Sharif Digital Repository

The widespread expansion of the semiconductor industry and various production phases have led to the increased importance of fabricating highly secure chips. Both in factories manufacturing and later at actual operation, digital integrated circuits (IC) might encounter a variety of hardware attacks, one type of which involves Hardware Trojans (HT). Due to their diversity, it has become a major hardware security challenge to prevent, detect and track down HTs. In this regard, the first step is to understand the taxonomy of Trojans and the current ways in which they can be encountered. For that purpose, certain classifications are required. With their downsized dimensions, the Trojans have... 

In this paper, we report our evaluation of the strength of random number generator and RSA key-pair generator of some commercially available constrained hardware modules, i.e., tokens and smart cards. That was motivated after recent related attacks to RSA public keys, which are generated by constrained network devices and smart cards, and turned out to be insecure due to low-quality randomness. Those attacks are mostly computing pair-wise GCD between the moduli in public keys, and resulted in breaking several thousands of these keys. Our results show that most of the tested hardware modules behave well. However, some have abnormal or weak random generators which seem to be unsuitable for... 

In recent years, hardware Trojans (HTs) have become one of the main challenging concerns within the chain of manufacturing digital integrated circuit chips. Because of their diversity in chips, HTs are difficult to detect and locate. This paper attempted to propose a new improved method for detection and localization of HTs based on the real-time logical values of nodes. The algorithm extracts the nodes with special attributes. At the next stage, the nodes with the greatest similarity in terms of logical value are selected as targets. Depending on the size of the circuit, the extraction continues until a sufficient number of similar nodes has been selected. The logical relationship between... 

Hardware IPs are mostly presented in Register Transfer Level (RTL) description. Although considerable attention has been paid to hardware Trojan detection and design-for-trust at gate level and lower levels, so far there have been few methods at RT Level and behavioral RTL. We propose an approach to analyze circuit susceptibility to Trojan at the behavioral level, based on controllability analysis. We propose three design-for-trust methods, which reduce circuit vulnerability to hardware Trojans by increasing the probability of Trojan detection. We use side-channel Trojan detection method based on power consumption to evaluate Trojan detection probability. Our proposed methods can improve... 

Side Channel Analysis (SCA) are still harmful threats against security of embedded systems. Due to the fact that every kind of SCA attack or countermeasure against it needs to be implemented before evaluation, a huge amount of time and cost of this process is paid for providing high resolution measurement tools, calibrating them and also implementation of proposed design on ASIC or target platform. In this paper, we have introduced a novel simulation platform for evaluation of power based SCA attacks and countermeasures. We have used Synopsys power analysis tools in order to simulate a processor and implement a successful Differential Power Analysis (DPA) attack on it. Then we focused on the... 

Most lattice-based cryptographic schemes with a security proof suffer from large key sizes and heavy computations. This is also true for the simpler case of authentication protocols that are used on smart cards as a very-constrained computing environment. Recent progress on ideal lattices has significantly improved the efficiency and made it possible to implement practical lattice-based cryptography on constrained devices. However, to the best of our knowledge, no previous attempts have been made to implement lattice-based schemes on smart cards. In this article, we provide the results of our implementation of several state-of-the art lattice-based authentication protocols on smart cards and... 

In recent years, the security of integrated circuits (ICs) has received more attention as usage of ICs made by untrustworthy foundries has increased in safety-critical systems [1]. In this paper, we introduce a novel approach for fingerprinting the delay of functional paths in a sequential circuit that have millions of transistors, like processors. We present a method for inserting Ring Oscillators (ROs) into scan chain for measuring the delay of each functional path inside the chip. Using the proposed method, the payload part of Trojans will be detected according to their size and cell types. Our method can be used by power-based Trojan detection approaches for finding the trigger part of... 

In cryptographic engineering, extensive attention has been devoted to ameliorating the performance and security of the algorithms within. Nonetheless, in the state-of-the-art, the approaches for increasing the reliability of the efficient hash functions ECHO and Fugue have not been presented to date.We propose efficient fault detection schemes by presenting closed formulations for the predicted signatures of different transformations in these algorithms. These signatures are derived to achieve low overhead for the specific transformations and can be tailored to include byte/word-wide predicted signatures. Through simulations, we show that the proposed fault detection schemes are... 

Hardware Trojans are one of the serious threats with detrimental, irreparable effects on the functionality, security, and performance of digital integrated circuits. It is difficult to detect Trojans because of their diversity in size and performance. While the majority of current methods focus on Trojan detection during chip testing, run-time techniques can be employed to gain unique advantages. This paper proposes a method based on the online scalable detection technique, which eliminates the need for a reference chip. Involving local detectors, this technique assesses the variations in the logical values of each node to find out whether there are Trojans. This method excludes time and... 

Outsourcing the ICs for manufacturing introduces potential security threats such as hardware Trojans (HTs). In this paper, we propose hardware-based artificial immune system for solving this problem. This system uses a biologically-inspired technique which makes it attractive for using in computer security systems. Using our proposed method, the probability of HT detection can reach 100 percent, and the system can be made immune against HTs. © 2017 IEEE  

Many smart grid applications need broadcast communications. Because of the critical role of the broadcasted messages in these applications, their authentication is very important to prevent message forgery attacks. Smart grid consists of plenty of low-resource devices such as smart meters or phasor measurement units (PMUs) that are located in physically unprotected environments. Therefore, the storage and computational constraints of these devices as well as their security against physical attacks must be considered in designing broadcast authentication schemes. In this paper, we consider two communication models based on the resources of the broadcasters and receivers and propose a physical... 

Hardware trojan horses (HTH) have recently emerged as a major security threat for field-programmable gate arrays (FPGAs). Previous studies to protect FPGAs against HTHs may still leave a considerable amount of logic resources to be misused by malicious attacks. This letter presents a low-level HTH protection scheme for FPGAs by filling the unused resources with the proposed dummy logic. In the proposed scheme, we identify the unused resources at the device layout-level and offer dummy logic cells for different resources. The proposed HTH protection scheme has been applied on Xilinx Virtex devices implementing a set of IWLS benchmarks. The results show that by employing the proposed HTH... 

Physical unclonable functions (PUFs) are powerful security primitives that provide cheap and secure solutions for security-related applications. Strong PUFs provide a large set of challenge-response pairs (CRPs) and are suitable for device authentication. Weak PUFs produce a small number of CRPs and can be used for key extraction. In this paper, we propose a novel method to enhance the CRP set of traditional ring oscillator-based PUFs (RO-PUFs). RO-PUFs are one of the most reliable types of PUFs and the best fit to implement on the field-programmable gate arrays. To the best of our knowledge, our method provides the maximum number of CRPs compared with the state of the art. In addition, the... 

Advanced metering infrastructure (AMI) provides 2-way communications between the utility and the smart meters. Developing authenticated key exchange (AKE) and broadcast authentication (BA) protocols is essential to provide secure communications in AMI. The security of all existing cryptographic protocols is based on the assumption that secret information is stored in the nonvolatile memories. In the AMI, the attackers can obtain some or all of the stored secret information from memories by a great variety of inexpensive and fast side-channel attacks. Thus, all existing AKE and BA protocols are no longer secure. In this paper, we investigate how to develop secure AKE and BA protocols in the... 

By exponential increase in applications of the Internet of Things (IoT), such as smart ecosystems or e-health, more security threats have been introduced. In order to resist known attacks for IoT networks, multiple security protocols must be established among nodes. Thus, IoT devices are required to execute various cryptographic operations, such as public key encryption/decryption. However, classic public key cryptosystems, such as Rivest-Shammir-Adlemon and elliptic curve cryptography are computationally more complex to be efficiently implemented on IoT devices and are vulnerable regarding quantum attacks. Therefore, after complete development of quantum computing, these cryptosystems will... 

In recent years, confrontation with hardware Trojans has become a major concern due to various reasons including outsourcing. Such a growing threat is more pronounced in reconfigurable devices as they are used in widespread applications due to low design cost and short time-to-market. Besides their vulnerability to hardware Trojan attacks, SRAM-based reconfigurable devices are also significantly susceptible to faults originated by particle strikes. There have been various methods to mitigate either hardware Trojan attacks or faults. To our knowledge, however, no method has been presented that can integrate detecting, distinguishing, and mitigating faults and Trojans. In this paper, we...