Manager is used for a case study. Our research detects a set of essential scoped invariants that are critical to the runtime integrity of Xen. One such property, that the addressable memory limit of a guest OS must not include Xen’s code and data, is indispensable for Xen’s guest isolation mechanism. The violation of this property demonstrates that the attacker only needs to modify a single byte in the Global Descriptor Table to achieve his goal.

8.1 Improved power-side-channel-attack resistance of an AES-128 core via a security-aware integrated buck voltage regulator

Power side-channel attacks (PSCA), e.g. Differential Power Analysis (DPA) and Correlation Power Analysis (CPA), are major threats to the security of crypto engines in SoC platforms. Circuit-level SCA countermeasures to achieve data-independent supply current patterns via implementation of crypto engines using non-conventional logic (complemented [1] or charge recovery [2]) and local switched-capacitor-based supply current equalization [3] have been demonstrated. The feasibility of using bandwidth-limited integrated low dropout regulators, multi-phase switched-capacitor VRs with phase-randomization and integrated inductive voltage regulators (IVR) to enhance PSCA resistance have been explored before via simulation studies [4]. In this paper, we demonstrate improved PSCA resistance offered by an on-die all-digital high-frequency IVR in 130nm CMOS [5] for a standard (unprotected) 128b Advanced Encryption Standard (AES) core designed in static CMOS logic. The IVR features a configurable digital proportional-integral-derivative (PID) controller, a digital discontinuous conduction mode (DCM) controller, and a loop randomization (LR) block, all of which are utilized to enhance PSCA resistance with minimal power/performance/area overheads, while maintaining adequate local voltage regulation and transient performance.

Integrated all-digital low-dropout regulator as a countermeasure to power attack in encryption engines

Low-drop-out (LDO) voltage regulator modules are being increasingly integrated in the modern processors for efficient power management. This paper shows that an integrated All-Digital LDO (ADLDO) can also be used as a countermeasure against power measurement based side channel attacks. The current transformation introduced by integrated digital LDOs, coupled with the noise due to quantization and limited sampling rate in the control loop, helps suppress the side channel leakage. The ADLDO-based countermeasure is analyzed considering an Advanced Encryption Standard (AES) engine designed in 130nmCMOS. Correlation power analysis and signal-to-noise ratio of the current waveforms at the input of the ADLDO shows significant improvement in power attack resistance over the AES input current.

An integrated inductive VR with a 250MHz all-digital multisampled compensator and on-chip auto-tuning of coefficients in 130nm CMOS

This paper presents a bond-wire inductance and on-die capacitance based high-frequency Integrated Voltage Regulator (IVR) with multi-sampled digital controller and all-digital auto tuning engine to tolerate parameter variations of on-die/package-integrated passives. A 130nm CMOS test-chip demonstrates a 125MHz IVR with 250MHz compensator. The auto-tuning shows enhanced performance and stable operation even under ±50% inductance changes. A resistive transient assist (RTA) circuit is presented with up to 2.5x enhancement in transient settling times. A peak efficiency of 71% is measured.