Showing 1–7 of 7 results for author: Arul, T

Nonlinear behavior of memristive devices for hardware security primitives and neuromorphic computing systems

Authors: Sahitya Yarragolla, Torben Hemke, Fares Jalled, Tobias Gergs, Jan Trieschmann, Tolga Arul, Thomas Mussenbrock

Abstract: Nonlinearity is a crucial characteristic for implementing hardware security primitives or neuromorphic computing systems. The main feature of all memristive devices is this nonlinear behavior observed in their current-voltage characteristics. To comprehend the nonlinear behavior, we have to understand the coexistence of resistive, capacitive, and inertia (virtual inductive) effects in these device… ▽ More Nonlinearity is a crucial characteristic for implementing hardware security primitives or neuromorphic computing systems. The main feature of all memristive devices is this nonlinear behavior observed in their current-voltage characteristics. To comprehend the nonlinear behavior, we have to understand the coexistence of resistive, capacitive, and inertia (virtual inductive) effects in these devices. These effects originate from corresponding physical and chemical processes in memristive devices. A physics-inspired compact model is employed to model and simulate interface-type RRAMs such as Au/BiFeO$_{3}$/Pt/Ti, Au/Nb$_{\rm x}$O$_{\rm y}$/Al$_{2}$O$_{3}$/Nb, while accounting for the modeling of capacitive and inertia effects. The simulated current-voltage characteristics align well with experimental data and accurately capture the non-zero crossing hysteresis generated by capacitive and inductive effects. This study examines the response of two devices to increasing frequencies, revealing a shift in their nonlinear behavior characterized by a reduced hysteresis range and increased chaotic behavior, as observed through internal state attractors. Fourier series analysis utilizing a sinusoidal input voltage of varying amplitudes and frequencies indicates harmonics or frequency components that considerably influence the functioning of RRAMs. Moreover, we propose and demonstrate the use of the frequency spectra as one of the fingerprints for memristive devices. △ Less

Submitted 27 March, 2024; v1 submitted 7 February, 2024; originally announced February 2024.

Practical Non-Invasive Probing Attacks Against Novel Carbon-Nanotube-Based Physical Unclonable Functions

Authors: Nikolaos Athanasios Anagnostopoulos, Alexander Braml, Nico Mexis, Florian Frank, Simon Böttger, Martin Hartmann, Sascha Hermann, Elif Bilge Kavun, Stefan Katzenbeisser, Tolga Arul

Abstract: As the number of devices being interconnected increases, so does also the demand for (lightweight) security. To this end, Physical Unclonable Functions (PUFs) have been proposed as hardware primitives that can act as roots of trust and security. Recently, a new type of PUF based on Carbon NanoTubes (CNTs) has been proposed. At the same time, attacks and testing based on direct electrical probing a… ▽ More As the number of devices being interconnected increases, so does also the demand for (lightweight) security. To this end, Physical Unclonable Functions (PUFs) have been proposed as hardware primitives that can act as roots of trust and security. Recently, a new type of PUF based on Carbon NanoTubes (CNTs) has been proposed. At the same time, attacks and testing based on direct electrical probing appear to be moving towards non-invasive techniques. In this context, this work attempts to examine the potential for practical non-invasive probing attacks against the CNT-PUF, a novel PUF based on CNTs. Our results indicate that direct probing might potentially compromise the security of this PUF. Nevertheless, we note that this holds true only in the case that the attacker can directly probe the wire corresponding to the secret value of each CNT-PUF cell. Thus, we can conclude that the examined CNT-PUFs are rather resilient to direct probing attacks, that non-invasive probing methods appear to be promising for testing such PUFs, and that, in order for the attacker to gain the full-length value of the secret, all the relevant channels would need to be probed. Nevertheless, as our work proves, practical non-invasive attacks against the CNT-PUF are feasible and adequate countermeasures need to be employed in order to address this issue. △ Less

Submitted 3 July, 2023; originally announced July 2023.

Real-World Chaos-Based Cryptography Using Synchronised Chua Chaotic Circuits

Authors: Emiliia Nazarenko, Nikolaos Athanasios Anagnostopoulos, Stavros G. Stavrinides, Nico Mexis, Florian Frank, Tolga Arul, Stefan Katzenbeisser

Abstract: This work presents the hardware demonstrator of a secure encryption system based on synchronised Chua chaotic circuits. In particular, the presented encryption system comprises two Chua circuits that are synchronised using a dedicated bidirectional synchronisation line. One of them forms part of the transmitter, while the other of the receiver. Both circuits are tuned to operate in a chaotic mode.… ▽ More This work presents the hardware demonstrator of a secure encryption system based on synchronised Chua chaotic circuits. In particular, the presented encryption system comprises two Chua circuits that are synchronised using a dedicated bidirectional synchronisation line. One of them forms part of the transmitter, while the other of the receiver. Both circuits are tuned to operate in a chaotic mode. The output (chaotic) signal of the first circuit (transmitter) is digitised and then combined with the message to be encrypted, through an XOR gate. The second Chua circuit (receiver) is used for the decryption; the output chaotic signal of this circuit is similarly digitised and combined with the encrypted message to retrieve the original message. Our hardware demonstrator proves that this method can be used in order to provide extremely lightweight real-world, chaos-based cryptographic solutions. △ Less

Submitted 13 July, 2023; v1 submitted 11 August, 2022; originally announced October 2022.

Comments: This work was accepted for and presented as a hardware demo at the 2022 IEEE International Symposium on Hardware Oriented Security and Trust (HOST 2022), held from 27 to 30 June 2022, in Washington, DC, USA

MSC Class: 94A60 (Primary) 34C28; 34H10; 37D45; 68M10; 68P25 (Secondary)

Abusing Commodity DRAMs in IoT Devices to Remotely Spy on Temperature

Authors: Florian Frank, Wenjie Xiong, Nikolaos Athanasios Anagnostopoulos, André Schaller, Tolga Arul, Farinaz Koushanfar, Stefan Katzenbeisser, Ulrich Ruhrmair, Jakub Szefer

Abstract: The ubiquity and pervasiveness of modern Internet of Things (IoT) devices opens up vast possibilities for novel applications, but simultaneously also allows spying on, and collecting data from, unsuspecting users to a previously unseen extent. This paper details a new attack form in this vein, in which the decay properties of widespread, off-the-shelf DRAM modules are exploited to accurately sense… ▽ More The ubiquity and pervasiveness of modern Internet of Things (IoT) devices opens up vast possibilities for novel applications, but simultaneously also allows spying on, and collecting data from, unsuspecting users to a previously unseen extent. This paper details a new attack form in this vein, in which the decay properties of widespread, off-the-shelf DRAM modules are exploited to accurately sense the temperature in the vicinity of the DRAM-carrying device. Among others, this enables adversaries to remotely and purely digitally spy on personal behavior in users' private homes, or to collect security-critical data in server farms, cloud storage centers, or commercial production lines. We demonstrate that our attack can be performed by merely compromising the software of an IoT device and does not require hardware modifications or physical access at attack time. It can achieve temperature resolutions of up to 0.5°C over a range of 0°C to 70°C in practice. Perhaps most interestingly, it even works in devices that do not have a dedicated temperature sensor on board. To complete our work, we discuss practical attack scenarios as well as possible countermeasures against our temperature espionage attacks. △ Less

Submitted 3 August, 2022; originally announced August 2022.

Comments: Submitted to IEEE TIFS and currently under review

On the Sustainability of Lightweight Cryptography Based on PUFs Implemented on NAND Flash Memories Using Programming Disturbances

Authors: Nikolaos Athanasios Anagnostopoulos, Yufan Fan, Muhammad Umair Saleem, Nico Mexis, Florian Frank, Tolga Arul, Stefan Katzenbeisser

Abstract: In this work, we examine the potential of Physical Unclonable Functions (PUFs) that have been implemented on NAND Flash memories using programming disturbances to act as sustainable primitives for the purposes of lightweight cryptography. In particular, we investigate the ability of such PUFs to tolerate temperature and voltage variations, and examine the current shortcomings of existing NAND-Flas… ▽ More In this work, we examine the potential of Physical Unclonable Functions (PUFs) that have been implemented on NAND Flash memories using programming disturbances to act as sustainable primitives for the purposes of lightweight cryptography. In particular, we investigate the ability of such PUFs to tolerate temperature and voltage variations, and examine the current shortcomings of existing NAND-Flash-memory PUFs that are based on programming disturbances as well as how these could potentially be addressed in order to provide more robust and more sustainable security solutions. △ Less

Submitted 11 June, 2022; v1 submitted 5 April, 2022; originally announced April 2022.

Comments: This work was accepted for and presented at the Workshop on Sustainability in Security, Security for Sustainability, which took place on 18 March 2022 and was co-located with the 25th Design, Automation and Test in Europe Conference & Exhibition (DATE 2022)

Rule-based Anomaly Detection for Railway Signalling Networks

Authors: Markus Heinrich, Arwed Gölz, Tolga Arul, Stefan Katzenbeisser

Abstract: We propose a rule-based anomaly detection system for railway signalling that mitigates attacks by a Dolev-Yao attacker who is able to inject control commands and to perform semantic attacks. The system as well mitigates the effects of a compromised signal box that an attacker uses to issue licit but mistimed control messages. We consider an attacker that could cause train derailments and collision… ▽ More We propose a rule-based anomaly detection system for railway signalling that mitigates attacks by a Dolev-Yao attacker who is able to inject control commands and to perform semantic attacks. The system as well mitigates the effects of a compromised signal box that an attacker uses to issue licit but mistimed control messages. We consider an attacker that could cause train derailments and collisions, if our countermeasure is not employed. We apply safety principles of railway operation to a distributed anomaly detection system that inspects incoming commands on the signals and points. The proposed anomaly detection system detects all attacks of our model without producing false positives, while it requires only a small amount of overhead in terms of network communication and latency compared to normal train operation. △ Less

Submitted 12 August, 2020; originally announced August 2020.

MagneticSpy: Exploiting Magnetometer in Mobile Devices for Website and Application Fingerprinting

Authors: Nikolay Matyunin, Yujue Wang, Tolga Arul, Kristian Kullmann, Jakub Szefer, Stefan Katzenbeisser

Abstract: Recent studies have shown that aggregate CPU usage and power consumption traces on smartphones can leak information about applications running on the system or websites visited. In response, access to such data has been blocked for mobile applications starting from Android 8. In this work, we explore a new source of side-channel leakage for this class of attacks. Our method is based on the fact th… ▽ More Recent studies have shown that aggregate CPU usage and power consumption traces on smartphones can leak information about applications running on the system or websites visited. In response, access to such data has been blocked for mobile applications starting from Android 8. In this work, we explore a new source of side-channel leakage for this class of attacks. Our method is based on the fact that electromagnetic activity caused by mobile processors leads to noticeable disturbances in magnetic sensor measurements on mobile devices, with the amplitude being proportional to the CPU workload. Therefore, recorded sensor data can be analyzed to reveal information about ongoing activities. The attack works on a number of devices: we evaluated 80 models of modern smartphones and tablets and observed the reaction of the magnetometer to the CPU activity on 56 of them. On selected devices we were able to successfully identify which application has been opened (with up to 90% accuracy) or which web page has been loaded (up to 91% accuracy). The presented side channel poses a significant risk to end users' privacy, as the sensor data can be recorded from native apps or even from web pages without user permissions. Finally, we discuss possible countermeasures to prevent the presented information leakage. △ Less

Submitted 7 September, 2019; v1 submitted 26 June, 2019; originally announced June 2019.

Comments: Accepted at the Workshop on Privacy in the Electronic Society (WPES), 2019