Memory deduplication shares same-content memory pages and reduces the consumption of physical memory. It is effective on environments that run many virtual machines with same operating system. deduplication, however, vulnerable to disclosure attacks, which reveal existence an application or file another machine. Such attack takes advantage a difference in write access times deduplicated are re-created by Copy-On-Write. In our experience KSM (kernel samepage merging) KVM machine, could detect...

A Trusted Execution Environment (TEE) sets a platform to secure applications based on the Chain-of-Trust (CoT). The starting point of CoT is called Root-of-Trust (RoT). However, RoT implementation often relies obscurity and provides little flexibility when generating keys system. In this paper, TEE System-on-a-Chip (SoC) architecture proposed heterogeneous design by combining 64-bit Linux-capable processors with 32-bit Micro-Controller Unit (MCU). built cores, while MCU takes care sensitive...

All cryptography systems have a True Random Number Generator (TRNG). In the process of validating, these are necessary for prototyping in Field Programmable Gate Array (FPGA). However, TRNG uses an entropy source based on non-deterministic effects challenging to replicate FPGA. This work shows problems and solutions implement frequency collapse multimodal Ring Oscillators (RO). The implemented FPGA pass all SP800-90B tests from National Institute Standards Technology (NIST) with good...

A trusted execution environment (TEE) is a new hardware security feature that isolated from normal OS (i.e., rich (REE)). The TEE enables us to run critical process, but the behavior invisible for security, which makes it difficult debug and tune performance. In addition, hardware/software architectures of are different CPUs. For example, Intel SGX allows user-mode only, although ARM TrustZone RISC-V Keystone OS. each has SDK programming cannot write common program. These features make...

Determining whether two or more packages cannot be installed together is an important issue in the quality assurance process of package-based distributions. Unfortunately, sheer number different configurations to test makes this task particularly challenging, and hundreds such incompatibilities go undetected by normal testing distribution until they are later reported a user as bugs that we call "conflict defects". We performed extensive case study conflict defects extracted from bug...

The Trusted Execution Environment (TEE) offers a software platform for secure applications. TEE memory isolation scheme and authentication from high privilege mode. procedure uses different algorithms such as hashes signatures, to authenticate the application secure. Although hardware has been defined isolation, security often are executed using implementations. In this paper, RISC-V system compatible with TEEs featuring algorithm accelerators is presented. SHA-3 hash Ed25519 elliptic curve...

Fully depleted silicon-on-insulator (FD-SOI) technology is renowned for its back-gate bias voltage controllability. It allows devices fabricated with FD-SOI to be optimized low power consumption or high performance proper biases, depending on the required application. This article proposes using biasing technique in novel countermeasures against analysis attacks. Theoretical explanations are discussed, and realistic differential (DPA) attacks, targeting AES-128 encryption a 65-nm STOB 32-bit...

Many IoT devices are geographically distributed without human administrators, which maintained by a remote server to enforce security updates, ideally through machine-to-machine (M2M) management. However, malware often terminates the control mechanism immediately after compromise and hijacks device completely. The compromised has no way recover becomes part of botnet. Even if remains uncompromised, it is required update due recall or other reasons. In addition, desired be automatically...

Memory deduplication improves the utilization of physical memory by sharing identical blocks data. Although is most effective when many virtual machines with same operating systems run on a CPU, cross-user covert channel and causes serious disclosure attack. It reveals existence an application or file another machine. The difference in write access time deduplicated pages that are re-created Copy-On-Write, but it has some interferences caused execution environments. This paper indicates...

True Random Number Generator (TRNG) is used in many applications, generally for generating random cryptography keys. In this way, the trust of system depends on quality numbers generated. However, entropy fluctuations produced by external perturbations generate some false positives sequence. These can a disastrous scenario, depending application. This work presents results different tests to demonstrate robustness and health TRNG based frequency collapse. The passed all provided NIST...

Today, Hash-based Message Authentication Code with Secure Hash Algorithm 2 (HMAC-SHA2) is widely used in modern protocols, such as Internet Protocol Security (IPSec) and Transport Layer (TLS). Many authors proposed their HMAC-SHA2 hardware implementations. Some targeted a high-performance design, while others aimed to satisfy an area constraint. Those implementations are acceptable for applications that require only low-cost or high throughput. However, some applications, Software-Defined...

Current AI&IoT edge devices run complex applications and are under the threat of stealthy attacks that not easily detected by traditional security systems. Provenance auditing is a promising technique for determining ramification an attack from DAG (Directed Acyclic Graph) event logs. However, original provenance was designed personal computers suitable devices. Therefore, introducing on raises following three problems. (1) have relatively powerful CPUs, but they enough auditing. (2) Most...

Cryptographic System-on-Chips (SoCs) are becoming more and popular. In these systems, cryptographic accelerators integrated with processor cores to provide users the software's flexibility hardware's high performance. First, this work aimed confirm vulnerability of SoCs against several types power analysis attacks. Then, novel Random Dynamic Frequency Scaling (RDFS) countermeasure is proposed improve resistance such systems. The RDFS improved while maintaining low-performance overhead...

In this paper, a 32-bit RISC-V microcontroller in 65-nm Silicon-On-Thin-BOX (SOTB) chip is presented. The system developed based on the VexRiscv Central Processing Unit (CPU) with Instruction Set Architecture (ISA) extensions of RV32IM. Besides core processor, System-on-Chip (SoC) contains 8KB boot ROM, 64KB on-chip memory, UART controller, SPI timer, and GPIOs for LEDs switches. ROM has 7KB hard-code combinational logics 1KB stack SRAM. proposed SoC performs Dhrystone Coremark benchmarks...

The Universal Serial Bus (USB) supports a diverse and wide-ranging set of device types. To enable ease use, USB devices are automatically detected classified by common operating systems, without any authentication. This trust-by-default design principle can be easily exploited, led to numerous attacks in the past (e.g., Stuxnet, BadUSB, BadAndroid), specifically targeting high-value organizations. Administrators' efforts prevent these may also threatened unscrupulous users who insert device,...

The trusted execution environment protects data by taking advantage of memory isolation schemes. Most the software implementations on security enclaves offer a framework that can be implemented any processor architecture. Assuming privilege escalation is not possible through means, only way to access protected over authentication driver in kernel mode. However, use hardware back-doors cannot prevent more privileged modes. Implementation kernel-mode allows reading sensitive regions memory. In...