Asymmetric algorithms such as RSA are considered secure from an algorithmic point of view, yet their implementations are typically vulnerable as they are used by attackers to comprise the secret key. Many countermeasures have been proposed to thwart these attacks. However, they are typically broken as the key can be easily compromised when attackers succeed figuring out which part of the traces belong to the square and multiply operations. In this paper, a new countermeasure is proposed against side channel attacks, referred to as multi-bit blinding. The proposed method provides a constant execution behavior regardless of the key value without additional cost (i.e., dummy/extra operations). It realizes this by considering multiple bits of the key (i.e., two in this paper) simultaneously and always perform the same operations on them independent of the two-bit value. This makes attacks much harder as the attacker cannot retrieve the key simply by identifying the operations. Instead, the attackers need to guess the correct values of the operations as well. As a case study, the security of an RSA algorithm implementation based on the proposed method is evaluated. Our experimental results show that the new method is secure against profiled and non-profiled side channel attacks with less overhead than currently published countermeasures.

Side channel attacks are recognized as one of the most powerful attacks due to their ability to extract secret key information by analyzing the unintended leakage generated during operation. This makes them highly attractive for attackers. The current countermeasures focus on either randomizing the leakage by obfuscating the power consumption of all operations or blinding the leakage by maintaining a similar power consumption for all operations. Although these techniques help hiding the power-leakage correlation, they do not remove the correlation completely. This paper proposes a new countermeasure type, referred to as confusion, that aims to break the linear correlation between the leakage model and the power consumption and hence confuses attackers. It realizes this by replacing the traditional SBOX implementation with a neural network referred to as S-NET. As a case study, the security of Advanced Encryption Standard (AES) software implementations with both conventional SBOX and S-NET are evaluated. Based on our experimental results, S-NET leaks no information and is resilient against popular attacks such as differential and correlation power analysis.

In the recent years, cache based side-channel attacks have become a serious threat for computers. To face this issue, researches have been looking at verifying the security policies. However, these approaches are limited to manual security verification and they typically work for a small subset of the attacks. Hence, an effective verification environment to automatically verify the cache security for all side-channel attacks is still missing. To address this shortcoming, we propose a security verification methodology that formally verifies cache designs against cache side-channel vulnerabilities. Results show that this verification template is a straightforward, automated method in verifying cache invulnerability.

Multi-Processor System-on-Chips (MPSoCs) are popular computational platforms for a wide variety of applications due to their energy efficiency and flexibility. Like many other platforms they are vulnerable to Side Channel Attacks (SCAs). In particular, Logical SCAs (LSCAs) are very powerful as sensitive information can be retrieved by simply observing system properties that depend on the victim's software execution on the MPSoC. Unfortunately, many of the current protection mechanisms are either platform dependent or are effective only against a reduced set of attacks. In this work, we present Guard-NoC, a secure Network-on-Chip (NoC) architecture able to protect MPSoCs against a wide variety of LSCAs. The secure NoC employs three application-independent strategies to hide and isolate sensitive information: i) blinding the execution time of operations; ii) masking the execution time of operations; and iii) dual communication strategy (i.e., use packet and circuit switching simultaneously). Our results show that our secure NoC is resilient against practical LSCAs and leaks almost no information while having a minimal area and power overhead.

Cache attacks are one of the most wide-spread and dangerous threats to embedded computing systems' security. A promising approach to detect such attacks at runtime is to monitor the System-on-Chip (SoC) behavior. However, designing a secure SoC capable of detecting such attacks is very challenging: the monitors should be lightweight in order to avoid excessive power/energy and area costs and the attack behavior should be clearly known upfront. In this work, we present LiD-CAT, a lightweight and flexible hardware detector that is aware of leakage patterns that can be used by attackers to perform cache based attacks. LiD-CAT is a cache wrapper that implements a set of leakage properties derived from cache attacks and cache models using templates. These templates identify suspicious behavior that may lead to cache attacks. LiD-CAT is evaluated using two different cache architectures, one with a secure cache and one without. On each of them, SPEC2000 benchmarks are run together with malicious applications that execute cache attacks (i.e., Evict+Time, Prime+Probe, Flush+Reload and Flush+Flush). Results show that our lightweight detector successfully detects 99.99% of the attacks with less than 1% false-positives, has no timing penalties, and increases the area of a SoC with only 1.6%.

Physically Unclonable Functions (PUFs) are security primitives that provide trustworthy hardware for key-generation and device authentication. Among them, in contrast to dedicated PUFs, intrinsic PUFs are created from existing hardware components that exploit their variability through software. In this work we focus on GPUs and present G-PUF, a PUF implemented entirely in software on CUDA and hence does not require hardware modifications. Our results show that G-PUF has comparable characteristics to SRAM and DRAM PUFs in terms of uniformity 55.61% and reliability 90.09%.

Increasingly complex and powerful Systems-on-Chips (SoCs), connected through a 5G network, form the basis of the Internet-of-Things (IoT). These technologies will drive the digitalization in all domains, e.g. industry automation, automotive, avionics, and healthcare. A major requirement for all above domains is the long-term (10 to 30 years) secure communication between the SoCs and the cloud over public 5G networks. The foreseeable breakthrough of quantum computers represents a risk for all communication. In order to prepare for such an event, SoCs must integrate secure quantum-computer-resistant cryptography which is reliable and protected against SW and HW attacks. Empowering SoCs with such strong security poses a challenging problem due to limited resources, tight performance requirements and long-term life-cycles. While current works are focused on efficient implementations of post-quantum cryptography, implementation-security and reliability aspects for SoCs are still largely unexplored. To this end, we present three contributions. First, we present a RISC-V co-processor for post-quantum security, able to support lattice-based cryptography. Second, we use HW/SW co-design techniques to accelerate the NTT transformation and hash generation. Third, we perform the fault analysis of the implementation. We show that our coprocessor achieves high reliability and security capabilities while preserving good performance.