Strong Error Detection for Control Units Against Advanced Attackers Kahraman Daglar Akdemir Advisor: Berk Sunar Electrical and Computer Engineering MOTIVATION.

Slides:



Advertisements
Similar presentations
ENGIN112 L23: Finite State Machine Design Procedure October 27, 2003 ENGIN 112 Intro to Electrical and Computer Engineering Lecture 23 Finite State Machine.
Advertisements

CRT RSA Algorithm Protected Against Fault Attacks WISTP - 5/10/07 Arnaud BOSCHER Spansion EMEA Robert NACIRI Oberthur Card Systems Emmanuel PROUFF Oberthur.
Finite State Machines (FSMs)
1ASM Algorithmic State Machines (ASM) part 1. ASM2 Algorithmic State Machine (ASM) ‏ Our design methodologies do not scale well to real-world problems.
Cyclic Code.
Differential Fault Analysis on AES Variants Kazuo Sakiyama, Yang Li The University of Electro-Communications Nagoya, Japan.
Analysis of Clocked Sequential Circuits
TOPIC : Finite State Machine(FSM) and Flow Tables UNIT 1 : Modeling Module 1.4 : Modeling Sequential circuits.
Give qualifications of instructors: DAP
Digital Fountain Codes V. S
Sheng Xiao, Weibo Gong and Don Towsley,2010 Infocom.
Finite State Machine Chapter 10 RTL Hardware Design by P. Chu.
1 EE 587 SoC Design & Test Partha Pande School of EECS Washington State University
Slender PUF Protocol Authentication by Substring Matching M. Majzoobi, M. Rostami, F. Koushanfar, D. Wallach, and S. Devadas* International Workshop on.
CS 151 Digital Systems Design Lecture 37 Register Transfer Level
Quantum Error Correction SOURCES: Michele Mosca Daniel Gottesman Richard Spillman Andrew Landahl.
PAUL CUFF ELECTRICAL ENGINEERING PRINCETON UNIVERSITY A Framework for Partial Secrecy.
Sequential Circuits and Finite State Machines Prof. Sin-Min Lee
Dr. Turki F. Al-Somani VHDL synthesis and simulation – Part 3 Microcomputer Systems Design (Embedded Systems)
Convolutional Code Based Concurrent Error Detection in Finite State Machines Konstantinos N. Rokas Advisor: Prof. Yiorgos Makris.
FIT5037 Advanced Network Security --- Modern Computing and Security --- Lecture 1.
Give qualifications of instructors: DAP
ED 4 I: Error Detection by Diverse Data and Duplicated Instructions Greg Bronevetsky.
Practical Private Computation of Vector Addition-Based Functions Yitao Duan and John Canny Computer Science Division University of California, Berkeley.
ENGIN112 L25: State Reduction and Assignment October 31, 2003 ENGIN 112 Intro to Electrical and Computer Engineering Lecture 25 State Reduction and Assignment.
1 KU College of Engineering Elec 204: Digital Systems Design Lecture 17 Design a clock synchronous sequential circuit with two inputs A, B and a single.
Finite State Machines. Binary encoded state machines –The number of flip-flops is the smallest number m such that 2 m  n, where n is the number of states.
Fault Tolerant Infective Countermeasure for AES
Linear Fault Analysis of Block Ciphers Zhiqiang Liu 1, Dawu Gu 1, Ya Liu 1, Wei Li 2 1. Shanghai Jiao Tong University 2. Donghua University ACNS 2012 June.
Unit 14 Derivation of State Graphs
TELSIKS 2005 Concurrent error detection in FSMs using transition checking technique G. Lj. Djordjevic, T. R. Stankovic and M. K. Stojcev Department of.
1 UCR Hardware Security Primitives with focus on PUFs Slide credit: Srini Devedas and others.
Finite State Machines (FSMs) and RAMs and inner workings of CPUs COS 116, Spring 2010 Guest: Szymon Rusinkiewicz.
1 Lect. 10 : Cryptanalysis. 2 Block Cipher – Attack Scenarios  Attacks on encryption schemes  Ciphertext only attack: only ciphertexts are given  Known.
LOGO Hardware side of Cryptography Anestis Bechtsoudis Patra 2010.
Smart card security Nora Dabbous Security Technologies Department.
Security Analysis of a Cryptographically- Enabled RFID Device Steve Bono, Matthew Green, Adam Stubblefield, Ari Juels, Avi Rubin, Michael Szydlo Usenix.
Finite State Machines (FSMs) and RAMs and CPUs COS 116, Spring 2011 Sanjeev Arora.
Introduction to State Machine
Computer Organization & Programming Chapter 5 Synchronous Components.
Ahmed Osama Research Assistant. Presentation Outline Winc- Nile University- Privacy Preserving Over Network Coding 2  Introduction  Network coding 
Error Detection in Hardware VO Hardware-Software-Codesign Philipp Jahn.
Tallinn University of Technology, Department of Computer Engineering, November 2006 Digitaalsüsteemide verifitseerimine Arvutitehnika erikursus II, IAY0110,
DLD Lecture 26 Finite State Machine Design Procedure.
D_160 / MAPLD Burke 1 Fault Tolerant State Machines Gary Burke, Stephanie Taft Jet Propulsion Laboratory, California Institute of Technology.
Varadarajan Srinivasan, Julian W. Farquharson,
Cryptography Against Physical Attacks Dana Dachman-Soled University of Maryland
A Low-Complexity Universal Architecture for Distributed Rate-Constrained Nonparametric Statistical Learning in Sensor Networks Avon Loy Fernandes, Maxim.
Logic Design EE-2121 Manesh T. Digital Systems  Introduction  Binary Quantities and Variables  Logic Gates  Boolean Algebra  Combinational Logic.
A4 1 Barto "Sequential Circuit Design for Space-borne and Critical Electronics" Dr. Rod L. Barto Spacecraft Digital Electronics Richard B. Katz NASA Goddard.
© 2009 Pearson Education, Upper Saddle River, NJ All Rights ReservedFloyd, Digital Fundamentals, 10 th ed Digital Logic Design Dr. Oliver Faust.
Dr. ClincyLecture Slide 1 CS Chapter 3 (3A and ) Part 8 of 8 Dr. Clincy Professor of CS.
COMBINATIONAL AND SEQUENTIAL CIRCUITS Guided By: Prof. P. B. Swadas Prepared By: BIRLA VISHVAKARMA MAHAVDYALAYA.
Chapter 3 Boolean Algebra and Digital Logic T103: Computer architecture, logic and information processing.
Prof. Sin-Min Lee Department of Computer Science
Overview on Hardware Security
Introduction Introduction to VHDL Entities Signals Data & Scalar Types
And Decoders Prof. Sin-Min Lee Department of Computer Science
And Decoders Prof. Sin-Min Lee Department of Computer Science
More Devices: Control (Making Choices)
CAD-based Security, Cryptography, and Digital Rights Management
Fei Li Jinjun Xiong University of Wisconsin-Madison
Motivations Algebraic Manipulation Detection Codes
CSE 370 – Winter Sequential Logic - 1
Jamming Resistant Encoding
Systems Architecture I
A Block Based MAP Segmentation for Image Compression
Advanced Computer Architecture Lecture 1
Error Correction Coding
CSE 370 – Winter Sequential Logic-2 - 1
Presentation transcript:

Strong Error Detection for Control Units Against Advanced Attackers Kahraman Daglar Akdemir Advisor: Berk Sunar Electrical and Computer Engineering MOTIVATION Current computational resources can rarely challenge the existing cryptographic algorithms implemented on security devices such as smart cards. Key sizes that are used in these devices are secure against brute-force attacks. The real danger is the so called “side-channel” attacks, in which the attacker can reach to secret information (e.g. secret key) using implementation specific side-channels. PROPOSED SOLUTION Error Detection Mechanism Publications 2 Active Attacks Optical Fault Injection EM-Induced Fault Injection Power and Clock Fault Injection Passive Attacks Power Analysis Timing Analysis Electro-Magnetic Analysis Classes of Side-Channel Attacks Example optical fault injection attacks [1-2] High density optical lasers cause bit flips on specific parts of an IC and this can reveal information about the secret key. There are many publications suggesting solutions to fault injection attacks, such as concurrent error detection (CED). However, these solutions focus on the datapath parts of the cryptographic hardware and the control units (e.g. Finite State Machines) are left totally vulnerable to active side-channel attacks. Gaubatz et al. [3] observed this gap existing on the control unit security and proposed a linear protection scheme where he decodes state and output variable using a linear error detection code. However, this solution is far from being a “robust” one. An example fault attack on a FSM implementing Montgomery Ladder Algorithm [3] Karpovsky and Taubin [4] proposed a new class of non-linear codes which can provide a robust error detection solution against fault attacks. We suggest that given the input, state and output assignments, we can write the next-state and output as an algebraic function using Lagrange interpolation. In this case, if we apply a similar non-linear error detection code to the input, output, and state encodings, we will have a measurably robust error detection scheme for the control unit. Case Study for the FSM diagram shown above Arithmetic hardware implementation of the next-state logic for the example case study Efficient MUX based hardware implementation of the next-state logic for the example case study RESULTS Area Overhead and Scaling Robustness To be able to add error detection capabilities to the proposed schemes, we need redundancy. We define the following error check function on a variable to obtain a non-linear error check-sum. Consequently, states and inputs will now be decoded as (s,h(s)) and (i,h(i)). Basically, there are two paths that are non- linear to each other. The check-sum of the expected output is generated using the predictor and the check-sums of the inputs. If the expected check-sum does not match with the actual check-sum, then this means that an error is injected. So the secret information is reseted. The error detection probabilities for both the arithmetic and MUX based efficient implementations are indicated. As can be observed (top), for all possible error vectors that can be injected, the minimum error detection probability is ~0.985 for the arithmetic case. Another important point is that this probability is distributed uniformly. The error detection probability behaviour is more spiky in the efficient MUX based scheme due to the non-uniform distribution at the outputs of the MUXs (bottom). The minimum error detection probability is ~0.968 for this case. The implementation results related to the example in the case study are summarized in the above table. The area overhead associated with the efficient MUX based implementation is on the order of %197 (See the above table). This provides better performance than the linear method solution proposed by Gaubatz [3]. Plus, the minimum error detection probability is maximized in our case. When we look how the proposed methods scale for different FSMs, we observe that the arithmetic case shows a cubic behaviour (top) while the efficient MUX based case is quadratic (bottom) with respect to the number of states in the FSM. K. D. Akdemir, B. Sunar. Strong Error Detection for Control Units Against Advanced Attackers. IEEE Transactions on Computers (Submitted for Review). References [1] Schmidt, J.M. and Hutter M. "Optical and EM Fault-Attacks on CRT-based RSA: Concrete Results", Austrochip Proceedings of the 15th Austrian Workshop on Microelectronics, ISBN , Oct [2] Skorobogatov, S. P. and Anderson, R. J Optical Fault Induction Attacks. In Revised Papers From the 4th international Workshop on Cryptographic Hardware and Embedded Systems (August , 2002). B. S. Kaliski, Ç. K. Koç, and C. Paar, Eds. Lecture Notes In Computer Science, vol Springer-Verlag, London, [3] Sunar, B., Gaubatz, G., and Savas, E Sequential Circuit Design for Embedded Cryptographic Applications Resilient to Adversarial Faults. IEEE Trans. Comput. 57, 1 (Jan. 2008), [4] Mark Karpovsky and Alexander Taubin. A new class of nonlinear systematic error detecting codes. IEEE Trans Info Theory, 50(8):1818–1820, 2004.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.