PUFs, TRNGs, and Cryptography

Cryptographic Security and Techniques

Vulnerabilities

  • Traditional Digital Key Storage: Vulnerable due to attacks on non-volatile memory.

Security Goals

  • Authentication: Prevent spoofing.

  • Data Integrity: Prevent alteration.

  • Privacy: Prevent eavesdropping.

Attacker Goals in Hardware Security

  • Extract crypto keys.

  • Learn secret algorithms.

  • Modify stored data.

  • Bypass security measures.

Software Protection Limitations

  • Insufficient against physical attacks (e.g., invasive memory extraction).

Cryptography Types

  • Symmetric Cryptography: Uses the same key for encryption and decryption.

  • Asymmetric Cryptography: Uses different keys for encryption and decryption.

One-way Functions

  • Easy to compute, hard to reverse; crucial for encryption and hashing.

Physical Unclonable Functions (PUFs)

  • Generates unique, unpredictable outputs from physical variations.

  • Security Improvement: Eliminates need for stored digital secrets by generating keys on demand.

  • Examples: Silicon delay-based PUFs & Ring Oscillator (RO) PUFs.

  • Authentication Use: Check responses against a stored database.

Secure Key Storage

  • Keys generated dynamically; hard to extract.

PUF Attacks

  • Machine learning attacks, fault injection attacks, environmental variation effects.

  • Reliability Issues: Measurement noise, temperature, and voltage fluctuations can affect stability.

True Random Number Generators (TRNGs)

  • Generates random numbers from unpredictable physical processes.

  • Common Entropy Sources: Thermal noise, radioactive decay, semiconductor variations.

  • Clock Jitter: Variations in clock timing to create randomness.

  • Importance: Provides randomness for encryption keys, session tokens, and digital signatures.

TRNGs vs Pseudo-Random Number Generators (PRNGs)

  • TRNGs: Use physical randomness.

  • PRNGs: Use deterministic algorithms with a seed.

Cryptographic Hash Functions Properties

  • Pre-image resistance.

  • Collision resistance.

  • Avalanche effect.

Security Applications of Hash Functions

  • Securing passwords.

  • Verifying data integrity.

  • Generating digital signatures.

AES vs DES

  • AES: More secure, supports larger key sizes (128, 192, 256-bit).

  • DES: Outdated standard.

AES Encryption Process

  1. SubBytes

  2. ShiftRows

  3. MixColumns

  4. AddRoundKey

Attack Types on AES

  • Brute-force Attack: Testing all keys; AES-128 offers resistance due to large key space.

  • Side-Channel Attack: Leveraging physical leakages to deduce keys.

  • Differential Cryptanalysis: Analyzing input differences to expose patterns.

  • Linear Cryptanalysis: Finding correlations through linear approximations of S-boxes.

  • Key Schedule Attack: Exploiting key expansion process vulnerabilities.

  • Fault Injection Attack: Inducing errors during computation to reveal key-related information.

  • Related-Key Attack: Using ciphertexts with related keys to gain information about the key.