Non-invasive Techniques Towards Recovering Highly Secure Unclonable Cryptographic Keys and Detecting Counterfeit Memory Chips

Authors

Bashir Mohammad Sabquat Bahar Talukder, Florida International UniversityFollow

Document Type

Dissertation

Degree

Doctor of Philosophy (PhD)

Major/Program

Electrical and Computer Engineering

First Advisor's Name

Md Tauhidur Rahman

First Advisor's Committee Title

Committee chair

Second Advisor's Name

Ou Bai

Second Advisor's Committee Title

committee member

Third Advisor's Name

A. Selcuk Uluagac

Third Advisor's Committee Title

committee member

Fourth Advisor's Name

Ananda Mohan Mondal

Fourth Advisor's Committee Title

committee member

Keywords

PUF, Memory-based PUF, Counterfeit IC, Counterfeit Memory, Semiconductor Supply-chain Security, Anti-counterfeiting, Manufacturer identification, Non-invasive Attack on Weak PUF, PUF Attack, PUF Modeling

Date of Defense

11-9-2021

Abstract

Due to the ubiquitous presence of memory components in all electronic computing systems, memory-based signatures are considered low-cost alternatives to generate unique device identifiers (IDs) and cryptographic keys. On the one hand, this unique device ID can potentially be used to identify major types of device counterfeitings such as remarked, overproduced, and cloned. On the other hand, memory-based cryptographic keys are commercially used in many cryptographic applications such as securing software IP, encrypting key vault, anchoring device root of trust, and device authentication for could services. As memory components generate this signature in runtime rather than storing them in memory, an attacker cannot clone/copy the signature and reuse them in malicious activity. However, to ensure the desired level of security, signatures generated from two different memory chips should be completely random and uncorrelated from each other. Traditionally, memory-based signatures are considered unique and uncorrelated due to the random variation in the manufacturing process. Unfortunately, in previous studies, many deterministic components of the manufacturing process, such as memory architecture, layout, systematic process variation, device package, are ignored. This dissertation shows that these deterministic factors can significantly correlate two memory signatures if those two memory chips share the same manufacturing resources (i.e., manufacturing facility, specification set, design file, etc.). We demonstrate that this signature correlation can be used to detect major counterfeit types in a non-invasive and low-cost manner. Furthermore, we use this signature correlation as side-channel information to attack memory-based cryptographic keys. We validate our contribution by collecting data from several commercially available off-the-shelf (COTS) memory chips/modules and considering different usage-case scenarios.

Identifier

FIDC010433

ORCID

https://orcid.org/0000-0001-6388-0509

Previously Published In

• Md Tauhidur Rahman, and B. M. S. Bahar Talukder. Systems and methods for identifying counterfeit memory. U.S. Patent Application 16/879,599, November 26, 2020.
• B. M. S. Bahar Talukder, Farah Ferdaus, and Md Tauhidur Rahman. Memory-based PUFs are Vulnerable as Well: A Non-invasive Attack against SRAM PUFs. IEEE Transactions on Information Forensics and Security, vol. 16, pp. 4035-4049, 2021.
• B. M. S. Bahar Talukder, Biswajit Ray, Domenic Forte, and Md Tauhidur Rahman. PreLatPUF: Exploiting DRAM Latency Variations for Generating Robust Device Signatures. IEEE Access, vol. 7, pp. 81106-81120, 2019.
• B. M. S. Bahar Talukder, Farah Ferdaus, and Md Tauhidur Rahman. A Non-invasive Technique to Detect Authentic/Counterfeit SRAM Chips (Under Review)., Available: https://arxiv.org/abs/2107.09199, 2021
• B. M. S. Bahar Talukder, Vineetha Menon, Biswajit Ray, Tempestt Neal, Md Tauhidur Rahman. Towards the Avoidance of Counterfeit Memory: Identifying the DRAM Origin. IEEE Hardware-Oriented Security and Trust Symposium (HOST), 2020, pp. 111-121.

Recommended Citation

Bahar Talukder, Bashir Mohammad Sabquat, "Non-invasive Techniques Towards Recovering Highly Secure Unclonable Cryptographic Keys and Detecting Counterfeit Memory Chips" (2021). FIU Electronic Theses and Dissertations. 4862.
https://digitalcommons.fiu.edu/etd/4862