HOST 2019: INTERNATIONAL SYMPOSIUM ON HARDWARE-ORIENTED SECURITY AND TRUST
PROGRAM FOR THURSDAY, MAY 9TH
Days:
previous day
next day
all days

View: session overviewtalk overview

07:45-08:45Registration and Continental Breakfast
08:45-09:45 Session 15: Plenary Session - Invited Visionary Talk II and Invited Visionary Talk III

VISIONARY TALK II

Speaker: Dr. Matthew Areno, Principal Engineer, Intel

Title: Challenges with System-level Security Assessment in Modern Computing Environments

Abstract: Computing systems today include more firmware on more devices than ever before. Although firmware used to be located primarily in CPU flash and executed only by the corresponding CPU, today nearly every component or device has its own firmware executed by its own processor or microcontroller. Securing all firmware data in the three key stages (at rest/in use/in transit) is typically not mandated by any specific standard and has thus created a significant challenge in attempting to assess a system’s security state. This presentation will cover current attempts by industry to address this issue, as well as discuss potential collaborations between government, industry, and academia to support this work.

 

VISIONARY TALK III

Speaker: Dr. Matthew Casto, Program Manager, Microelectronics, Office of the Secretary of Defense for Research and Engineering (OSD R&E)

Title: Security and Trust: Are they "Analog"ous?

Abstract: Over the last decade, a large amount of research has focused on security and trust in hardware. Security primitives and techniques have been developed to protect hardware from threats, secure the IC supply chain, and expose and address vulnerabilities. A vast majority of the research has primarily focused on digital ICs and functional verification, where analog and mixed signal (AMS) devices, systems, and analysis, which hold the highest share of risk in the market, have been neglected. The solutions developed in digital domain do not extend well to AMS systems, continuing to leave a major portion of the electronic systems market insecure and untrustworthy.  This talk will focus on challenges, opportunities, and early research results in AMS ICs with a discussion on the taxonomy and applications of analog security and trust.

Chair:
Domenic Forte (University of Florida, United States)
09:45-10:00Break
10:00-11:40 Session 16: Assorted Technical Session
Chair:
Vivek Venugopalan (USC ISI, United States)
10:00
M. Sadegh Riazi (University of California San Diego, United States)
Mojan Javaheripi (University of California San Diego, United States)
Siam Umar Hussain (University of California San Diego, United States)
Farinaz Koushanfar (University of California San Diego, United States)
MPCircuits: Optimized Circuit Generation for Secure Multi-Party Computation

ABSTRACT. Secure Multi-party Computation (MPC) is one of the most influential achievements of modern cryptography: it allows evaluation of an arbitrary function on private inputs from multiple parties without revealing the inputs. A crucial step of utilizing MPC protocols is to describe the function as a Boolean circuit. While efficient solutions have been proposed for special case of two-party secure computation, the general case of more than two-party is not addressed. This paper proposes MPCircuits, the first automated solution to devise the optimized Boolean circuit representation for any MPC function using hardware synthesis tools with new customized libraries that are scalable to multiple parties. MPCircuits creates a new end-to-end tool-chain to facilitate practical scalable MPC realization. To illustrate the practicality of MPCircuits, we design and implement a set of five circuits that represent real-world MPC problems. Our benchmarks inherently have different computational and communication complexities and are good candidates to evaluate MPC protocols. We also formalize the metrics by which a given protocol can be analyzed. We provide extensive experimental evaluations for these benchmarks; two of which are the first reported solutions in multi-party settings. As our experimental results indicate, MPCircuits can reduce the computation time of MPC protocols by up to 5.9x.

10:20
Daniel Dinu (Virginia Tech, United States)
Archanaa Santhana Krishnan (Virginia Tech, United States)
Patrick Schaumont (Virginia Tech, United States)
SIA: Secure Intermittent Architecture for Off-the-Shelf Resource-Constrained Microcontrollers

ABSTRACT. Recent advancements in energy-harvesting techniques provide an alternative to batteries for resource-constrained IoT devices and lead to a new computing paradigm, the intermittent computing model. In this model, a software module continues its execution from where it left off when an energy shortage occurred. Enforcing security of an intermittent software module is challenging because its power-off state has to be protected from a malicious adversary in addition to its power-on state, while the security mechanisms put in place must have a low overhead on the performance, resource consumption, and cost of a device.

In this paper, we propose SIA (Secure Intermittent Architecture), a security architecture for resource-constrained IoT devices. SIA leverages low-cost security features available in commercial off-the-shelf microcontrollers to protect both the power-on and power-off state of an intermittent software module. Therefore, SIA enables a host of secure intermittent computing applications such as self-attestation, remote attestation, and secure communication. Moreover, our architecture provides confidentiality and integrity guarantees to an intermittent computing module at no cost compared to previous approaches in the literature that impose significant overheads. The salient characteristic of SIA is that it does not require any hardware modifications, and hence, it can be directly applied to existing IoT devices.

We implemented and evaluated SIA on a resource-constrained IoT device based on an MSP430 processor. Besides being secure, SIA is simple and efficient. We confirm the feasibility of SIA for resource-constrained IoT devices with experimental results of several intermittent computing applications. Our prototype implementation outperforms by two to three orders of magnitude the secure intermittent computing solution of Suslowicz et al. presented at IGSC 2018.

10:40
Manaar Alam (Indian Institute of Technology, Kharagpur, India)
Sarani Bhattacharya (Indian Institute of Technology, Kharagpur, India)
Swastika Dutta (Indian Institute of Technology, Kharagpur, India)
Sayan Sinha (IIT Kharagpur, India)
Debdeep Mukhopadhyay (IIT Kharagpur, India, India)
Anupam Chattopadhyay (Nanyang Technological University, Singapore)
RATAFIA: Ransomware Analysis using Time And Frequency Informed Autoencoders

ABSTRACT. Ransomware can produce direct and controllable economic loss making it one of the most prominent threats in cybersecurity. According to the latest statistics, more than half of the malwares reported in Q1 of 2017 are ransomwares, and there is a potential threat of novice cybercriminals accessing ransomware-as-a-service. The concept of public-key based data kidnapping and subsequent extortion was first introduced in 1996. Since then, variants of ransomware emerged with different cryptosystems and larger key sizes; however, the underlying techniques remained the same. There are several works in the literature which propose a generic framework to detect these ransomwares; though, most of them target ransomwares having specific classes of the encryption algorithm. In addition to it, most of these methods either require Operating System kernel modification or have high detection latency. In this work, we present a generalized two-step unsupervised detection framework: RATAFIA which uses a Deep Neural Network architecture and Fast Fourier Transformation to develop a highly accurate, fast and reliable solution to ransomware detection using minimal tracepoints. The proposed method does not require any Operating System kernel modification making it adaptable to most of the modern-day system. We also introduce a special detection module for successful identification of benign disk encryption processes having similar characteristics like malicious ransomware programs but having a different intention. We provide a comprehensive study to evaluate the performance of RATAFIA in the presence of standard benchmark programs, disk encryption and regular high computational processes in the light of software security.

11:00
Michael Tempelmeier (Technical University of Munich, Germany)
Maximilian Werner (Technical University of Munich, Germany)
Georg Sigl (Technical University of Munich, Germany)
Using Hardware Software Codesign for Optimised Implementations of High-Speed and Defence in Depth CEASAR Finalists

ABSTRACT. In this work, we present five optimised implementations on a Xilinx-Zynq7200 SoC for the high-speed and defence in depth finalists of the CAESAR competition for finding authenticated encryption ciphers. We eliminated the standard interfaces used during the competition. Through optimised interfaces between hardware and software, we were able to get both performance improvements as well as reduction in used programmable logic. The performance of our implementations is comparable to pure hardware implementations, but our implementations are 50% smaller. Compared to pure SW implementations we are 16 times faster. Comparing the different algorithms, we come to the conclusion that Colm allows the fastest implementation.

11:20
Andreas Herkle (University of Ulm, Germany)
Holger Mandry (University of Ulm, Germany)
Joachim Becker (University of Ulm, Germany)
Maurits Ortmanns (University of Ulm, Germany)
In-depth Analysis and Enhancements of RO-PUFs with a Partial Reconfiguration Framework on Xilinx Zynq-7000 SoC FPGAs

ABSTRACT. Physical unclonable functions are excellent candi- dates to generate secret information on-chip without the need for secure storage. Ring-oscillator based PUFs have been receiving much attention over the years due to their easy design and superior statistical characteristics on field programmable gate arrays. Although previous work has improved their statistical measures and provided deeper insights, there are still gaps to be filled. Therefore, we present an in-depth analysis of RO-PUFs on Xilinx Zynq-7000 FPGAs with a framework based on partial reconfiguration. This approach allows for full-chip characteriza- tion of 100% of the targeted area. Based on the measured data and beforehand extracted delay estimations, we will show how to identify and avoid potential bias in the final PUF placement. By utilizing DSP48 slices, we designed an enhanced counter. Together with the addition of a second feedback path in the ring-oscillators for glitch avoidance and a reference normalization, we could reduce their frequency standard deviation to 0.0229% at a much shorter evaluation time of 10µs compared to the state-of-the- art, while maintaining the maximum inter-hamming distance. We also investigated the influence of spatial distribution on different RO pairings and found that the influence of chip variations are much higher than the difference between logic elements. The measurement data and the framework will be made accessible to interested researchers to provide them with a data basis for further research on the topic.

11:40-11:50 Session 17: HOST Closing Remarks
Chair:
Domenic Forte (University of Florida, United States)
11:50-13:00Lunch (TAME and ESSA attendees only)
17:30-18:30TAME and ESSA Reception