No Arabic abstract
Logic locking is used to protect integrated circuits (ICs) from piracy and counterfeiting. An encrypted IC implements the correct function only when the right key is input. Many existing logic-locking methods are subject to the powerful satisfiability (SAT)-based attack. Recently, an Anti-SAT scheme has been developed. By adopting two complementary logic blocks that consist of AND/NAND trees, it makes the number of iterations needed by the SAT attack exponential to the number of input bits. Nevertheless, the Anti-SAT scheme is vulnerable to the later AppSAT and removal attacks. This paper proposes a generalized (G-)Anti-SAT scheme. Different from the Anti-SAT scheme, a variety of complementary or non-complementary functions can be adopted for the two blocks in our G-Anti-SAT scheme. The Anti-SAT scheme is just a special case of our proposed design. Our design can achieve higher output corruptibility, which is also tunable, so that better resistance to the AppSAT and removal attacks is achieved. Meanwhile, unlike existing AppSAT-resilient designs, our design does not sacrifice the resistance to the SAT attack.
Today, Internet communication security has become more complex as technology becomes faster and more efficient, especially for resource-limited devices such as embedded devices, wireless sensors, and radio frequency identification (RFID) tags, and Internet of Things (IoT). Lightweight encryption algorithms provide security for these devices to protect data against intruders. But the limitation of using energy in lightweight block ciphers (LBCs) is one of the major challenges for ever-expanding IoT technologies. Also, these LBC are subject to Side-channel attacks, which are among the most cited threats to these ciphers. In this paper, a differential power attack (DPA) to the Midori64 block cipher is designed. According to the proposed method, an attack on the S-boxes of the first round is done to obtain half of the master key bits. Then, the S-boxes of the second round were attacked to obtain remaining the master key bits. The results confirmed that the key is ultimately obtained. With the low volume of computational complexity, we obtained the Midori block cipher key, which was considered secure, just by using 300 samples of the plaintext. Following the running of Midori64 on the AVR microcontroller of the Atmega32 model, the master key of Midori block cipher is discovered with 300 known texts. Furthermore, we obtained the master key with a smaller number of samples than the electromagnetic analysis attack.
GPUs are increasingly being used in security applications, especially for accelerating encryption/decryption. While GPUs are an attractive platform in terms of performance, the security of these devices raises a number of concerns. One vulnerability is the data-dependent timing information, which can be exploited by adversary to recover the encryption key. Memory system features are frequently exploited since they create detectable timing variations. In this paper, our attack model is a coalescing attack, which leverages a critical GPU microarchitectural feature -- the coalescing unit. As multiple concurrent GPU memory requests can refer to the same cache block, the coalescing unit collapses them into a single memory transaction. The access time of an encryption kernel is dependent on the number of transactions. Correlation between a guessed key value and the associated timing samples can be exploited to recover the secret key. In this paper, a series of hardware/software countermeasures are proposed to obfuscate the memory timing side channel, making the GPU more resilient without impacting performance. Our hardware-based approach attempts to randomize the width of the coalescing unit to lower the signal-to-noise ratio. We present a hierarchical Miss Status Holding Register (MSHR) design that can merge transactions across different warps. This feature boosts performance, while, at the same time, secures the execution. We also present a software-based approach to permute the organization of critical data structures, significantly changing the coalescing behavior and introducing a high degree of randomness. Equipped with our new protections, the effort to launch a successful attack is increased up to 1433X . 178X, while also improving encryption/decryption performance up to 7%.
Logic locking has emerged as a promising solution for protecting the semiconductor intellectual Property (IP) from the untrusted entities in the design and fabrication process. Logic locking hides the functionality of the IP by embedding additional key-gates in the circuit. The correct output of the chip is produced, once the correct key value is available at the input of the key-gates. The confidentiality of the key is imperative for the security of the locked IP as it stands as the lone barrier against IP infringement. Therefore, the logic locking is considered as a broken scheme once the key value is exposed. The research community has shown the vulnerability of the logic locking techniques against different classes of attacks, such as Oracle-guided and physical attacks. Although several countermeasures have already been proposed against such attacks, none of them is simultaneously impeccable against Oracle-guided, Oracle-less, and physical attacks. Under such circumstances, a defense-in-depth approach can be considered as a practical approach in addressing the vulnerabilities of logic locking. Defense-in-depth is a multilayer defense approach where several independent countermeasures are implemented in the device to provide aggregated protection against different attack vectors. Introducing such a multilayer defense model in logic locking is the major contribution of this paper. With regard to this, we first identify the core components of logic locking schemes, which need to be protected. Afterwards, we categorize the vulnerabilities of core components according to potential threats for the locking key in logic locking schemes. Furthermore, we propose several defense layers and countermeasures to protect the device from those vulnerabilities. Finally, we turn our focus to open research questions and conclude with suggestions for future research directions.
We compare the impact of hardware advancement and algorithm advancement for SAT solving over the last two decades. In particular, we compare 20-year-old SAT-solvers on new computer hardware with modern SAT-solvers on 20-year-old hardware. Our findings show that the progress on the algorithmic side has at least as much impact as the progress on the hardware side.
Federated learning has a variety of applications in multiple domains by utilizing private training data stored on different devices. However, the aggregation process in federated learning is highly vulnerable to adversarial attacks so that the global model may behave abnormally under attacks. To tackle this challenge, we present a novel aggregation algorithm with residual-based reweighting to defend federated learning. Our aggregation algorithm combines repeated median regression with the reweighting scheme in iteratively reweighted least squares. Our experiments show that our aggregation algorithm outperforms other alternative algorithms in the presence of label-flipping and backdoor attacks. We also provide theoretical analysis for our aggregation algorithm.