Cryptography and Security (cs.CR)

Abstract: Physically unclonable functions (PUFs) are increasingly adopted for low-cost and secure secret key and chip ID generations for embedded and IoT devices. Achieving 100% reproducible keys across wide temperature and voltage variations over the lifetime of a device is critical and conventionally requires large masking or Error Correction Code (ECC) overhead to guarantee. This paper presents an Automatic Self Checking and Healing (ASCH) stabilization technique for a state-of-the-art PUF cell design based on sub-threshold inverter chains. The ASCH system successfully removes all unstable PUF cells without the need for expensive temperature sweeps during unstable bit detection. By accurately finding all unstable bits without expensive temperature sweeps to find all unstable bits, ASCH achieves ultra-low bit error rate (BER), thus significantly reducing the costs of using ECC and enrollment. Our ASCH can operate in two modes, a static mode (S-ASCH) with a conventional pre-enrolled unstable bit mask and a dynamic mode (D-ASCH) that further eliminates the need for non-volatile memories (NVMs) for storing masks. The proposed ASCH-PUF is fabricated and evaluated in 65nm CMOS. The ASCH system achieves "0" Bit Error Rate (BER, < 1.77E-9) across temperature variations of -20{\deg}C to 125{\deg}C, and voltage variations of 0.7V to 1.4V, by masking 31% and 35% of all fabricated PUF bits in S-ASCH and D-ASCH mode respectively. The prototype achieves a measured throughput of 11.4 Gbps with 0.057 fJ/b core energy efficiency at 1.2V, 25{\deg}C.

Abstract: The problem of revealing botnet activity through Domain Generation Algorithm (DGA) detection seems to be solved, considering that available deep learning classifiers achieve accuracies of over 99.9%. However, these classifiers provide a false sense of security as they are heavily biased and allow for trivial detection bypass. In this work, we leverage explainable artificial intelligence (XAI) methods to analyze the reasoning of deep learning classifiers and to systematically reveal such biases. We show that eliminating these biases from DGA classifiers considerably deteriorates their performance. Nevertheless we are able to design a context-aware detection system that is free of the identified biases and maintains the detection rate of state-of-the art deep learning classifiers. In this context, we propose a visual analysis system that helps to better understand a classifier's reasoning, thereby increasing trust in and transparency of detection methods and facilitating decision-making.

Abstract: Processing sensitive data and deploying well-designed Intellectual Property (IP) cores on remote Field Programmable Gate Array (FPGA) are prone to private data leakage and IP theft. One effective solution is constructing Trusted Execution Environment (TEE) on FPGA-SoCs (FPGA System on Chips). Researchers have integrated this type TEE with Trusted Platform Module (TPM)-based trusted boot, denoted as FPGA-SoC tbTEE. But there is no effort on secure and trusted runtime customization of FPGA-SoC TEE. This paper extends FPGA-SoC tbTEE to build Runtime Customizable TEE (RCTEE) on FPGA-SoC by additive three major components (our work): 1) CrloadIP, which can load an IP core at runtime such that RCTEE can be adjusted dynamically and securely; 2) CexecIP, which can not only execute an IP core without modifying the operating system of FPGA-SoC TEE, but also prevent insider attacks from executing IPs deployed in RCTEE; 3) CremoAT, which can provide the newly measured RCTEE state and establish a secure and trusted communication path between remote verifiers and RCTEE. We conduct a security analysis of RCTEE and its performance evaluation on Xilinx Zynq UltraScale+ XCZU15EG 2FFVB1156 MPSoC.

Abstract: Cyber ranges mimic real-world cyber environments and are in high demand. Before building their own cyber ranges, organizations need to deeply understand what construction supplies are available to them. A fundamental supply is the cyber range architecture, which prompts an important research question: Which cyber range architecture is most appropriate for an organization's requirements? To answer this question, we propose an innovative framework to specify cyber range requirements, characterize cyber range architectures (based on our analysis of 45 cyber range architectures), and match cyber range architectures to cyber range requirements.

Abstract: This paper proposes a privacy-preserving and accountable billing (PA-Bill) protocol for trading in peer-to-peer energy markets, addressing situations where there may be discrepancies between the volume of energy committed and delivered. Such discrepancies can lead to challenges in providing both privacy and accountability while maintaining accurate billing. To overcome these challenges, a universal cost splitting mechanism is proposed that prioritises privacy and accountability. It leverages a homomorphic encryption cryptosystem to provide privacy and employs blockchain technology to establish accountability. A dispute resolution mechanism is also introduced to minimise the occurrence of erroneous bill calculations while ensuring accountability and non-repudiation throughout the billing process. Our evaluation demonstrates that PA-Bill offers an effective billing mechanism that maintains privacy and accountability in peer-to-peer energy markets utilising a semi-decentralised approach.

Abstract: This work presents an experimental evaluation of the detection performance of eight different algorithms for anomaly detection on the Controller Area Network (CAN) bus of modern vehicles based on the analysis of the timing or frequency of CAN messages. This work solves the current limitations of related scientific literature, that is based on private dataset, lacks of open implementations, and detailed description of the detection algorithms. These drawback prevent the reproducibility of published results, and makes it impossible to compare a novel proposal against related work, thus hindering the advancement of science. This paper solves these issues by publicly releasing implementations, labeled datasets and by describing an unbiased experimental comparisons.