Uncategorized

Describe a potential attack instance when the design house is trusted in the PCB manufacturing process. Illustrate the scenario with an appropriate case study. 1. What would be an attack instance on PCBs manufactured in untrusted design houses? Describe with a relevant case study. 2. What are the possible attacks on PCBs? Explain the taxonomy […]

Briefly discuss the major characteristic differences between PUFs, TRNGs, and DfACs. 1. Briefly discuss the quality metrics used to evaluate PUFs and TRNGs. 2. Explain why RO-PUFs tend to produce more erroneous responses due to runtime noise and aging compared to traditional arbiter-PUFs. 3. Briefly describe what security primitives (strong PUFs, weak PUFs, or TRNGs)

Ideally, PUFs should have 50% intra-Hamming distance. Ideally, TRNGs should have 50% intra-Hamming distance. Frequency injection attack on an oscillator-based TRNG reduces the throughput, but entropy remains the same.

Depending on the startup behavior, the SRAM-array can be used both as a PUF and a TRNG. 1. Runtime variation (such as power supply noise and Vdd fluctuations) is good for PUFs, but unacceptable for TRNGs. 2. DfAC structures, such as CDIR sensors, utilize aging phenomena for detecting prior usages of the IC.

Explain how you can increase the security of the response of a weak PUF (used for key generation) against possible guessing or side-channel attacks. 1. Briefly explain the major challenges that PUFs and TRNGs suffer.

Briefly explain the differences between a TRNG and a PRNG? Which one of them would you consider, if you were only interested in: (a) High entropy. (b) High speed. (c) Low runtime noise.

Consider two types of PUFs, namely “M” and “N”. Their intra- and inter-hamming distances are presented in Fig. 12.22. Explain which type of the two PUFs serves better for the following applications: (a) authentication, (b) key generation.

How potential vulnerabilities can be introduced by design mistakes? Show an example. 1. How potential vulnerabilities can be introduced by CAD tools? Show an example. 2. Describe the principle of the following tests: (i) Fuzzing, (ii) Negative Testing, (iii) Penetration Testing. 3. How does the “Hiding Mechanisms” protect against side-channel attacks?

Describe the “Assets” that can be found in a SoC. 1. How can the entropy asset be exploited? 2. How can a scan-based attack be performed remotely? Show an example. 3. Explain the differences between semi-invasive and invasive attack. 4. Describe the capabilities of an “Insider” attacker. What kind of attacks can an “Insider” perform?

Random number can be an asset. Remote attackers cannot perform attacks exploiting scan structure. Injecting faults to modify SRAM contents is a semi-invasive attack. Side-channel attacks fall into invasive attack category. Vulnerabilities associated with don’t-care states are introduced in the RTL stage. Vulnerabilities associated with DFT structure are introduced in the gate-level stage.