Hardware Security and Trust
A special issue of Information (ISSN 2078-2489). This special issue belongs to the section "Information and Communications Technology".
Deadline for manuscript submissions: 31 May 2024 | Viewed by 4417
Special Issue Editor
Special Issue Information
Dear Colleagues,
The presence of security functions at any level is becoming more and more pervasive in every aspect of society due the increasing number of connected devices and heavy data processing. Moreover, the advances in processing power and computing paradigms also push for research into novel schemes and protocols, which pose new challenges in terms of implementations. The search for new cryptographic schemes, in order to find strong successors to the existing standards, and for novel computing approaches requires continuous effort from the engineering community in order to achieve the best results.
In many domains, the need for adequate performance will require recurring hardware acceleration, at least partially: the presence of cryptographic functions in embedded processors as software or hardware implementations is now established, and the trend shows that all sorts of devices will soon be equipped with security features to guarantee confidentiality and authenticity. On the other hand, the possibilities available to attackers aiming to bypass the security of a system have also increased. Microarchitectural vulnerabilities found in modern CPUs (e.g., Spectre, Meltdown, Spoiler, RowHammer) are very recent, proving that possible breaches may be discovered at any time. “Traditional” implementation attacks (side channel analysis, fault attacks) are still a major concern, which needs continuous efforts from the research community in both directions: attacks and countermeasures, from the lowest to the highest level of abstraction.
This Special Issue seeks novel contributions to improve the current state-of-the-art literature on methodologies, tools, and results on architectures, experimental attacks, and countermeasures for embedded systems in the field of hardware security and trust. Topics of interest include but are not limited to the following:
- Embedded implementation of cryptographic algorithms;
- Physical attacks against embedded implementations and related countermeasures;
- Security of test infrastructures;
- Hardware Trojans and detection techniques;
- Hardware security primitives;
- Secure processors and architectures;
- Microarchitectural attacks: characterization, exploitation, protections;
- Post-quantum cryptographic implementations;
- Lightweight cryptographic implementations;
- Secure implementation in constrained environments.
Dr. Paolo Maistri
Guest Editor
Manuscript Submission Information
Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.
Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Information is an international peer-reviewed open access monthly journal published by MDPI.
Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.
Keywords
- secure hardware
- physical attacks
- IC trust
Planned Papers
The below list represents only planned manuscripts. Some of these manuscripts have not been received by the Editorial Office yet. Papers submitted to MDPI journals are subject to peer-review.
Title: A Lightweight Crypto Design for Protecting Constraint Devices in Smart Grid
Authors: Radek Fujdiak; Ina Fujdiak; Jiri Misurec
Affiliation: Brno University of Technology
Abstract: The smart grid network consists of various devices, such as smart meters, that communicate sensitive information. These devices are often resource-constrained and overlooked from a cybersecurity perspective. This paper proposes a hybrid lightweight cryptography solution for securing constraint devices in smart grid networks. The solution focuses on ensuring confidentiality, integrity, authenticity, data freshness, and non-repudiation. The proposed solution combines AES-128 CBC, ECDH, CRC-16, and AES-ECB to create a novel lightweight crypto design. Experimental measurements and optimization processes are included to demonstrate the effectiveness of the proposed solution.
Title: Recent Advances in RowHammer Attacks and Defenses
Authors: Hyung-Min Lee
Affiliation: School of Electrical Engineering, Korea University, Seoul, Korea
Abstract: With the advancement of DRAM technology processes, the susceptibility to RowHammer attacks has heightened. Leading technology companies like Intel and AMD employ various countermeasures, including ECC, TRR, and PARA, to combat these threats. However, defense mechanisms are not infallible, and there exist methods to circumvent them. In this paper, we commence by elucidating the fundamental theory and methodologies behind RowHammer. We delve into the architectural intricacies of DRAM DIMMs, the ramifications of RowHammer attacks on computer systems, and the underlying attack mechanisms. Drawing from this foundational understanding, we explore various documented RowHammer attacks, categorizing them based on attack patterns and advancements in RowHammer's attack capabilities. Specifically, in the section on patterns, we concentrate on single-sided, double-sided, half-double, TRR-Bypassing, and one-location attacks. To shed light on the enhancement of its intrinsic attack potential, we discuss RowHammer techniques that leverage cache allocation technology. Further, the paper delves into the influence of RowHammer on web browsers, discussing the rowhammer.js (a side channel approach) and "smash" for JavaScript-centric RowHammer assaults. Shifting the architectural focus, we also examine RowHammer attacks on the ARM architecture, specifically DRAMMER, diverging from the traditionally targeted x86 architecture. Additionally, we touch upon RAMbleed, a RowHammer variant that jeopardizes data confidentiality. We conclude by underscoring the significance of understanding and countering RowHammer, reflecting on the myriad of defense mechanisms dissected.
Title: FEINT: Automated Framework for Efficient INsertion of Templates/Trojans into FPGAs
Authors: Farshad Khorrami
Affiliation: New York University Polytechnic School of Engineering Polytechnic Institute of NYU
Abstract: Field-Programmable Gate Arrays (FPGAs) play a significant and evolving role in various industries and applications in the current technological landscape. They are widely known for their flexibility, rapid prototyping, reconfigurability, and design development features. FPGA designs are often constructed as compositions of interconnected modules that implement the various features/functionalities required in an application. This work develops a novel tool FEINT that facilitates this module composition process and automates the design-level modifications required when introducing new modules into an existing design. The proposed methodology is architected as a "template" insertion tool that operates based on a user-provided configuration script to introduce dynamic design features as plugins at different stages of FPGA design process to facilitate rapid prototyping, composition-based design evolution, and system customization. FEINT can be useful in applications where designers need to tailor system behavior without requiring expert FPGA programming skills or significant manual effort. For example, FEINT can help insert defensive monitoring, adversarial Trojan, and plugin-based functionality enhancement features. FEINT is scalable, future-proof, and agnostic to vendor-specific file formats, ensuring compatibility with FPGA families and tool versions and integrable with commercial tools. To assess FEINT's effectiveness, our tests covered injection of various types of templates/modules into FPGA designs. For example, in the Trojan insertion context, our tests consider diverse Trojan behaviors and triggers, including key leakage and Denial of Service Trojans. We evaluated FEINT applicability to complex designs creating an FPGA design featuring a MicroBlaze soft-core processor connected to an AES-accelerator via an AXI-bus interface. FEINT can successfully and efficiently insert various templates into this design at different FPGA design stages.