Secure Computation Laboratory

Charles H. Knapp Associate Professor Marten van Dijk

Advertisment

Chenglu Jin

PhD Student
Office: ITE 423
chenglu.jin@uconn.edu

Biography

Chenglu is a Ph.D. student and research assistant at University of Connecticut, Electrical and Computer Engineering Department, advised by Dr. Marten van Dijk. He joined UCONN in summer 2014 after graduating from New York University with a Master of Science degree in Computer Engineering. He obtained his Bachelor degree in Xidian University, China. Generally, he is interested in all kinds of security research. Also, with his strong hardware background, his main research area is hardware security and hardware-assisted system security.

Research Interests

  • Physical Unclonable Function (Interface) Design, Attack and Application
  • Supply Chain Security
  • Hardware Trojan Design and Detection
  • Fault Attack and Concurrent Error Detection
  • Side Channel Analysis and Countermeasures

Current Projects

  • Forward and Backward Secure Key Management

    Recent years have shown the fallacy of Certificate Authorities (CAs); insiders are able to steal master signing keys and impersonate certificates, exploitation of system vulnerabilities and other means of infiltration allow attackers to gain access to CAs and copy their keys, etc. At stake is the mere survival of public key infrastructures as trust in them is bootstrapped from trust in certificates that bind public keys to known identities. The current attack surface exposed by CAs makes trust in their issued certificates questionable. Cryptography has found a partial solution with its introduction of forward security. The main problem, however, is what the current stolen key tells about to be used future keys for signing future certificates.

    A secure solution must rely on unclonable true randomness, which is not a straightforward exercise since newly generated secret keys need certain algebraic properties in order to offer forward security and newly reconfigured secret keys through tampering of digital state by an attacker should be revoked before the attacker is even able to sign valid certificates. We introduce a new notion of backward security which allows the legitimate owner of a reconstructed secret key to detect whether this key is known to another party before the owner will start using the key. We propose Programmable Logically Erasable PUFs, a new hardware security primitive based on a Physical Unclonable Function (PUF) which, given a PUF challenge, allows one to program the max number of times the PUF is allowed to measure the response corresponding to the challenge (after which the challenge response pair can be viewed as being erased). The above leads to efficient self-recovering certificate authorities; these CAs which in the presence of an adversary are able to recover from any impersonation attack by (a) revoking signing keys known to the adversary before the CA is going to use them and by (b) using a non-compromised signing key sequence (which exists with overwhelming probability) to replace the revoked ones.

  • Security Analysis of DARPA's SHIELD Protocols

    With the globalization of semiconductor production, out-sourcing IC fabrication has become a trend in various aspects. This, however, introduces serious threats from the entire untrusted supply chain. To combat these threats, DARPA (Defense Advanced Research Projects Agency) has proposed the SHIELD (Supply Chain Hardware Integrity for Electronics Defense) program to design a secure hardware root-of-trust, called dielet, to be inserted into the host package of legitimately produced ICs. Dielets are RF powered and communicate with the outside world through their RF antennas. They have sensors which allow them to passively (without the need for power) record malicious events which can later be read out during an authentication protocol between the dielet and server with a smartphone as intermediary.

    First, we break DARPA's protocol by exploiting the weakness of deterministic encryption. Second, we propose secure and efficient authentication and initialization protocols for SHIELD to fix the loophole discovered by us. Third, we characterize the threat models into different categories based on the capability of the attackers. Also, in order to prove the security of our proposed protocols, we have a comprehensive formal analysis of them.

  • HaTCh: A Formal Framework of Hardware Trojan Design and Detection

    State of the art research has shown that existing HT detection techniques, which claim to detect all publicly available HT benchmarks, can still be defeated by carefully designing new sophisticated HTs. The reason being that these techniques consider the HT landscape to be limited only to the publicly known HT benchmarks.

    In this work, we present HaTCh, a pre-silicon logic testing based powerful detection algorithm which detects any HT from an exponentially large class of deterministic HTs with overwhelming probability. Given certain global characteristics regarding the stealthiness of the HT within this class, the computational complexity of our algorithm for practical HTs scales polynomially with the number of wires in the IP core. We argue that those HTs that fall outside the characterized class use HT design principles that allow HTs which can never be detected within the pre-silicon logic testing based paradigm.

Publications

  • Guo, X.,Jin, C., Papadimitriou, A., Hely, D., and Karri, R."Can Algorithm Diversity in Stream Cipher Implementation Thwart (Natural and) Malicious Faults?", IEEE Transactions on Emerging Topics in Computing , 2015
  • Guo, X., Karimi, N., Regazzoni, F., Jin, C., and Karri, R. "Simulation and analysis of negative-bias temperature instability aging on power analysis attacks", IEEE International Symposium on Hardware Oriented Security and Trust (HOST), 2015
  • Guo, X., Mukhopadhyay, D., Jin, C., and Karri, R."Security analysis of concurrent error detection against differential fault analysis", Journal of Cryptographic Engineering , 2014
  • Guo, X., Mukhopadhyay, D., Jin, C., and Karri, R."NREPO: normal basis recomputing with permuted operands", IEEE International Symposium on Hardware Oriented Security and Trust (HOST) , 2014