Found results matching for:
Author: Macarena C. Martínez Rodríguez
Year: Since 2002
Journal Papers
Hardware-Efficient Configurable Ring-Oscillator-Based Physical Unclonable Function/True Random Number Generator Module for Secure Key Management
S. Sánchez-Solano, L.F. Rojas-Muñoz, M.C. Martínez-Rodríguez and P. Brox
Journal Paper · Sensors, vol. 24, no. 17, article 5674, 2024
abstract
doi
The use of physical unclonable functions (PUFs) linked to the manufacturing process of the electronic devices supporting applications that exchange critical data over the Internet has made these elements essential to guarantee the authenticity of said devices, as well as the confidentiality and integrity of the information they process or transmit. This paper describes the development of a configurable PUF/TRNG module based on ring oscillators (ROs) that takes full advantage of the structure of modern programmable devices offered by Xilinx 7 Series families. The proposed architecture improves the hardware efficiency with two main objectives. On the one hand, we perform an exhaustive statistical characterization of the results derived from the exploitation of RO configurability. On the other hand, we undertake the development of a new version of the module that requires a smaller amount of resources while considerably increasing the number of output bits compared to other proposals previously reported in the literature. The design as a highly parameterized intellectual property (IP) module connectable through a standard interface to a soft- or hard-core general-purpose processor greatly facilitates its integration into embedded solutions while accelerating the validation and characterization of this element on the same electronic device that implements it. The studies carried out reveal adequate values of reliability, uniqueness, and unpredictability when the module acts as a PUF, as well as acceptable levels of randomness and entropy when it acts as a true random number generator (TRNG). They also illustrate the ability to obfuscate and recover identifiers or cryptographic keys of up to 4096 bits using an implementation of the PUF/TRNG module that requires only an array of 4×4
configurable logic blocks (CLBs) to accommodate the RO bank.
Timing-Attack-Resistant Acceleration of NTRU Round 3 Encryption on Resource-Constrained Embedded Systems
E. Camacho-Ruiz, M.C. Martínez-Rodríguez, S. Sánchez-Solano and P. Brox
Journal Paper · Cryptography, vol. 7, no.2, article 29, 2023
abstract
doi
The advent of quantum computing with high processing capabilities will enable brute force attacks in short periods of time, threatening current secure communication channels. To mitigate this situation, post-quantum cryptography (PQC) algorithms have emerged. Among the algorithms evaluated by NIST in the third round of its PQC contest was the NTRU cryptosystem. The main drawback of this algorithm is the enormous amount of time required for the multiplication of polynomials in both the encryption and decryption processes. Therefore, the strategy of speeding up this algorithm using hardware/software co-design techniques where this operation is executed on specific hardware arises. Using these techniques, this work focuses on the acceleration of polynomial multiplication in the encryption process for resource-constrained devices. For this purpose, several hardware multiplications are analyzed following different strategies, taking into account the fact that there are no possible timing information leaks and that the available resources are optimized as much as possible. The designed multiplier is encapsulated as a fully reusable and parametrizable IP module with standard AXI4-Stream interconnection buses, which makes it easy to integrate into embedded systems implemented on programmable devices from different manufacturers. Depending on the resource constraints imposed, accelerations of up to 30-45 times with respect to the software-level multiplication runtime can be achieved using dedicated hardware, with a device occupancy of around 5%.
On-Line Evaluation and Monitoring of Security Features of an RO-Based PUF/TRNG for IoT Devices
L.F. Rojas-Muñoz, S. Sánchez-Solano, M.C. Martínez-Rodríguez and P. Brox
Journal Paper · Sensors, vol. 23, no. 8, article 4070, 2023
abstract
doi
The proliferation of devices for the Internet of Things (IoT) and their implication in many activities of our lives have led to a considerable increase in concern about the security of these devices, posing a double challenge for designers and developers of products. On the one hand, the design of new security primitives, suitable for resource-limited devices, can facilitate the inclusion of mechanisms and protocols to ensure the integrity and privacy of the data exchanged over the Internet. On the other hand, the development of techniques and tools to evaluate the quality of the proposed solutions as a step prior to their deployment, as well as to monitor their behavior once in operation against possible changes in operating conditions arising naturally or as a consequence of a stress situation forced by an attacker. To address these challenges, this paper first describes the design of a security primitive that plays an important role as a component of a hardware-based root of trust, as it can act as a source of entropy for True Random Number Generation (TRNG) or as a Physical Unclonable Function (PUF) to facilitate the generation of identifiers linked to the device on which it is implemented. The work also illustrates different software components that allow carrying out a self-assessment strategy to characterize and validate the performance of this primitive in its dual functionality, as well as to monitor possible changes in security levels that may occur during operation as a result of device aging and variations in power supply or operating temperature. The designed PUF/TRNG is provided as a configurable IP module, which takes advantage of the internal architecture of the Xilinx Series-7 and Zynq-7000 programmable devices and incorporates an AXI4-based standard interface to facilitate its interaction with soft- and hard-core processing systems. Several test systems that contain different instances of the IP have been implemented and subjected to an exhaustive set of on-line tests to obtain the metrics that determine its quality in terms of uniqueness, reliability, and entropy characteristics. The results obtained prove that the proposed module is a suitable candidate for various security applications. As an example, an implementation that uses less than 5% of the resources of a low-cost programmable device is capable of obfuscating and recovering 512-bit cryptographic keys with virtually zero error rate.
True Random Number Generation Capability of a Ring Oscillator PUF for Reconfigurable Devices
L.F. Rojas-Muñoz, S. Sánchez-Solano, M.C. Martínez-Rodríguez and P. Brox
Journal Paper · Electronics, vol. 11, no. 23, article 4028, 2022
abstract
doi
This paper presents the validation of a novel approach for a true-random number generator (TRNG) based on a ring oscillator-physical unclonable function (RO-PUF) for FPGA devices. The proposal takes advantage of the different noise sources that affect the electronic implementation of the RO-PUF to extract the entropy required to guarantee its function as a TRNG, without anything more than minimal changes to the original design. The new RO-PUF/TRNG architecture has been incorporated within a hybrid HW/SW embedded system designed for devices from the Xilinx Zynq-7000 family. The degree of randomness of the generated bit streams was assessed using the NIST 800-22 statistical test suite, while the validation of the RO-PUF proposal as an entropy source was carried out by fulfilling the NIST 800-90b recommendation. The features of the hybrid system were exploited to carry out the evaluation and validation processes proposed by the NIST publications, online and on the same platform. To establish the optimal configuration to generate bit streams with the appropriate entropy level, a statistical study of the degree of randomness was performed for multiple TRNG approaches derived from the different implementation modes and configuration options available on the original RO-PUF design. The results show that the RO-PUF/TRNG design is suitable for secure cryptographic applications, doubling its functionality without compromising the resource-efficiency trade-off already achieved in the design.
Efficient RO-PUF for Generation of Identifiers and Keys in Resource-Constrained Embedded Systems
M.C. Martínez-Rodríguez, L.F. Rojas-Muñoz, E. Camacho-Ruiz, S. Sánchez-Solano and P. Brox
Journal Paper · Cryptography, vol. 6, no.4, article 51, 2022
abstract
doi
The generation of unique identifiers extracted from the physical characteristics of the underlying hardware ensures the protection of electronic devices against counterfeiting and provides security to the data they store and process. This work describes the design of an efficient Physical Unclonable Function (PUF) based on the differences in the frequency of Ring Oscillators (ROs) with identical layout due to variations in the technological processes involved in the manufacture of the integrated circuit. The logic resources available in the Xilinx Series-7 programmable devices are exploited in the design to make it more compact and achieve an optimal bit-per-area rate. On the other hand, the design parameters can also be adjusted to provide a high bit-per-time rate for a particular target device. The PUF has been encapsulated as a configurable Intellectual Property (IP) module, providing it with an AXI4-Lite interface to ease its incorporation into embedded systems in combination with soft- or hard-core implementations of general-purpose processors. The capability of the proposed RO-PUF to generate implementation-dependent identifiers has been extensively tested, using a series of metrics to evaluate its reliability and robustness for different configuration options. Finally, in order to demonstrate its utility to improve system security, the identifiers provided by RO-PUFs implemented on different devices have been used in a Helper Data Algorithm (HDA) to obfuscate and retrieve a secret key.
Multi-Unit Serial Polynomial Multiplier to Accelerate NTRU-Based Cryptographic Schemes in IoT Embedded Systems
S. Sánchez-Solano, E. Camacho-Ruiz, M.C. Martínez-Rodríguez and P. Brox
Journal Paper · Sensors, vol. 22, no. 5, article 2057, 2022
abstract
doi
Concern for the security of embedded systems that implement IoT devices has become a crucial issue, as these devices today support an increasing number of applications and services that store and exchange information whose integrity, privacy, and authenticity must be adequately guaranteed. Modern lattice-based cryptographic schemes have proven to be a good alternative, both to face the security threats that arise as a consequence of the development of quantum computing and to allow efficient implementations of cryptographic primitives in resource-limited embedded systems, such as those used in consumer and industrial applications of the IoT. This article describes the hardware implementation of parameterized multi-unit serial polynomial multipliers to speed up time-consuming operations in NTRU-based cryptographic schemes. The flexibility in selecting the design parameters and the interconnection protocol with a general-purpose processor allow them to be applied both to the standardized variants of NTRU and to the new proposals that are being considered in the post-quantum contest currently held by the National Institute of Standards and Technology, as well as to obtain an adequate cost/performance/security-level trade-off for a target application. The designs are provided as AXI4 bus-compliant intellectual property modules that can be easily incorporated into embedded systems developed with the Vivado design tools. The work provides an extensive set of implementation and characterization results in devices of the Xilinx Zynq-7000 and Zynq UltraScale+ families for the different sets of parameters defined in the NTRUEncrypt standard. It also includes details of their plug and play inclusion as hardware accelerators in the C implementation of this public-key encryption scheme codified in the LibNTRU library, showing that acceleration factors of up to 3.1 are achieved when compared to pure software implementations running on the processing systems included in the programmable devices.
A Configurable RO-PUF for Securing Embedded Systems Implemented on Programmable Devices
M.C. Martínez-Rodríguez, E. Camacho-Ruiz, P. Brox and S. Sánchez-Solano
Journal Paper · Electronics, vol. 10, no. 16, article 1957, 2021
abstract
doi pdf
Improving the security of electronic devices that support innovative critical services (digital administrative services, e-health, e-shopping, and on-line banking) is essential to lay the foundations of a secure digital society. Security schemes based on Physical Unclonable Functions (PUFs) take advantage of intrinsic characteristics of the hardware for the online generation of unique digital identifiers and cryptographic keys that allow to ensure the protection of the devices against counterfeiting and to preserve data privacy. This paper tackles the design of a configurable Ring Oscillator (RO) PUF that encompasses several strategies to provide an efficient solution in terms of area, timing response, and performance. RO-PUF implementation on programmable logic devices is conceived to minimize the use of available resources, while operating speed can be optimized by properly selecting the size of the elements used to obtain the PUF response. The work also describes the interface added to the PUF to facilitate its incorporation as hardware Intellectual Property (IP)-modules into embedded systems. The performance of the RO-PUF is proven with an extensive battery of tests, which are executed to analyze the influence of different test strategies on the PUF quality indexes. The configurability of the proposed RO-PUF allows establishing the most suitable ‘cost/performance/security-level’ trade-off for a certain application.
Timing-Optimized Hardware Implementation to Accelerate Polynomial Multiplication in the NTRU Algorithm
E. Camacho-Ruiz, S. Sánchez-Solano, P. Brox and M.C. Martínez-Rodríguez
Journal Paper · ACM Journal on Emerging Technologies in Computing Systems, vol. 17, no. 3, article 35, 2021
abstract
doi
Post-quantum cryptographic algorithms have emerged to secure communication channels between electronic devices faced with the advent of quantum computers. The performance of post-quantum cryptographic algorithms on embedded systems has to be evaluated to achieve a good trade-off between required resources (area) and timing. This work presents two optimized implementations to speed up the NTRUEncrypt algorithm on a system-on-chip. The strategy is based on accelerating the most time-consuming operation that is the truncated polynomial multiplication. Hardware dedicated modules for multiplication are designed by exploiting the presence of consecutive zeros in the coefficients of the blinding polynomial. The results are validated on a PYNQ-Z2 platform that includes a Zynq-7000 SoC from Xilinx and supports a Python-based programming environment. The optimized version that exploits the presence of double, triple, and quadruple consecutive zeros offers the best performance in timing, in addition to considerably reducing the possibility of an information leakage against an eventual attack on the device, making it practically negligible.
Hardware Implementation of Authenticated Ciphers for Embedded Systems
M.C. Martínez-Rodríguez, S. Sauro, P. Brox and S. Sánchez-Solano
Journal Paper · IEEE Latin America Transactions, vol. 18, no. 9, pp 1581-1591, 2020
abstract
The demand for embedded systems in applications that handle critical or private information has strongly focused designers' attention on the security aspects of this kind of system. Using the C programs and HDL descriptions available in the repositories of the CAESAR Competition and the ATHENa Project, this work presents a design flow that eases the development and evaluation of different solutions for the hardware implementation of authenticated ciphers and their incorporation as accelerating peripherals in embedded systems for different application cases. Three ciphers, finalists in the different categories established in the contest, have been analyzed, although the described approaches can be applied to any of the proposals submitted to the CAESAR Competition. A Zybo-Z7 development board that incorporates a Zynq-7000 device from Xilinx, which combines programmable logic from the FPGAs of the 7-Series with a dual-core Cortex-A9 ARM processing system, has been used as hardware platform in all the designs. The Vivado environment has been employed to perform the different stages of synthesis and verification necessary to carry out the implementation of the cipher, its conversion into an IP module, and its integration in an embedded system using different interconnection schemes that allow establishing cost/performance tradeoffs for different applications.
A comparative analysis of VLSI trusted virtual sensors
M.C. Martínez-Rodríguez, P. Brox and I. Baturone
Journal Paper · Microprocessors and Microsystems, vol. 61, pp 108-116, 2018
abstract
doi pdf
This paper analyzes three cryptographic modules suitable for digital designs of trusted virtual sensors into integrated circuits, using 90-nm CMOS technology. One of them, based on the keyed-hash message authentication code (HMAC) standard employing a PHOTON-80/20/16 lightweight hash function, ensures integrity and authentication of the virtual measurement. The other two, based on CAESAR (the Competition for Authenticated Encryption: Security, Applicability, and Robustness) third-round candidates AEGIS-128 and ASCON-128, ensure also confidentiality. The cryptographic key required is not stored in the sensor but recovered in a configuration operation mode from non-sensitive data stored in the non-volatile memory of the sensor and from the start-up values of the sensor SRAM acting as a Physical Unclonable Function (PUF), thus ensuring that the sensor is not counterfeit. The start-up values of the SRAM are also employed in the configuration operation mode to generate the seed of the nonces that make sensor outputs different and, hence, resistant to replay attacks. The configuration operation mode is slower if using CAESAR candidates because the cryptographic key and nonce have 128 bits instead of the 60 bits of the key and 32 bits of the nonce in HMAC. Configuration takes 416.8 μs working at 50 MHz using HMAC and 426.2 μs using CAESAR candidates. In the other side, the trusted sensing mode is much faster with CAESAR candidates with similar power consumption. Trusted sensing takes 212.62 μs at 50 MHz using HMAC, 0.72 μs using ASCON, and 0.42 μs using AEGIS. AEGIS allows the fastest trusted measurements at the cost of more silicon area, 4.4 times more area than HMAC and 5.4 times more than ASCON. ASCON allows fast measurements with the smallest area occupation. The module implementing ASCON occupies 0.026 mm2 in a 90-nm CMOS technology.
VLSI Design of Trusted Virtual Sensors
M.C. Martínez-Rodríguez, M.A. Prada-Delgado, P. Brox and I. Baturone
Journal Paper · Sensors, vol. 18, no. 2, article 347, 2018
abstract
doi pdf
This work presents a Very Large Scale Integration (VLSI) design of trusted virtual sensors providing a minimum unitary cost and very good figures of size, speed and power consumption. The sensed variable is estimated by a virtual sensor based on a configurable and programmable PieceWise-Affine hyper-Rectangular (PWAR) model. An algorithm is presented to find the best values of the programmable parameters given a set of (empirical or simulated) input-output data. The VLSI design of the trusted virtual sensor uses the fast authenticated encryption algorithm, AEGIS, to ensure the integrity of the provided virtual measurement and to encrypt it, and a Physical Unclonable Function (PUF) based on a Static Random Access Memory (SRAM) to ensure the integrity of the sensor itself. Implementation results of a prototype designed in a 90-nm Complementary Metal Oxide Semiconductor (CMOS) technology show that the active silicon area of the trusted virtual sensor is 0.86 mm 2 and its power consumption when trusted sensing at 50 MHz is 7.12 mW. The maximum operation frequency is 85 MHz, which allows response times lower than 0.25 μs. As application example, the designed prototype was programmed to estimate the yaw rate in a vehicle, obtaining root mean square errors lower than 1.1%. Experimental results of the employed PUF show the robustness of the trusted sensing against aging and variations of the operation conditions, namely, temperature and power supply voltage (final value as well as ramp-up time).
Application specific integrated circuit solution for multi-input multi-output piecewise-affine functions
P. Brox, M.C. Martínez-Rodríguez, E. Tena-Sánchez, I. Baturone and A.J. Acosta
Journal Paper · International Journal of Circuit Theory and Applications, vol. 44, no. 1, pp. 4-20, 2015
abstract
doi
This paper presents a fully digital architecture and its application specific integrated circuit implementation for computing multi-input multi-output (MIMO) piecewise-affine (PWA) functions. The work considers both PWA functions defined over regular hyperrectangular and simplicial partitions of the input domains and also lattice PWA representations. The proposed architecture is able to implement PWA functions following different realization strategies, using a common structure with a minimized number of blocks, thus reducing power consumption and hardware resources. Experimental results obtained with application specific integrated circuit (ASIC) integrated in a 90-nm complementary metal-oxide semiconductor standard technology are provided. The proposed architecture is compared with other digital architectures in the state of the art habitually used to implement model predictive control applications. The proposal is superior in power consumption (saving up to 86%) and economy of hardware resources (saving up to 40% in comparison with a mere replication of the three representations) to other proposals described in literature, being ready to be used in applications where high-performance and minimum unitary cost are required.
Digital VLSI Implementation of Piecewise-Affine Controllers Based on Lattice Approach
M.C. Martínez-Rodríguez, P. Brox, P. and I. Baturone
Journal Paper · IEEE Transactions on Control Systems Technology, vol. 23, no. 3, pp 842-854, 2015
abstract
doi pdf
This paper presents a small, fast, low-power consumption solution for piecewise-affine (PWA) controllers. To achieve this goal, a digital architecture for very-large-scale integration (VLSI) circuits is proposed. The implementation is based on the simplest lattice form, which eliminates the point location problem of other PWA representations and is able to provide continuous PWA controllers defined over generic partitions of the input domain. The architecture is parameterized in terms of number of inputs, outputs, signal resolution, and features of the controller to be generated. The design flows for field-programmable gate arrays and application-specific integrated circuits are detailed. Several application examples of explicit model predictive controllers (such as an adaptive cruise control and the control of a buck-boost dc-dc converter) are included to illustrate the performance of the VLSI solution obtained with the proposed lattice-based architecture.
A programmable and configurable ASIC to generate piecewise-affine functions defined over general partitions
P. Brox, R. Castro-Ramirez, M.C. Martinez-Rodriguez, E. Tena, C.J. Jimenez, I. Baturone and A.J. Acosta
Journal Paper · IEEE Transactions on Circuits and Systems I: Regular Papers, vol. 60, no. 12, pp 3182-3194, 2013
abstract
doi
This paper presents a programmable and configurable architecture and its inclusion in an Application Specific Integrated Circuit (ASIC) to generate Piecewise-Affine (PWA) functions. A Generic PWA form (PWAG) has been selected for integration, because of its suitability to implement any PWA function without resorting to approximation. The design of the ASIC in a 90 nm TSMC technology, its integration, test and characterization through different examples are detailed in the paper. Furthermore, the ASIC verification using an ASIC-in-the-loop methodology for embedded control applications is presented. To assess the characteristics of this verification, the double-integrator, a usual control application example has been considered. Experimental results validate the proposed architecture and the ASIC implementation.
Conferences
Full Open-Source Implementation of an Academic RISC-V on FPGA
P. Navarro-Torrero, M.C. Martínez-Rodríguez, A. Barriga-Barros and P. Brox
Conference · 2024 XVI Congreso de Tecnología, Aprendizaje y Enseñanza de la Electrónica (TAEE)
abstract
doi
In alignment with the ethos of openness and democracy inherent in the RISC-V architecture, our research endeavors have been directed towards the utilization of open-source tools for the implementation of a simple but didactic RISC-V processor denoted as ASTIRV32I. The paper discusses the design strategies, memory mapping, physical verification procedures, and performance evaluation of the ASTIRV32I processor. Furthermore, it highlights the successful validation of the implemented design through the execution of fundamental algorithms, exemplifying the practicality and viability of the RISC-V-based processor design and serving as a proof-of-concept for open-source FPGA design.
Digital Design Flow Based on Open Tools for Programmable Logic Devices
P. Navarro-Torrero, L.F. Rojas-Muñoz, M.C. Martínez-Rodríguez, A. Barriga-Barros, C.J. Jiménez-Fernández, M. Brox and P. Brox
Conference · 2024 XVI Congreso de Tecnología, Aprendizaje y Enseñanza de la Electrónica (TAEE)
abstract
doi
In this demonstrator, a design flow based on a set of open-source tools is showcased, enabling the simulation, synthesis, implementation, and programming of digital systems on programmable logic devices. Three academic examples, increasing in complexity, are shown running on open hardware development boards to demonstrate the validity of the digital design flow based on the APIO environment.
Cryptographic Security Through a Hardware Root of Trust
L.F. Rojas-Muñoz, S. Sánchez-Solano, M.C. Martínez-Rodríguez, E. Camacho-Ruiz, P. Navarro-Torrero, A. Karmakar, C. Fernández-García, E. Tena-Sánchez, F.E. Potestad-Ordóñez, A. Casado-Galán, P. Ortega-Castro, A.J. Acosta-Jiménez, C.J. Jiménez-Fernández and P. Brox
Conference · Applied Reconfigurable Computing. Architectures, Tools, and Applications (ARC), 2024
abstract
doi
This work presents a novel approach to a Hardware Root-of-Trust that leverages System-on-Chip technology for the implementation of hardware cryptographic functions. Taking advantage of the processing power of a System-on-Chip, the solution established promotes hardware-based security solutions over software-only solutions. The proposed Root-of-Trust, developed around a Xilinx Zynq-7000 SoC device, integrates components based on cryptographic algorithms and physical phenomena. This innovative Root-of-Trust is tailored to support a spectrum of security tasks within cryptographic systems, including device-specific identifiers and keys, encryption and decryption, hashing, and signature generation and verification. The study adopts a unified design methodology, capitalizing on collaborative efforts to efficiently develop hardware primitives that significantly contribute to enhancing security in computing environments. Aligned with the advantages of reconfigurable hardware, this Hardware Root-of-Trust addresses the critical need for robust hardware-level security and introduces a set of countermeasures to fortify the design against potential threats.
A Simple Power Analysis of an FPGA implementation of a polynomial multiplier for the NTRU cryptosystem
E. Camacho-Ruiz, S. Sánchez-Solano, M.C. Martínez-Rodríguez, E. Tena-Sánchez and P. Brox
Conference · XXXVIII Conference on Design of Circuits and Integrated Systems DCIS 2023
abstract
Abstract not available
HW/SW implementation of RSA digital signature on a RISC-V-based System-on-Chip
A. Karmakar, S. Sánchez-Solano, M.C. Martínez-Rodríguez and P. Brox
Conference · XXXVIII Conference on Design of Circuits and Integrated Systems DCIS 2023
abstract
Abstract not available
A complete SHA-3 hardware library based on a high efficiency Keccak design
E. Camacho-Ruiz, S. Sánchez-Solano, M.C. Martínez-Rodríguez and P. Brox
Conference · IEEE Nordic Circuits and Systems Conference (NorCAS), 2023
abstract
Hash functions are a crucial part of the cryptographic primitives. So much so that in 2007 a new competition was launched to select new standards for the SHA-3 function, which was won by Keccak. Since then, many software and hardware implementations have been submitted, claiming to reduce the number of operation cycles or increase design efficiency. Thus, this work aims to present a new hardware solution for the Keccak function, which forms the core of SHA-3, that achieves a high degree of tunability and is competitive with the state of the art. In addition, this work presents the integration of these designs into a hardware IP module together with the relevant drivers and functions that allow their use in software environments. Preliminary tests have shown an acceleration of up to 10 times compared to pure software code.
Secure Platform for ICT systems rooted at the silicon manufacturing process
C. Andriamisaina, F. Thabet, J-R Coulon, G. Chauvon, A. Cabrera Aldaya, N. Tuveri, M.C. Martínez-Rodríguez and P. Brox
Conference · RISC-V Summit Europe 5-9 June, 2023
abstract
Abstract not available
Root of Trust Components to Increase Security of RISC-V Based Systems on Chips
L.F. Rojas-Muñoz, S. Sánchez-Solano, M.C. Martínez-Rodríguez and P. Brox
Conference · RISC-V Summit Europe 5-9 June, 2023
abstract
Abstract not available
Análisis y evaluación de un RO-PUF como TRNG
L.F. Rojas-Muñoz, S. Sánchez-Solano, M.C. Martínez-Rodríguez and P. Brox
Conference · Jornadas Nacionales de Investigación en Ciberseguridad JNIC 2023
abstract
Abstract not available
True Random Number Generator based on RO-PUF
L.F. Rojas-Muñoz, S. Sánchez-Solano, M.C. Martínez-Rodríguez and P. Brox
Conference · Conference on Design of Circuits and Integrated Circuits DCIS 2022
abstract
The implementation of true random number generators is of vital importance to preserve the reliability of cryptographic systems. The lack of entropy can compromise their integrity, affecting the security of the entire chain of applications. Ensuring the effectiveness of a random number generator can be understood as reducing the risk of information loss due to possible attacks by third parties. This paper presents a novel approach for a true random number generator based on a Ring Oscillator- Physical Unclonable Function. Since the principle of operation of physical unclonable functions is based on the physical properties of each device, they can be used for security applications such as device identification, counterfeit prevention and increase the robustness of cryptographic functions. In addition, increasing the versatility of the design to use them as a source of entropy, they can also fulfill tasks such as generation of initialization vectors or nonces and keys for symmetric cryptography. The system incorporates multiple operating configurations, which allows a complete analysis of its performance to adapt it to different application scenarios. The randomness and correct operation of the proposed design have been evaluated online, by incorporating it into a hybrid HW/SW embedded system able to run the official test suite published by the National Institute of Standards and Technology without any need for post-processing. The architecture has been designed for Xilinx Zynq-700 family devices and implemented on the Pynq-Z2 development board.
Hardware dedicado para la optimización temporal del algoritmo NTRU
E. Camacho-Ruiz, M.C. Martínez-Rodríguez, S. Sánchez-Solano and Piedad Brox
Conference · Jornadas Nacionales de Investigación en Ciberseguridad JNIC 2022
abstract
Los actuales algoritmos criptográficos se encuentran amenazados por la inminente llegada de la computación cuántica, por lo que los organismos internacionales, especialmente aquellos relacionados con la ciberseguridad, están potenciando el estudio e implementación de algoritmos que permitan volver a establecer entornos seguros de comunicación. En concreto, se plantean los algoritmos criptográficos post-cuánticos. Dentro de los algoritmos propuestos se encuentra el NTRU. Su principal inconveniente es el excesivo tiempo que requiere la multiplicación de polinomios usada en el proceso de cifrado. Por ello, este trabajo tiene como principal objetivo estudiar la posibilidad de utilizar hardware dedicado para acelerar la multiplicación. El uso de técnicas de codiseño hardware/software permite una implementación eficiente del criptosistema, donde las partes más costosas se ejecutan a nivel hardware. Este breve resumen recoge las últimas aportaciones que el grupo de investigación ha realizado en esta línea.
Diseño y evaluación de las prestaciones de funciones físicas no clonables basadas en osciladores en anillo sobre FPGAs
M.C. Martínez-Rodríguez, E. Camacho-Ruiz, P. Brox and S. Sánchez-Solano
Conference · Jornadas Nacionales de Investigación en Ciberseguridad JNIC 2022
abstract
Los esquemas de seguridad basados en funciones físicas no clonables aprovechan las características intrínsecas del hardware para mejorar la seguridad de los dispositivos electrónicos. Este resumen presenta dos trabajos para diseñar y caracterizar funciones físicas no clonables basados en osciladores en anillo propuestas por nuestro grupo de investigación. El primero se centra en el flujo de diseño y caracterización basado en una herramienta incluida en el entorno de Matlab, mientras que el segundo presenta y caracteriza una función física no clonable basada en osciladores en anillo muy compacta y altamente configurable usando un flujo de diseño para sistemas empotrados basado en el entorno PYNQ.
Secure Platform for ICT Systems Rooted at the Silicon Manufacturing Process (SPIRS)
P. Brox, M.C. Martínez-Rodríguez and D. Arroyo
Conference · Jornadas Nacionales de Investigación en Ciberseguridad JNIC 2022
abstract
Internet of Things and ubiquitous/pervasive computing are shaping our world where smart devices enter every aspect of our everyday life. This is why privacy-enhancing technologies are all the more important. In this context, the Eufunded ‘Secure Platform for ICT Systems Rooted at the Silicon Manufacturing Process’ project will design a platform that integrates a hardware dedicated Root-of-Trust and a processor core with the capability of offering a full suite of security services. The platform will be able to leverage this capability to support privacy respectful attestation mechanisms and enable trusted communication channels across 5G infrastructures. The project will also provide solutions to integrate the platform in the deployment of cryptographic protocols and network infrastructures in a trustworthy way.
Graphic user interface for learning communications physics
M.C. Martínez-Rodríguez and L.A. Camuñas-Mesa
Conference · Congreso de Tecnología, Aprendizaje y Enseñanza de la Electrónica TAEE 2022
abstract
Learning signal processing both in time and frequency domain is usually limited to receiving a deep theoretical background. In order to improve the understanding of this topic, we propose some practical experiments writing scripts in Matlab&Simulink environment, including the development of a Graphic User Interface (GUI) illustrating the main concepts about signal processing and reinforcing the theory learned previously.
Learning about nanodevices using experimental characterization equipment
L.A. Camuñas-Mesa and M.C. Martínez-Rodríguez
Conference · Congreso de Tecnología, Aprendizaje y Enseñanza de la Electrónica TAEE 2022
abstract
Learning about emerging nanodevices for university students is usually limited to theoretical descriptions, given the lack of availability of such devices and appropriate test equipment in standard electronics labs. However, the possibility to develop some practical work is crucial to improve the understanding of theoretical concepts. In the framework of the ‘Nanomaterials and nanotechnology’ course (4th year of the Degree on Materials Engineering), this paper presents some practical experiments to test and characterize memristive devices using an affordable lab setup with commercial equipment.
Design Flow to Evaluate the Performance of Ring Oscillator PUFs on FPGAs
M.C. Martínez-Rodríguez, E. Camacho-Ruiz, S. Sánchez-Solano and P. Brox
Conference · Conference on Design of Circuits and Integrated Systems DCIS 2021
abstract
This work presents a unified framework to design, implement and evaluate the performance of Ring Oscillator Physical Unclonable Functions (RO PUFs) on FPGAs. The design flow uses a Digital Signal Processing (DSP) tool integrated into the Matlab environment. The use of this tool eases the evaluation of the PUF performance. The DSP tool provides an environment to apply the challenges to the RO PUF, acquire the responses by using hardware (HW) co-simulation, and compute a set of metrics to quantify the stability, probability and entropy of the PIF response. Additionally, the robustness of the PUF response is proved in the generation of secret keys. The design flow was applied to evaluate the performance of RO PUFs implemented on 17 Basys 3 Artix-7 FPGA Boards.
SoK: Remote Power Analysis
M.C. Martínez-Rodríguez, I.M. Delgado-Lozano and B.B. Brumley
Conference · International Conference on Availability, Reliability and Security ARES 2021
abstract
In recent years, numerous attacks have appeared that aim to steal secret information from their victim using the power side-channel vector, yet without direct physical access. These attacks are called Remote Power Attacks or Remote Power Analysis, utilizing resources that are natively present inside the victim environment. However, there is no unified definition about the limitations that a power attack requires to be defined as remote. This paper aims to propose a unified definition and concrete threat models to clearly differentiate remote power attacks from non-remote ones. Additionally, we collect the main remote power attacks performed so far from the literature, and the principal proposed countermeasures to avoid them. The search of such countermeasures denoted a clear gap in preventing remote power attacks at the technical level. Thus, the academic community must face an important challenge to avoid this emerging threat, given the clear room for improvement that should be addressed in terms of defense and security of devices that work with private information.
Accelerating the Development of NTRU Algorithm on Embedded Systems
E. Camacho-Ruiz, M.C. Martínez-Rodríguez, S. Sánchez-Solano and P. Brox
Conference · Conference on Design of Circuits and Integrated Systems DCIS 2020
abstract
The advent of quantum computers represents a serious threat to current public key cryptosystems. To face this problem the so-called Post-Quantum (PQ) cryptographic solutions are being developed, many of which have been presented to the competition launched by NIST to evaluate proposals of PQ cryptography for standardization and deployment. This paper addresses the implementation of the NTRU PQ cryptographic algorithm on embedded systems. Using a Python-based development framework to accelerate the design process, software-only and hybrid (HW/SW) implementations of NTRU are evaluated in terms of operation speed and resource consumption on a System-on-Chip (SoC). Results show that hardware implementation of critical operations in conjuction with a Python+C programming allows an increase in performance that ranges from 130 to 450 depending on the selected scenario to use the algorithm.
CMOS digital design of a trusted virtual sensor
M.C. Martínez-Rodríguez, M.A. Prada, P. Brox and I. Baturone
Conference · IEEE Nordic Circuits and Systems Conference NORCAS 2017
abstract
This work presents the digital design of a trusted virtual sensor. The virtual sensor implements a piecewise-affine (PWA)-based model to estimate the sensed variable. The measurement is authenticated with the keyed-hash message authentication code (HMAC) standard. To ensure the integrity of the sensor, the static random access memory (SRAM) required by the sensor is also used as physical unclonable function (PUF). Implementation results of the design in a 90-nm CMOS technology show that the security blocks occupy 5.1% of the area occupied by the required PWA blocks and consume 15.4% of the power consumed by the required PWA blocks. The sensor is able to provide trusted outputs in 106.3 microseconds when working at 100 MHz.
Dedicated Hardware IP Module for Fingerprint Recognition
M.C. Martínez-Rodríguez, R. Arjona, P. Brox and I. Baturone
Conference · International Symposium on Consumer Electronics ISCE 2015
abstract
This work presents a dedicated hardware IP module for fingerprints recognition based on a feature, named QFingerMap, which is very suitable for VLSI design. FPGA implementation results of the IP module are given. A demonstrator has been developed to evaluate the IP module behavior in a real scenario.
Programmable ASICs for Model Predictive Control
M.C. Martínez-Rodríguez, P. Brox, E. Tena, A.J. Acosta and I. Baturone
Conference · IEEE International Conference on Industrial Technology ICIT 2015
abstract
Two configurable and programmable ASICs that implement piecewise-affine (PWA) functions have been designed in TSMC 90-nm technology in response to industry demands for embedded, fast response time, and low power solutions for Model Predictive Control (MPC). An automated model-based design flow can extract the parameters necessary for the configuration and the programming of both ASICs. Two application examples in the automotive field illustrate the design flow and the behavior of the ASICs.
Dedicated Hardware IP Module for Extracting Singular Points from Fingerprints
M.C. Martínez-Rodríguez, R. Arjona, P. Brox and I. Baturone
Conference · IEEE International Conference on Electronics Circuits and Systems ICECS 2014
abstract
pdf
In this paper a new digital dedicated hardware IP module for extracting singular points from fingerprints is presented (in particular convex cores). This module comprises four main blocks that implement an image directional extraction, a smoothing process, singular point detection and finally, a post processing to obtain the exact location of the singular point. A Verilog HDL description has been developed for this solution. The description has been synthesized and implemented in FPGAs from Xilinx.
Reducing bit flipping problems in SRAM physical unclonable functions for chip identification
S. Eiroa, J. Castro, M.C. Martínez-Rodríguez, E. Tena, P. Brox and I. Baturone
Conference · IEEE International Conference on Electronics, Circuits, and Systems ICECS 2012
abstract
pdf
Physical Unclonable functions (PUFs) have appeared as a promising solution to provide security in hardware. SRAM PUFs offer the advantage, over other PUF constructions, of reusing resources (memories) that already exist in many designs. However, their intrinsic noisy nature produces the so called bit flipping effect, which is a problem in circuit identification and secret key generation. The approaches reported to reduce this effect usually resort to the use of pre- and post-processing steps (such as Fuzzy Extractor structures combined with Error Correcting Codes), which increase the complexity of the system. This paper proposes a pre-processing step that reduces bit flipping problems without increasing the hardware complexity. The proposal has been verified experimentally with 90-nm SRAMs included in digital application specific integrated circuits (ASICs).
ASIC-in-the-loop methodology for verification of piecewise affine controllers
M. Martínez-Rodríguez, P. Brox, J. Castro, E. Tena, A. Acosta and I. Baturone
Conference · IEEE International Conference on Electronics, Circuits, and Systems ICECS 2012
abstract
pdf
This paper exposes a hardware-in-the-loop metho- dology to verify the performance of a programmable and confi- gurable application specific integrated circuit (ASIC) that imple- ments piecewise affine (PWA) controllers. The ASIC inserted into a printed circuit board (PCB) is connected to a logic analyzer that generates the input patterns to the ASIC (in particular, the values to program the memories, configuration parameters, and values of the input signals). The output provided by the ASIC is also taken by the logic analyzer. A Matlab program controls the logic analyzer to verify the PWA controller implemented by the ASIC in open-loop as well as in closed-loop configurations.
Design methodology for FPGA implementation of lattice piecewise-affine functions
M.C. Martínez-Rodríguez, I. Baturone and P. Brox
Conference · International Conference on Field-Programmable Technology FPT 2011
abstract
pdf
This paper describes a design methodology to implement on FPGAs piecewise-affine (PWA) functions based on representation methods from the lattice theory. An off-line automatic processing starts at the algorithmic formulation of the problem, obtains the parameters required by a parameterized digital architecture, and ends with the bitstream to program an FPGA. The methodology has been proven to implement PWA functions on Xilinx FPGAs. The results are compared with other approaches for FPGA implementations of PWA functions. © 2011 IEEE.
Circuit implementation of piecewise-affine functions based on lattice representation
M.C. Martínez-Rodríguez, I. Baturone and P. Brox
Conference · European Conference on Circuit Theory and Design ECCTD 2011
abstract
pdf
This paper introduces a digital architecture to implement piecewise-affine (PWA) functions based on representation methods from the lattice theory. Given an explicit and continuous PWA function, the parameters required to implement the lattice approach can be obtained by an off-line preprocessing that can be automated. Other advantages of the proposal are that it implements a continuous PWA function with potentially no errors and the minimum number of parameters to store. This has been proven experimentally by implementing the proposal in a Xilinx FPGA and comparing its performance with other implementations, all of them addressing a typical non linear control problem. © 2011 IEEE.
Digital implementation of hierarchical piecewise-affine controllers
I. Baturone, M.C. Martínez-Rodríguez, P. Brox, A. Gersnoviez and S. Sánchez-Solano
Conference · IEEE International Symposium on Industrial Electronics ISIE 2011
abstract
pdf
This paper proposes the design of hierarchical piecewise-affine (PWA) controllers to alleviate the processing time or prohibitive memory requirements of large controller structures. The constituent PWA modules of the hierarchical solution have fewer inputs and/or coarser partitions, so that they can reduce considerably the hardware resources required and/or the time response of the controller. A design methodology aided by CAD tools is employed to design the parameters of the controller, implement its architecture in an FPGA, and verify the static and dynamic behavior of the digital implementation by applying hardware-in-the-loop testing. © 2011 IEEE.
Books
No results
Book Chapters
Remote Sensing of Cell-Culture Assays
P. Pérez, A. Maldonado-Jacobi, A.J. López, C. Martínez, A. Olmo, G. Huertas and A. Yufera
Book Chapter · New Insights into Cell Culture Technology, pp 135-155, 2017
abstract
doi
This chapter describes a full system developed to perform the remote sensing of cell-culture experiments from any access point with internet connection. The proposed system allows the real-time monitoring of cell assays thanks to bioimpedance measurement circuits developed to count the number of cell present in a culture. Cell-culture characterization is performed through the measurement of the increasing bioimpedance parameter over time. The circuit implementation is based on the oscillation-based test (OBT) methodology. Bioimpedance of cell cultures is measured in terms of the oscillation parameters (frequency, amplitude, phase, etc.) and used as empirical markers to carry out an appropriate interpretation in terms of cell size identification, cell counting, cell growth, growth rhythm, etc. The device is capable of managing the whole sensing task and performs wireless communication through a Bluetooth module. Data are interpreted and displayed on a computer or a mobile phone through a web application. The system has its practical application in drug development processes, offering a label-free, high-throughput, and high-content screening method for cellular research, avoiding the classical end-point techniques and a significant workload and cost material reduction.
Other publications
No results