FortifyIQ: Hardware Security Verification


What’s the best way to protect against side-channel attacks? FortifyIQ believes the answer lies at least partly in the verification process. Side channel and fault-injection attacks have been garnering more attention lately as hackers continue to branch out from software to a combination of software and hardware. This is especially worrying for safety-critical applications, such as automot... » read more

Quantifiable Assurance: From IPs to Platforms


Abstract: "Hardware vulnerabilities are generally considered more difficult to fix than software ones because of their persistent nature after fabrication. Thus, it is crucial to assess the security and fix the potential vulnerabilities in the earlier design phases, such as Register Transfer Level (RTL), gate-level or physical layout. The focus of the existing security assessment techniques i... » read more

An End-to-End Bitstream Tamper Attack Against Flip-Chip FPGAs


Abstract "FPGA bitstream encryption and authentication can be defeated by various techniques and it is critical to understand how these vulnerabilities enable extraction and tampering of commercial FPGA bitstreams. We exploit the physical vulnerability of bitstream encryption keys to readout using failure analysis equipment and conduct an end-to-end bitstream tamper attack. Our work undersco... » read more

Why It’s So Difficult — And Costly — To Secure Chips


Rising concerns about the security of chips used in everything from cars to data centers are driving up the cost and complexity of electronic systems in a variety of ways, some obvious and others less so. Until very recently, semiconductor security was viewed more as a theoretical threat than a real one. Governments certainly worried about adversaries taking control of secure systems through... » read more

AI/ML Workloads Need Extra Security


The need for security is pervading all electronic systems. But given the growth in data-center machine-learning computing, which deals with extremely valuable data, some companies are paying particular attention to handling that data securely. All of the usual data-center security solutions must be brought to bear, but extra effort is needed to ensure that models and data sets are protected ... » read more

A Deeper Look into RowHammer’s Sensitivities: Experimental Analysis of Real DRAM Chips and Implications on Future Attacks and Defenses


Abstract "RowHammer is a circuit-level DRAM vulnerability where repeatedly accessing (i.e., hammering) a DRAM row can cause bit flips in physically nearby rows. The RowHammer vulnerability worsens as DRAM cell size and cell-to-cell spacing shrink. Recent studies demonstrate that modern DRAM chips, including chips previously marketed as RowHammer-safe, are even more vulnerable to RowHammer than... » read more

2021 CWE Most Important Hardware Weaknesses


"The 2021 CWE™ Most Important Hardware Weaknesses is the first of its kind and the result of collaboration within the Hardware CWE Special Interest Group (SIG), a community forum for individuals representing organizations within hardware design, manufacturing, research, and security domains, as well as academia and government. The goals for the 2021 Hardware List are to drive awarenes... » read more

Security Research Bits


A number of hardware security-related technical papers were presented at the August 2021 USENIX Security Symposium. The organization provides open access research, and the presentation slides and papers are free to the public. Topics include side-channel attacks and defenses, embedded security, hardware security tokens, and more. Here are some highlights with associated links:   [tab... » read more

PTAuth: Temporal Memory Safety via Robust Points-to Authentication


Authors: Reza Mirzazade Farkhani, Mansour Ahmadi, and Long Lu, Northeastern University Abstract: "Temporal memory corruptions are commonly exploited software vulnerabilities that can lead to powerful attacks. Despite significant progress made by decades of research on mitigation techniques, existing countermeasures fall short due to either limited coverage or overly high overhead. Further... » read more

Database Reconstruction from Noisy Volumes: A Cache Side-Channel Attack on SQLite


Authors: Aria Shahverdi, University of Maryland; Mahammad Shirinov, Bilkent University; Dana Dachman-Soled, University of Maryland Abstract: "We demonstrate the feasibility of database reconstruction under a cache side-channel attack on SQLite. Specifically, we present a Flush+Reload attack on SQLite that obtains approximate (or "noisy") volumes of range queries made to a private database... » read more

← Older posts Newer posts →