Conference on Cryptographic Hardware and Embedded Systems 2018

Amsterdam, The Netherlands, September 9–12, 2018

Posters and Tutorials


The following posters will be presented at CHES 2018:

  • Comparison of two Setups for Contactless Power Measurements for Side-Channel Analysis.
    Arthur Beckers, Benedikt Gierlichs, Josep Balasch, and Ingrid Verbauwhede [pdf]
  • Security evaluations of SoC devices.
    Tiberiu Iorgulescu, Ionut, Gorgos, and Marios O. Choudary [pdf]
  • Algorithmic Protection of the AES Against DPA and DFA.
    Siemen Dhooghe [pdf]
  • True Random Number Generators Based on Time-to-Digital Conversion.
    Milos Grujic [pdf]
  • Thwarting Active Side-Channel Attacks of Ring Polynomial Multiplication in +Z/pZ[x]/(x^n+1) for Post-quantum Cryptography Benchmarked on ASIC.
    Ausmita Sarker, Mehran Mozaffari Kermani, and Reza Azarderakhsh [pdf]
  • Securing Hardware Design using STT-LUTs.
    Gaurav Kolhe and Houman Homayoun
  • A Side-Channel Attack Method against Truncated MAC CAN Message based on AUTOSAR Specification.
    Takaya Kubota, Mitsuru Shiozaki, and Takeshi Fujino [pdf]
  • Leakage Visualization in Side Channel Analysis using Deep Learning.
    Loïc Masure, Cécile Dumas, and Emmanuel Prouff [pdf]
  • Quantum Confinement as Security Elements.
    T. McGrath, R. Bernardo-Gavito, I.E. Bagci, C. Wang, B. Astbury, R.J. Young, U. Roedig [pdf]
  • Polynomial-based White-Box AES.
    Adrián Ranea and Bart Preneel [pdf]
  • A Proposal of Efficient Error Recovery Method Utilizing Output Characteristics of CMOS Image Sensor PUF.
    Masayoshi Shirahata, Shunsuke Okura, Takaya Kubota, Mitsuru Shiozaki, Kenichiro Ishikawa, Isao Takayangi, and Takeshi Fujino [pdf]
  • Enhanced Simple Power Analysis Attack on a Specific Class of Elgamal Cryptosystem.
    N. Mahdion, Pouya Habibi, Hadi Soleimany, and Farokhlagha Moazami [pdf]
  • Characterization of Physically Unclonable Function Circuits in Silicon Based on Layout.
    Joshua Trujillo [pdf]
  • Trusted Computing with CPU+FPGA.
    Furkan Turan and Ingrid Verbauwhede [pdf]
  • Side-Channel Finder for AVR.
    Florian Dewald, Heiko Mantel, and Alexandra Weber [pdf]
  • Fast, Furious and Insecure: Passive Keyless Entry and Start Systems in Modern Supercars.
    Lennert Wouters, Eduard Marin, Tomer Ashur, Benedikt Gierlichs, and Bart Preneel
  • Timing Leakage of Lattice-Based Schemes with Error Correction.
    Jan-Pieter D’Anvers
  • System-on-Chip for Lightweight Cryptography.
    Mohd Saufy Rohmad, Emilia Noorsal, Azilah Saparon, and Habibah Hashim [pdf]
  • Computer Aided Side Channel Analysis Design Environment.
    Danilo Sijacic, Josep Balasch, Bohan Yang, Santosh Ghosh, and Ingrid Verbauwhede [pdf]
  • Differential Power Analysis of SPARX-64/128.
    Sumesh Manjunath Ramesh and Hoda A. Alkhzaimi
  • Memristor-based PUF for Cryptographic Randomness.
    Hebatallah Ibrahim, Hoda A. Alkhzaimi, Sabina Abdul Hadi, Heba AbuNahla, and Baker Mohamed
  • sLiSCP-light: Towards Hardware Optimized Sponge-specific Cryptographic Permutations.
    Riham AlTawy, Raghvendra Rohit, Morgan He, Kalikinkar Mandal, Gangqiang Yang, and Guang Gong [pdf]


On Sunday, September 9, there will be two tutorials running in parallel:

Domenic J. Forte and Rajat Subhra Chakraborty: Counterfeit Integrated Circuits: Threats, Detection, and Avoidance

The business of counterfeit electronics, of which counterfeit integrated circuits (ICs) constitute a major component, is one of the largest illegal trades in the world. It is estimated that over 30% of all ICs currently in circulation are counterfeit, and additionally 1% of all ICs sold annually are counterfeit. How is this possible? The economics of the modern semiconductor industry has created an atmosphere that is very convenient for electronic counterfeiting and hardware intellectual property (IP) piracy. In the good old days, IC design companies were in complete control of their entire supply chain, including IC fabrication, packaging, testing, and distribution. Today, prohibitive costs associated with owning and operating IC fabrication facilities (or "fabs") has made this infeasible for all but a few companies. As a result, the model followed today is "fabless" or "fab-lite" where many of the aforementioned tasks are outsourced to facilities in a handful of countries. With lesser oversight of their supply chains, design houses are vulnerable to IP theft and counterfeiting. In addition, the new upgrade cycle associated with laptops, mobile devices, etc. is increasing the rate of IC obsolescence. This is a serious concern for legacy electronic systems that exist throughout civil and government infrastructure. Unable to go to the original chip manufacturers (OCMs), those tasked with maintaining legacy systems must pay exorbitant prices for obsolete chips from untrustworthy distributors - well known sources of counterfeits.

The widespread penetration of counterfeit ICs is of great concern for a variety of reasons, including but not limited to (i) the threat they pose to critical systems and cyber infrastructure, the welfare of society, and the environment, (ii) the substantial resources that their sale channels into groups that disrupt and corrupt society, such as organized crime and terrorism, (iii) the loss of business and market reputation of semiconductor and electronics companies, (iv) the negative impact they have on innovation, economic growth, and employment.

In this tutorial, we shall cover the following (a) threats and impacts of electronic counterfeiting and hardware IP piracy; (b) adversarial models including the supply chain vulnerabilities (from the nation state to do-it-yourself), counterfeit type taxonomy (recycled, remarked, overproduced, cloned, etc.), and counterfeit defect taxonomy; (c) the complete taxonomy of counterfeit detection and avoidance approaches (physical inspection, electrical tests, and design-for-anti-counterfeit) and their challenges/limitations; (d) cutting-edge microscopy, image processing, pattern recognition, and classification techniques for automated physical inspection; (e) advanced electrical tests aimed at detecting counterfeit commercial-off-the-shelf memories (SRAM, Flash, DRAM) and FPGAs; (f) novel primitives, sensors, and frameworks for end-to-end protection of new designs and IP; (g) IP encryption and the cryptographic flaws uncovered in the IEEE P1735 standard; (h) a summary of open problems and future research directions including formal treatment of counterfeit electronics in the tradition of modern cryptography, the feasibility of remote initialization and testing of chips, development of detection/avoidance techniques suitable for analog and mixed signal (AMS) chips, out-of-the-box methodologies for replacing legacy systems, and recommendations for benchmarking and standardization.

Sonia Belaïd and Benjamin Grégoire: Formal Verification of Masked Implementations

Masking is a popular countermeasure to protect implementations against differential power analysis. The security guarantees of software and also hardware masking can advantageously be captured through formal models. The existence of such models has been instrumental to the emergence of fully automated methods for analyzing masked implementations.

The tutorial will present an overview of formal analysis techniques and tools for masked implementations. We will start with a brief introduction on differential power analysis and masking and quickly get to a survey of existing models for evaluating the security of masked software and hardware implementations. It will include the threshold probing model, and its variants to support transitions and glitches, the noisy leakage model, and the bounded moment model. We shall then give a unified framework that captures all these settings. We will then give an overview of the different techniques and tools for proving security of concrete implementations in these models. We shall discuss their respective strengths based on a series of case studies including hardware and software implementations implemented at different masking orders. This first part of the tutorial will conclude with a demonstration of the maskverif tool, which can be used to verify gadgets at reasonably high orders.

The second part of the tutorial will discuss the problem of secure composition. It has been shown that popular security notions used in the context of masking do not compose if used without care. However, recent work provides solutions to this problem. We will describe available methods for achieving secure composition. In particular, we will define strong non-interference, and illustrate how it can be used for compositional proofs for larger gadgets such as S-boxes. This second part of the tutorial will conclude with two demonstrations. Namely, we shall give a demonstration of the maskcomp tool, which can be used to generate masked implementations at arbitrary orders, and we will give a demonstration of a very recent tool that also generates masked implementations at arbitrary orders but with less refreshing.

The last part of the tutorial will describe succinctly the problem of improving randomness complexity of masked implementations, and present an overview of existing works. Namely, recent improvements in the randomness complexity of strong gadgets like non-linear multiplications and refreshings will be presented.

Call for Posters

Following their success in previous events, the technical program at CHES 2018 will be supplemented by various additional activities. To this end, we invite proposals of interest for a poster presentation session to be held during the conference:

  • At the (informal) poster presentation session, authors display a prepared poster outlining, e.g., work in progress; this offers an ideal means of discussing and getting feedback on said work, and engaging with the wider CHES community.
  • Proposals are welcomed on {\em any} topic of broad interest to the CHES community: the stated topics of interest for CHES 2018 should not be interpreted as a limit.
  • Rather than a poster, the proposal should be a 1-page PDF clearly stating the following information:
    • a title,
    • an author (or list thereof), including name, affiliation, and email address,
    • an abstract of up to 500 words.
  • Proposals (and/or any questions) should be submitted by email to Sonia Belaïd <> (Poster Session Chair), noting the following deadlines:

    Submission: 30 June 2018
    Notification: 30 Jule 2018

  • Although the deadline has now passed, we will continue to accept poster submissions on a first- come, first-served basis until the venue capacity is reached.

  • The notification of acceptance will specify any further logistical details required. However, note that
    • at least one author for each poster must be available for discussion during the CHES 2018 poster session,
    • to match the display boards available, each poster must have an A0 portrait format,
    • the author(s) of each poster are responsible for printing and and shipping it.