/pdf/sec-x-2-recommended-elliptic-curve-domain-parameters-54wojro6fg.pdf

SEC X.2: Recommended Elliptic Curve Domain Parameters

SPICE est un logiciel qui m’a beaucoup émerveillé lorsque j’étais étudiant, de par sa puissance et sa simplicité d’utilisation. Il est vrai que nous faisions beaucoup de travaux pratiques en électronique, et le simple fait de pouvoir mettre son circuit sous forme de liste, appelée netlist, et de le simuler était une découverte fascinante. SPICE a servi de modèle à nombre d’autres programmes de simulation, dans les universités et dans l’industrie, grâce à son modèle précoce Open Source. Aujourd’hui toute l’électronique se concentre sur une puce, et les logiciels de simulation utilisés sont plutôt du type VHDL [1], voire mixte continu/événementiel [2], mais dont la plupart sont inspirés de SPICE. Actuellement, on édite de manière graphique son schéma et on lance directement la simulation depuis son interface graphique. Ce qu’il faut savoir c’est que bon nombre de ces interfaces graphiques construisent une netlist et c’est un SPICE adapté qui fera la simulation par-derrière. La première version de SPICE date de 1972 et a été écrite en fortran, rapidement suivie par la deuxième version en 1975. Il faudra attendre 1989 pour voir la troisième version (définitive) de SPICE, écrite en C. Il est remarquable d’observer que la troisième version fût la dernière, avec des mises à jour mineures et qui se déclinent en lettre, la dernière étant 3f5. Aujourd’hui, et dans cet article, on utilisera Ngspice [3] qui est basé sur la dernière version de SPICE, et qui se trouve sous licence GNU GPL2. Il est fourni par le groupe de développement gEDA [4] qui a repris le flambeau pour le développement de tous les logiciels de simulation ou de conception de circuits électroniques.

SPICE – Simulation Program with Integrated Circuit Emphasis

Modern computing systems are overwhelmingly designed to move data to computation. This design choice goes directly against at least three key trends in computing that cause performance, scalability and energy bottlenecks: (1) data access is a key bottleneck as many important applications are increasingly data-intensive, and memory bandwidth and energy do not scale well, (2) energy consumption is a key limiter in almost all computing platforms, especially server and mobile systems, (3) data movement, especially off-chip to on-chip, is very expensive in terms of bandwidth, energy and latency, much more so than computation. These trends are especially severely-felt in the data-intensive server and energy-constrained mobile systems of today. At the same time, conventional memory technology is facing many technology scaling challenges in terms of reliability, energy, and performance. As a result, memory system architects are open to organizing memory in different ways and making it more intelligent, at the expense of higher cost. The emergence of 3D-stacked memory plus logic, the adoption of error correcting codes inside the latest DRAM chips, proliferation of different main memory standards and chips, specialized for different purposes (e.g., graphics, low-power, high bandwidth, low latency), and the necessity of designing new solutions to serious reliability and security issues, such as the RowHammer phenomenon, are an evidence of this trend. This chapter discusses recent research that aims to practically enable computation close to data, an approach we call processing-in-memory (PIM). PIM places computation mechanisms in or near where the data is stored (i.e., inside the memory chips, in the logic layer of 3D-stacked memory, or in the memory controllers), so that data movement between the computation units and memory is reduced or eliminated.

A Modern Primer on Processing in Memory.

Interconnecting “things” and devices that takes the form of wearables, sensors, actuators, mobiles, computers, meters, or even vehicles is a critical requirement for the current era. These inter-networked connections are serving the emerging applications home and building automation, smart cities and infrastructure, smart industries, and smart-everything. However, the security of these connected Internet of things (IoT) plays a centric role with no margin for error. After a review of the relevant, online literature on the topic and after looking at the market trends and developments, one can notice that there are still concerns with regard to security in IoT products and services. This paper is focusing on a survey on IoT security and aims to highlight the most significant problems related to safety and security in the IoT ecosystems. This survey identifies the general threat and attack vectors against IoT devices while highlighting the flaws and weak points that can lead to breaching the security. Furthermore, this paper presents solutions for remediation of the compromised security, as well as methods for risk mitigation, with prevention and improvement suggestions.

https://link.springer.com/content/pdf/10.1007/s42979-020-00201-3.pdf

Security Considerations for Internet of Things: A Survey

Physical Unclonable Functions (PUFs) are expected to represent an important solution for secure ID generation and authentication etc. In general, PUFs are considered to be more secure the larger their output entropy. However, the entropy of conventional PUFs is lower than the output bit length, because some output bits are random numbers, which are regarded as unnecessary for ID generation and discarded. We propose a novel PUF structure based on a Butterfly PUF with multiple RS latches, which generates larger entropy by utilizing location information of the RS latches generating random numbers. More specifically, while conventional PUFs generate binary values (0/1), the proposed PUF generates ternary values (0/1/random) in order to increase entropy. We estimate the entropy of the proposed PUF. According to our experiment with 40 FPGAs, a Butterfly PUF with 128 RS latches can improve entropy from 116 bits to 192.7 bits, this being maximized when the frequency of each ternary value is equal. We also show the appropriate RS latch structure for satisfying this condition, and validate it through an FPGA experiment.

Uniqueness Enhancement of PUF Responses Based on the Locations of Random Outputting RS Latches

High performance and area efficient Secure Hash Algorithm (SHA-3) hardware realization is investigated and proposed in this work. In addition to the new and simplified round constant (RC) generator, the presented SHA-3 hash implementations employed architectural optimization approaches based on the concepts of unrolling, pipelining and subpipelining. This has therefore produced a total of five implementations of SHA-3 which are denoted as Cases I-V in both FPGA and ASIC. Considering the trade-offs between the performance and hardware cost, the best architecture in term of the throughput and area efficiency is identified in Case V. The architecture has the highest throughput of 16.51 Gbps and area efficiency of 11.47 Mbps/slices for the FPGA implementation. While in ASIC, our best implementation (Case V) achieves the highest throughput of 48 Gbps.

A New High Throughput and Area Efficient SHA-3 Implementation

Securing thousands of connected, resource-constrained computing devices is a major challenge nowadays. Adding to the challenge, third party service providers need regular access to the system. To ensure the integrity of the system and authenticity of the software vendor, secure boot is supported by several commercial processors. However, the existing solutions are either complex, or have been compromised by determined attackers. In this scenario, open-source secure computing architectures are poised to play an important role for designers and white hat attackers. In this manuscript, we propose a lightweight hardware-based secure boot architecture. The architecture uses efficient implementation of Elliptic Curve Digital Signature Algorithm (ECDSA), Secure Hash Algorithm 3 (SHA3) hashing algorithm and Direct Memory Access (DMA). In addition, the architecture includes Key Management Unit, which incorporates an optimized Physical Unclonable Function (PUF) for providing keys to the security blocks of the System on Chip (SoC), among which, secure boot and remote attestation. We demonstrated the framework on RISC-V based SoC. Detailed analysis of performance and security for the platform is presented.

/pdf/lightweight-secure-boot-architecture-for-risc-v-system-on-2vwziq7a5g.pdf

Lightweight Secure-Boot Architecture for RISC-V System-on-Chip

Modern mobile devices, such as smartphones, tablets, and laptops, are idle most of the time but they remain connected to communication channels even when idle. This operation mode is called connected-standby. To increase battery life in the connected-standby mode, a mobile device enters the deepest-runtime-idle-power state (DRIPS), which minimizes power consumption and retains fast wake-up capability. In this work, we identify three sources of energy inefficiency in modern DRIPS designs and introduce three techniques to reduce the power consumption of mobile devices in connected-standby. To our knowledge, this is the first work to explicitly focus on and improve the connected-standby power management of high-performance mobile devices, with evaluations on a real system. We propose the optimized-deepest-runtime-idle-power state (ODRIPS), a mechanism that dynamically: 1) offloads the monitoring of wake-up events to low-power off-chip circuitry, which enables turning off all of the processor's clock sources, 2) offloads all of the processor's input/output functionality off-chip and power-gates the corresponding on-chip input/output functions, and 3) transfers the processor's context to a secure memory region inside DRAM, which eliminates the need to store the context using on-chip high-leakage SRAMs, thereby reducing leakage power. We implement ODRIPS in Intel's Skylake client processor and its associated Sunrise-Point chipset. An analysis of ODRIPS on a real system reveals that it reduces the platform average power consumption in connected-standby mode by 22%. We also identify an opportunity to further reduce ODRIPS power by using emerging low-power non-volatile memory (instead of DRAM) to store the processor context.

Techniques for Reducing the Connected-Standby Energy Consumption of Mobile Devices

There are three domains in a modern thermally-constrained mobile system-on-chip (SoC): compute, IO, and memory. We observe that a modern SoC typically allocates a fixed power budget, corresponding to worst-case performance demands, to the IO and memory domains even if they are underutilized. The resulting unfair allocation of the power budget across domains can cause two major issues: 1) the IO and memory domains can operate at a higher frequency and voltage than necessary, increasing power consumption and 2) the unused power budget of the IO and memory domains cannot be used to increase the throughput of the compute domain, hampering performance. To avoid these issues, it is crucial to dynamically orchestrate the distribution of the SoC power budget across the three domains based on their actual performance demands. We propose SysScale, a new multi-domain power management technique to improve the energy efficiency of mobile SoCs. SysScale is based on three key ideas. First, SysScale introduces an accurate algorithm to predict the performance (e.g., bandwidth and latency) demands of the three SoC domains. Second, SysScale uses a newDVFS (dynamic voltage and frequency scaling) mechanism to distribute the SoC power to each domain according to the predicted performance demands. This mechanism is designed to minimize the significant latency overheads associated with applying DVFS across multiple domains. Third, in addition to using a global DVFS mechanism, SysScale uses domain-specialized techniques to optimize the energy efficiency of each domain at different operating points. We implement SysScale on an Intel Skylake microprocessor for mobile devices and evaluate it using a wide variety of SPEC CPU2006, graphics (3DMark), and battery life workloads (e.g., video playback). On a 2-core Skylake, SysScale improves the performance of SPEC CPU2006 and 3DMark workloads by up to 16% and 8.9% (9.2% and 7.9% on average), respectively. For battery life workloads, which typically have fixed performance demands, SysScale reduces the average power consumption by up to 10.7% (8.5% on average), while meeting performance demands.

SysScale: exploiting multi-domain dynamic voltage and frequency scaling for energy efficient mobile processors

The rising tide of attacks, in the recent years, against microprocessors and the system-on-chip (SoC) space as a whole, has led to a growing number of studies into security of SoCs. Security fortification is often incorporated as a follow-up feature to existing systems and many vulnerabilities cannot be patched without significantly degrading performance. A holistic approach to address the security challenge needs to include security-first design principles, security-aware test and verification methodologies, and well-quantified performance trade-off analysis. In this paper, we report the design principles of ITUS 1, a secure SoC based on RISC-V architecture. In parallel, a systematic overview of various design and automation efforts towards achieving SoC security is presented.1after Itus, a relevant name from Greek mythology

Jawad Haj-Yahya

Papers

A New High Throughput and Area Efficient SHA-3 Implementation

Lightweight Secure-Boot Architecture for RISC-V System-on-Chip

Techniques for Reducing the Connected-Standby Energy Consumption of Mobile Devices

SysScale: exploiting multi-domain dynamic voltage and frequency scaling for energy efficient mobile processors

ITUS: A Secure RISC-V System-on-Chip