Research Blog

Aragon is an outdoor cat who can get rid of any collar, if he wanted to, with a neat Houdini-like trick. Aragon needs to be chipped.

I found the idea of a virus carrying pet-tag to be far-fetched, and mildly amusing – until now. As I shop online for ‘microchips’, I am concerned about how secure these tags are.

- Are they re-programmable? Could somebody change the id on the tag, and register the cat as his own?
- Are they cloneable? Maybe it is safer to have cloneable pet tags, for the the same reasons that apply to implanted authentication devices.

It’s hard to imagine why an attacker would target a cat. Maybe it would help to look at the scenario objectively.

- Purebred cats can be expensive. A Turkish Van cat could cost as much as $800 with shipping. This could be a good incentive for an attacker to modify an innocent-looking pet tag.
- Access to pet-doors can be given to the tag.

I have ordered a homeagain pet tag for $16 from CountrySidePet. I will run some experiments on it, and see how it works…

This is not an error window. It is a cryptic message which really says – Welcome to the world of VLSI tools

There was an ulterior motive to dual booting and shrinking myprecious 80GB Hdd.

I can now run Synopsys tools on my Ubuntu partition Went through a dozen pdfs that linked to a dozen more on solvnet. But it all fit in together in the end.

Let my happy yaay’s echo through the empty corridors of cyberspace!

I Vista. I Ubuntu. I Dual-Boot.

Vista by day. Ubuntu by night. Geek-ier by the day

Dual booting is soo overrated. It’s as simple as:
1. Use Vista’s Disk management tools to create a new partition.*
2. Burn yourself an Ubuntu CD.
3. Boot from CD.
4. Install Ubuntu into your brand new parition.*

*Some hiccups in these steps

The paper to be discussed today is this. This paper explores fairness in online bit torrent systems. Usually, the fastest or the most altrusitic nodes reap the maximum benefits of the existing fairness-system. So although dial-up users may give away a big percentage of their bandwidth for upload, they would still not be considered as slow or selfish. This scenario can be modified by using ecash. The paper explains a modified protocol for verifying offline ecash, while not linking coins to users, unless coins are used twice. It then introduces a new protocol for bartering ecoins and not creating new coins for each transaction. All this is done without adding an overhead as far as privacy in bit torrents goes.

What I do not understand about this protocol is –
1. If a user has to deposit some cash into the account of every new user he invites, it might discourage him from sending out invites.
2. If a user does send out an invite, it would only because he knows his invitee has something to offer. This should work both ways – does the user have some files that the invitee needs?
3. Now if they know this information about each other already, they are networked socially online or for real already. They could use other methods of file exchange like file transfers within IMS.
4. Coaxing users to trade real-life money for ecoins may not be trivial.
5. The definition of bandwidth intensive tasks is somewhat hazy, and users may not want to perform bandwidth intensive tasks without knowing the quality of service being offered by the torrent provider.

This whole architecture may limit the shared content in the network.

UMass has released a blog directory. You can see it right here: http://blogs.umass.edu/directory/

A few pointers –

You can choose to not have your blog listed in the directory in the Privacy settings.

You can have your blog listed, but make your ‘personal’ posts invisible. Mark the private posts as private!

As a rule, put nothing personal online. Diaryland days are over. You don’t know who is watching!

To get the global nosey-parker Google off your back – use the no-index, no-follow tags.

Lots of things can go wrong when things that should be private go public. Even if you can erase it, try erasing it from google’s cache!

Be careful. For all the big talk, it is Web 2.0.

//Context
Most RFIDs are manufactured on older technology nodes. This translates as less transistors per square area and more voltage to switch the transistors compared to a newer technology. The tags work on wireless power scavenged from the reader. RFIDs have severe area and power constraints. This leaves area and power just enough to run the most critical applications on the tag. Since the transactions between the reader and the RFID tag are wireless, they may be more prone to malicious attacks. For sensitive applications like contact-less credit cards, most of the power and area is best used for cryptographic applications to make the transactions between the tag and the reader safer.

//Need for identification
Each tag would need an identification number to distinguish it from the others. It could be hard wired into the tag. For small groups of tags, this isn’t a significant over-head. But for tags like MBTA transit cards which may have many users, this could utilize a big chunk of the area resources.

//Need for True Random Number Generation
One cannot emphasize enough the need for secure keys for cryptography. Random numbers may be used to create challenges, padding bytes, and blinding values [x]
The longer the key is, the more time it takes for an attacker to guess it. But instead of brute forcing it, attackers exploit predictability in keys to break a system. TRNGs use the randomness of physical phenomena to generate truly random keys. Explored methods for creating on-chip TRNGs use additional amplifying or harvesting mechanism circuitry. This again, uses up expensive area and power.

//Using SRAM
There is a need for inexpensive identification or true random number generation on tags. A good way would be to use the existing resources without affecting their functionality. SRAM technology has been optimized for area and power. SRAM is available on-chip on some RFID tags. When powered off, the state of an SRAM cell is unknown. The SRAMs taken into consideration are cross coupled inverter based 6T SRAMs.

There are two types of SRAM cells:

1. Symmetric SRAM cells
In this case, both the inverters in an SRAM cell have gone through identical process variations, have similar threshold voltages and may initialize to a 0 or a 1 with equal probability on power-up. This is like flipping a coin, and the output is unpredictable on each power up. For several such cells in parallel, the output is an unpredictable binary stream. This output could be used as a true random number. It is different in each run.

2. Non-symmetric SRAM cells
In this case, the inverters in a cell differ from each other, such that one inverter triggers on before the other, nearly on every power-up. This may be because it’s threshold voltage is lower than the other’s. In this case the output is predictable every time and can serve as a fingerprint for that SRAM. It remains nearly constant through multiple runs.

//Working
To create fingerprint templates, the SRAM state is read on power-up multiple times. The bits that do not change much(*) across runs are identified as fingerprint bits. The bits that are unpredictable at each run are identified as TRNG bits. On field, the initial SRAM state is compared against the fingerprint templates using an efficient algorithm. This provides identification. The bit stream is then fed into a privacy amplifier, which produces a different output for even a bit-flip. This provides a true random number for a transaction.

//Conclusion
Thus the initial state of the SRAM can be used as a TRNG or a Fingerprint. Once the SRAM is read on power-up, it can be used for other purposes. There is little area overhead involved, and the power is obtained from powering up the SRAM.

//Concerns
Like any harvesting mechanism, the privacy amplifier may add correlation to the true random number.

//Pointers
Shrinking technology may cause more process variation due to spatially varying dopant concentrations and varying transistor gate sizes. Would this imply that SRAMs built on a smaller node would output more fingerprint bits than random bits…?

I came across some writing on a Lorenz Attractor today. What first drew my attention to it were the beautiful butterfly shapes it outputs. See, pretty, isn’t it. Maybe I could use it as a TRNG? SO – The Lorenz Attractor has three differential equations involving x, y and z with respect to time. It also has constants sigma, rho and beta. For certain values of these constants, the Lorenz Attractor gives solutions to these differential equations which are chaotic. I am thinking – if we could simulate the Lorenz Attractor in a circuit, where the output voltage is a solution to the three differential equations, we could have a TRNG? I’m unsure if it would be a TRNG or an RNG (still have to read on this to get a clear idea).