Found results matching for:
Author: Eros Camacho Ruiz
Year: Since 2002
Journal Papers
Timing-Attack-Resistant Acceleration of NTRU Round 3 Encryption on Resource-Constrained Embedded Systems
E. Camacho-Ruiz, M.C. Martínez-Rodríguez, S. Sánchez-Solano and P. Brox
Journal Paper · Cryptography, vol. 7, no.2, article 29, 2023
abstract
doi
The advent of quantum computing with high processing capabilities will enable brute force attacks in short periods of time, threatening current secure communication channels. To mitigate this situation, post-quantum cryptography (PQC) algorithms have emerged. Among the algorithms evaluated by NIST in the third round of its PQC contest was the NTRU cryptosystem. The main drawback of this algorithm is the enormous amount of time required for the multiplication of polynomials in both the encryption and decryption processes. Therefore, the strategy of speeding up this algorithm using hardware/software co-design techniques where this operation is executed on specific hardware arises. Using these techniques, this work focuses on the acceleration of polynomial multiplication in the encryption process for resource-constrained devices. For this purpose, several hardware multiplications are analyzed following different strategies, taking into account the fact that there are no possible timing information leaks and that the available resources are optimized as much as possible. The designed multiplier is encapsulated as a fully reusable and parametrizable IP module with standard AXI4-Stream interconnection buses, which makes it easy to integrate into embedded systems implemented on programmable devices from different manufacturers. Depending on the resource constraints imposed, accelerations of up to 30-45 times with respect to the software-level multiplication runtime can be achieved using dedicated hardware, with a device occupancy of around 5%.
Efficient RO-PUF for Generation of Identifiers and Keys in Resource-Constrained Embedded Systems
M.C. Martínez-Rodríguez, L.F. Rojas-Muñoz, E. Camacho-Ruiz, S. Sánchez-Solano and P. Brox
Journal Paper · Cryptography, vol. 6, no.4, article 51, 2022
abstract
doi
The generation of unique identifiers extracted from the physical characteristics of the underlying hardware ensures the protection of electronic devices against counterfeiting and provides security to the data they store and process. This work describes the design of an efficient Physical Unclonable Function (PUF) based on the differences in the frequency of Ring Oscillators (ROs) with identical layout due to variations in the technological processes involved in the manufacture of the integrated circuit. The logic resources available in the Xilinx Series-7 programmable devices are exploited in the design to make it more compact and achieve an optimal bit-per-area rate. On the other hand, the design parameters can also be adjusted to provide a high bit-per-time rate for a particular target device. The PUF has been encapsulated as a configurable Intellectual Property (IP) module, providing it with an AXI4-Lite interface to ease its incorporation into embedded systems in combination with soft- or hard-core implementations of general-purpose processors. The capability of the proposed RO-PUF to generate implementation-dependent identifiers has been extensively tested, using a series of metrics to evaluate its reliability and robustness for different configuration options. Finally, in order to demonstrate its utility to improve system security, the identifiers provided by RO-PUFs implemented on different devices have been used in a Helper Data Algorithm (HDA) to obfuscate and retrieve a secret key.
Multi-Unit Serial Polynomial Multiplier to Accelerate NTRU-Based Cryptographic Schemes in IoT Embedded Systems
S. Sánchez-Solano, E. Camacho-Ruiz, M.C. Martínez-Rodríguez and P. Brox
Journal Paper · Sensors, vol. 22, no. 5, article 2057, 2022
abstract
doi
Concern for the security of embedded systems that implement IoT devices has become a crucial issue, as these devices today support an increasing number of applications and services that store and exchange information whose integrity, privacy, and authenticity must be adequately guaranteed. Modern lattice-based cryptographic schemes have proven to be a good alternative, both to face the security threats that arise as a consequence of the development of quantum computing and to allow efficient implementations of cryptographic primitives in resource-limited embedded systems, such as those used in consumer and industrial applications of the IoT. This article describes the hardware implementation of parameterized multi-unit serial polynomial multipliers to speed up time-consuming operations in NTRU-based cryptographic schemes. The flexibility in selecting the design parameters and the interconnection protocol with a general-purpose processor allow them to be applied both to the standardized variants of NTRU and to the new proposals that are being considered in the post-quantum contest currently held by the National Institute of Standards and Technology, as well as to obtain an adequate cost/performance/security-level trade-off for a target application. The designs are provided as AXI4 bus-compliant intellectual property modules that can be easily incorporated into embedded systems developed with the Vivado design tools. The work provides an extensive set of implementation and characterization results in devices of the Xilinx Zynq-7000 and Zynq UltraScale+ families for the different sets of parameters defined in the NTRUEncrypt standard. It also includes details of their plug and play inclusion as hardware accelerators in the C implementation of this public-key encryption scheme codified in the LibNTRU library, showing that acceleration factors of up to 3.1 are achieved when compared to pure software implementations running on the processing systems included in the programmable devices.
A Configurable RO-PUF for Securing Embedded Systems Implemented on Programmable Devices
M.C. Martínez-Rodríguez, E. Camacho-Ruiz, P. Brox and S. Sánchez-Solano
Journal Paper · Electronics, vol. 10, no. 16, article 1957, 2021
abstract
doi pdf
Improving the security of electronic devices that support innovative critical services (digital administrative services, e-health, e-shopping, and on-line banking) is essential to lay the foundations of a secure digital society. Security schemes based on Physical Unclonable Functions (PUFs) take advantage of intrinsic characteristics of the hardware for the online generation of unique digital identifiers and cryptographic keys that allow to ensure the protection of the devices against counterfeiting and to preserve data privacy. This paper tackles the design of a configurable Ring Oscillator (RO) PUF that encompasses several strategies to provide an efficient solution in terms of area, timing response, and performance. RO-PUF implementation on programmable logic devices is conceived to minimize the use of available resources, while operating speed can be optimized by properly selecting the size of the elements used to obtain the PUF response. The work also describes the interface added to the PUF to facilitate its incorporation as hardware Intellectual Property (IP)-modules into embedded systems. The performance of the RO-PUF is proven with an extensive battery of tests, which are executed to analyze the influence of different test strategies on the PUF quality indexes. The configurability of the proposed RO-PUF allows establishing the most suitable ‘cost/performance/security-level’ trade-off for a certain application.
Timing-Optimized Hardware Implementation to Accelerate Polynomial Multiplication in the NTRU Algorithm
E. Camacho-Ruiz, S. Sánchez-Solano, P. Brox and M.C. Martínez-Rodríguez
Journal Paper · ACM Journal on Emerging Technologies in Computing Systems, vol. 17, no. 3, article 35, 2021
abstract
doi
Post-quantum cryptographic algorithms have emerged to secure communication channels between electronic devices faced with the advent of quantum computers. The performance of post-quantum cryptographic algorithms on embedded systems has to be evaluated to achieve a good trade-off between required resources (area) and timing. This work presents two optimized implementations to speed up the NTRUEncrypt algorithm on a system-on-chip. The strategy is based on accelerating the most time-consuming operation that is the truncated polynomial multiplication. Hardware dedicated modules for multiplication are designed by exploiting the presence of consecutive zeros in the coefficients of the blinding polynomial. The results are validated on a PYNQ-Z2 platform that includes a Zynq-7000 SoC from Xilinx and supports a Python-based programming environment. The optimized version that exploits the presence of double, triple, and quadruple consecutive zeros offers the best performance in timing, in addition to considerably reducing the possibility of an information leakage against an eventual attack on the device, making it practically negligible.
Conferences
Cryptographic Security Through a Hardware Root of Trust
L.F. Rojas-Muñoz, S. Sánchez-Solano, M.C. Martínez-Rodríguez, E. Camacho-Ruiz, P. Navarro-Torrero, A. Karmakar, C. Fernández-García, E. Tena-Sánchez, F.E. Potestad-Ordóñez, A. Casado-Galán, P. Ortega-Castro, A.J. Acosta-Jiménez, C.J. Jiménez-Fernández and P. Brox
Conference · Applied Reconfigurable Computing. Architectures, Tools, and Applications (ARC), 2024
abstract
doi
This work presents a novel approach to a Hardware Root-of-Trust that leverages System-on-Chip technology for the implementation of hardware cryptographic functions. Taking advantage of the processing power of a System-on-Chip, the solution established promotes hardware-based security solutions over software-only solutions. The proposed Root-of-Trust, developed around a Xilinx Zynq-7000 SoC device, integrates components based on cryptographic algorithms and physical phenomena. This innovative Root-of-Trust is tailored to support a spectrum of security tasks within cryptographic systems, including device-specific identifiers and keys, encryption and decryption, hashing, and signature generation and verification. The study adopts a unified design methodology, capitalizing on collaborative efforts to efficiently develop hardware primitives that significantly contribute to enhancing security in computing environments. Aligned with the advantages of reconfigurable hardware, this Hardware Root-of-Trust addresses the critical need for robust hardware-level security and introduces a set of countermeasures to fortify the design against potential threats.
A Simple Power Analysis of an FPGA implementation of a polynomial multiplier for the NTRU cryptosystem
E. Camacho-Ruiz, S. Sánchez-Solano, M.C. Martínez-Rodríguez, E. Tena-Sánchez and P. Brox
Conference · XXXVIII Conference on Design of Circuits and Integrated Systems DCIS 2023
abstract
Abstract not available
A complete SHA-3 hardware library based on a high efficiency Keccak design
E. Camacho-Ruiz, S. Sánchez-Solano, M.C. Martínez-Rodríguez and P. Brox
Conference · IEEE Nordic Circuits and Systems Conference (NorCAS), 2023
abstract
Hash functions are a crucial part of the cryptographic primitives. So much so that in 2007 a new competition was launched to select new standards for the SHA-3 function, which was won by Keccak. Since then, many software and hardware implementations have been submitted, claiming to reduce the number of operation cycles or increase design efficiency. Thus, this work aims to present a new hardware solution for the Keccak function, which forms the core of SHA-3, that achieves a high degree of tunability and is competitive with the state of the art. In addition, this work presents the integration of these designs into a hardware IP module together with the relevant drivers and functions that allow their use in software environments. Preliminary tests have shown an acceleration of up to 10 times compared to pure software code.
Hardware dedicado para la optimización temporal del algoritmo NTRU
E. Camacho-Ruiz, M.C. Martínez-Rodríguez, S. Sánchez-Solano and Piedad Brox
Conference · Jornadas Nacionales de Investigación en Ciberseguridad JNIC 2022
abstract
Los actuales algoritmos criptográficos se encuentran amenazados por la inminente llegada de la computación cuántica, por lo que los organismos internacionales, especialmente aquellos relacionados con la ciberseguridad, están potenciando el estudio e implementación de algoritmos que permitan volver a establecer entornos seguros de comunicación. En concreto, se plantean los algoritmos criptográficos post-cuánticos. Dentro de los algoritmos propuestos se encuentra el NTRU. Su principal inconveniente es el excesivo tiempo que requiere la multiplicación de polinomios usada en el proceso de cifrado. Por ello, este trabajo tiene como principal objetivo estudiar la posibilidad de utilizar hardware dedicado para acelerar la multiplicación. El uso de técnicas de codiseño hardware/software permite una implementación eficiente del criptosistema, donde las partes más costosas se ejecutan a nivel hardware. Este breve resumen recoge las últimas aportaciones que el grupo de investigación ha realizado en esta línea.
Diseño y evaluación de las prestaciones de funciones físicas no clonables basadas en osciladores en anillo sobre FPGAs
M.C. Martínez-Rodríguez, E. Camacho-Ruiz, P. Brox and S. Sánchez-Solano
Conference · Jornadas Nacionales de Investigación en Ciberseguridad JNIC 2022
abstract
Los esquemas de seguridad basados en funciones físicas no clonables aprovechan las características intrínsecas del hardware para mejorar la seguridad de los dispositivos electrónicos. Este resumen presenta dos trabajos para diseñar y caracterizar funciones físicas no clonables basados en osciladores en anillo propuestas por nuestro grupo de investigación. El primero se centra en el flujo de diseño y caracterización basado en una herramienta incluida en el entorno de Matlab, mientras que el segundo presenta y caracteriza una función física no clonable basada en osciladores en anillo muy compacta y altamente configurable usando un flujo de diseño para sistemas empotrados basado en el entorno PYNQ.
High-level design of a novel PUF based on RTN
E. Camacho-Ruiz, R. Castro-Lopez, E. Roca and F.V. Fernandez
Conference · Int. Conf. on Synthesis, Modeling, Analysis and Simulation Methods and Applications to Circuit Design SMACD 2022
abstract
Physically Unclonable Functions (PUFs) have emerged as an alternative to traditional Non-Volatile Memories in the field of lightweight hardware security. Recently, a novel PUF has been presented that uses the Random Telegraph Noise (RTN) phenomenon as the underlying source of entropy. While, in general, the nature of that entropy source largely dictates the quality of a PUF, little attention is often paid, however, to how the PUF architecture and its building blocks impact the PUF quality. This paper addresses the high-level design of the novel PUF to ascertain the extent of that impact and refine the building blocks specifications to mitigate it. Using high-level numerical and mixed-signal electrical simulations, the results demonstrate that it is very important to account for nonidealities in the PUF´s building blocks to prevent PUF quality degradation.
On the use of an RTN simulator to explore the quality trade-offs of a novel RTN-based PUF
E. Camacho-Ruiz, A. Santana-Andreo, R. Castro-Lopez, E. Roca and F.V. Fernandez
Conference · Int. Conf. on Synthesis, Modeling, Analysis and Simulation Methods and Applications to Circuit Design SMACD 2022
abstract
Physical Unclonable Functions (PUFs) use variability as an entropy source from which to generate secure authentication and identification. While most silicon PUFs exploit the well-known Time-Zero Variability of CMOS technologies, the lack of efficient simulation tools for the Time- Dependent Variability (TDV) has left the potential benefits of this other kind of variability largely unexplored. However, recent advances in the field are allowing this exploration to begin. The objective of this paper is then to take a recently reported simulation tool to design a novel PUF that uses the Random Telegraph Noise (RTN), a TDV phenomenon, as the underlying entropy source. In the ensuing analysis, essential design guidelines are provided to best exploit such entropy source with factors like transistor biasing and sizing.
A Novel Physical Unclonable Function Using RTN
E. Camacho-Ruiz, R. Castro-Lopez, E. Roca, P. Brox and F.V. Fernandez
Conference · IEEE International Symposium on Circuits and Systems ISCAS 2022
abstract
PUFs have emerged as an alternative to traditional Non-Volatile Memories in the field of hardware security. In this paper, a novel PUF is proposed that uses the Random Telegraph Noise phenomenon as the underlying source of entropy. This phenomenon manifests as discrete and random shifts in the drain current of transistors and it is characterized by several parameters like the number of the defects in the device, as well as the emission and capture time constants and current shifts of these defects. Using the recently reported Maximum Current Fluctuation metric, it is possible to condense all this information and use it for the PUF design. By forming pairs of transistors, measuring, and comparing their Maximum Current Fluctuation over a given time interval, we demonstrate that it is possible to obtain a PUF. Furthermore, the results reported here show that this RNT-based PUF meets, and even outperforms, other silicon PUFs in terms of uniqueness, unpredictability, and reliability with an evident advantage in silicon area.
Design Flow to Evaluate the Performance of Ring Oscillator PUFs on FPGAs
M.C. Martínez-Rodríguez, E. Camacho-Ruiz, S. Sánchez-Solano and P. Brox
Conference · Conference on Design of Circuits and Integrated Systems DCIS 2021
abstract
This work presents a unified framework to design, implement and evaluate the performance of Ring Oscillator Physical Unclonable Functions (RO PUFs) on FPGAs. The design flow uses a Digital Signal Processing (DSP) tool integrated into the Matlab environment. The use of this tool eases the evaluation of the PUF performance. The DSP tool provides an environment to apply the challenges to the RO PUF, acquire the responses by using hardware (HW) co-simulation, and compute a set of metrics to quantify the stability, probability and entropy of the PIF response. Additionally, the robustness of the PUF response is proved in the generation of secret keys. The design flow was applied to evaluate the performance of RO PUFs implemented on 17 Basys 3 Artix-7 FPGA Boards.
Simulating the impact of Random Telegraph Noise on integrated circuits
P. Saraza-Canflanca, E. Camacho-Ruiz, R. Castro-Lopez, E. Roca, J. Martin-Martinez, R. Rodriguez, M. Nafria and F.V. Fernandez
Conference · Int. Conf. on Synthesis, Modeling, Analysis and Simulation Methods and Applications to Circuit Design SMACD 2021
abstract
This paper addresses the statistical simulation of integrated circuits affected by Random Telegraph Noise (RTN). For that, the
statistical distributions of the parameters of a defectcentric model for RTN are experimentally determined from a purposely
designed integrated circuit with CMOS transistor arrays. Then, these distribution functions are used in a statistical simulation
methodology that, taking into account transistor sizes, biasing conditions and time, can assess the impact of RTN in the performance
of an integrated circuit. Simulation results of a simple circuit are shown together with experimental measurements of a
circuit with the same characteristics implemented in the same CMOS technology.
A study of SRAM PUFs reliability using the Static Noise Margin
E. Camacho-Ruiz, P. Saraza-Canflanca, R. Castro-Lopez, E. Roca, P. Brox and F.V. Fernandez
Conference · Int. Conf. on Synthesis, Modeling, Analysis and Simulation Methods and Applications to Circuit Design SMACD 2021
abstract
The use of SRAM cells as key elements in a Physical Unclonable Function (PUF) has been widely reported. An essential characteristic
the SRAM cell must feature for a reliable PUF is stability, i.e., it must power up consistently to the same value. Different
techniques to measure this stability (and thus improve the PUF reliability) have been reported, such as the Multiple Evaluation
method and, more recently, the Maximum Trip Supply Voltage method, the latter using the Data Retention Voltage (DRV) concept.
While experimental results have been reported, this paper sheds some light from a different perspective: simulation. In this sense,
and using wellknown concepts like butterfly curves, static noise margin and voltage-transfer curves, an analysis is provided on
why and how stability originates in the cell. Moreover, by simulating the butterfly curve behavior when the supply voltage scales
down, it is possible to correlate DRV with stability, thereby confirming the correct theoretical foundation of the MTSV method.
Accelerating the Development of NTRU Algorithm on Embedded Systems
E. Camacho-Ruiz, M.C. Martínez-Rodríguez, S. Sánchez-Solano and P. Brox
Conference · Conference on Design of Circuits and Integrated Systems DCIS 2020
abstract
The advent of quantum computers represents a serious threat to current public key cryptosystems. To face this problem the so-called Post-Quantum (PQ) cryptographic solutions are being developed, many of which have been presented to the competition launched by NIST to evaluate proposals of PQ cryptography for standardization and deployment. This paper addresses the implementation of the NTRU PQ cryptographic algorithm on embedded systems. Using a Python-based development framework to accelerate the design process, software-only and hybrid (HW/SW) implementations of NTRU are evaluated in terms of operation speed and resource consumption on a System-on-Chip (SoC). Results show that hardware implementation of critical operations in conjuction with a Python+C programming allows an increase in performance that ranges from 130 to 450 depending on the selected scenario to use the algorithm.
Books
No results
Book Chapters
No results
Other publications
No results