From New Technologies to New Solutions: Exploiting FRAM Memories to Enhance Physical Security
|
|
- Alyson Hardy
- 5 years ago
- Views:
Transcription
1 From New Technologies to New Solutions: Exploiting FRAM Memories to Enhance Physical Security Stéphanie Kerckhof, François-Xavier Standaert, Eric Peeters CARDIS 2013 November 2013 Microelectronics Laboratory Exploiting FRAM Memories - November
2 Context Ferroelectric RAM (FRAM): non-volatile RAM using special dielectric material Integrated in Texas Instruments microcontrollers Microelectronics Laboratory Exploiting FRAM Memories - November
3 Context Ferroelectric RAM (FRAM): non-volatile RAM using special dielectric material Integrated in Texas Instruments microcontrollers Flash FRAM Program memory only Unified memory 10 5 reprogramming reprogramming 1 page (256 bytes) at a time 1 byte at a time 4,5 ms per page write or erase a few clock cycles per byte Microelectronics Laboratory Exploiting FRAM Memories - November
4 Context non-volatile memory useful for countermeasures needing secure precomputations Microelectronics Laboratory Exploiting FRAM Memories - November
5 Context non-volatile memory useful for countermeasures needing secure precomputations Two questions: FRAM as a more secure technology against side channel attacks? FRAM as a more efficient way to implement existing countermeasures? Microelectronics Laboratory Exploiting FRAM Memories - November
6 Context non-volatile memory useful for countermeasures needing secure precomputations Two questions: FRAM as a more secure technology against side channel attacks? FRAM as a more efficient way to implement existing countermeasures? We follow the second approach: Improving past results Shuffling Making new results possible Masking with RLUT Microelectronics Laboratory Exploiting FRAM Memories - November
7 Outline 1 Improving Past Results: Shuffling What is Shuffling? Previous Implementation FRAM Implementation 2 Making New Results Possible: Masking with RLUT 3 Conclusion Microelectronics Laboratory Exploiting FRAM Memories - November
8 What is Shuffling? Shuffling: Modifies the order in which independent operations are performed Example: time Normal execution S(x 0 ) S(x 1 ) S(x 2 ) Shuffled execution S(x 7 ) S(x 0 ) S(x 15 ) S(x 15 ) S(x 1 ) Microelectronics Laboratory Exploiting FRAM Memories - November
9 What is Shuffling? Goal: Spread points of interest over t cycles Amplify physical noise by forcing the adversary to combine multiple points Microelectronics Laboratory Exploiting FRAM Memories - November
10 What is Shuffling? Goal: Spread points of interest over t cycles Amplify physical noise by forcing the adversary to combine multiple points S(x 0 ) Microelectronics Laboratory Exploiting FRAM Memories - November
11 What is Shuffling? Goal: Spread points of interest over t cycles Amplify physical noise by forcing the adversary to combine multiple points S(x 0 ) S(x 7 ) Microelectronics Laboratory Exploiting FRAM Memories - November
12 What is Shuffling? Goal: Spread points of interest over t cycles Amplify physical noise by forcing the adversary to combine multiple points S(x 0 ) S(x 7 )... Microelectronics Laboratory Exploiting FRAM Memories - November
13 Outline 1 Improving Past Results: Shuffling What is Shuffling? Previous Implementation FRAM Implementation 2 Making New Results Possible: Masking with RLUT 3 Conclusion Microelectronics Laboratory Exploiting FRAM Memories - November
14 Shuffling - Randomized Program Memory Program Memory 1. Shuffle program memory 2. Execute S(x 0 ) 3. Execute S(x 1 ) 4. Execute S(x 2 ) 5. Execute S(x 3 )... Data Memory Permutation Proposed by Veyrat-Charvillon et al. at Asiacrypt 2012 Microelectronics Laboratory Exploiting FRAM Memories - November
15 Shuffling - Randomized Program Memory Program Memory 1. Shuffle program memory 2. Execute S(x 0 ) 3. Execute S(x 1 ) 4. Execute S(x 2 ) 5. Execute S(x 3 )... Data Memory Permutation Proposed by Veyrat-Charvillon et al. at Asiacrypt 2012 Microelectronics Laboratory Exploiting FRAM Memories - November
16 Shuffling - Randomized Program Memory Program Memory 1. Shuffle program memory 2. Execute S(x 07 ) 3. Execute S(x 10 ) 4. Execute S(x 215 )) 5. Execute S(x 3 )... Data Memory Permutation Proposed by Veyrat-Charvillon et al. at Asiacrypt 2012 Microelectronics Laboratory Exploiting FRAM Memories - November
17 Shuffling - Randomized Program Memory Program Memory 1. Shuffle program memory 2. Execute S(x 07 ) 3. Execute S(x 10 ) 4. Execute S(x 215 )) 5. Execute S(x 3 )... Data Memory Permutation Proposed by Veyrat-Charvillon et al. at Asiacrypt 2012 Microelectronics Laboratory Exploiting FRAM Memories - November
18 Shuffling - Randomized Program Memory Program Memory 1. Shuffle program memory 2. Execute S(x 07 ) 3. Execute S(x 10 ) 4. Execute S(x 215 )) 5. Execute S(x 3 )... Data Memory Permutation Proposed by Veyrat-Charvillon et al. at Asiacrypt 2012 Microelectronics Laboratory Exploiting FRAM Memories - November
19 Outline 1 Improving Past Results: Shuffling What is Shuffling? Previous Implementation FRAM Implementation 2 Making New Results Possible: Masking with RLUT 3 Conclusion Microelectronics Laboratory Exploiting FRAM Memories - November
20 Shuffling with FRAM Setup: MSP430FR5739 Texas Instrument microcontroller 16-bit RISC CPU 16 kb of FRAM Implementation of the countermeasure: Definition of an AES having sets of 16 independent operations Addition of dummy key-schedule operations Access to FRAM memory between each operation Security evaluation: Similar to the one presented at Asiacrypt 2012 Microelectronics Laboratory Exploiting FRAM Memories - November
21 Shuffling with FRAM Code Size Data Size Unprotected AES Perm. Generation Shuffled AES Code Shuffling AES execution Total Unshuffled version of AES for reference Difference between unprotected and shuffled AES mainly due to dummy key schedule Microelectronics Laboratory Exploiting FRAM Memories - November
22 Shuffling with FRAM Cycle Count Unprotected AES 5800 Perm. Generation 2240 Shuffled AES Code Shuffling 2751 AES execution 8479 Total TI microcontrollers only have 12 available registers Intermediate state must be stored in memory TI implementation slower than AVR one (3546 cycles) Precomputation time divided by 100 compared to AVR: 0,19 ms (at 16 MHz) vs 18 ms Difference between unprotected and shuffled AES mainly due to dummy key schedule Microelectronics Laboratory Exploiting FRAM Memories - November
23 Outline 1 Improving Past Results: Shuffling 2 Making New Results Possible: Masking with RLUT Description of RLUT contermeasure Application to Reduced LED Results 3 Conclusion Microelectronics Laboratory Exploiting FRAM Memories - November
24 Masking with Randomized Look Up Tables (RLUT) k x S S(x m k) L1 L3 S(x k) m C q a L2 b L2 L4 Typical boolean masking of order 1 Microelectronics Laboratory Exploiting FRAM Memories - November
25 Masking with Randomized Look Up Tables (RLUT) P k k x S S(x m k) L1 L3 S(x k) m C q a L2 b L2 L4 Key addition included in precomputed table P k Microelectronics Laboratory Exploiting FRAM Memories - November
26 Masking with Randomized Look Up Tables (RLUT) x x m Pk Pk(x m) L1 L3 Pk(x) m C q a L2 b L2 L4 Key addition included in precomputed table P k Microelectronics Laboratory Exploiting FRAM Memories - November
27 Masking with Randomized Look Up Tables (RLUT) G1 a1 x x m Pk G2 Pk(x m) L1 L3 a3 Pk(x) m C q a L2 b L2 L4 Replace of x m operations by Gi = x m a i ai = precomputed random mask Microelectronics Laboratory Exploiting FRAM Memories - November
28 Masking with Randomized Look Up Tables (RLUT) x G1 G1(x,m) Pk Pk(G1(x,m)) L1 L3 G2 Pk(x) m C q a L2 b L2 L4 Replace of x m operations by Gi = x m a i ai = precomputed random mask Microelectronics Laboratory Exploiting FRAM Memories - November
29 Masking with Randomized Look Up Tables (RLUT) R x G1 G1(x,m) Pk a2 Pk(G1(x,m)) L1 L3 G2 Pk(x) m C q a L2 b L2 RC L4 Randomization of P k (and C) using a random variable Microelectronics Laboratory Exploiting FRAM Memories - November
30 Masking with Randomized Look Up Tables (RLUT) x G1 G1(x,m) R R(G1(x,m)) L1 L3 ig2 Pk(x) m RC q a L2 b L2 L4 Microelectronics Laboratory Exploiting FRAM Memories - November
31 Masking with Randomized Look Up Tables (RLUT) x G1 G1(x,m) R R(G1(x,m)) L1 L3 ig2 Pk(x) m RC q a L2 b L2 L4 G1, G 2, R and RC are precomputed Microelectronics Laboratory Exploiting FRAM Memories - November
32 Masking with Randomized Look Up Tables (RLUT) x G1 G1(x,m) R R(G1(x,m)) L1 L3 ig2 Pk(x) m RC q a L2 b L2 L4 G1, G 2, R and RC are precomputed Unconditional security if secure precomputations Microelectronics Laboratory Exploiting FRAM Memories - November
33 Outline 1 Improving Past Results: Shuffling 2 Making New Results Possible: Masking with RLUT Description of RLUT contermeasure Application to Reduced LED Results 3 Conclusion Microelectronics Laboratory Exploiting FRAM Memories - November
34 Application to Reduced LED Reduced version of LED: 16-bit state 1 to 4 rounds Microelectronics Laboratory Exploiting FRAM Memories - November
35 Application to Reduced LED Implementation details: 16 kb TI FRAM microcontroller LFSR with CRC-32 polynomial used to generate random variables a i Efficient arrangement of the 4-bit precomputed tables in memory MixColumn layer applied on each of the shares Microelectronics Laboratory Exploiting FRAM Memories - November
36 Outline 1 Improving Past Results: Shuffling 2 Making New Results Possible: Masking with RLUT Description of RLUT contermeasure Application to Reduced LED Results 3 Conclusion Microelectronics Laboratory Exploiting FRAM Memories - November
37 Results - Program Size Program size [bytes] Implementation Prediction [SPV 2012] Number of rounds Prediction in terms of number of rounds, number of S-Boxes and S-Box size Offset between curves = LED program size Microelectronics Laboratory Exploiting FRAM Memories - November
38 Results - Precomputation Time Cycle count Implementation Prediction [SPV 2012] Number of rounds Elementary operations Prediction in terms of elementary operations Here, 1 elementary operation 40 clock cycles Microelectronics Laboratory Exploiting FRAM Memories - November
39 Results - Observations Memory and time requirements can be predicted for the parameters of any cipher Full LED implementation requires: 70 kb of memory (128kB FRAM microcontroller soon available) A precomputation time of 35 ms at 16 MHz Possible performances vs security tradeoffs: Partial masking with RLUT Partial refreshing of the precomputed tables (e.g.: refreshing 10% of the table takes as much cycles as order 3 masking scheme) Microelectronics Laboratory Exploiting FRAM Memories - November
40 Conclusion FRAM enables efficient implementation of countermeasures needing precomputations Improvement for the shuffling countermeasure Makes the RLUT masking possible If secure precomputation is possible, RLUT provides unconditional security against side-channel attacks Future scope of research: Impact of partial recomputation in leaking environment Design of block ciphers suited to implementation with RLUT Microelectronics Laboratory Exploiting FRAM Memories - November
41 Thank you! Microelectronics Laboratory Exploiting FRAM Memories - November
Low Randomness Masking and Shulfifgn:
Low Randomness Masking and Shulfifgn: An Evaluation Using Mutual Information Kostas Papagiannopoulos kostaspap88@gmail.com kpcrypto.net Radboud University Nijmegen Digital Security Department The Netherlands
More informationTime-Memory Trade-Offs for Side-Channel Resistant Implementations of Block Ciphers. Praveen Vadnala
Time-Memory Trade-Offs for Side-Channel Resistant Implementations of Block Ciphers Praveen Vadnala Differential Power Analysis Implementations of cryptographic systems leak Leaks from bit 1 and bit 0 are
More informationA Block Cipher Based Pseudo Random Number Generator Secure against Side-Channel Key Recovery
A Block Cipher Based Pseudo Random Number Generator Secure against Side-Channel Key Recovery Christophe Petit 1, François-Xavier Standaert 1, Olivier Pereira 1, Tal G. Malkin 2, Moti Yung 2 1, Université
More informationVariety of scalable shuffling countermeasures against side channel attacks
Variety of scalable shuffling countermeasures against side channel attacks Nikita Veshchikov, Stephane Fernandes Medeiros, Liran Lerman Department of computer sciences, Université libre de Bruxelles, Brussel,
More informationData Logger Subsystems Mark Buccini February 2012
Data Logger Subsystems Mark Buccini February 2012 Full Disclosure Mark E. Buccini ULP Staff at TI 25+ years strategy, applications, marketing, sales, and management experience Lead MSP430 worldwide introduction
More informationCESEL: Flexible Crypto Acceleration. Kevin Kiningham Dan Boneh, Mark Horowitz, Philip Levis
CESEL: Flexible Crypto Acceleration Kevin Kiningham Dan Boneh, Mark Horowitz, Philip Levis Cryptography Mathematical operations to secure data Fundamental for building secure systems Computationally intensive:
More informationAn Architecture-Independent Instruction Shuffler to Protect against Side-Channel Attacks
An Architecture-Independent Instruction Shuffler to Protect against Side-Channel Attacks ALI GALIP BAYRAK, NIKOLA VELICKOVIC, and PAOLO IENNE, Ecole Polytechnique Fédérale de Lausanne (EPFL) WAYNE BURLESON,
More informationThreshold Implementations. Svetla Nikova
Threshold Implementations Svetla Nikova Threshold Implementations A provably secure countermeasure Against (first) order power analysis based on multi party computation and secret sharing 2 Outline Threshold
More informationCOS433/Math 473: Cryptography. Mark Zhandry Princeton University Spring 2017
COS433/Math 473: Cryptography Mark Zhandry Princeton University Spring 2017 Previously Pseudorandom Functions and Permutaitons Modes of Operation Pseudorandom Functions Functions that look like random
More informationEliminating Random Permutation Oracles in the Even-Mansour Cipher. Zulfikar Ramzan. Joint work w/ Craig Gentry. DoCoMo Labs USA
Eliminating Random Permutation Oracles in the Even-Mansour Cipher Zulfikar Ramzan Joint work w/ Craig Gentry DoCoMo Labs USA ASIACRYPT 2004 Outline Even-Mansour work and open problems. Main contributions
More informationFIDES: Lightweight Authentication Cipher with Side-Channel Resistance for Constrained Hardware
FIDES: Lightweight Authentication Cipher with Side-Channel Resistance for Constrained Hardware Begül Bilgin, Andrey Bogdanov, Miroslav Knežević, Florian Mendel, and Qingju Wang DIAC 2013, Chicago 1 Side
More informationLocal and Direct EM Injection of Power into CMOS Integrated Circuits.
Local and Direct EM Injection of Power into CMOS Integrated Circuits. F. Poucheret 1,4, K.Tobich 2, M.Lisart 2,L.Chusseau 3, B.Robisson 4, P. Maurine 1 LIRMM Montpellier 1 ST Microelectronics Rousset 2
More informationIntroduction to Cryptography CS 355
Introduction to Cryptography CS 355 Lecture 25 Mental Poker And Semantic Security CS 355 Fall 2005 / Lecture 25 1 Lecture Outline Review of number theory The Mental Poker Protocol Semantic security Semantic
More informationpaioli Power Analysis Immunity by Offsetting Leakage Intensity Sylvain Guilley perso.enst.fr/ guilley Telecom ParisTech
paioli Power Analysis Immunity by Offsetting Leakage Intensity Pablo Rauzy rauzy@enst.fr pablo.rauzy.name Sylvain Guilley guilley@enst.fr perso.enst.fr/ guilley Zakaria Najm znajm@enst.fr Telecom ParisTech
More informationREACTIVE POWER COMPENSATION IN DISTRIBUTION SYSTEM
REACTIVE POWER COMPENSATION IN DISTRIBUTION SYSTEM Piyush Upadhyay, Praveen Nagar, Priya Chhaperwal, Rajat Agarwal, Sarfaraz Nawaz Department of Electrical Engineering, SKIT M& G, Jaipur ABSTRACT In this
More informationPower Analysis Attacks on SASEBO January 6, 2010
Power Analysis Attacks on SASEBO January 6, 2010 Research Center for Information Security, National Institute of Advanced Industrial Science and Technology Table of Contents Page 1. OVERVIEW... 1 2. POWER
More informationSecret Key Systems (block encoding) Encrypting a small block of text (say 128 bits) General considerations for cipher design:
Secret Key Systems (block encoding) Encrypting a small block of text (say 128 bits) General considerations for cipher design: Secret Key Systems (block encoding) Encrypting a small block of text (say 128
More informationCorrelation Power Analysis of Lightweight Block Ciphers
Correlation Power Analysis of Lightweight Block Ciphers From Theory to Practice Alex Biryukov Daniel Dinu Johann Großschädl SnT, University of Luxembourg ESC 2017 (University of Luxembourg) CPA of Lightweight
More informationPower Analysis Based Side Channel Attack
CO411/2::Individual Project I & II Report arxiv:1801.00932v1 [cs.cr] 3 Jan 2018 Power Analysis Based Side Channel Attack Hasindu Gamaarachchi Harsha Ganegoda http://www.ce.pdn.ac.lk Department of Computer
More informationPower Analysis an overview. Agenda. Measuring power consumption. Measuring power consumption (2) Benedikt Gierlichs, KU Leuven - COSIC.
Power Analysis an overview Agenda Benedikt Gierlichs KU Leuven COSIC, Belgium benedikt.gierlichs@esat.kuleuven.be Measurements Analysis Pre-processing Summer School on Design and security of cryptographic
More informationI. INTRODUCTION II. LITERATURE REVIEW
ABSTRACT 2018 IJSRSET Volume 4 Issue 4 Print ISSN: 2395-1990 Online ISSN : 2394-4099 Themed Section : Engineering and Technology Reactive Power Compensation in Distribution System Piyush Upadhyay, Praveen
More informationAN2158. Designing with the MC68HC908JL/JK Microcontroller Family. Introduction. Semiconductor Products Sector Application Note
Order this document by /D Semiconductor Products Sector Designing with the MC68HC908JL/JK Microcontroller Family By Yan-Tai Ng Applications Engineering Microcontroller Division Hong Kong Introduction This
More informationSensor Network Platforms and Tools
Sensor Network Platforms and Tools 1 AN OVERVIEW OF SENSOR NODES AND THEIR COMPONENTS References 2 Sensor Node Architecture 3 1 Main components of a sensor node 4 A controller Communication device(s) Sensor(s)/actuator(s)
More informationאני יודע מה עשית בפענוח האחרון: התקפות ערוצי צד על מחשבים אישיים
אני יודע מה עשית בפענוח האחרון: התקפות ערוצי צד על מחשבים אישיים I Know What You Did Last Decryption: Side Channel Attacks on PCs Lev Pachmanov Tel Aviv University Daniel Genkin Technion and Tel Aviv University
More informationRANA: Towards Efficient Neural Acceleration with Refresh-Optimized Embedded DRAM
RANA: Towards Efficient Neural Acceleration with Refresh-Optimized Embedded DRAM Fengbin Tu, Weiwei Wu, Shouyi Yin, Leibo Liu, Shaojun Wei Institute of Microelectronics Tsinghua University The 45th International
More informationGenerating DTMF Tones Using Z8 Encore! MCU
Application Note Generating DTMF Tones Using Z8 Encore! MCU AN024802-0608 Abstract This Application Note describes how Zilog s Z8 Encore! MCU is used as a Dual-Tone Multi- (DTMF) signal encoder to generate
More informationMICROWIND2 DSCH2 8. Converters /11/00
8-9 05/11/00 Fig. 8-7. Effect of sampling The effect of sample and hold is illustrated in figure 8-7. When sampling, the transmission gate is turned on so that the sampled data DataOut reaches the value
More informationGroup #17 Arian Garcia Javier Morales Tatsiana Smahliuk Christopher Vendette
Group #17 Arian Garcia Javier Morales Tatsiana Smahliuk Christopher Vendette Electrical Engineering Electrical Engineering Electrical Engineering Electrical Engineering Contents 1 2 3 4 5 6 7 8 9 Motivation
More informationCourse Business. Harry. Hagrid. Homework 2 Due Now. Midterm is on March 1. Final Exam is Monday, May 1 (7 PM) Location: Right here
Course Business Homework 2 Due Now Midterm is on March 1 Final Exam is Monday, May 1 (7 PM) Location: Right here Harry Hagrid 1 Cryptography CS 555 Topic 17: DES, 3DES 2 Recap Goals for This Week: Practical
More informationRecommendations for Secure IC s and ASIC s
Recommendations for Secure IC s and ASIC s F. Mace, F.-X. Standaert, J.D. Legat, J.-J. Quisquater UCL Crypto Group, Microelectronics laboratory(dice), Universite Catholique de Louvain(UCL), Belgium email:
More informationDesign of a High Throughput 128-bit AES (Rijndael Block Cipher)
Design of a High Throughput 128-bit AES (Rijndael Block Cipher Tanzilur Rahman, Shengyi Pan, Qi Zhang Abstract In this paper a hardware implementation of a high throughput 128- bits Advanced Encryption
More informationAssembly Level Clock Glitch Insertion Into An XMega MCU
Cleveland State University EngagedScholarship@CSU ETD Archive 2016 Assembly Level Clock Glitch Insertion Into An XMega MCU Nigamantha Gopala Chakravarthi Follow this and additional works at: http://engagedscholarship.csuohio.edu/etdarchive
More informationSecure Function Evaluation
Secure Function Evaluation 1) Use cryptography to securely compute a function/program. 2) Secure means a) Participant s inputs stay secret even though they are used in the computation. b) No participant
More informationThe Mote Revolution: Low Power Wireless Sensor Network Devices
The Mote Revolution: Low Power Wireless Sensor Network Devices University of California, Berkeley Joseph Polastre Robert Szewczyk Cory Sharp David Culler The Mote Revolution: Low Power Wireless Sensor
More informationMeet-in-the-Middle Attacks on Reduced-Round Midori-64
Meet-in-the-Middle Attacks on Reduced-Round Midori-64 Li Lin and Wenling Wu Trusted Computing and Information Assurance Laboratory, Institute of Software, Chinese Academy of Sciences, Beijing 100190, China
More informationSignatures for Network Coding
Conference on Random network codes and Designs over F q Signatures for Network Coding Oliver Gnilke, Claude-Shannon-Institute, University College Dublin 18. September 2013 1 / 14 Network Coding Signature
More informationEvaluation of the Masked Logic Style MDPL on a Prototype Chip
Evaluation of the Masked Logic Style MDPL on a Prototype Chip Thomas Popp, Mario Kirschbaum, Thomas Zefferer Graz University of Technology Institute for Applied Information Processing and Communications
More informationECE Senior Design Final Report For. Scalable Regulated Three Phase Power Rectifier. May 10, 2004 Rev. 1.0
ECE Senior Design Final Report For Scalable Regulated Three Phase Power Rectifier May 10, 2004 Rev. 1.0 Sponsors: Dr. Herb Hess (University of Idaho) Dr. Richard Wall (University of Idaho) Instructor:
More informationConstructing TI-Friendly Substitution Boxes using Shift-Invariant Permutations. Si Gao, Arnab Roy, and Elisabeth Oswald
Constructing TI-Friendly Substitution Boxes using Shift-Invariant Permutations Si Gao, Arnab Roy, and Elisabeth Oswald Outline Introduction Design Philosophy Sbox Constructions Implementations Summary
More informationFinding the key in the haystack
A practical guide to Differential Power hunz Zn000h AT gmail.com December 30, 2009 Introduction Setup Procedure Tunable parameters What s DPA? side channel attack introduced by Paul Kocher et al. 1998
More informationMemory (Part 1) RAM memory
Budapest University of Technology and Economics Department of Electron Devices Technology of IT Devices Lecture 7 Memory (Part 1) RAM memory Semiconductor memory Memory Overview MOS transistor recap and
More informationData Converters. Lecture Fall2013 Page 1
Data Converters Lecture Fall2013 Page 1 Lecture Fall2013 Page 2 Representing Real Numbers Limited # of Bits Many physically-based values are best represented with realnumbers as opposed to a discrete number
More informationDPA Leakage Models for CMOS Logic Circuits
CHES 25 in Edinburgh DPA Leakage Models for CMOS Logic Circuits Daisuke Suzuki Minoru Saeki Mitsubishi Electric Corporation, Information Technology R&D Center Tetsuya Ichikawa Mitsubishi Electric Engineering
More informationUnderstanding and Mitigating the Impact of Interference on Networks. By Gulzar Ahmad Sanjay Bhatt Morteza Kheirkhah Adam Kral Jannik Sundø
Understanding and Mitigating the Impact of Interference on 802.11 Networks By Gulzar Ahmad Sanjay Bhatt Morteza Kheirkhah Adam Kral Jannik Sundø 1 Outline Background Contributions 1. Quantification & Classification
More information32-bit ARM Cortex-M0, Cortex-M3 and Cortex-M4F microcontrollers
-bit ARM Cortex-, Cortex- and Cortex-MF microcontrollers Energy, gas, water and smart metering Alarm and security systems Health and fitness applications Industrial and home automation Smart accessories
More informationSECTION 4 CHANNEL FORMAT TYPES AND RATES. 4.1 General
SECTION 4 CHANNEL FORMAT TYPES AND RATES 4.1 General 4.1.1 Aircraft system-timing reference point. The reference timing point for signals generated and received by the AES shall be at the antenna. 4.1.2
More informationCCK Encoding with PIC Based Microcontrollers For The RF Wireless Communications
CCK Encoding with PIC Based Microcontrollers For The RF Wireless Communications Boris Ribov, Grisha Spasov Abstract: The IEEE 802.11b is a Direct Sequence Spread Spectrum (DSSS) system very similar in
More informationEvaluation of On-chip Decoupling Capacitor s Effect on AES Cryptographic Circuit
R1-3 SASIMI 2013 Proceedings Evaluation of On-chip Decoupling Capacitor s Effect on AES Cryptographic Circuit Tsunato Nakai Mitsuru Shiozaki Takaya Kubota Takeshi Fujino Graduate School of Science and
More informationK-RLE : A new Data Compression Algorithm for Wireless Sensor Network
K-RLE : A new Data Compression Algorithm for Wireless Sensor Network Eugène Pamba Capo-Chichi, Hervé Guyennet Laboratory of Computer Science - LIFC University of Franche Comté Besançon, France {mpamba,
More informationCDMA Physical Layer Built-in Security Enhancement
CDMA Physical Layer Built-in Security Enhancement Jian Ren Tongtong Li 220 Engineering Building Department of Electrical & Computer Engineering Michigan State University East Landing, MI 48864-226 Email:
More informationFeasibility and Benefits of Passive RFID Wake-up Radios for Wireless Sensor Networks
Feasibility and Benefits of Passive RFID Wake-up Radios for Wireless Sensor Networks He Ba, Ilker Demirkol, and Wendi Heinzelman Department of Electrical and Computer Engineering University of Rochester
More informationSLIDE: Evaluation of a Formalized Encryption Library for Safety- Critical Embedded Systems
SLIDE: Evaluation of a Formalized Encryption Library for Safety- Critical Embedded Systems IEEE ICIT 2017, Toronto Thorsten Schulz Frank Golatowski Dirk Timmermann "This project has received funding from
More informationVT-CC1110PA-433M. Wireless Module. User Guide
Wireless Module User Guide V-Chip Microsystems, Inc Add:6 floor, Longtang Building, Nan Shan Cloud Valley Innovation Industrial Park, No.1183, Liuxian Road, Nanshan District, Shenzhen city Tel:86-755-88844812
More informationMemory Basics. historically defined as memory array with individual bit access refers to memory with both Read and Write capabilities
Memory Basics RAM: Random Access Memory historically defined as memory array with individual bit access refers to memory with both Read and Write capabilities ROM: Read Only Memory no capabilities for
More informationErrata Note. SX1276/77/ to 1020 MHz Low Power Long Range Transceiver. SX1276/77/78 High Link Budget Integrated UHF Transceiver
Errata Note 137 to 1020 MHz Low Power Long Range Transceiver 1 This datasheet has been downloaded from http://www.digchip.com at this page Table of Contents 1 Chip Identification - Disclaimer... 3 2 LoRa
More informationDigital microcontroller for sonar waveform generator. Aleksander SCHMIDT, Jan SCHMIDT
Digital microcontroller for sonar waveform generator Aleksander SCHMIDT, Jan SCHMIDT Gdansk University of Technology Faculty of Electronics, Telecommunications and Informatics Narutowicza 11/12, 80-233
More informationApplication Note Model 765 Pulse Generator for Semiconductor Applications
Application Note Model 765 Pulse Generator for Semiconductor Applications Non-Volatile Memory Cells Characterization The trend of memory research is to develop a new memory called Non-Volatile RAM that
More informationAS-MAC: An Asynchronous Scheduled MAC Protocol for Wireless Sensor Networks
AS-MAC: An Asynchronous Scheduled MAC Protocol for Wireless Sensor Networks By Beakcheol Jang, Jun Bum Lim, Mihail Sichitiu, NC State University 1 Presentation by Andrew Keating for CS577 Fall 2009 Outline
More informationIndex Terms IR communication; MSP430; TFDU4101; Pre setter
Design and Development of Contactless Communication Module for Pre setter of Underwater Vehicles J.Lavanyambhika, **D.Madhavi *Digital Systems and Signal Processing in Electronics and Communication Engineering,
More informationApplication Note AN041
CC24 Coexistence By G. E. Jonsrud 1 KEYWORDS CC24 Coexistence ZigBee Bluetooth IEEE 82.15.4 IEEE 82.11b WLAN 2 INTRODUCTION This application note describes the coexistence performance of the CC24 2.4 GHz
More informationBlock Ciphers Security of block ciphers. Symmetric Ciphers
Lecturers: Mark D. Ryan and David Galindo. Cryptography 2016. Slide: 26 Assume encryption and decryption use the same key. Will discuss how to distribute key to all parties later Symmetric ciphers unusable
More informationPorting the p receiver on the ExpressMIMO Platform (LabSession OAI 2)
Porting the 802.11p receiver on the ExpressMIMO Platform (LabSession OAI 2) Introduction and Motivation OpenAirInterface Platform: Protoype Design for Software Defined Radio (SDR) Applications Support
More informationBe prepared for Sigfox Verified TM Certification
Version 3.2.3 September 22, 2017 Be prepared for Sigfox Verified TM Certification Public Use Contents 1 Introduction 2 1.1 Scope...................................................... 3 1.2 Acronyms and
More informationRobust Key Establishment in Sensor Networks
Robust Key Establishment in Sensor Networks Yongge Wang Abstract Secure communication guaranteeing reliability, authenticity, and privacy in sensor networks with active adversaries is a challenging research
More informationJamming Wireless Networks: Attack and Defense Strategies
Jamming Wireless Networks: Attack and Defense Strategies Wenyuan Xu, Ke Ma, Wade Trappe, Yanyong Zhang, WINLAB, Rutgers University IAB, Dec. 6 th, 2005 Roadmap Introduction and Motivation Jammer Models
More informationPseudorandom Number Generation and Stream Ciphers
Pseudorandom Number Generation and Stream Ciphers Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-14/
More informationSecurity of Global Navigation Satellite Systems (GNSS) GPS Fundamentals GPS Signal Spoofing Attack Spoofing Detection Techniques
Security of Global Navigation Satellite Systems (GNSS) GPS Fundamentals GPS Signal Spoofing Attack Spoofing Detection Techniques Global Navigation Satellite Systems (GNSS) Umbrella term for navigation
More informationDigital mw meter. 1. Functioning VHF COMMUNICATIONS 2/2003. Alexander Meier, DG6RBP
Alexander Meier, DG6RBP Digital mw meter The revised version of a digital mw meter [1] is described below. Almost any diode detectors not needing a Townsend current can be used as sensors for this equipment.
More informationELEC 2210 EXPERIMENT 8 MOSFETs
ELEC 10 EXPERIMENT 8 MOSFETs Objectives: The experiments in this laboratory exercise will provide an introduction to the MOSFET. You will use the Bit Bucket breadboarding system to build and test several
More informationIND-CCA Secure Hybrid Encryption from QC-MDPC Niederreiter
IND-CCA Secure Hybrid Encryption from QC-MDPC Niederreiter 7 th International Conference on Post-Quantum Cryptography 2016 Ingo von Maurich 1, Lukas Heberle 1, Tim Güneysu 2 1 Horst Görtz Institute for
More informationApplication Note #AN-00MX-002
Application Note Thermal Accelerometers Temperature Compensation Introduction The miniature thermal accelerometers from MEMSIC are very low cost, dual-axis sensors with integrated mixed signal conditioning.
More informationAssignment 8 Analyzing Operational Amplifiers in MATLAB and PSpice
ECEL 301 ECE Laboratory I Dr. A. Fontecchio Assignment 8 Analyzing Operational Amplifiers in MATLAB and PSpice Goal Characterize critical parameters of the inverting or non-inverting opampbased amplifiers.
More informationk-nearest Neighbors Algorithm in Profiling Power Analysis Attacks
RADIOENGINEERING, VOL. 25, NO. 2, JUNE 2016 365 k-nearest Neighbors Algorithm in Profiling Power Analysis Attacks Zdenek MARTINASEK 1, Vaclav ZEMAN 1, Lukas MALINA 1, Josef MARTINASEK 2 1 Dept. of Telecommunications,
More informationOptimal Clock Synchronization in Networks. Christoph Lenzen Philipp Sommer Roger Wattenhofer
Optimal Clock Synchronization in Networks Christoph Lenzen Philipp Sommer Roger Wattenhofer Time in Sensor Networks Synchronized clocks are essential for many applications: Sensing TDMA Localization Duty-
More informationJICE: Joint Data Compression and Encryption for Wireless Energy Auditing Networks
JICE: Joint Data Compression and Encryption for Wireless Energy Auditing Networks Sheng-Yuan Chiu 1,2, Hoang Hai Nguyen 1, Rui Tan 1, David K.Y. Yau 1,3,Deokwoo Jung 1 1 Advanced Digital Science Center,
More informationarxiv: v1 [cs.cr] 2 May 2016
Power Side Channels in Security ICs: Hardware Countermeasures Lu Zhang 1, Luis Vega 2, and Michael Taylor 3 Computer Science and Engineering University of California, San Diego {luzh 1, lvgutierrez 2,
More informationLSI and Circuit Technologies of the SX-9
TANAHASHI Toshio, TSUCHIDA Junichi, MATSUZAWA Hajime NIWA Kenji, SATOH Tatsuo, KATAGIRI Masaru Abstract This paper outlines the LSI and circuit technologies of the SX-9 as well as their inspection technologies.
More informationNetwork Security: Secret Key Cryptography
1 Network Security: Secret Key Cryptography Henning Schulzrinne Columbia University, New York schulzrinne@cs.columbia.edu Columbia University, Fall 2000 cfl1999-2000, Henning Schulzrinne Last modified
More informationo Broken by using frequency analysis o XOR is a polyalphabetic cipher in binary
We spoke about defense challenges Crypto introduction o Secret, public algorithms o Symmetric, asymmetric crypto, one-way hashes Attacks on cryptography o Cyphertext-only, known, chosen, MITM, brute-force
More informationKnight Light. LED Chess. Nick DeSantis Alex Haas Bryan Salicco. Senior Design Group 16 Spring 2013
Knight Light LED Chess Nick DeSantis Alex Haas Bryan Salicco Senior Design Group 16 Spring 2013 Motivation Chess is a tricky game to learn. Video games have taken over and kids don't learn about classic
More informationCS649 Sensor Networks IP Lecture 9: Synchronization
CS649 Sensor Networks IP Lecture 9: Synchronization I-Jeng Wang http://hinrg.cs.jhu.edu/wsn06/ Spring 2006 CS 649 1 Outline Description of the problem: axes, shortcomings Reference-Broadcast Synchronization
More informationSide-Channel Leakage through Static Power
Side-Channel Leakage through Static Power Should We Care about in Practice? Amir Moradi Horst Görtz Institute for IT Security, Ruhr University Bochum, Germany amir.moradi@rub.de Abstract. By shrinking
More informationOutline. Introduction 2/2. Introduction 1/2. Paper presentation Ultra-Portable Devices. Introduction. System Design for Ultra-Low Power.
Paper presentation Ultra-Portable Devices Paper: Bernier, C. Hameau, F., et al. An Ultra Low Power SoC for 2.4GHz IEEE802.15.4 wireless communications, Solid-State Circuits Conference, 2008. ESSCIRC 2008.
More information1. The decimal number 62 is represented in hexadecimal (base 16) and binary (base 2) respectively as
BioE 1310 - Review 5 - Digital 1/16/2017 Instructions: On the Answer Sheet, enter your 2-digit ID number (with a leading 0 if needed) in the boxes of the ID section. Fill in the corresponding numbered
More informationSymmetric-key encryption scheme based on the strong generating sets of permutation groups
Symmetric-key encryption scheme based on the strong generating sets of permutation groups Ara Alexanyan Faculty of Informatics and Applied Mathematics Yerevan State University Yerevan, Armenia Hakob Aslanyan
More informationSynchronization Method for SCA and Fault Attacks
Journal of Cryptographic Engineering (2011) 1:71-77 DOI 10.1007/s13389-011-0004-0 Synchronization Method for SCA and Fault Attacks Sergei Skorobogatov Received: 15 November 2010 / Accepted: 16 January
More informationHigh Speed Clock Distribution Design Techniques for CDC 509/516/2509/2510/2516
High Speed Clock Distribution Design Techniques for CDC 509/516/2509/2510/2516 APPLICATION REPORT: SLMA003A Boyd Barrie Bus Solutions Mixed Signals DSP Solutions September 1998 IMPORTANT NOTICE Texas Instruments
More informationNon-Volatile Memory Characterization and Measurement Techniques
Non-Volatile Memory Characterization and Measurement Techniques Alex Pronin Keithley Instruments, Inc. 1 2012-5-21 Why do more characterization? NVM: Floating gate Flash memory Very successful; lead to
More informationJEPPIAAR SRR Engineering College Padur, Ch
An Automated Non-Invasive Blood Glucose Estimator and Infiltrator M. Florence Silvia 1, K. Saran 2, G. Venkata Prasad 3, John Fermin 4 1 Asst. Prof, 2, 3, 4 Student, Department of Electronics and Communication
More informationOptimization of Overdrive Signoff
Optimization of Overdrive Signoff Tuck-Boon Chan, Andrew B. Kahng, Jiajia Li and Siddhartha Nath VLSI CAD LABORATORY, UC San Diego UC San Diego / VLSI CAD Laboratory -1- Outline Motivation Design Cone
More informationLSI and Circuit Technologies for the SX-8 Supercomputer
LSI and Circuit Technologies for the SX-8 Supercomputer By Jun INASAKA,* Toshio TANAHASHI,* Hideaki KOBAYASHI,* Toshihiro KATOH,* Mikihiro KAJITA* and Naoya NAKAYAMA This paper describes the LSI and circuit
More informationSome Cryptanalysis of the Block Cipher BCMPQ
Some Cryptanalysis of the Block Cipher BCMPQ V. Dimitrova, M. Kostadinoski, Z. Trajcheska, M. Petkovska and D. Buhov Faculty of Computer Science and Engineering Ss. Cyril and Methodius University, Skopje,
More informationDATA SECURITY USING ADVANCED ENCRYPTION STANDARD (AES) IN RECONFIGURABLE HARDWARE FOR SDR BASED WIRELESS SYSTEMS
INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING & TECHNOLOGY (IJCET) International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print), ISSN 0976 6367(Print) ISSN 0976 6375(Online)
More informationLoRa Reverse Engineering and AES EM Side-Channel Attacks using SDR. Pieter Robyns
LoRa Reverse Engineering and AES EM Side-Channel Attacks using SDR Pieter Robyns About me PhD student at Hasselt University since 2014 Since 2016 on FWO SBO research grant Researching wireless security
More informationInformation Security Theory vs. Reality
Information Security Theory vs. Reality 0368-4474, Winter 2015-2016 Lecture 6: Physical Side Channel Attacks on PCs Guest lecturer: Lev Pachmanov 1 Side channel attacks probing CPU architecture optical
More informationECE 2201 PRELAB 6 BJT COMMON EMITTER (CE) AMPLIFIER
ECE 2201 PRELAB 6 BJT COMMON EMITTER (CE) AMPLIFIER Hand Analysis P1. Determine the DC bias for the BJT Common Emitter Amplifier circuit of Figure 61 (in this lab) including the voltages V B, V C and V
More informationEstimation of keys stored in CMOS cryptographic device after baking by using the charge shift
Estimation of keys stored in CMOS cryptographic device after baking by using the charge shift by Osman Kocar 1 Abstract: The threshold voltage V T of EEPROM cells is a very important technological parameter
More informationPE713 FPGA Based System Design
PE713 FPGA Based System Design Why VLSI? Dept. of EEE, Amrita School of Engineering Why ICs? Dept. of EEE, Amrita School of Engineering IC Classification ANALOG (OR LINEAR) ICs produce, amplify, or respond
More informationConditional Cube Attack on Reduced-Round Keccak Sponge Function
Conditional Cube Attack on Reduced-Round Keccak Sponge Function Senyang Huang 1, Xiaoyun Wang 1,2,3, Guangwu Xu 4, Meiqin Wang 2,3, Jingyuan Zhao 5 1 Institute for Advanced Study, Tsinghua University,
More informationRandom Bit Generation and Stream Ciphers
Random Bit Generation and Stream Ciphers Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: 8-1 Overview 1.
More information