Yufeng Xie,Xiaoyong Xue,Jianguo Yang,Yinyin Lin,Qingtian Zou,Ryan Huang,Jingang Wu

DOI: https://doi.org/10.1109/tcsii.2015.2503707

2016-01-01

IEEE Transactions on Circuits & Systems II Express Briefs

Abstract:A 64-kB logic resistive random access memory (RRAM) chip for physically secure key storage is presented. The chip has security features of resisting fully invasive attacks such as deprocessing and microscopy observation, resisting side-channel attacks by providing symmetrical power and timing read signals, resisting malicious writing by a reduced write protection scheme with feedback, and resisting data interception attack across pin boundary by the ability of on-chip integration with logic platform. The chip is fabricated in a 0.13-μm standard logic process and implemented as the key storage for a demonstrative information security platform with a MIPS-based cryptoprocessor. Experiments of reverse engineering and mechanism investigation proved the fully invasive attack-resistant features, and experiments emulating side-channel attacks revealed no difference between 0 and 1. Experiments also showed that the information security platform could correctly encrypt and decrypt with the RRAM key storage. The proposed chip has obvious advantage on area, power, and security features for embedded key storage compared with its Antifuse counterpart.

Joshua Hovanes,Yadi Zhong,Ujjwal Guin

DOI: https://doi.org/10.48550/arXiv.2208.02883

2022-08-04

Cryptography and Security

Abstract:Data recovery has long been a focus of the electronics industry for decades by security experts, focusing on hard disk recovery, a type of non-volatile memory. Unfortunately, none of the existing research, neither from academia, industry, or government, have ever considered data recovery from volatile memories. The data is lost when it is powered off, by definition. To the best of our knowledge, we are the first to present an approach to recovering data from a static random access memory. It is conventional wisdom that SRAM loses its contents whenever it turns off, and it is not required to protect sensitive information, e.g., the firmware code, secret encryption keys, etc., when an SRAM-based computing system retires. Unfortunately, the recycling of integrated circuits poses a severe threat to the protection of intellectual properties. In this paper, we present a novel concept to retrieve SRAM data as aging leads to a power-up state with an imprint of the stored values. We show that our proposed approaches can partially recover the previously used SRAM content. The accuracy of the recovered data can be further increased by incorporating multiple SRAM chips compared to a single one. It is impossible to retrieve the prior content of some stable SRAM cells, where aging shifts these cells towards stability. As the locations of these cells vary from chip to chip due to uncontrollable process variation, the same cell has a higher chance of being unstable or stable against aging in any of the chips, which helps us recover the content. Finally, majority voting is used to combine a set of SRAM chips' data to recover the stored data. We present our experimental result using commercial off-the-shelf SRAMs with stored binary image data before performing accelerated aging. We demonstrate the successful partial retrieval on SRAMs that are aged with as little as 4 hours of accelerated aging with 85C.

Yufeng Xie,Wenxiang Jian,Xiaoyong Xue,Gang Jin,Yinyin Lin

DOI: https://doi.org/10.1587/elex.9.1051

2012-01-01

IEICE Electronics Express

Abstract:A 64Kb logic Resistive Random Access Memory (RRAM) test chip for encryption keys storage is presented for the first time. The excellent security features of resisting physical attacks and side-channel attacks are theoretically analyzed and experimentally proved. The chip is fabricated in 0.13 mu m standard logic process, and can directly integrate with encryption logic circuits of information systems.

Lois Orosa,Yaohua Wang,Ivan Puddu,Mohammad Sadrosadati,Kaveh Razavi,Juan Gómez-Luna,Hasan Hassan,Nika Mansouri-Ghiasi,Arash Tavakkol,Minesh Patel,Jeremie Kim,Vivek Seshadri,Uksong Kang,Saugata Ghose,Rodolfo Azevedo,Onur Mutlu

DOI: https://doi.org/10.48550/arXiv.1902.07344

2019-11-06

Abstract:DRAM manufacturers have been prioritizing memory capacity, yield, and bandwidth for years, while trying to keep the design complexity as simple as possible. DRAM chips do not carry out any computation or other important functions, such as security. Processors implement most of the existing security mechanisms that protect the system against security threats, because 1) executing security mechanisms usually require non-trivial computational capabilities (e.g., encryption), and 2) commodity DRAM chips are not designed to perform computations or tasks other than data storage. In this work, we advocate for DRAM as a key component for providing security mechanisms to the system. To this end, we propose Dataplant, a new class of low-cost, high-performance, and reliable security primitives that can be integrated in commodity DRAM chips with minimal changes. The main idea of Dataplant is to slightly modify the internal DRAM timing signals to expose the inherent process variation found in all DRAM chips for generating unpredictable but reproducible values (e.g., keys) within DRAM. We use Dataplant to build two new security mechanisms. First, a new Dataplant-based physical unclonable function (PUF) with non-destructive read-out, low evaluation latency, robust responses, resiliency to temperature changes, and data-independent responses. Second, a new cold boot attack prevention mechanism that automatically destroys all data within DRAM on every power cycle with zero run-time energy and latency overheads. Using a combination of detailed simulations and experiments with 136 real commodity DRAM chips, we show that our Dataplant-based PUF has 1.8x higher throughput than the best state-of-the-art DRAM PUFs. We also demonstrate that our Dataplant-based cold boot attack protection mechanism is 19.5x faster and consumes 2.54x less energy when compared to existing mechanisms.

Cryptography and Security

Alexandre Proulx,Jean-Yves Chouinard,Amine Miled,Paul Fortier

DOI: https://doi.org/10.1109/tvlsi.2024.3360370

2024-01-01

IEEE Transactions on Very Large Scale Integration (VLSI) Systems

Abstract:System-on-chip (SoC) field programmable gate array (FPGA) devices are becoming increasingly prominent in a vast range of applications. The fusion of the FPGA’s unmatched parallel computing capacity and flexibility with a full-bore processing system makes these devices extremely powerful. With recent technological progress, SoC FPGA devices are implemented in increasingly complex systems where security and safety are often issues of concern. To cater to these concerns, these devices are commonly fit with encryption and authentication capabilities to ensure the confidentiality and authenticity of externally stored bitstreams, firmware, and bootloaders. However, while much effort is placed into securing these partitions when stored in external memory, little attention seems to be paid to the security of this data once it is decrypted for execution. This article investigates how vulnerable systems are to attacks that target decrypted data during execution. We demonstrate that data stored in external synchronous dynamic random access memory (SDRAM) can provide access to trusted and secured interfaces of SoC FPGA devices even with diligently applied security features.

engineering, electrical & electronic,computer science, hardware & architecture

Shimeng Yu,Xiaoyu Sun,Rui Liu,Huaqiang Wu,Yongqiang Pang,Bin Gao,He Qian,An Chen

DOI: https://doi.org/10.1201/9781315265056-5

2017-01-01

Abstract:This chapter focuses on the hardware security primitives based on resistive random access memory (RRAM) technology. The typical RRAM device structure is a metal/oxide/metal stack, which can be integrated in the contact vias between interconnect layers on top of the complementary-metal-oxide-semiconductor circuits. Owing to the stochastic nature of the conductive filament formation and rupture, RRAM shows probabilistic switching behaviors under weak programming conditions. In RRAM read-out current measurements, noise or random telegraph noise (RTN) is often observed and attributed to the charge trapping/detrapping process, which contributes to read current fluctuation over time. RRAM's conduction mechanism is trap-assisted-tunneling in the oxide, which inherently introduces RTN phenomenon. Physical unclonable function is a hardware security primitive that leverages the inherent randomness in the physical systems to produce unique responses upon the inquiry of challenges. Hardware security has emerged as one of the most important challenges due to electronic devices penetrating every aspect of our society.

Tara Merin John,Syed Kamran Haider,Hamza Omar,Marten van Dijk

DOI: https://doi.org/10.1109/tdsc.2017.2779780

2020-03-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Data-dependent access patterns of an application to an untrusted storage system are notorious for leaking sensitive information about the user's data. Previous research has shown how an adversary capable of monitoring both read and write requests issued to the memory can correlate them with the application to learn its sensitive data. However, information leakage through only the write access patterns is less obvious and not well studied in the current literature. In this work, we demonstrate an actual attack on power-side-channel resistant Montgomery's ladder based modular exponentiation algorithm commonly used in public key cryptography. We infer the complete 512-bit secret exponent in $mathbf{sim 3.5}$∼3.5 minutes by virtue of just the write access patterns of the algorithm to the main memory. In order to learn the victim algorithm's write access patterns under realistic settings, we exploit a compromised DMA device to take frequent snapshots of the application's address space, and then run a simple differential analysis on these snapshots to find the write access sequence. The attack has been shown on an Intel Core(TM) i7-4790 3.60GHz processor based system. We further discuss a possible attack on McEliece public-key cryptosystem that also exploits the write-access patterns to learn the secret key.

computer science, information systems, software engineering, hardware & architecture

Xiaoyu Ma,Fan Zhang,Yan Han

DOI: https://doi.org/10.1088/1742-6596/2221/1/012047

2022-01-01

Abstract:Abstract An authenticated encryption chip with novel nonce generation circuit was developed. This circuit associates the nonce generation with the contents and receiving time of plaintext. It will also generate overlapping power compensation for the whole chip. The integrated chip was fabricated under SMIC 180nm technology. Under 1.8V VDD, 100MHz global clock, the power consumption is about 14mW within 50k gates. The test result exhibits more than 10 times the strength in resistance to side-channel attack than the unprotected version without increasing hardware cost.

Yi Xiao,Yufeng Xie,Shilin Yan,Lecheng Zhou,Baihui Zhou,Siyuan Zhou,Yinyin Lin

DOI: https://doi.org/10.1109/icsict.2016.7998788

2016-01-01

Abstract:A physically-secure write scheme of Multi-time Programmable (MTP) RRAM for critical information storage is proposed and analyzed. The on-chip storage circuit can prevent physical attacks and illegal or malicious write operation. It improves the security level of existing MTP RRAM storage arrays by introducing an extra column storing protect-bits and using the address scrambling circuits. The proposed circuit is designed based on the RRAM which is logically compatible, so it provides higher resistance over physical attacks. And the MTP structure enables users with high priorities to change the stored security information.

Minhui Zou,Zhenhua Zhu,Yi Cai,Junlong Zhou,Chengliang Wang,Yu Wang

DOI: https://doi.org/10.23919/DATE48585.2020.9116549

2020-01-01

Abstract:Neural networks (NN) have gained great success in visual object recognition and natural language processing, but this kind of data-intensive applications requires huge data movements between computing units and memory. Emerging resistive random-access memory (RRAM) computing systems have demonstrated great potential in avoiding the huge data movements by performing matrix-vector-multiplications in memory. However, the nonvolatility of the RRAM devices may lead to potential stealing of the NN weights stored in crossbars and the adversary could extract the NN models from the stolen weights. This paper proposes an effective security enhancing method for RRAM computing systems to thwart this sort of piracy attack. We first analyze the theft methods of the NN weights. Then we propose an efficient security enhancing technique based on obfuscating the row connections between positive crossbars and their pairing negative crossbars. Two heuristic techniques are also presented to optimize the hardware overhead of the obfuscation module. Compared with existing NN security work, our method eliminates the additional RRAM writing operations used for encryption/decryption, without shortening the lifetime of RRAM computing systems. The experiment results show that the proposed methods ensure the trial times of brute-force attack are more than (16!)(17) and the classification accuracy of the incorrectly extracted NN models is less than 20%, with minimal area overhead.

Yen-Cheng Chiu,Tung-Cheng Chang,Chun-Ying Lee,Je-Min Hung,Kuang-Tang Chang,Cheng-Xin Xue,Ssu-Yen Wu,Hui-Yao Kao,Peng Chen,Hsiao-Yu Huang,Shih-Hsih Teng,Chieh-Pu Lo,Yi-Chun Shih,Yu-Der Chih,Tsung-Yung Jonathan Chang,Yier Jin,Meng-Fan Chang

DOI: https://doi.org/10.1109/jssc.2021.3112182

2021-01-01

Abstract:The development of security-aware mobile devices using wide-input–output (IO) nonvolatile memory (NVM) is hindered by high peak current, large area overhead for high read bandwidth (BWR), and considerable energy consumption for data movement between NVM and logic blocks. Furthermore, data stored in NVM are vulnerable to reverse-engineering attacks. This work presents a high BWR security-aware near-memory-computing spin-transfer torque magnetic random-access memory (STT-MRAM) macro using a multi-bit current-mode sense amplifier (MB-CSA) to reduce peak current and energy consumption for wide-IO access, a near-memory shift-and-rotate functionality (NSRF) in conjunction with the MB-CSA to reduce area overhead and enable the completion of read and logic operations within a single cycle, and a reverse-engineering-proof XOR–based memory data protector to protect data stored in NVM against reverse-engineering attacks. A 1-Mb 1024-b read STT-MRAM macro with data protector fabricated using foundry embedded 22-nm STT-MRAM. This work achieved 42.67 GB/s for BWR and 0.23 pJ/b. Inclusion of the NSRF circuit reduced area overhead by 33.3% while increasing latency by only 170 ps.

engineering, electrical & electronic

Nitin Rathi,Asmit De,Helia Naeimi,Swaroop Ghosh

DOI: https://doi.org/10.48550/arXiv.1603.06227

2016-03-20

Abstract:Spin-Transfer Torque RAM (STTRAM) is promising for cache applications. However, it brings new data security issues that were absent in volatile memory counterparts such as Static RAM (SRAM) and embedded Dynamic RAM (eDRAM). This is primarily due to the fundamental dependency of this memory technology on ambient parameters such as magnetic field and temperature that can be exploited to tamper with the stored data. In this paper we propose three techniques to enable error free computation without stalling the system, (a) stalling where the system is halted during attack; (b) cache bypass during gradually ramping attack where the last level cache (LLC) is bypassed and the upper level caches interact directly with the main memory; and, (c) checkpointing along with bypass during sudden attack where the processor states are saved periodically and the LLC is written back at regular intervals. During attack the system goes back to the last checkpoint and the computation continues with bypassed cache. We performed simulation for different duration and frequency of attack on SPLASH benchmark suite and the results show an average of 8% degradation in IPC for a one-time attack lasting for 50% of the execution time. The energy overhead is 2% for an attack lasting for the entire duration of execution.

Cryptography and Security

Shahrzad Keshavarz,Daniel Holcomb

DOI: https://doi.org/10.48550/arXiv.1708.07150

2017-10-26

Abstract:Advances in reverse engineering make it challenging to deploy any on-chip information in a way that is hidden from a determined attacker. A variety of techniques have been proposed for design obfuscation including look-alike cells in which functionality is determined by hard to observe mechanisms including dummy vias or transistor threshold voltages. Threshold-based obfuscation is especially promising because threshold voltages cannot be observed optically and require more sophisticated measurements by the attacker. In this work, we demonstrate the effectiveness of a methodology that applies threshold-defined behavior to memory cells, in combination with error correcting codes to achieve a high degree of protection against invasive reverse engineering. The combination of error correction and small threshold manipulations is significant because it makes the attacker's job harder without compromising the reliability of the obfuscated key. We present analysis to quantify key reliability of our approach, and its resistance to reverse engineering attacks that seek to extract the key through imperfect measurement of transistor threshold voltages. The security analysis and cost metrics we provide allow designers to make a quantifiable tradeoff between cost and security. We find that the combination of small threshold offsets and stronger error correcting codes are advantageous when security is the primary objective.

Cryptography and Security

genxian liu,xi zhang,dongsheng wang,zhenyu liu,haixia wang

DOI: https://doi.org/10.1007/978-3-662-43908-1_1

2014-01-01

Abstract:Security is a crucial element of information systems. Extensive research for cryptographic algorithms that provide the sound theoretical basis of security. Among them security and integrity of memory has been a longstanding issue in trusted system design. Main memory is a critical component of all computing systems. Most of those systems are vulnerable to memory attacks, in which an attacker gains physical accesses to the unattended hardware, obtains the decryption keys from memory. We propose a method for protecting memory systems against attacks with hardware authentication and full memory encryption. The method is secure against all known type of memory attack. We have tested the method with software simulator and Field Programmable Gate Array (FPGA) platform. The results show that the method can authenticate and encrypt the contents of DRAM with 2.5 % performance penalties.

Waqas Gul,Maitham Shams,Dhamin Al-Khalili

DOI: https://doi.org/10.3390/mi13081332

IF: 3.4

2022-08-18

Micromachines

Abstract:Microprocessors use static random-access memory (SRAM) cells in the cache memory design. As a part of the central computing component, their performance is critical. Modern system-on-chips (SoC) escalate performance pressure because only 10–15% of the transistors accounts for logic, while the remaining transistors are for the cache memory. Moreover, modern implantable, portable and wearable electronic devices rely on artificial intelligence (AI), demanding an efficient and reliable SRAM design for compute-in-memory (CIM). For performance benchmark achievements, maintaining reliability is a major concern in recent technological nodes. Specifically, battery-operated applications utilize low-supply voltages, putting the SRAM cell's stability at risk. In modern devices, the off-state current of a transistor is becoming comparable to the on-state current. On the other hand, process variations change the transistor design parameters and eventually compromise design integrity. Furthermore, sensitive information processing, environmental conditions and charge emission from IC packaging materials undermine the SRAM cell's reliability. FinFET-SRAMs, with aggressive scaling, have taken operation to the limit, where a minute anomaly can cause failure. This article comprehensively reviews prominent challenges to the SRAM cell design after classifying them into five distinct categories. Each category explains underlying mathematical relations followed by viable solutions.

chemistry, analytical,nanoscience & nanotechnology,instruments & instrumentation,physics, applied

Yachuan Pang,Huaqiang Wu,Bin Gao,Bohan Lin,Jianshi Tang,Zhen Li,Shuguang Cui,He Qian

DOI: https://doi.org/10.1109/imw48823.2020.9108114

2020-01-01

Abstract:Resistive Random-Access Memory (RRAM) has been widely researched as a candidate of non-volatile memory, and also for application in hardware security in recent years. However, most of these applications only take advantage of certain evident features of RRAM (e.g. cycle-to-cycle or device-to-device variation), and can only implement a single function. In this paper, a novel data hiding technique is proposed to implement two different functions in normal RRAM devices that utilize the impact of Form resistance on the applied pulse number of SET process. The feasibility of this technique is experimentally demonstrated on a 1Kb RRAM chip, which is proved by hiding additional data in normal RRAM. The reliability of the proposed technique is further optimized using a multi-RRAM per bit method. The experimental results show that the optimized hidden data demonstrates nearly ideal Bit Error Rate (BER) with 8- RRAM per bit. The BER is below 3%, which can be maintained after more than 1000 cycles. In addition, this work also demonstrates that the data hiding technique has good temperature stability between -25 ○ C and 100 ○ C.

Yansong Gao,Hua Ma,Said F. Al-Sarawi,Derek Abbott,Damith C. Ranasinghe

DOI: https://doi.org/10.48550/arXiv.1705.07375

2017-05-21

Cryptography and Security

Abstract:A physical unclonable function (PUF), analogous to a human fingerprint, has gained an enormous amount of attention from both academia and industry. SRAM PUF is among one of the popular silicon PUF constructions that exploits random initial power-up states from SRAM cells to extract hardware intrinsic secrets for identification and key generation applications. The advantage of SRAM PUFs is that they are widely embedded into commodity devices, thus such a PUF is obtained without a custom design and virtually free of implementation costs. A phenomenon known as `aging' alters the consistent reproducibility---reliability---of responses that can be extracted from a readout of a set of SRAM PUF cells. Similar to how a PUF exploits undesirable manufacturing randomness for generating a hardware intrinsic fingerprint, SRAM PUF unreliability induced by aging can be exploited to detect recycled commodity devices requiring no additional cost to the device. In this context, the SRAM PUF itself acts as an aging sensor by exploiting responses sensitive to aging. We use SRAMs available in pervasively deployed commercial off-the-shelf micro-controllers for experimental validations, which complements recent work demonstrated in FPGA platforms, and we present a simplified detection methodology along experimental results. We show that less than 1,000 SRAM responses are adequate to guarantee that both false acceptance rate and false rejection rate are no more than 0.001.

Gokulnath Rajendran,Writam Banerjee,Anupam Chattopadhyay,Mohamed M. Sabry Aly

DOI: https://doi.org/10.1002/aelm.202100536

IF: 6.2

2021-08-22

Advanced Electronic Materials

Abstract:Nowadays, advancements in the design of trusted system environments are relying on security provided by hardware-based primitives, while replacing resource-hungry software security measures. Emerging nonvolatile memory devices are promising candidates to provide the required hardware security functionalities at very low area-energy-runtime budget. Resistive random access memory (RRAM) offers high-density integration with outstanding performance among the state-of-the-art nonvolatile memory devices. The RRAM device technology is currently getting significant attention from both academia and industry for constructing beyond Von Neumann architectures. This technology's strength is its scalable two-terminal structure, the availability of wide range of functional materials, and multi-bit storage capability. The fluctuations in switching resistances, random telegraph noise, and sneak path current are detrimental characteristics of RRAM integrations for storage and in-memory computing applications, and more research focuses on alleviating these effects. Interestingly, these characteristics make them suitable for designing security hardware. In recent times, there has been significant progress in the design and analysis of RRAM-based security primitives such as, Physical Unclonable Function, true random number generator, and hash function. This review discusses the detailed developments in RRAM security and presents the demanded security requirement and available opportunities to be explored.

materials science, multidisciplinary,physics, applied,nanoscience & nanotechnology

Ali Fakhrzadehgan,Prakash Ramrakhyani,Moinuddin K. Qureshi,Mattan Erez

DOI: https://doi.org/10.1109/DSN58367.2023.00016

2023-10-28

Abstract:The security goals of cloud providers and users include memory confidentiality and integrity, which requires implementing Replay-Attack protection (RAP). RAP can be achieved using integrity trees or mutually authenticated channels. Integrity trees incur significant performance overheads and are impractical for protecting large memories. Mutually authenticated channels have been proposed only for packetized memory interfaces that address only a very small niche domain and require fundamental changes to memory system architecture. We propose SecDDR, a low-cost RAP that targets direct-attached memories, like DDRx. SecDDR avoids memory-side data authentication, and thus, only adds a small amount of logic to memory components and does not change the underlying DDR protocol, making it practical for widespread adoption. In contrast to prior mutual authentication proposals, which require trusting the entire memory module, SecDDR targets untrusted modules by placing its limited security logic on the DRAM die (or package) of the ECC chip. Our evaluation shows that SecDDR performs within 1% of an encryption-only memory without RAP and that SecDDR provides 18.8% and 7.8% average performance improvements (up to 190.4% and 24.8%) relative to a 64-ary integrity tree and an authenticated channel, respectively.

Cryptography and Security,Hardware Architecture

Yoongu Kim,Ross Daly,Jeremie Kim,Chris Fallin,Ji Hye Lee,Donghyuk Lee,Chris Wilkerson,Konrad Lai,Onur Mutlu

DOI: https://doi.org/10.48550/arXiv.1603.00747

2016-02-19

Abstract:As process technology scales down to smaller dimensions, DRAM chips become more vulnerable to disturbance, a phenomenon in which different DRAM cells interfere with each other's operation. For the first time in academic literature, our ISCA paper exposes the existence of disturbance errors in commodity DRAM chips that are sold and used today. We show that repeatedly reading from the same address could corrupt data in nearby addresses. More specifically: When a DRAM row is opened (i.e., activated) and closed (i.e., precharged) repeatedly (i.e., hammered), it can induce disturbance errors in adjacent DRAM rows. This failure mode is popularly called RowHammer. We tested 129 DRAM modules manufactured within the past six years (2008-2014) and found 110 of them to exhibit RowHammer disturbance errors, the earliest of which dates back to 2010. In particular, all modules from the past two years (2012-2013) were vulnerable, which implies that the errors are a recent phenomenon affecting more advanced generations of process technology. Importantly, disturbance errors pose an easily-exploitable security threat since they are a breach of memory protection, wherein accesses to one page (mapped to one row) modifies the data stored in another page (mapped to an adjacent row).

Distributed, Parallel, and Cluster Computing,Cryptography and Security