Vladimir Rozic

Experimental evaluation of Physically Unclonable Functions in 65 nm CMOS

We present a silicon characterization vehicle implementing six different constructions of intrinsic Physically Unclonable Functions (PUFs). The design contains four different memory-based PUFs, one of which is a novel buskeeper PUF, and two different delay-based PUFs. Test chips are fabricated in 65 nm Low Power (LP) technology, using a standard cell ASIC design flow for the memory-based PUFs and a full custom flow for the delay-based ones. This test vehicle enables a comprehensive experimental evaluation of individual PUF implementations as well as a comparative analysis across different PUF types for the same silicon technology. PUF responses are obtained from 192 device samples and the uniqueness and reliability of the implemented PUFs are evaluated. In addition, the effects of varying temperature and silicon device ageing on the PUF characteristics are extensively studied.

Low-cost implementations of on-the-fly tests for random number generators

Random number generators (RNG) are important components in various cryptographic systems. Embedded security systems often require a high-quality digital source of randomness. Still, randomness of an RNG can vary due to aging effects, temperature or process conditions or intentional active attacks. This paper presents efficient, compact and reliable hardware implementations of 8 tests from the NIST test suite for statistical evaluation of randomness. These tests can be used for on-the-fly quality monitoring of on-chip random number generators as well as for fast hardware evaluation of RNG designs.

Design solutions for securing SRAM cell against power analysis

Side channel attacks exploit physical imperfections of hardware to circumvent security features achieved by mathematically secure protocols and algorithms. This is achieved by monitoring physical quantities, usually power consumption or electromagnetic radiation, which contain information about the secret data. As a countermeasure, several circuit styles have been proposed for designing side-channel resistant logic gates and flip-flops. However, little effort has been made to develop secure memory arrays. An SRAM cell with 8 transistors has been proposed in order to obtain power analysis resistance by using a dual-rail precharge principle, the same technique used in various secure logic styles. In this paper we look into the practical aspects of this cell such as noise margins, layout strategy and read current. In addition, we propose alternative solutions for power-analysis resistant SRAM. We compare these solutions in terms of data stability, delay and side-channel resistance.

TOTAL: TRNG on-the-fly testing for attack detection using Lightweight hardware

We present a design methodology for embedded tests of entropy sources. These tests are necessary to detect attacks and failures of true random number generators. The central idea of this work is to use an empirical design methodology consisting of two phases: collecting the data under attack and finding a useful statistical feature. In this work we focus on statistical features that are implementable in lightweight hardware. This is the first paper to address the design of on-the-fly tests based on the attack effects. The presented design methodology is illustrated with 2 examples: an elementary ring-oscillator based TRNG and a carry-chain based TRNG. The effectiveness of the tests was confirmed on FPGA prototypes.

On-the-fly tests for non-ideal true random number generators

Hardware implementations of statistical tests are needed to detect failures and statistical weaknesses of entropy sources in True Random Number Generators on the fly. Current implementations of these tests work under the assumption that the entropy source produces independent, identically distributed (IID) numbers. However, some entropy sources produce non-IID data and rely on compression to provide the full entropy. Currently there are no embedded test implementations suitable for this type of entropy source. We provide the first FPGA implementation of embedded tests that estimate the generated min-Entropy and verify if it is within the expected boundaries.

Highly efficient entropy extraction for true random number generators on FPGAs

True random number generators are essential components in cryptographic hardware. In this work, a novel entropy extraction method is used to improve throughput of jitter-based true random number generators on FPGA. By utilizing ultra-fast carry-logic primitives available on most commercial FPGAs, we have improved the efficiency of the entropy extraction, thereby increasing the throughput, while maintaining a compact implementation. Design steps and techniques are illustrated on an example of a ring-oscillator based true random number generator on Spartan-6 FPGA. In this design, the required accumulation time is reduced by 3 orders of magnitude compared to the most efficient oscillator-based TRNG on the same FPGA. The presented implementation occupies only 67 slices, achieves a throughput of 14.3 Mbps and it is provided with a formal evaluation of security.

Three Phase Dynamic Current Mode Logic: A More Secure DyCML to Achieve a More Balanced Power Consumption

In order to protect cryptographic devices against power analysis attacks, circuit level countermeasures can be used. Using dynamic current mode logic(DyCML) is an efficient countermeasure providing that the routing of dual-rail signals is balanced. In this paper, we have developed a new logic style based on DyCML, which provides side-channel security without the balanced routing requirement. Simulations of 1-bit full adder were performed to compare the proposed logic style with SABL and DyCML in terms of side-channel security. Post layout simulation results show improvement of normalized energy deviation(NED) of 50% and normalized standard deviation(NSD) of 63% compared with DyCML. Finally, for the AES Sbox simulation, our proposed logic style improves by 31% in NED and by 40% in NSD compared to other secure logics.

Evolving Cryptographic Pseudorandom Number Generators

Random number generators (RNGs) play an important role in many real-world applications. Besides true hardware RNGs, one important class are deterministic random number generators. Such generators do not possess the unpredictability of true RNGs, but still have a widespread usage. For a deterministic RNG to be used in cryptography, it needs to fulfill a number of conditions related to the speed, the security, and the ease of implementation. In this paper, we investigate how to evolve deterministic RNGs with Cartesian Genetic Programming. Our results show that such evolved generators easily pass all randomness tests and are extremely fast/small in hardware.

Low-energy encryption for medical devices: security adds an extra design dimension

Smart medical devices will only be smart if they also include technology to provide security and privacy. In practice this means the inclusion of cryptographic algorithms of sufficient cryptographic strength. For battery operated devices or for passively powered devices, these cryptographic algorithms need highly efficient, low power, low energy realizations. Moreover, unique to cryptographic implementations is that they also need protection against physical tampering either active or passive. This means that countermeasures need to be included during the design process. Similar to design for low energy, design for physical protection needs to be addressed at all design abstraction levels. Differently, while skipping one optimization step in a design for low energy or low power, merely reduces the battery life time, skipping a countermeasure, means opening the door for a possible attack. Designing for security requires a thorough threat analysis and a balanced selection of countermeasures. This paper will discuss the different abstraction layers and design methods applied to obtain low power/low energy and at the same time side-channel and fault attack resistant cryptographic implementations. To provide a variety of security features, including location privacy, it is clear that medical devices need public key cryptography (PKC). It will be illustrated with the design of a low energy elliptic curve based public key programmable co-processor. It only needs 5.1μJ of energy in a 0.13 μm CMOS technology for one point multiplication and includes a selected set of countermeasures against physical attacks.

Embedded HW/SW platform for on-the-fly testing of true random number generators

We present a HW/SW platform for on-the-fly detection of failures and weaknesses in entropy sources. By splitting the operations between hardware and software, we achieve sufficient flexibility to control the level of significance of the tests. This approach also enables sharing resources between different tests thereby reducing the area and power. Statistical tests were selected from the NIST test suite. We propose several versions of hardware co-processors for monitoring random bit sequences, ranging from 52 slices (5 tests) to 552 slices (9 tests) on Spartan-6 FPGA. We are the first to provide implementations of the Serial test and the Approximate entropy test for on-the-fly monitoring.