A Nonvolatile Flip-Flop-Enabled Cryptographic Wireless Authentication Tag With Per-Query Key Update and Power-Glitch Attack Countermeasures

Hyung Min Lee, Chiraag S. Juvekar, Joyce Kwong, Anantha P. Chandrakasan

Research output: Contribution to journalArticle

1 Citation (Scopus)

Abstract

Counterfeiting is a major issue plaguing global supply chains. In order to mitigate this problem, a wireless authentication tag is presented that implements a cryptographically secure pseudorandom number generator and authenticated encryption modes. The tag uses Keccak, the cryptographic core of SHA3, to update keys before each protocol invocation, limiting side-channel leakage. Power-glitch attacks are mitigated through state backup on ferroelectric capacitor-based nonvolatile flip-flops with a fully integrated energy backup storage, which needs a 2.2 × smaller area compared with conventional approaches. The 130 nm CMOS tag harvests wireless power through a 433 MHz inductive link and communicates with a reader by a pulse-based modulation that minimizes the wireless power dead time. The proposed regulating voltage multiplier simultaneously rectifies, boosts, and regulates a >0.55 V ac input to a 1.5 V supply voltage with <1.1% line and load regulation while requiring only one on-chip decoupling capacitor. The bidirectional data telemetry operates at 125 kb/s, while requiring 4% (downlink) and 6.25% (uplink) duty cycles. Full system operation including the tag, reader, and server protocol is demonstrated in the presence of worst-case power interruption events.

Original languageEnglish
Article number7797557
Pages (from-to)272-283
Number of pages12
JournalIEEE Journal of Solid-State Circuits
Volume52
Issue number1
DOIs
Publication statusPublished - 2017 Jan 1
Externally publishedYes

Fingerprint

Flip flop circuits
Authentication
Capacitors
Network protocols
Electric potential
Telemetering
Energy storage
Supply chains
Cryptography
Ferroelectric materials
Telecommunication links
Servers
Modulation

Keywords

  • Authentication tag
  • cryptographic engine
  • encryption
  • energy backup
  • ferroelectric capacitor (FeCap)
  • inductive link
  • power-glitch attack
  • pulse-based wireless telemetry
  • side-channel attack
  • wireless power transfer

ASJC Scopus subject areas

  • Electrical and Electronic Engineering

Cite this

A Nonvolatile Flip-Flop-Enabled Cryptographic Wireless Authentication Tag With Per-Query Key Update and Power-Glitch Attack Countermeasures. / Lee, Hyung Min; Juvekar, Chiraag S.; Kwong, Joyce; Chandrakasan, Anantha P.

In: IEEE Journal of Solid-State Circuits, Vol. 52, No. 1, 7797557, 01.01.2017, p. 272-283.

Research output: Contribution to journalArticle

@article{302599256ddc4495a5cadf6714452642,
title = "A Nonvolatile Flip-Flop-Enabled Cryptographic Wireless Authentication Tag With Per-Query Key Update and Power-Glitch Attack Countermeasures",
abstract = "Counterfeiting is a major issue plaguing global supply chains. In order to mitigate this problem, a wireless authentication tag is presented that implements a cryptographically secure pseudorandom number generator and authenticated encryption modes. The tag uses Keccak, the cryptographic core of SHA3, to update keys before each protocol invocation, limiting side-channel leakage. Power-glitch attacks are mitigated through state backup on ferroelectric capacitor-based nonvolatile flip-flops with a fully integrated energy backup storage, which needs a 2.2 × smaller area compared with conventional approaches. The 130 nm CMOS tag harvests wireless power through a 433 MHz inductive link and communicates with a reader by a pulse-based modulation that minimizes the wireless power dead time. The proposed regulating voltage multiplier simultaneously rectifies, boosts, and regulates a >0.55 V ac input to a 1.5 V supply voltage with <1.1{\%} line and load regulation while requiring only one on-chip decoupling capacitor. The bidirectional data telemetry operates at 125 kb/s, while requiring 4{\%} (downlink) and 6.25{\%} (uplink) duty cycles. Full system operation including the tag, reader, and server protocol is demonstrated in the presence of worst-case power interruption events.",
keywords = "Authentication tag, cryptographic engine, encryption, energy backup, ferroelectric capacitor (FeCap), inductive link, power-glitch attack, pulse-based wireless telemetry, side-channel attack, wireless power transfer",
author = "Lee, {Hyung Min} and Juvekar, {Chiraag S.} and Joyce Kwong and Chandrakasan, {Anantha P.}",
year = "2017",
month = "1",
day = "1",
doi = "10.1109/JSSC.2016.2611678",
language = "English",
volume = "52",
pages = "272--283",
journal = "IEEE Journal of Solid-State Circuits",
issn = "0018-9200",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
number = "1",

}

TY - JOUR

T1 - A Nonvolatile Flip-Flop-Enabled Cryptographic Wireless Authentication Tag With Per-Query Key Update and Power-Glitch Attack Countermeasures

AU - Lee, Hyung Min

AU - Juvekar, Chiraag S.

AU - Kwong, Joyce

AU - Chandrakasan, Anantha P.

PY - 2017/1/1

Y1 - 2017/1/1

N2 - Counterfeiting is a major issue plaguing global supply chains. In order to mitigate this problem, a wireless authentication tag is presented that implements a cryptographically secure pseudorandom number generator and authenticated encryption modes. The tag uses Keccak, the cryptographic core of SHA3, to update keys before each protocol invocation, limiting side-channel leakage. Power-glitch attacks are mitigated through state backup on ferroelectric capacitor-based nonvolatile flip-flops with a fully integrated energy backup storage, which needs a 2.2 × smaller area compared with conventional approaches. The 130 nm CMOS tag harvests wireless power through a 433 MHz inductive link and communicates with a reader by a pulse-based modulation that minimizes the wireless power dead time. The proposed regulating voltage multiplier simultaneously rectifies, boosts, and regulates a >0.55 V ac input to a 1.5 V supply voltage with <1.1% line and load regulation while requiring only one on-chip decoupling capacitor. The bidirectional data telemetry operates at 125 kb/s, while requiring 4% (downlink) and 6.25% (uplink) duty cycles. Full system operation including the tag, reader, and server protocol is demonstrated in the presence of worst-case power interruption events.

AB - Counterfeiting is a major issue plaguing global supply chains. In order to mitigate this problem, a wireless authentication tag is presented that implements a cryptographically secure pseudorandom number generator and authenticated encryption modes. The tag uses Keccak, the cryptographic core of SHA3, to update keys before each protocol invocation, limiting side-channel leakage. Power-glitch attacks are mitigated through state backup on ferroelectric capacitor-based nonvolatile flip-flops with a fully integrated energy backup storage, which needs a 2.2 × smaller area compared with conventional approaches. The 130 nm CMOS tag harvests wireless power through a 433 MHz inductive link and communicates with a reader by a pulse-based modulation that minimizes the wireless power dead time. The proposed regulating voltage multiplier simultaneously rectifies, boosts, and regulates a >0.55 V ac input to a 1.5 V supply voltage with <1.1% line and load regulation while requiring only one on-chip decoupling capacitor. The bidirectional data telemetry operates at 125 kb/s, while requiring 4% (downlink) and 6.25% (uplink) duty cycles. Full system operation including the tag, reader, and server protocol is demonstrated in the presence of worst-case power interruption events.

KW - Authentication tag

KW - cryptographic engine

KW - encryption

KW - energy backup

KW - ferroelectric capacitor (FeCap)

KW - inductive link

KW - power-glitch attack

KW - pulse-based wireless telemetry

KW - side-channel attack

KW - wireless power transfer

UR - http://www.scopus.com/inward/record.url?scp=85010061513&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85010061513&partnerID=8YFLogxK

U2 - 10.1109/JSSC.2016.2611678

DO - 10.1109/JSSC.2016.2611678

M3 - Article

VL - 52

SP - 272

EP - 283

JO - IEEE Journal of Solid-State Circuits

JF - IEEE Journal of Solid-State Circuits

SN - 0018-9200

IS - 1

M1 - 7797557

ER -