Huafeng CHEN,Haibin SHEN,Xiaolang YAN

2008-01-01

Abstract:The design-for-testability structure based on scan-chain often compromises the security of crypto chips.A method to attack certain hardware implementation of elliptic curve cryptography was presented.And an easy but effective secure scan method against the attack was proposed,which would not compromise the security of the chip,while maintaining high fault coverage.By controlling operational mode of the chip,the disability mechanism of scan enable signal was applied.The scan function was disabled when there existed security information in the chip.It solved the problem of secure information disclosure caused by scan chain design.

Joseph N. Mamvong,Gokop L. Goteng,Bo Zhou,Yue Gao

DOI: https://doi.org/10.1109/jiot.2020.3033435

IF: 10.6

2021-04-01

IEEE Internet of Things Journal

Abstract:Internet-of-Things (IoT) devices characterized by low power and low processing capabilities do not exactly fit into the provision of existing security techniques due to their constrained nature. Classical security algorithms that are built on complex cryptographic functions often require a level of processing that low-power IoT devices are incapable to effectively achieve due to limited power and processing resources. Consequently, the option for constrained IoT devices lies in either developing new security schemes or modifying existing ones to be more suitable for constrained IoT devices. In this work, an efficient security algorithm for constrained IoT devices, based on the advanced encryption standard, is proposed. We present a cryptanalytic overview of the consequence of complexity reduction together with a supporting mathematical justification, and provisioned a secure element (ATECC608A) as a tradeoff. The ATECC608A doubles for authentication and guarding against implementation attacks on the associated IoT device (ARM Cortex M4 micro-processor) in line with our analysis. The software implementation of the efficient algorithm for constrained IoT devices shows up to 35% reduction in the time it takes to complete the encryption of a single block (16 B) of plain text, in comparison to the currently used standard AES-128 algorithm, and in comparison to current results in literature at 26.6%.

computer science, information systems,telecommunications,engineering, electrical & electronic

Rui Chang,Liehui Jiang,Wenzhi Chen,Yang Xiang,Yuxia Cheng,Abdulhameed Alelaiwi

DOI: https://doi.org/10.1007/s10586-017-0833-4

2017-01-01

Cluster Computing

Abstract:With the rapid development of Internet of Things technology and the promotion of embedded devices’ computation performance, smart devices are probably open to security threats and attacks while connecting with rich and novel Internet. Attracting lots of attention in embedded system security community recently, Trusted Execution Environment (TEE), allows for the execution of arbitrary code within environments completely isolated from the rest of a system. However, existing memory protection methods in a TEE are inadequate. In general, the software-based formal methods are not practical and the hardware-based implementation approaches lack of theoretical proof. To address the memory isolation and protection problems in TEE, in this paper, we propose a practical memory integrity protection method on an ARM-based platform, called MIPE, to defend against security threats including kernel data attacks and direct memory access attacks. MIPE utilizes TrustZone technique to create a isolated execution environment, which can protect the sensitive code and data against attacks. To present the integrity protection strategies, we provide the design of MIPE using B method, which is a practical formal method. We also implement MIPE on the Xilinx Zynq ZC702 evaluation board. The evaluation results show that the automatic proof rate of machines using B method is about 78.32%, and the proposed method is effective and feasible in terms of both load time and overhead.

Pallavi Sivakumaran,Jorge Blasco

DOI: https://doi.org/10.48550/arXiv.2105.03135

2021-05-07

Cryptography and Security

Abstract:Recent high-profile attacks on the Internet of Things (IoT) have brought to the forefront the vulnerability of "smart" devices, and have resulted in numerous IoT-focused security analyses. Many of the attacks had weak device configuration as the root cause. One potential source of rich and definitive information about the configuration of an IoT device is the device's firmware. However, firmware analysis is complex and automated firmware analyses have thus far been confined to devices with more traditional operating systems such as Linux or VxWorks. Most IoT peripherals, due to lacking traditional operating systems and implementing a wide variety of communication technologies, have only been the subject of smaller-scale analyses. Peripheral firmware analysis is further complicated by the fact that such firmware files are predominantly available as stripped binaries, without the ELF headers and symbol tables that would simplify reverse engineering. In this paper, we present argXtract, an open-source automated static analysis tool, which extracts security-relevant configuration information from stripped IoT peripheral firmware. Specifically, we focus on binaries that target the ARM Cortex-M architecture, due to its growing popularity among IoT peripherals. argXtract overcomes the challenges associated with stripped Cortex-M analysis and is able to retrieve arguments to security-relevant supervisor and function calls, enabling automated bulk analysis of firmware files. We demonstrate this via three real-world case studies. The largest case study covers a dataset of 243 Bluetooth Low Energy binaries targeting Nordic Semiconductor chipsets, while the other two focus on Nordic ANT and STMicroelectronics BlueNRG binaries. The results reveal widespread lack of security and privacy controls in IoT, such as minimal or no protection for data, fixed passkeys and trackable device addresses.

Yunkai Bai,Andrew Stern,Jungmin Park,Mark Tehranipoor,Domenic Forte

DOI: https://doi.org/10.1145/3524123

IF: 1.447

2022-04-13

ACM Transactions on Design Automation of Electronic Systems

Abstract:Today, Internet of Things (IoT) and smart devices are being deployed in systems such as autonomous vehicles and medical monitoring devices. The introduction of IoT devices into these systems enables network connectivity for data transfer, cloud support, etc. but can also lead to malware injection. Since many IoT devices operate in remote environments, it is also difficult to protect them from physical tampering. Conventional protection approaches rely on software, but these can be circumvented by the moving target nature of malware or through hardware attacks. Alternatively, insertion of the internal monitoring circuits into IoT chips requires a design trade-off, balancing the requirements of the monitoring circuit and the main circuit. A very promising approach to detect anomalous behavior in IoT and other embedded systems is side-channel analysis. Till date, however, this can only be performed before deployment due to the cost and size of side-channel setups (e.g., oscilloscopes, probes, etc.) or by internal performance counters. Here, we introduce an external monitoring printed circuit board (PCB) named RASC to provide r emote a ccess to s ide- c hannels. RASC reduces the complete side-channel analysis system into two small PCBs (2cm × 2cm), providing the ability to monitor power and electromagnetic (EM) traces of the target device. Additionally, RASC can transmit data and/or alerts of anomalous activities detected to a remote host through Bluetooth. To demonstrate RASCs capabilities, we extract keys from encryption modules such as AES implemented on Arduino and FPGA boards. To illustrate RASC’s defensive capabilities, we also use it to perform malware detection. RASC’s success in power analysis is comparable to an oscilloscope/probe setup, but is lightweight and two orders of magnitude cheaper.

computer science, software engineering, hardware & architecture

Asanka Sayakkara,Nhien-An Le-Khac,Mark Scanlon

DOI: https://doi.org/10.48550/arXiv.1904.02089

2019-04-04

Abstract:Internet of Things (IoT) devices have expanded the horizon of digital forensic investigations by providing a rich set of new evidence sources. IoT devices includes health implants, sports wearables, smart burglary alarms, smart thermostats, smart electrical appliances, and many more. Digital evidence from these IoT devices is often extracted from third party sources, e.g., paired smartphone applications or the devices' back-end cloud services. However vital digital evidence can still reside solely on the IoT device itself. The specifics of the IoT device's hardware is a black-box in many cases due to the lack of proven, established techniques to inspect IoT devices. This paper presents a novel methodology to inspect the internal software activities of IoT devices through their electromagnetic radiation emissions during live device investigation. When a running IoT device is identified at a crime scene, forensically important software activities can be revealed through an electromagnetic side-channel analysis (EM-SCA) attack. By using two representative IoT hardware platforms, this work demonstrates that cryptographic algorithms running on high-end IoT devices can be detected with over 82% accuracy, while minor software code differences in low-end IoT devices could be detected over 90% accuracy using a neural network-based classifier. Furthermore, it was experimentally demonstrated that malicious modification of the stock firmware of an IoT device can be detected through machine learning-assisted EM-SCA techniques. These techniques provide a new investigative vector for digital forensic investigators to inspect IoT devices.

Cryptography and Security

Xi Tan,Zheyuan Ma,Sandro Pinto,Le Guan,Ning Zhang,Jun Xu,Zhiqiang Lin,Hongxin Hu,Ziming Zhao

2024-05-14

Abstract:Arm Cortex-M processors are the most widely used 32-bit microcontrollers among embedded and Internet-of-Things devices. Despite the widespread usage, there has been little effort in summarizing their hardware security features, characterizing the limitations and vulnerabilities of their hardware and software stack, and systematizing the research on securing these systems. The goals and contributions of this paper are multi-fold. First, we analyze the hardware security limitations and issues of Cortex-M systems. Second, we conducted a deep study of the software stack designed for Cortex-M and revealed its limitations, which is accompanied by an empirical analysis of 1,797 real-world firmware. Third, we categorize the reported bugs in Cortex-M software systems. Finally, we systematize the efforts that aim at securing Cortex-M systems and evaluate them in terms of the protections they offer, runtime performance, required hardware features, etc. Based on the insights, we develop a set of recommendations for the research community and MCU software developers.

Cryptography and Security,Hardware Architecture

Xuewen He,Yichuan Bai,Yujia Liu,Li Du,Zhongfeng Wang,Yuan Du

DOI: https://doi.org/10.1109/jiot.2023.3333203

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:In Internet of Things (IoT) endpoint devices, some data or address ciphers are used for real-time memory protection to mitigate some side-channel attacks against memories. To better meet the requirements of real-time memory protection, this article proposes a hardware engine of permutation-based address encryption (PAE) to implement memory address encryption with flexible width adaptation, low latency, and low hardware overhead. When evaluated with TSMC's 40-nm standard CMOS technology, PAE features lightweight characteristics with a gate count of 0.589 KGates, which is only 0.37% of advanced encryption standard (AES) and 33.50% of address cipher Galois field encryption (GF-Enc). The security of PAE in memory protection is quantitatively proven through both logic cryptanalysis and side-channel attacks. The results show that PAE performs effective mitigation in some side-channel attacks and provides better security than other address ciphers in resisting the brute-force attack, chosen-plaintext attack, and the differential attack. A RISC-V system with PAE and AES is deployed on an field-programmable gate array platform to analyze the impact on performance. The evaluation data show that PAE has no impact on system throughput in the case analysis, while AES reduces system throughput by 89.47%.

Yuchen Mei,Li Du,Xuewen He,Yuan Du,Xiaoliang Chen,Zhongfeng Wang

DOI: https://doi.org/10.1109/socc49529.2020.9524762

2020-01-01

Abstract:Most of the existing memory encryption techniques in IoT devices are based on data encryption. The level of security increases at the cost of the increased encryption algorithm complexity, resulting in large power consumption and area overhead for high-security devices. In this paper, we take a significantly different approach to encrypt the device memory through address encryption. A reconfigurable architecture called Permutation based Address Encryption (PAE) is proposed, for the first time, to encrypt the device memory with minor hardware overhead and much shorter processing time. The architecture is synthesized in SMIC 40nm standard CMOS technology. Compared with Data Encryption Standard (DES), the proposed PAE achieves 16x encryption speed and 1.4x effective key length. When combined with the DES, the PAE+DES encryption outperforms existing hardware Advanced Encryption Standard (AES) with almost 2x in power efficiency, more than 1.5x in area efficiency and better security, making it a promising hardware encryption technique for IoT devices.

Wei Wang,Lin Yang,Qian Zhang,Tao Jiang

DOI: https://doi.org/10.48550/arXiv.1801.09224

2018-01-28

Abstract:On-body devices are an intrinsic part of the Internet-of-Things (IoT) vision to provide human-centric services. These on-body IoT devices are largely embedded devices that lack a sophisticated user interface to facilitate traditional Pre-Shared Key based security protocols. Motivated by this real-world security vulnerability, this paper proposes SecureTag, a system designed to add defense in depth against active attacks by integrating physical layer (PHY) information with upper-layer protocols. The underpinning of SecureTag is a signal processing technique that extracts the peculiar propagation characteristics of creeping waves to discern on-body devices. Upon overhearing a suspicious transmission, SecureTag initiates a PHY-based challenge-response protocol to mitigate attacks. We implement our system on different commercial off-the-shelf (COTS) wearables and a smartphone. Extensive experiments are conducted in a lab, apartments, malls, and outdoor areas, involving 12 volunteer subjects of different age groups, to demonstrate the robustness of our system. Results show that our system can mitigate 96.13% of active attack attempts while triggering false alarms on merely 5.64% of legitimate traffic.

Networking and Internet Architecture

Chen Guo,Yang,Yanglin Zhou,Kuan Zhang,Song Ci

DOI: https://doi.org/10.1109/wcnc49053.2021.9417382

2021-01-01

Abstract:Due to the vulnerability of the Internet of Things (IoT), it is indispensable to provide adequate security services. These services are generally implemented through security protocols or algorithms and running on energy-sensitive IoT devices. In order to design energy-efficient algorithms to prolong the lifetime of IoT devices, the energy characteristics of those algorithms should be analyzed primarily. In this paper, we conduct an integrated static analysis method with dynamic tracing to provide a quantitative energy profile for popular security algorithms such as AES128, RSA, and SHA256. Specifically, binary instructions executed in the invoked function are measured and counted through remotely debugging each program on the Arm development board. Then, the fine-grained energy consumption inside a program is revealed by combining the instruction statistics and instruction-level energy model. The experimental results show that the energy consumption of a program is mainly consumed by a few primary functions and CPU-memory interaction instructions, and hence the functions can be implemented in different ways to reduce energy consumption. This meaningful energy consumption evaluation method for security algorithms is able to guide to optimizing existing algorithms for embedded security.

Thilo Krachenfels,Tuba Kiyan,Shahin Tajik,Jean-Pierre Seifert

DOI: https://doi.org/10.48550/arXiv.2102.11656

2021-02-23

Cryptography and Security

Abstract:The security of modern electronic devices relies on secret keys stored on secure hardware modules as the root-of-trust (RoT). Extracting those keys would break the security of the entire system. As shown before, sophisticated side-channel analysis (SCA) attacks, using chip failure analysis (FA) techniques, can extract data from on-chip memory cells. However, since the chip's layout is unknown to the adversary in practice, secret key localization and reverse engineering are onerous tasks. Consequently, hardware vendors commonly believe that the ever-growing physical complexity of the integrated circuit (IC) designs can be a natural barrier against potential adversaries. In this work, we present a novel approach that can extract the secret key without any knowledge of the IC's layout, and independent from the employed memory technology as key storage. We automate the -- traditionally very labor-intensive -- reverse engineering and data extraction process. To that end, we demonstrate that black-box measurements captured using laser-assisted SCA techniques from a training device with known key can be used to profile the device for a later key prediction on other victim devices with unknown keys. To showcase the potential of our approach, we target keys on three different hardware platforms, which are utilized as RoT in different products.

Surbhi Chhabra,Kusum Lata

DOI: https://doi.org/10.1007/s42979-022-01194-x

2022-05-24

SN Computer Science

Abstract:Intellectual Property (IP) core has evolved into a primary component of System-on-Chip (SoC). They address and implement a wide range of hardware functionalities within a chip core logic. Hence, IP reuse plays a prominent role in enhancing performance and reducing resource utilization in SoC, used in Internet-of-Things (IoT) devices. Unfortunately, continued growth and development in IoT devices raise a severe concern about the security of these IPs and require urgent authentication and encryption. The conventional cryptography methods may not be appropriate to secure IoT devices because of the rise in malicious hardware attacks. Physical Unclonable Functions (PUFs) are a promising approach used in IoT devices that prevent the IP against reverse-engineering, insertion of malicious activities or Trojans, piracy, cloning, and other threats. In this article, in particular, we integrated PUF with the traditional approach of Key-based Hardware Obfuscation to take advantage of PUF properties by generating secret keys that are unique and unclonable. We tested the PUF in terms of reliability, uniqueness, and uniformity. We also explore PUFs as a potential seed for Pseudo-Random Number Generators (PRNGs) to maximize obfuscation while minimizing area and power overhead. Furthermore, the PUF-based obfuscated model is applied to the Advanced Encryption Standard (AES) IP core to provide enhanced authentication as well as data encryption in IoT devices. Experimental results and NIST analysis show that the proposed model is resilient against reverse-engineering and compelling SAT and side-channel attacks. The proposed model is implemented on Basys3 FPGAs with minimum resource utilization, also compared with the current approaches.

Mingyu Yang,Tanvir Ahmed,Saya Inagaki,Kazuo Sakiyama,Yang Li,Yuko Hara-Azumi

DOI: https://doi.org/10.1109/jiot.2024.3355417

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:With the growth of Internet of Things (IoT) era, the protection of secret information on IoT devices is becoming increasingly important. For IoT devices, attacks that target information leakage through physical side-channels (e.g., a power side-channel) are a major threat in many use cases because IoT devices can be accessed easily by a hostile third party. However, securing resource-constrained IoT devices against side-channel attacks is a challenging issue. Generally, it is difficult to satisfy the requirements on side-channel protection while maintaining the low-power and real-time constrains of IoT devices. In this paper, we propose a hardware/software cooperative design for cryptosystems that is suitable for resource-constrained IoT devices. Combining a security-oriented processor design (i.e., an instruction set architecture definition and its architectural structure) and careful implementations of masked software implementation for cipher algorithms can effectively improve the power-performance-area (PPA) while suppressing power side-channel leakage. In our evaluation, for three ciphers (Chaskey, Simon, and AES), we demonstrate that our work is superior to state-of-the-art works (two RISC-V processors and a small-scale low-power processor) in terms of both PPA and power side-channel protection.

computer science, information systems,telecommunications,engineering, electrical & electronic

Xu Zhou,Pengfei Wang,Lei Zhou,Peng Xun,Kai Lu

DOI: https://doi.org/10.3390/s23229221

2023-11-16

Abstract:Embedded devices are pervasive nowadays with the rapid development of the Internet of Things (IoT). This brings significant security issues that make the security analysis of embedded devices important. This paper presents a survey on the security analysis research of embedded devices. First, we analyze the embedded device types and their operating systems. Then, we describe a major dynamic security analysis method for an embedded device, i.e., simulating the firmware of the embedded device and performing fuzzing on the web interface provided by the firmware. Third, we discuss some other issues in embedded security analysis, such as analyzing the attack surface, applying static analysis, and performing large-scale analysis. Based on these analyses, we finally conclude three challenges in the current research and present our insights for future research directions.

Majid Mumtaz,Luo Ping

DOI: https://doi.org/10.1016/j.ins.2020.05.075

IF: 8.1

2020-01-01

Information Sciences

Abstract:Standard RSA cryptosystem becomes vulnerable, when private key d < N-0.292 is used inside CryptoChips of constrained devices, thus an alternate scheme is the Common Prime RSA (CP-RSA) variant, which provides cryptographic (decryption/signing) operations. In this paper, we perform a cryptanalytic attack on CP-RSA using lattice basis reduction method that is used to exploit possible vulnerabilities of RSA small private key attacks. In addition, we performed detail experiments on CP-RSA weak or overestimated bounds and compare results to the past studies. Our implemented cryptanalytic attack implicates more precise and direct method to exploit the CP-RSA existing theoretical and experimental bounds. Also, our results prove that CP-RSA is an effective approach that provides resistance against standard RSA small private key attacks. (C) 2020 Elsevier Inc. All rights reserved.

Haji Akhundov,Erik van der Sluis,Said Hamdioui,Mottaqiallah Taouil

DOI: https://doi.org/10.5121/csit.2019.91328

2020-02-04

Abstract:Nowadays, Internet of Things (IoT) is a trending topic in the computing world. Notably, IoT devices have strict design requirements and are often referred to as constrained devices. Therefore, security techniques and primitives that are lightweight are more suitable for such devices, e.g., Static Random-Access Memory (SRAM) Physical Unclonable Functions (PUFs) and Elliptic Curve Cryptography (ECC). SRAM PUF is an intrinsic security primitive that is seeing widespread adoption in the IoT segment. ECC is a public-key algorithm technique that has been gaining popularity among constrained IoT devices. The popularity is due to using significantly smaller operands when compared to other public-key techniques such as RSA (Rivest Shamir Adleman). This paper shows the design, development, and evaluation of an application-specific secure communication architecture based on SRAM PUF technology and ECC for constrained IoT devices. More specifically, it introduces an Elliptic Curve Diffie-Hellman (ECDH) public-key based cryptographic protocol that utilizes PUF-derived keys as the root-of-trust for silicon authentication. Also, it proposes a design of a modular hardware architecture that supports the protocol. Finally, to analyze the practicality as well as the feasibility of the proposed protocol, we demonstrate the solution by prototyping and verifying a protocol variant on the commercial Xilinx Zynq-7000 APSoC device.

Cryptography and Security

Weizhen Wang,Jun Han,Zhicheng Xie,Shan Huang,Xiaoyang Zeng

DOI: https://doi.org/10.1109/isocc.2016.7799761

2016-01-01

Abstract:Together with the popularity of internet of things (IoT), the information security in IoT is becoming an urgent issue. In this paper, a cryptographic coprocessor is designed to provide security for IoT sensor nodes. This design incorporates the application-specific instruction set to support popular cryptography algorithms like advanced encryption standard (AES) and elliptic curve cryptography (ECC). The tailored instruction provides good flexibility, high energy efficiency and low latency. Local instruction and data ram is integrated into our coprocessor to reduce the instruction transfer between embedded processor and the coprocessor. Our work was synthesized under TSMC 65 nm technology. The measurement results show that our design consumes 32.7 uJ for each ECC point multiplication and 3 nJ for each AES encryption and decryption when working at 10 MHz.

Surbhi Chhabra,Kusum Lata

DOI: https://doi.org/10.1002/spy2.233

2022-04-06

Security and Privacy

Abstract:The global market of developing Internet of Things (IoT) devices increases rapidly with improved design goals like cost, energy efficiency, and performance. Unfortunately, the above design goals often come at the expense of security. Illegal access to the network, malicious device control, compromised sensitive information, and theft of personal data are main threats to these devices. As a result, the Advanced Encryption Standard (AES) is sometimes employed to ensure safe transmission and processing of data in IoT Systems. However, tampering, cloning, and reverse engineering are main concerns that impair the computational complexity of the 128‐bit AES at the hardware level. Recently hardware obfuscation‐based AES has emerged as a comprehensive hardware security approach for reducing threat impacts. The hardware obfuscation schemes efficiently introduce obfuscation keys for AES to conceal its functionality. The Xilinx Vivado 2016.2 software and BASYS‐3 FPGA have been used to implement obfuscated AES approaches in this work. The proposed methods have low resource usage in terms of area and power overhead while providing a high level of security in terms of Hamming Distance of 50% and Avalanche Effect of 40% for each obfuscation method. We have also analyzed the probability of success for brute‐force attacks for proposed methodologies.

Safiullah Khan,Kashif Inayat,Fahad Bin Muslim,Yasir Ali Shah,Muhammad Atif Ur Rehman,Ayesha Khalid,Malik Imran,Akmalbek Abdusalomov

DOI: https://doi.org/10.1007/s10207-024-00904-1

2024-09-01

International Journal of Information Security

Abstract:The Internet of Things (IoT) nodes consist of sensors that collect environmental data and then perform data exchange with surrounding nodes and gateways. Cybersecurity attacks pose a threat to the data security that is being transmitted in any IoT network. Cryptographic primitives are widely adopted to address these threats; however, the substantial computation demands limit their applicability in the IoT ecosystem. In addition, each IoT node varies with respect to the area and throughput (TP) requirements, thus demanding flexible implementation for encryption/decryption processes. To solve these issues, this work implements the NIST lightweight cryptography standard, Ascon, on a SAED 32 nm process design kit (PDK) library by employing loop folded, loop unrolled and fully unrolled architectures. The fully unrolled architecture can achieve the highest TP but at the cost of higher area utilisation. Unrolling by a lower factor results in lower area implementations, enabling the exploration of design space to tackle the trade-off between area and TP performance of the design. The implementation results show that, for loop folded architecture, Ascon-128 and Ascon-128a require 36.7k and 38.5k chip area, respectively compared to 277.1k and 306.6k required by their fully unrolled implementations. The proposed implementation strategies can adjust the number of rounds to accommodate the varied requirements of IoT ecosystems. An implementation with an open-source 45 nm PDK library is also undertaken for enhanced generalization and reproducibility of the results.

computer science, information systems, theory & methods, software engineering