scispace - formally typeset
Search or ask a question
Proceedings ArticleDOI

Zero Knowledge Authentication for Reuse of IPs in Reconfigurable Platforms

TL;DR: This work proposes a zero knowledge authentication strategy for safe reusing of RIPs that relies on verification of proof of authentication (PoA) mark embedded in the RIP by the RIP producers, and experimental results validate the proposed mechanism.
Abstract: A key challenge of the embedded era is to ensure trust in reuse of intellectual properties (IPs), which facilitates reduction of design cost and meeting of stringent marketing deadlines. Determining source of the IPs or their authenticity is a key metric to facilitate safe reuse of IPs. Though physical unclonable functions solves this problem for application specific integrated circuit (ASIC) IPs, authentication strategies for reconfigurable IPs (RIPs) or IPs of reconfigurable hardware platforms like field programmable gate arrays (FPGAs) are still in their infancy. Existing authentication techniques for RIPs that relies on verification of proof of authentication (PoA) mark embedded in the RIP by the RIP producers, leak useful clues about the PoA mark. This results in replication and implantation of the PoA mark in fake RIPs. This not only causes loss to authorized second hand RIP users, but also poses risk to the reputation of the RIP producers. We propose a zero knowledge authentication strategy for safe reusing of RIPs. The PoA of an RIP producer is kept secret and verification is carried out based on traversal times from the initial point to several intermediate points of the embedded PoA when the RIPs configure an FPGA. Such delays are user specific and cannot be replicated as these depend on intrinsic properties of the base semiconductor material of the FPGA, which is unique and never same as that of another FPGA. Experimental results validate our proposed mechanism. High strength even for low overhead ISCAS benchmarks, considered as PoA for experimentation depict the prospects of our proposed methodology.
References
More filters
Journal ArticleDOI
01 Jan 2001-Science
TL;DR: The concept of fabrication complexity is introduced as a way of quantifying the difficulty of materially cloning physical systems with arbitrary internal states as primitives for physical analogs of cryptosystems.
Abstract: Modern cryptography relies on algorithmic one-way functions—numerical functions which are easy to compute but very difficult to invert. This dissertation introduces physical one-way functions and physical one-way hash functions as primitives for physical analogs of cryptosystems. Physical one-way functions are defined with respect to a physical probe and physical system in some unknown state. A function is called a physical one-way function if (a) there exists a deterministic physical interaction between the probe and the system which produces an output in constant time; (b) inverting the function using either computational or physical means is difficult; (c) simulating the physical interaction is computationally demanding and (d) the physical system is easy to make but difficult to clone. Physical one-way hash functions produce fixed-length output regardless of the size of the input. These hash functions can be obtained by sampling the output of physical one-way functions. For the system described below, it is shown that there is a strong correspondence between the properties of physical one-way hash functions and their algorithmic counterparts. In particular, it is demonstrated that they are collision-resistant and that they exhibit the avalanche effect, i.e., a small change in the physical system causes a large change in the hash value. An inexpensive prototype authentication system based on physical one-way hash functions is designed, implemented, and analyzed. The prototype uses a disordered three-dimensional microstructure as the underlying physical system and coherent radiation as the probe. It is shown that the output of the interaction between the physical system and the probe can be used to robustly derive a unique tamper-resistant identifier at a very low cost per bit. The explicit use of three-dimensional structures marks a departure from prior efforts. Two protocols, including a one-time pad protocol, that illustrate the utility of these hash functions are presented and potential attacks on the authentication system are considered. Finally, the concept of fabrication complexity is introduced as a way of quantifying the difficulty of materially cloning physical systems with arbitrary internal states. Fabrication complexity is discussed in the context of an idealized machine—a Universal Turing Machine augmented with a fabrication head—which transforms algorithmically minimal descriptions of physical systems into the systems themselves. (Copies available exclusively from MIT Libraries, Rm. 14-0551, Cambridge, MA 02139-4307. Ph. 617-253-5668; Fax 617-253-1690.)

1,665 citations


"Zero Knowledge Authentication for R..." refers background or methods in this paper

  • ...This can be facilitated via physical unclonable functions (PUFs) for ASIC IPs [17]....

    [...]

  • ...For this, we take the aid of the concept that side channel parameters obtained for a functional operation depend on the intrinsic semiconductor material of a device [17], which in the present case is FPGAs and varies with each operating environment....

    [...]

  • ...al and was used to generate PUFs for fabricated devices [17]....

    [...]

  • ...fabricated devices and hard IPs [17], [18]....

    [...]

Journal ArticleDOI
TL;DR: Simulation results for a set of ISCAS-89 benchmark circuits and the advanced-encryption-standard IP core show that high levels of security can be achieved at less than 5% area and power overhead under delay constraint.
Abstract: Hardware intellectual-property (IP) cores have emerged as an integral part of modern system-on-chip (SoC) designs. However, IP vendors are facing major challenges to protect hardware IPs from IP piracy. This paper proposes a novel design methodology for hardware IP protection using netlist-level obfuscation. The proposed methodology can be integrated in the SoC design and manufacturing flow to simultaneously obfuscate and authenticate the design. Simulation results for a set of ISCAS-89 benchmark circuits and the advanced-encryption-standard IP core show that high levels of security can be achieved at less than 5% area and power overhead under delay constraint.

468 citations


"Zero Knowledge Authentication for R..." refers background in this paper

  • ...Obfuscation techniques for key based cryptocores [16] are also a part of lock-based security mechanisms....

    [...]

Journal ArticleDOI
TL;DR: A novel noninvasive, multiple-parameter side-channel analysisbased Trojan detection approach that uses the intrinsic relationship between dynamic current and maximum operating frequency of a circuit to isolate the effect of a Trojan circuit from process noise.
Abstract: Hardware Trojan attack in the form of malicious modification of a design has emerged as a major security threat. Sidechannel analysis has been investigated as an alternative to conventional logic testing to detect the presence of hardware Trojans. However, these techniques suffer from decreased sensitivity toward small Trojans, especially because of the large process variations present in modern nanometer technologies. In this paper, we propose a novel noninvasive, multiple-parameter side-channel analysisbased Trojan detection approach. We use the intrinsic relationship between dynamic current and maximum operating frequency of a circuit to isolate the effect of a Trojan circuit from process noise. We propose a vector generation approach and several design/test techniques to improve the detection sensitivity. Simulation results with two large circuits, a 32-bit integer execution unit (IEU) and a 128-bit advanced encryption standard (AES) cipher, show a detection resolution of 1.12 percent amidst ±20 percent parameter variations. The approach is also validated with experimental results. Finally, the use of a combined side-channel analysis and logic testing approach is shown to provide high overall detection coverage for hardware Trojan circuits of varying types and sizes.

207 citations


"Zero Knowledge Authentication for R..." refers background in this paper

  • ...But the size of the fake RIP will be huge and such vulnerability will be detected via side channel analysis techniques [21]....

    [...]

Journal ArticleDOI
TL;DR: A procedure for intellectual property protection of digital circuits called IPP@HDL is presented, which relies on hosting the bits of the digital signature within memory structures or combinational logic that are part of the system at the high level description of the design.
Abstract: In this paper, a procedure for intellectual property protection (IPP) of digital circuits called IPP@HDL is presented. Its aim is to protect the author rights in the development and distribution of reusable modules by means of an electronic signature. The technique relies on hosting the bits of the digital signature within memory structures or combinational logic that are part of the system, at the high level description of the design. Thus, the area of the system is not increased and the signature is difficult to change or to remove without damaging the design. The technique also includes a procedure for secure signature extraction requiring minimal modifications to the system and without interfering its normal operation. The benefits of the presented procedure are illustrated with programmable logic and cell-based application-specific integrated circuit examples with several signature lengths. These design examples show no performance degradation and a negligible area increase, while probabilistic analyses show that the proposed IPP scheme offers high resistance against attacks.

123 citations