Multi-Processor System-on-Chips (MPSoCs) are popular computational platforms for a wide variety of applications due to their energy efficiency and flexibility. Like many other platforms they are vulnerable to Side Channel Attacks (SCAs). In particular, Logical SCAs (LSCAs) are very powerful as sensitive information can be retrieved by simply observing system properties that depend on the victim's software execution on the MPSoC. Unfortunately, many of the current protection mechanisms are either platform dependent or are effective only against a reduced set of attacks. In this work, we present Guard-NoC, a secure Network-on-Chip (NoC) architecture able to protect MPSoCs against a wide variety of LSCAs. The secure NoC employs three application-independent strategies to hide and isolate sensitive information: i) blinding the execution time of operations; ii) masking the execution time of operations; and iii) dual communication strategy (i.e., use packet and circuit switching simultaneously). Our results show that our secure NoC is resilient against practical LSCAs and leaks almost no information while having a minimal area and power overhead.@en

The National Institute of Standard and Technology (NIST) has recently started a competition with the objective to standardize lightweight cryptography (LWC). The winning schemes will be deployed in Internet-of-Things (IoT) devices, a key step for the current and future information and communication technology market. GIFT is an efficient lightweight cipher and it is used by one-fourth of the LWC candidates in the NIST LWC competition. Thus, its security evaluation is critical. One vital threat to the security are so-called logical side-channel attacks based on cache observations. In this work, we propose a novel cache attack on GIFT referred to as GRINCH. We analyzed the vulnerabilities of GIFT and exploited them in our attack. The results show that the attack is effective and that the full key could be recovered with less than 400 encryptions.@en

Dynamic Random Access Memory (DRAM)-based systems are widely used in mobile and portable applications where low-cost and high-storage memory capability are required. However, such systems are prone to attacks. A latent threat to DRAM-based system security is the so-called Rowhammer attacks. By repeatedly accessing memory, an attacker is able to perform unauthorized data modifications into physically adjacent memory locations. As a consequence, powerful privilege-escalation attacks can be achieved. Although most of the known countermeasures are based on refresh strategies or intensive address monitoring, their efficient and low-cost realization is still a challenge. In this work, we present LightRoad, a lightweight and flexible hardware detector for Rowhammer attacks. Additionally, we propose two variants that further extend the LightRoad security, namely LightRoAD+Sec and LightRoAD+PARA. Our experiments show that LightRoad and its variants are very efficient and effective to detect attacks while having an affordable cost that varies according to the desired security level.@en

Cache attacks are one of the most wide-spread and dangerous threats to embedded computing systems' security. A promising approach to detect such attacks at runtime is to monitor the System-on-Chip (SoC) behavior. However, designing a secure SoC capable of detecting such attacks is very challenging: the monitors should be lightweight in order to avoid excessive power/energy and area costs and the attack behavior should be clearly known upfront. In this work, we present LiD-CAT, a lightweight and flexible hardware detector that is aware of leakage patterns that can be used by attackers to perform cache based attacks. LiD-CAT is a cache wrapper that implements a set of leakage properties derived from cache attacks and cache models using templates. These templates identify suspicious behavior that may lead to cache attacks. LiD-CAT is evaluated using two different cache architectures, one with a secure cache and one without. On each of them, SPEC2000 benchmarks are run together with malicious applications that execute cache attacks (i.e., Evict+Time, Prime+Probe, Flush+Reload and Flush+Flush). Results show that our lightweight detector successfully detects 99.99% of the attacks with less than 1% false-positives, has no timing penalties, and increases the area of a SoC with only 1.6%.@en

Spiking Neural Networks (SNNs) are a strong candidate to be used in future machine learning applications. SNNs can obtain the same accuracy of complex deep learning networks, while only using a fraction of its power. As a result, an increase in popularity of SNNs is expected in the near future for cyber physical systems, especially in the Internet of Things (IoT) segment. However, SNNs work very different than conventional neural network architectures. Consequently, applying SNNs in the field might introduce new unexpected security vulnerabilities. This paper explores and identifies potential sources of information leakage for the Izhikevich neuron, which is a popular neuron model used in digital implementations of SNNs. Simulations and experiments on FPGA implementation of the spiking neurons show that timing and power can be used to infer important information of the internal functionality of the network. Additionally, the paper demonstrates that is feasible to perform a reverse engineering attack using both power and timing leakage.@en

Multi-Processor Systems-on-Chips (MPSoCs) are the key enabler technology for current and future applications. However, the high on-chip connectivity, the programmability and IPs reusability, also introduce security concerns. Problems arise when applications with different trust and security levels share the MPSoC resources. One of the potent threats that MPSoCs see themselves exposed to are the so-called side-channel attacks (SCA). In this work, we explore the cache-based side-channel attacks optimized by the communication structure. We evaluate the vulnerability of the different NoC-based MPSoC memory configuration against micro-architectural side channel attacks. Our attack targets an MPSoC AES T-Table implementation. We explore the impact of the MPSoC organization on the NoC timing attack. We present the huge impact on the memory organization and present two attack metrics: efficacy and efficiency. Our results show that NoC-based MPSoCs are vulnerable and that deep memory hierarchies favor the security of the system.@en

Currently NIST is working towards the standardization of lightweight cryptography (LWC). Although the cryptanalytic strength of LWC is currently under deep scrutiny, the LWC implementation security has not been yet widely explored. GIFT block cipher is the main building block of many of the LWC NIST candidates and therefore has the potential to be part of the next lightweight crypto-standard. Hence it is important to understand its implementation vulnerabilities such as side-channel attacks (SCAs). Although SCAs have been evaluated for hardware implementations, no analysis or countermeasures have been proposed yet for software implementations. This work evaluates GIFT 128-bit software implementations (protected and unprotected) against power-based SCAs. Our protected implementation is based on a new lightweight countermeasure consisting of two balanced and masked SBoxes. Our results show that GIFT's SBox (or SubCell function) is vulnerable against profiled and non-profiled attacks when unprotected or protected implementations based on existing balancing or masking techniques are used. On the other hand, our proposed countermeasure that smartly combines balancing and masking offers full protection with negligible overhead.@en

Increasingly complex and powerful Systems-on-Chips (SoCs), connected through a 5G network, form the basis of the Internet-of-Things (IoT). These technologies will drive the digitalization in all domains, e.g. industry automation, automotive, avionics, and healthcare. A major requirement for all above domains is the long-term (10 to 30 years) secure communication between the SoCs and the cloud over public 5G networks. The foreseeable breakthrough of quantum computers represents a risk for all communication. In order to prepare for such an event, SoCs must integrate secure quantum-computer-resistant cryptography which is reliable and protected against SW and HW attacks. Empowering SoCs with such strong security poses a challenging problem due to limited resources, tight performance requirements and long-term life-cycles. While current works are focused on efficient implementations of post-quantum cryptography, implementation-security and reliability aspects for SoCs are still largely unexplored. To this end, we present three contributions. First, we present a RISC-V co-processor for post-quantum security, able to support lattice-based cryptography. Second, we use HW/SW co-design techniques to accelerate the NTT transformation and hash generation. Third, we perform the fault analysis of the implementation. We show that our coprocessor achieves high reliability and security capabilities while preserving good performance.@en

Increasingly complex and powerful Systems-on-Chips (SoCs), connected through a 5G network, form the basis of the Internet-of-Things (IoT). These technologies will drive the digitalization in all domains, e.g. industry automation, automotive, avionics, and healthcare. A major requirement for all above domains is the long-term (10 to 30 years) secure communication between the SoCs and the cloud over public 5G networks. The foreseeable breakthrough of quantum computers represents a risk for all communication. In order to prepare for such an event, SoCs must integrate secure quantum-computer-resistant cryptography which is reliable and protected against SW and HW attacks. Empowering SoCs with such strong security poses a challenging problem due to limited resources, tight performance requirements and long-term life-cycles. While current works are focused on efficient implementations of post-quantum cryptography, implementation-security and reliability aspects for SoCs are still largely unexplored. To this end, we present three contributions. First, we present a RISC-V co-processor for post-quantum security, able to support lattice-based cryptography. Second, we use HW/SW co-design techniques to accelerate the NTT transformation and hash generation. Third, we perform the fault analysis of the implementation. We show that our coprocessor achieves high reliability and security capabilities while preserving good performance.@en