## Physical unclonable functions

Physical unclonable functions (PUFs) serve as intrinsically-generated hardware roots-of-trust. PUFs are pseudo-random functions that exploit the randomness inherent in the IC manufacturing to generate random output strings. Strong PUFs possess a very large input-output space which allows significantly strengthening the security guarantees of common hardware authentication protocols yet they have proven difficult to realize. The central challenge in realizing the potential of strong PUFs is their vulnerability to model-building attacks using machine learning (ML). We recently realized in silicon a new strong PUF that exploits the physics of nanometer-scale CMOS to enable a highly ML-resilient and robust PUF.

## Physically-secure post-quantum cryptography

Several widely-used public-key cryptosystems are vulnerable to advances in
quantum computing. Our research has explored secure implementations of a
promising post-quantum alternative, based on lattice cryptography. We
describe the first hardware implementation of a quantum-secure encryption
scheme along with its low-cost power side-channel countermeasure. The
encryption uses an implementation-friendly Binary-Ring-Learning-with-Errors
(B-RLWE) problem with binary errors that can be efficiently generated in
hardware. We demonstrate that a direct implementation of BRLWE exhibits
vulnerability to power side-channel attacks, even to Simple Power Analysis,
due to the nature of binary coefficients. We mitigate this vulnerability
with a redundant addition and memory update.

## Approximate computing for on-chip machine learning acceleration

Approximate computing relies on the ability of many systems and applications to tolerate some loss of quality or optimality in the computed result. By relaxing the need for fully precise or completely deterministic operations, approximate computing techniques allow substantially improved energy efficiency. We are exploring ways to maximize the use of approximate computing in on-chip accelerators of machine-learning tasks.

## EM side-channel: analysis and countermeasures

Side-channel attacks present a formidable challenge to ensuring the security of existing cryptographic applications. Embedded systems and IoT devices are especially vulnerable to side-channel attacks as they can easily become physically accessible to an attacker, in a way that is easier to imagine compared to the conventional general-purpose and cloud computing hardware, and thus permit extensive probing. An attack that is closely related to power analysis relies on the observation of the EM emanations resulting from the same current switching behavior that is responsible for the power attacks. We are developing predictive models and algorithms that enable computation of EM emanation profiles of information-bearing blocks and thus enable design-time investigation of embedded cryptosystem vulnerability to EM SCA with sufficient accuracy at acceptable computational costs.