Change search
Link to record
Permanent link

Direct link
BETA
Publications (10 of 103) Show all publications
Dubrova, E. (2018). A reconfigurable arbiter PUF with 4 x 4 switch blocks. In: Proceedings of The International Symposium on Multiple-Valued Logic: . Paper presented at 48th IEEE International Symposium on Multiple-Valued Logic, ISMVL 2018, 16 May 2018 through 18 May 2018 (pp. 31-37). IEEE Computer Society
Open this publication in new window or tab >>A reconfigurable arbiter PUF with 4 x 4 switch blocks
2018 (English)In: Proceedings of The International Symposium on Multiple-Valued Logic, IEEE Computer Society , 2018, p. 31-37Conference paper, Published paper (Refereed)
Abstract [en]

Physical Unclonable Functions (PUFs) exploit manufacturing process variation to create responses that are unique to individual integrated circuits (ICs). Typically responses of a PUF cannot be modified once the PUF is fabricated. In applications which use PUFs as a long-Term secret key, it would be useful to have a simple mechanism for reconfiguring the PUF in order to update the key periodically. In this paper, we present a new type of arbiter PUFs which use 4 x 4 switch blocks instead of the conventional 2 x 2 ones. Each 4 x 4 switch block can be reconfigured in many different ways during the PUF's lifetime, making possible regular key updates. © 2018 IEEE.

Place, publisher, year, edition, pages
IEEE Computer Society, 2018
Keywords
Arbiter PUF, Cryptographic primitive, Reconfigurable PUF, Secret key, Switch block, Tamper resistance, Access control, Computer circuits, Electric switches, Integrated circuits, Many valued logics, Cryptographic primitives, Reconfigurable, Switch blocks, Cryptography
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Identifiers
urn:nbn:se:kth:diva-238075 (URN)10.1109/ISMVL.2018.00014 (DOI)2-s2.0-85050963826 (Scopus ID)9781538644638 (ISBN)
Conference
48th IEEE International Symposium on Multiple-Valued Logic, ISMVL 2018, 16 May 2018 through 18 May 2018
Note

Conference code: 138144; Export Date: 30 October 2018; Conference Paper; CODEN: PSMLD; Correspondence Address: Dubrova, E.; Department of Electronics, Royal Institute of Technology (KTH)Sweden; email: dubrova@kth.se

QC 20190114

Available from: 2019-01-14 Created: 2019-01-14 Last updated: 2019-01-14Bibliographically approved
Dubrova, E. & Teslenko, M. (2018). An efficient SAT-based algorithm for finding short cycles in cryptographic algorithms. In: Proceedings of the 2018 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2018: . Paper presented at 2018 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2018, The Ritz-CarltonWashington, United States, 30 April 2018 through 4 May 2018 (pp. 65-72). Institute of Electrical and Electronics Engineers (IEEE)
Open this publication in new window or tab >>An efficient SAT-based algorithm for finding short cycles in cryptographic algorithms
2018 (English)In: Proceedings of the 2018 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2018, Institute of Electrical and Electronics Engineers (IEEE), 2018, p. 65-72Conference paper, Published paper (Refereed)
Abstract [en]

The absence of short cycles is a desirable property for cryptographic algorithms that are iterated. Furthermore, as demonstrated by the cryptanalysis of A5, short cycles can be exploited to reduce the complexity of an attack. We present an algorithm which uses a SAT-based bounded model checking for finding all short cycles of a given length. The existing Boolean Decision Diagram (BDD) based algorithms for finding cycles have limited capacity due to the excessive memory requirements of BDDs. The simulation-based algorithms can be applied to larger problem instances, however, they cannot guarantee the detection of all cycles of a given length. The same holds for general-purpose SAT-based model checkers. The presented algorithm can handle cryptographic algorithms with very large state spaces, including important ciphers such as Trivium and Grain-128. We found that these ciphers contain short cycles whose existence, to our best knowledge, was previously unknown. This potentially opens new possibilities for cryptanalysis.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2018
National Category
Computer Sciences
Identifiers
urn:nbn:se:kth:diva-238200 (URN)10.1109/HST.2018.8383892 (DOI)000436024900009 ()2-s2.0-85049955585 (Scopus ID)9781538647318 (ISBN)
Conference
2018 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2018, The Ritz-CarltonWashington, United States, 30 April 2018 through 4 May 2018
Note

QC 20181121

Available from: 2018-11-21 Created: 2018-11-21 Last updated: 2018-11-21Bibliographically approved
Yu, Y., Tao, S. & Dubrova, E. (2018). Comparison of CRC and KECCAK Based Message Authentication for Resource-Constrained Devices. In: 2018 16th IEEE International New Circuits and Systems Conference, NEWCAS 2018: . Paper presented at 16th IEEE International New Circuits and Systems Conference (NEWCAS), JUN 24-27, 2018, Montreal, Canada (pp. 217-220). IEEE
Open this publication in new window or tab >>Comparison of CRC and KECCAK Based Message Authentication for Resource-Constrained Devices
2018 (English)In: 2018 16th IEEE International New Circuits and Systems Conference, NEWCAS 2018, IEEE , 2018, p. 217-220Conference paper, Published paper (Refereed)
Abstract [en]

With the growth of Internet-of-Things (IoT), billions of low-end devices become connected to provide new services appealing to users. The value of the information to which these devices have access via network is increasing, too, making them an attractive target for cyberattacks. Low-end IoT devices typically have very limited computing, storage and energy resources. Therefore, it is not always possible to use conventional cryptographic algorithms for their protection. In this paper, we investigate whether a cryptographically secure Cyclic Redundancy Check (CRC)-based Message Authentication Code (CMAC) and a KEccAK-based Message Authentication Code (KMAC) satisfy limitations of resource-constrained IoT devices. We implement the 128-bits CMAC and the 128-bits KMAC in 65nm CMOS and compare their performance. To our best knowledge, no hardware implementations of CMAC and KMAC have been presented so far. Our evaluation shows that, for 1.2V operating voltage and clock frequencies above 1 MHz, the CMAC128 is at least 32 times more area-efficient and at least 21 times more power-efficient than the KMAC128.

Place, publisher, year, edition, pages
IEEE, 2018
Series
IEEE International New Circuits and Systems Conference, ISSN 2472-467X
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Identifiers
urn:nbn:se:kth:diva-245982 (URN)10.1109/NEWCAS.2018.8585692 (DOI)000458806300051 ()2-s2.0-85060881203 (Scopus ID)978-1-5386-4859-9 (ISBN)
Conference
16th IEEE International New Circuits and Systems Conference (NEWCAS), JUN 24-27, 2018, Montreal, Canada
Note

QC 20190313

Available from: 2019-03-13 Created: 2019-03-13 Last updated: 2019-03-13Bibliographically approved
Tao, S., Yu, Y. & Dubrova, E. (2018). FPGA Based True Random Number Generators Using Non-Linear Feedback Ring Oscillators. In: 2018 16th IEEE International New Circuits and Systems Conference, NEWCAS 2018: . Paper presented at 16th IEEE International New Circuits and Systems Conference, NEWCAS 2018; Montreal; Canada; 24 June 2018 through 27 June 2018 (pp. 213-216). IEEE
Open this publication in new window or tab >>FPGA Based True Random Number Generators Using Non-Linear Feedback Ring Oscillators
2018 (English)In: 2018 16th IEEE International New Circuits and Systems Conference, NEWCAS 2018, IEEE, 2018, p. 213-216Conference paper, Published paper (Refereed)
Abstract [en]

True random number generators (TRNGs) are important hardware primitives required for many applications including cryptography, conmumication, and statistical simulation. This paper presents a non-linear feedback ring oscillator (NI, FRO) based entropy source for implementing high performance TRNGs on FPGAs. The proposed NLFRO structures harvest randomness from noise and unpredictable variation in delay cells and bi-stable elements which are further amplified by non-linear feedback loops. The outputs of NLFROs show chaotic behavior, making them suitable for implementing high entropy, high speed and attack resistance TRNGs. Three NLFRO-TRNGs are implemented and tested on an Altera 60nm FPGA device. Raw entropy and statistical properties of the NLFRO-TRNGs are examined by the NIST 800-22 entropy estimation and NIST 800-90B statistical test suits. Compared to the prior art, experimental NLFRO-TRNGs show higher entropy and lower resource usage while consuming sub-milliwatt at 200 Mbps.

Place, publisher, year, edition, pages
IEEE, 2018
Series
IEEE International New Circuits and Systems Conference, ISSN 2472-467X
National Category
Other Electrical Engineering, Electronic Engineering, Information Engineering
Identifiers
urn:nbn:se:kth:diva-245984 (URN)10.1109/NEWCAS.2018.8585569 (DOI)000458806300050 ()2-s2.0-85060845911 (Scopus ID)978-1-5386-4859-9 (ISBN)
Conference
16th IEEE International New Circuits and Systems Conference, NEWCAS 2018; Montreal; Canada; 24 June 2018 through 27 June 2018
Note

QC 20190311

Available from: 2019-03-11 Created: 2019-03-11 Last updated: 2019-03-11Bibliographically approved
Dubrova, E., Selander, G., Näslund, M. & Lindqvist, F. (2018). Lightweight message authentication for constrained devices. In: WiSec 2018 - Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks: . Paper presented at 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2018, 18 June 2018 through 20 June 2018 (pp. 196-201). Association for Computing Machinery (ACM)
Open this publication in new window or tab >>Lightweight message authentication for constrained devices
2018 (English)In: WiSec 2018 - Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks, Association for Computing Machinery (ACM), 2018, p. 196-201Conference paper, Published paper (Refereed)
Abstract [en]

Message Authentication Codes (MACs) used in today's wireless communication standards may not be able to satisfy resource limitations of simpler 5G radio types and use cases such as machine type communications. As a possible solution, we present a lightweight message authentication scheme based on the cyclic redundancy check (CRC). It has been previously shown that a CRC with an irreducible generator polynomial as the key is an -almost XOR-universal (AXU) hash function with = (m + n)/2n-1, where m is the message size and n is the CRC size. While the computation of n-bit CRCs can be efficiently implemented in hardware using linear feedback shift registers, generating random degree-n irreducible polynomials is computationally expensive for large n. We propose using a product of k irreducible polynomials whose degrees sum up to n as a generator polynomial for an n-bit CRC and show that the resulting hash functions are -AXU with = (m + n)k/2n -k. The presented message authentication scheme can be seen as providing a trade-off between security and implementation efficiency.

Place, publisher, year, edition, pages
Association for Computing Machinery (ACM), 2018
Keywords
CRC, Data integrity, Message authentication, Universal hashing
National Category
Communication Systems
Identifiers
urn:nbn:se:kth:diva-238189 (URN)10.1145/3212480.3212482 (DOI)000456097500020 ()2-s2.0-85050922730 (Scopus ID)9781450357319 (ISBN)
Conference
11th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2018, 18 June 2018 through 20 June 2018
Note

QC 20181120

Available from: 2018-11-20 Created: 2018-11-20 Last updated: 2019-02-12Bibliographically approved
Yu, Y., Dubrova, E., Näslund, M. & Tao, S. (2018). On Designing PUF-Based TRNGs with Known Answer Tests. In: Nurmi, J Ellervee, P Mihhailov, J Jenihhin, M Tammemae, K (Ed.), 2018 IEEE Nordic Circuits and Systems Conference, NORCAS 2018: NORCHIP and International Symposium of System-on-Chip, SoC 2018 - Proceedings: . Paper presented at 4th IEEE Nordic Circuits and Systems Conference, NORCAS 2018: NORCHIP and International Symposium of System-on-Chip, SoC 2018; Tallinn; Estonia; 30 October 2018 through 31 October 2018. Institute of Electrical and Electronics Engineers (IEEE), Article ID 8573489.
Open this publication in new window or tab >>On Designing PUF-Based TRNGs with Known Answer Tests
2018 (English)In: 2018 IEEE Nordic Circuits and Systems Conference, NORCAS 2018: NORCHIP and International Symposium of System-on-Chip, SoC 2018 - Proceedings / [ed] Nurmi, J Ellervee, P Mihhailov, J Jenihhin, M Tammemae, K, Institute of Electrical and Electronics Engineers (IEEE), 2018, article id 8573489Conference paper, Published paper (Refereed)
Abstract [en]

Random numbers are widely used in cryptographic algorithms and protocols. A faulty true random number generator (TRNG) may open a door into a system in spite of cryptographic protection. It is therefore important to design TRNGs so that they can be tested at different stages of their lifetime to assure their trustworthiness. In this paper, we propose a method for designing physical unclonable function (PUF)-based TRNGs which can be tested in-field by known answer tests. We present a prototype FPGA implementation of the proposed TRNG based on an arbiter PUF which passes all NIST 800-22 statistical tests and has the minimal entropy of 0.918 estimated according to NIST 800-90B recommendations. This is a nontrivial achievement given that arbiter PUFs are notoriously hard to place in a symmetric manner in FPGAs.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2018
Keywords
TRNG, PRNG, PUF, known answer test
National Category
Computer Sciences
Identifiers
urn:nbn:se:kth:diva-249923 (URN)10.1109/NORCHIP.2018.8573489 (DOI)000462188200011 ()2-s2.0-85060609654 (Scopus ID)9781538676561 (ISBN)
Conference
4th IEEE Nordic Circuits and Systems Conference, NORCAS 2018: NORCHIP and International Symposium of System-on-Chip, SoC 2018; Tallinn; Estonia; 30 October 2018 through 31 October 2018
Note

QC 20190426

Available from: 2019-04-26 Created: 2019-04-26 Last updated: 2019-04-26Bibliographically approved
Yu, Y., Teijeira, V. D., Marranghello, F. & Dubrova, E. (2018). One-sided countermeasures for side-channel attacks can backfire. In: WiSec 2018 - Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks: . Paper presented at 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2018, 18 June 2018 through 20 June 2018 (pp. 299-301). Association for Computing Machinery, Inc
Open this publication in new window or tab >>One-sided countermeasures for side-channel attacks can backfire
2018 (English)In: WiSec 2018 - Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks, Association for Computing Machinery, Inc , 2018, p. 299-301Conference paper, Published paper (Refereed)
Abstract [en]

Side-channel attacks are currently one of the most powerful attacks against implementations of cryptographic algorithms. They exploit the correlation between the physical measurements (power consumption, electromagnetic emissions, timing) taken at different points during the computation and the secret key. Some of the existing countermeasures offer a protection against one specific type of side channel only. We show that it can be a bad practice which can make exploitation of other side-channels easier. First, we perform a power analysis attack on an FPGA implementation of the Advanced Encryption Standard (AES) which is not protected against side-channel attacks and estimate the number of power traces required to extract its secret key. Then, we repeat the attack on AES implementations which are protected against fault injections by hardware redundancy and show that they can be broken with three times less power traces than the unprotected AES. We also demonstrate that the problem cannot be solved by complementing the duplicated module, as previously proposed. Our results show that there is a need for increasing knowledge about side-channel attacks and designing stronger countermeasures.

Place, publisher, year, edition, pages
Association for Computing Machinery, Inc, 2018
Keywords
AES, Countermeasure, Duplication with comparison, Duplication with complementation, Power analysis, Side-channel attack, Data privacy, Mobile telecommunication systems, Wireless networks, Advanced Encryption Standard, Complementation, Cryptographic algorithms, Electromagnetic emissions, Physical measurement, Side channel attack
National Category
Communication Systems
Identifiers
urn:nbn:se:kth:diva-236305 (URN)10.1145/3212480.3226104 (DOI)000456097500039 ()2-s2.0-85050937391 (Scopus ID)9781450357319 (ISBN)
Conference
11th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2018, 18 June 2018 through 20 June 2018
Note

QC 20181023

Available from: 2018-10-23 Created: 2018-10-23 Last updated: 2019-02-12Bibliographically approved
Li, P., Guo, Y., Guo, Y., Fan, Y., Guo, X., Liu, X., . . . Wang, A. (2018). Self-balanced real-time photonic scheme for ultrafast random number generation. APL PHOTONICS, 3(6), Article ID 061301.
Open this publication in new window or tab >>Self-balanced real-time photonic scheme for ultrafast random number generation
Show others...
2018 (English)In: APL PHOTONICS, ISSN 2378-0967, Vol. 3, no 6, article id 061301Article in journal (Refereed) Published
Abstract [en]

We propose a real-time self-balanced photonic method for extracting ultrafast random numbers from broadband randomness sources. In place of electronic analog-to-digital converters (ADCs), the balanced photo-detection technology is used to directly quantize optically sampled chaotic pulses into a continuous random number stream. Benefitting from ultrafast photo-detection, our method can efficiently eliminate the generation rate bottleneck from electronic ADCs which are required in nearly all the available fast physical random number generators. A proof-of-principle experiment demonstrates that using our approach 10 Gb/s real-time and statistically unbiased random numbers are successfully extracted from a bandwidth-enhanced chaotic source. The generation rate achieved experimentally here is being limited by the bandwidth of the chaotic source. The method described has the potential to attain a real-time rate of 100 Gb/s.

Place, publisher, year, edition, pages
AMER INST PHYSICS, 2018
National Category
Atom and Molecular Physics and Optics
Identifiers
urn:nbn:se:kth:diva-232267 (URN)10.1063/1.5029498 (DOI)000436860100004 ()2-s2.0-85055401499 (Scopus ID)
Note

QC 20180719

Available from: 2018-07-19 Created: 2018-07-19 Last updated: 2019-03-18Bibliographically approved
Dubrova, E. & Hell, M. (2017). Espresso: A stream cipher for 5G wireless communication systems. Cryptography and Communications, 9(2), 273-289
Open this publication in new window or tab >>Espresso: A stream cipher for 5G wireless communication systems
2017 (English)In: Cryptography and Communications, ISSN 1936-2447, E-ISSN 1936-2455, Vol. 9, no 2, p. 273-289Article in journal (Refereed) Published
Abstract [en]

The demand for more efficient ciphers is a likely to sharpen with new generation of products and applications. Previous cipher designs typically focused on optimizing only one of the two parameters - hardware size or speed, for a given security level. In this paper, we present a methodology for designing a class of stream ciphers which takes into account both parameters simultaneously. We combine the advantage of the Galois configuration of NLFSRs, short propagation delay, with the advantage of the Fibonacci configuration of NLFSRs, which can be analyzed formally. According to our analysis, the presented stream cipher Espresso is the fastest among the ciphers below 1500 GE, including Grain-128 and Trivium.

Place, publisher, year, edition, pages
Springer, 2017
Keywords
stream cipher, nonlinear function, encryption, feedback shift register
National Category
Communication Systems
Identifiers
urn:nbn:se:kth:diva-183976 (URN)10.1007/s12095-015-0173-2 (DOI)000396435400006 ()2-s2.0-85010001764 (Scopus ID)
Funder
Swedish e‐Science Research Center, SM12-0005
Note

QC 20170221

Available from: 2016-03-21 Created: 2016-03-21 Last updated: 2017-11-30Bibliographically approved
Tao, S. & Dubrova, E. (2017). MVL-PUFs: multiple-valued logic physical unclonable functions. International journal of circuit theory and applications, 45(2), 292-304
Open this publication in new window or tab >>MVL-PUFs: multiple-valued logic physical unclonable functions
2017 (English)In: International journal of circuit theory and applications, ISSN 0098-9886, E-ISSN 1097-007X, Vol. 45, no 2, p. 292-304Article in journal (Refereed) Published
Abstract [en]

Physical unclonable functions (PUFs) are promising hardware security primitives suitable for protecting resource-constrained devices. In this paper, we propose to use multiple-valued logic (MVL) for implementing hardware-efficient PUF integrated circuits. We show that by extracting device mismatch in either current-mode or voltage-mode MVL comparators, the proposed PUF circuits can generate unique and reliable chip identifiers. In order to stabilize PUF responses, we utilize multiple thresholds of MVL comparators, whose outputs are selected and combined according to the sensed temperature. To reduce power and further enhance reliability, the PUF circuits are biased in the weak-inversion region. Evaluation results show that the proposed MVL-PUFs are unique and reliable over a wide temperature range. In addition, they significantly improve the energy efficiency of the state-of-the-art PUFs.

Place, publisher, year, edition, pages
John Wiley & Sons, 2017
Keywords
physical unclonable functions (PUFs), multiple-valued logic (MVL), CMOS integrated circuits, chip identification, hardware security, energy efficiency
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Identifiers
urn:nbn:se:kth:diva-205104 (URN)10.1002/cta.2287 (DOI)000394580600011 ()2-s2.0-85006293340 (Scopus ID)
Funder
Swedish Foundation for Strategic Research , SM14-0016
Note

QC 20170626

Available from: 2017-06-26 Created: 2017-06-26 Last updated: 2017-11-13Bibliographically approved
Organisations
Identifiers
ORCID iD: ORCID iD iconorcid.org/0000-0001-7382-9408

Search in DiVA

Show all publications