nach oben

Journal of Electronic Testing

Erschienen in:

12.05.2020

A Novel Approach of Data Content Zeroization Under Memory Attacks

verfasst von: Ankush Srivastava, Prokash Ghosh

Erschienen in: Journal of Electronic Testing | Ausgabe 2/2020

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Protecting user’s secret data on the devices like smartphones, tablets, wearable devices etc, from memory attacks is always a challenge for system designers. The most stringent security requirements and protocols in today’s state-of-the-art systems are governed by Federal Information Processing Standards (FIPS). Specifically, it ensures the protection of sensitive data by erasing them from random access memories (RAMs) and associated flip-flip based registers, as soon as security violation(s) is(are) detected. Traditionally, the sensitive data like authentication credentials, cryptographic keys and other on-chip secrets are erased (or zeroized) by sequential write transactions initiated either by dedicated hardware or using software programs. This paper, for the first time, proposes a novel approach of erasing secured data content from on-chip RAMs using conventional memory built-in-self-test (MBIST) hardware in mission mode. The proposed zeroization approach is proved to be substantially faster than the traditional techniques in erasing data content. As it helps in re-using Memory BIST hardware for on-chip data content zeroization, this guarantees to save silicon area and power by removing dedicated conventional hardware from the device. This paper also discusses the micro-architectural implementation and security challenges of using Memory BIST hardware in mission mode and proposes practical solutions to fill the gaps.

Vorheriger Artikel Test Technology Newsletter

Nächster Artikel Remaining Useful Life Prediction of Analog Circuit Using Improved Unscented Particle Filter

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

ATZelectronics worldwide

ATZlectronics worldwide is up-to-speed on new trends and developments in automotive electronics on a scientific level with a high depth of information.

Order your 30-days-trial for free and without any commitment.

Jetzt informieren

ATZelektronik

Die Fachzeitschrift ATZelektronik bietet für Entwickler und Entscheider in der Automobil- und Zulieferindustrie qualitativ hochwertige und fundierte Informationen aus dem gesamten Spektrum der Pkw- und Nutzfahrzeug-Elektronik.

Lassen Sie sich jetzt unverbindlich 2 kostenlose Ausgabe zusenden.

Jetzt informieren

(2015). Using Zeroization in SmartFusion2 and IGLOO2 Devices - Libero SoC v11.6, Application note AC 443, MicroSemi Corporation

Albrecht MR, Deo A, Paterson KG (2018) Cold boot attacks on ring and module LWE keys under the NTT. IACR Transactions on Cryptographic Hardware and Embedded Systems 2018(3):173–213. ISSN 2569-2925

Anti-Tamper Capabilities in FPGA Designs, https://www.intel.com/content/dam/www/programmable/us/en/pdfs/-literature/wp/wp-01066-anti-tamper-capabilities-fpga.pdf. Accessed 01 Oct 2019

ARM. Building a secure system using TrustZone Technology, http://infocenter.arm.com/help/topic/com.arm.doc.prd29-genc-009492c/PRD29-GENC-009492C_trustzone_security_whitepaper.pdf http://infocenter.arm.com/help/topic/com.arm.doc.prd29-genc-009492c/PRD29-GENC-009492C_trustzone_security_whitepaper.pdf http://infocenter.arm.com/help/topic/com.arm.doc.prd29-genc-009492c/PRD29-GENC-009492C_trustzone_security_whitepaper.pdf. Accessed 05 Jun 2019

Awad A et al (2016) Silent shredder zero-cost shredding for secure non volatile main memory controllers. In: Proc. of 21st ACM international conference on architectural support for programming languages and operating systems (ASPLOS), pp 263–276

Benso A, Bosio A, Carlo SD, Natale GD, Prinetto P (2008) March test generation revealed. IEEE Trans Comput 57(12):1704–1713MathSciNetCrossRef

Cadence Palladium Z1 Enterprise Emulation Platform, https://www.cadence.com/content/dam/cadence-www/global/en_US/documents/tools/system-design-verification/palladium-z1-ds.pdf. Accessed 31 Aug 2019

Cakir C, Bhargava M, Mai K (2012) 6T SRAM and 3T DRAM data retention and remanence characterization in 65nm bulk CMOS. In: Proc. of the IEEE custom integrated circuits conference, pp 1–4

Carvalho M, DeMott J, Ford R, Wheeler DA (2014) Heartbleed 101. IEEE Security Privacy 12 (4):63–67CrossRef

10.

Chow J, Pfaff B, Garfinkel T, Rosenblum M (2005) Shredding Your garbage: reducing data lifetime through secure deallocation. In: Proc. of 14th usenix secuirity symposium, Baltimore, MS, USA, pp 331–346

11.

Dubrova E (2019) Anti-tamper techniques, KTH Royal institute of technology, Sweden. Accessed 06 Jan 2019

12.

FurusaWa MM, Nguyen CT (2014) High-assurance processor active memory content protection United States Patent, US 8,656,185, B2

13.

Gomina K, Rigaud J-B, Gendrier P, Candelier P, Tria A (2014) Power supply glitch attacks: design and evaluation of detection circuits. In: Proc. of IEEE international symposium on hardware-oriented security and trust (HOST), pp 136–141

14.

Guan L, Lin J, Luo B, Jing J (2015) Protecting private keys against memory disclosure attacks using hardware transactional memory. In: Proceedings of the IEEE symposium on security and privacy, San Jose, CA, USA, pp 3–19

15.

Halderman JA et al (2008) Lest we remember: cold boot attacks on encryption keys, Proc. of 17th USENIX Security Symposium, San Jose, CA, USA, pp 45–60

16.

High Speed Secure Microcontroller, https://www.maximintegrated.com/en/products/microcontrollers/-DS5250.html https://www.maximintegrated.com/en/products/microcontrollers/-DS5250.html Accessed 04 March 2018

17.

Ho W-G, Ne KZL, Srinivas NP, Chong K-S , Kim TT-H, Gwee B-H (2016) Area-efficient and low stand-by power 1k-byte transmission-gate-based non-imprinting high-speed erase (TNIHE) SRAM. In: Proc. of 48th international symposium on circuits and systems (ISCAS). https://doi.org/10.1109/ISCAS.2016.7527336, pp 698–701

18.

Ho W-G, Chong K-S, Gwee B-H, Chang JS, Lwin NKZ (2014) A dynamic-voltage-scaling 1kbyte x 8-bit non-imprinting master-slave SRAM with high speed erase for low-power operation. In: Proc. of 14th international symposium on integrated circuits (ISIC). https://doi.org/10.1109/ISICIR.2014.7029479, pp 320–323

19.

Ho W-G, Chong K-S, Kim TT-H, Gwee B-H (2019) A secure data-toggling SRAM for confidential data protection. IEEE Trans on Circuits and Systems I 66(11):4186–4199CrossRef

20.

Implementation guidance for FIPS-140-2 and the cryptographic module validation program, National Institute of Standards and Technology Communications Security Establishment, Dept. of Commerce, USA. Accessed 26 May 2018

21.

Jiménez-Naharro R et al (2013) Design and implementation of a new real-time frequency sensor used as hardware counter measure. Sensors (Basel) 13(9):11709–27. https://doi.org/10.3390/s130911709 CrossRef

22.

Kai Y, Xuecheng Z, Guoyi Y, Weixu W (2009) Security strategy of powered-off SRAM for resisting physical attack to data remanence. J Semicond 30(9):1–5CrossRef

23.

LS2080 product description and documentation, http://www.nxp.com/products/processors-and-microcontrollers/arm-based-processors-and-mcus/qoriq-layerscape-arm-processors http://www.nxp.com/products/processors-and-microcontrollers/arm-based-processors-and-mcus/qoriq-layerscape-arm-processors http://www.nxp.com/products/processors-and-microcontrollers/arm-based-processors-and-mcus/qoriq-layerscape-arm-processors. Accessed 04 2018

24.

Malliaros S, Ntangonian C, Christos X (2016) Protecting sensitive information in the volatile memory from disclosure attacks. In: Proc. of international conference on availability, Proc. of reliability and security (ARES), pp 687–693

25.

QorIQ Processing Platforms: 64-bit Multicore SoCs, https://www.nxp.com/products/processors-and-microcontrollers/power-architecture-processors/qoriq-platforms:QORIQ_HOME. Accessed 20 Jan 2019

26.

Robson N et al (2007) Electrically programmable fuse (eFUSE): from memory redundancy to autonomic chips. In: Proc. of IEEE 2007 custom integrated circuits conference, pp 799–804

27.

Seshadri V et al (2013) Rowclone: fast and energy-efficient in DRAM bulk data copy and initialization. In: Proc. of 46th annual IEEE/ACM international symposium on microarchitecture (MICRO), pp 185–197

28.

Skorobogatov S (2019) Hardware security implications of reliability, remanence and recovery in embedded memory, invited talk. In: 55th design automation conference, San-Francisco, CA, USA. https://www.cl.cam.ac.uk/sps32/Slides_PAINE2018.pdf. Accessed 30 Aug 2019

29.

SHA-2 Standard, National Institute of Standards and Technology (NIST), Secure Hash Standard FIPS PUB 180-2, 2002. Accessed 02 Jan 2019

30.

Skorobogatov S (2002) Low temperature data remanence in static RAM, University Cambridge Computer Laboratory, Tech Rep UCAM-CL-TR-536

31.

Skorobogatov S (2018) Hardware security implications of reliability, remanence and recovery in embedded memory. J Hardware Sys Secur 2(4):314–321CrossRef

32.

Software Configuration Guide for the Cisco 5900 Embedded Services Routers, Zeroization Chapter: Cisco Family of Router, www.cisco.com. Accessed 26 May 2019

33.

Srivastava A, Ghosh P (2019) An efficient memory zeroization technique under side-channel attacks. In: Proc. of international conference on VLSI design, pp 76–81

34.

Swami S, Rakshit J, Mohanram K (2016) SECRET: smartly encrypted energy efficient non-volatile memories. In: Proc. of 53rd ACM/IEEE design automation conference, pp 1–6

35.

Tan JP, Ong KKJ (2013) Zeroization verification of integrated circuit, United States Patent, US 8,437, 200, B1

36.

The LX2160A MultiCore Communications Processor, https://www.nxp.com/products/processors-and-microcontrollers/arm-based-processors-and-mcus/qoriq-layerscape-arm-processors/the-lx2160a-multicore-communications-processor:LX2160A. Accessed 04 March 2019

37.

Tkacik TE, Askenazi A (2009) Encryption apparatus with diverse key retention schemes, United States patent US 8,175,276, B2

38.

TrustZone on the LPC55S6x, https://community.nxp.com/docs/DOC-343506. Accessed 30 Aug 2019

39.

TrustZone Architecture for SoC and MicroControllers, www.arm.com/products/security-on-arm/trustzone. Accessed 05 Jun 2019

40.

Using TrustZone on Armv8-M, http://www.keil.com/appnotes/files/apnt_291.pdf. Accessed 30 Aug 2019

41.

Vasile DC, Svasta PM (2017) Temperature sensitive active tamper detection circuit. In: Proc. of 23rd international symposium for design and technology in electronic packaging (SIITME), Constanta, Romania, pp 175–178

42.

Weingart SH (2000) Physical security devices for computer subsystems: a survey of attacks and defenses, Lecture Notes in Computer Science. In: Cryptographic hardware and embedded systems (CHES), vol 1965. Springer, Berlin, pp 302–317

43.

Weis S (2018) Protecting data in-use from firmware and physical attacks, Black Hat, Las Vegas, NV, USA. Accessed 5 Aug 2018

44.

Wenjing K, Kai Y, Guoyi Y, Xuecheng Z (2009) Security strategy of powered-off SRAM for resisting physical attack to data remanence. In: Proc. of the 12th international symposium on integrated circuits, pp 298–301

45.

Yang X, Blackburn SM, Frampton D, Sartor JB, McKinley KS (2011) Why nothing matters: the impact of zeroing. In: Proc. ACM Int. Conf. Object Oriented Programm. Syst. Lang. Appl. (OOPSLA), pp 307–324

46.

Ye M, Hughes C, Awad A (2018) Osiris: a low-cost mechanism to enable restoration of secure Non-Volatile memories. In: Proc. of 51st annual IEEE/ACM international symposium on microarchitecture (MICRO), pp 403–415

47.

Yitbarek SF, Aga MT, Das R, Austin T (2017) Cold boot attacks are still hot: security analysis of memory scramblers in modern processors. In: Proc. of 23rd international symposium on high performance computer architecture, Austin, TX, USA, pp 313–324

Titel: A Novel Approach of Data Content Zeroization Under Memory Attacks
verfasst von: Ankush Srivastava
Prokash Ghosh
Publikationsdatum: 12.05.2020
Verlag: Springer US
Erschienen in: Journal of Electronic Testing / Ausgabe 2/2020
Print ISSN: 0923-8174
Elektronische ISSN: 1573-0727
DOI: https://doi.org/10.1007/s10836-020-05867-4

Neuer Inhalt

Bildnachweise

VDI-Icon, Profil Icon, inhalt2, Springer Professional Modul/© Springer Fachmedien Wiesbaden GmbH, Nachhaltigkeitsaward Key Visual/© Cometis AG/Global ESG Monitor | Daniel Rupp | Generiert mit KI, Search Icon, Banner Hanser, Jonas Klose/© Pine Valley Capital GmbH, Carina Kießling von der Strategieberatung Roland Berger/© Monika Walther Fotografie | ATZ, Beijing Auto Show 2024: Deutsche Hersteller wollen angreifen./© EKH-Pictures / Generated with AI / Stock.adobe.com, Zeitschrift Wissensmanagement Cover, PatentFit-Logo/© Springer Fachmedien Wiesbaden GmbH, Zukunftswerkstatt Sales Excellence 2024/© AndreyPopov / Getty Images / iStock, 2023_Antrieb/© supervisuell, ATZ-Webinar: Prototypenfreie Entwicklung durch Offline- und Driver-in-the-Loop-HiL-Tests /© (c) VI-grade

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

ATZelectronics worldwide

ATZelektronik

Weitere Artikel der Ausgabe 2/2020

Comparing the Impact of Power Supply Voltage on CMOS- and FinFET-Based SRAMs in the Presence of Resistive Defects

Automated Bug Resistant Test Intent with Register Header Database for Optimized Verification

Design and Optimization Methodology of Coplanar Waveguide Test Structures for Dielectric Characterization of Thin Films

Editorial

Test Technology Newsletter

Remaining Useful Life Prediction of Analog Circuit Using Improved Unscented Particle Filter

Neuer Inhalt

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.