Wael Adi

Ayoub Mars, Hussam Ghandour, Wael Adi

Secret Unknown Ciphers (SUC) have been proposed recently as digital clone-resistant functions overcoming some of Physical(ly) Unclonable Functions (PUF) downsides, mainly their inconsistency because of PUFs analog nature. In this paper, we propose a new practical mechanism for creating internally random ciphers in modern volatile and non-volatile SoC FPGAs, coined as SRAM-SUC. Each created random cipher inside a SoC FPGA constitutes a robust digital PUF. This work also presents a class of involutive SUCs, optimized for the targeted SoC FPGA architecture, as sample realization of the concept; it deploys a generated class of involutive 8-bit S-Boxes, that are selected randomly from a defined large set through an internal process inside the SoC FPGA. Hardware and software implementations show that the resulting SRAM-SUC has ultra-low latency compared to well-known PUF-based authentication mechanisms. SRAM-SUC requires only $2.88/0.72 μs$ to generate a response for a challenge at 50/200 MHz respectively. This makes SRAM-SUC a promising and appealing solution for Ultra-Reliable Low Latency Communication (URLLC).

Ayoub Mars, Ahmad Abadleh, Wael Adi

Direct Mobile-to-Mobile communication mode known also as Device-to-Device (D2D) communication is expected to be supported in the 5G mobile system. D2D communication aims to improve system spectrum efficiency, overall system throughput, energy efficiency and reduce the connection delay between devices. However, new security threats and challenges need to be considered regarding device and user authentication to avoid unauthorized access, abuse and attacks on the whole system. In this paper, a strong standalone authentication technique therefore is proposed. It is based on combining users biometric identities and a new clone-resistant device identity. The novel property of the proposal is that it is fully independent on both device manufacturer and mobile system operator. The biometric identity deploys user keystroke dynamics and accelerometer to generate user biometric identity by deploying a machine learning technique. The proposed mobile device clone-resistant identity is based on deploying a new concept of a pure digital clone-resistant structure which is both manufacturer and mobile operator-independent. When combining both identities, a mutually authenticated D2D secured link between any two devices can be established in addition to a strong user-device authentication. Furthermore, the concept does not allow the managing trusted authority to intercept users private links. Being an independent and standalone system, the technique would offer a broad spectrum of attractive future smart applications over the 5G mobile system infrastructure.

Ayoub Mars, Wael Adi

The concept of Secret Unknown Ciphers (SUCs) was introduced a decade ago as a new visionary concept without devising practical real-world examples. The major contribution of this work is to show the feasibility of "self-mutating" unknown cipher-modules for physical security applications in a non-volatile FPGA environment. The mutated devices may then serve as clone-resistant physical units. The mutated unpredictable physical-digital modules represent consistent and low-cost physical identity alternatives to the traditional analog Physically Unclonable Functions (PUFs). PUFs were introduced two decades ago as unclonable analog physical identities which are relatively complex and suffer from operational inconsistencies. We present a novel and practical SUC-creation technique based on pre-compiled cipher-layout-templates in FPGAs. A devised bitstream-manipulator serves as "mutation generator" to randomly-manipulate the bitstream without violating the FPGA design rules. Two large cipher classes (class-size larger than $2^{1000}$) are proposed with optimally designed structure for a non-volatile FPGA fabric structure. The cipher-mutation process is just a simple random unknown-cipher-selection by consulting the FPGA's internal True Random Number Generator (TRNG). The security levels and qualities of the proposed ciphers are evaluated. The attained security levels are scalable and even adaptable to the post-quantum cryptography. The hardware and software complexities of the created SUCs are experimentally prototyped in a real field FPGA technology to show very promising results.

Ayoub Mars, Wael Adi

A new large class of $2^{100}$ possible stream ciphers as keystream generators KSGs, is presented. The sample cipher-structure-concept is based on randomly selecting a set of 16 maximum-period Nonlinear Feedback Shift Registers (NLFSRs). A non-linear combining function is merging the 16 selected sequences. All resulting stream ciphers with a total state-size of 223 bits are designed to result with the same security level and have a linear complexity exceeding $2^{81}$ and a period exceeding $2^{161}$. A Secret Unknown Cipher (SUC) is created randomly by selecting one cipher from that class of $2^{100}$ ciphers. SUC concept was presented recently as a physical security anchor to overcome the drawbacks of the traditional analog Physically Unclonable Functions (PUFs). Such unknown ciphers may be permanently self-created within System-on-Chip SoC non-volatile FPGA devices to serve as a digital clone-resistant structure. Moreover, a lightweight identification protocol is presented in open networks for physically identifying such SUC structures in FPGA-devices. The proposed new family may serve for lightweight realization of clone-resistant identities in future self-reconfiguring SoC non-volatile FPGAs. Such self-reconfiguring FPGAs are expected to be emerging in the near future smart VLSI systems. The security analysis and hardware complexities of the resulting clone-resistant structures are evaluated and shown to exhibit scalable security levels even for post-quantum cryptography.

Wael Adi, Ayoub Mars

Cloning spare parts and entities of mass products is an old and serious unsolved problem for the automotive industry. The economic losses in addition to a loss of know-how and IP theft as well as security and safety threats are huge in all dimensions. This presentation gives an overview of the traditional state of the art on producing clone resistant electronic units in the last two decades. A survey is attempting to demonstrate the techniques so far known as Physically Unclonable Functions PUFs showing their advantages and drawbacks. The necessity for fabricating mechatronic-security in the vehicular environment is emerging to become a vital requirement for new automotive security regulations (legal regulations) in the near future. The automotive industry is facing a challenge to produce low-cost and highly safe and secure networked automotive systems. The emerging networked smart traffic environment is offering new safety services and creating at the same time new needs and threats in a highly networked world. There is a crying need for automotive security that approaches the level of the robust biological security for cars as dominating mobility actors in the modern smart life environment. Possible emerging technologies allowing embedding practical mechatronic-security modules as a low-cost digital alternative are presented. Such digital clone-resistant mechatronic-units (as Electronic Control Units ECUs) may serve as smart security anchors for the automotive environment in the near future. First promising initial results are also presented.