Secure Computation Laboratory

Chenglu Jin

PhD Student
Office: ITE 423
chenglu.jin@uconn.edu

Biography

Chenglu is a Ph.D. student and research assistant at University of Connecticut, Electrical and Computer Engineering Department, advised by Dr. Marten van Dijk. He joined UCONN in summer 2014 after graduating from New York University with a Master of Science degree in Computer Engineering. He obtained his Bachelor degree in Xidian University, China. He is interested in security research in general. With his strong hardware background, his main research area is hardware security and embedded system security. These days, he is interested in cyber-physical system security as well.

To put his research and expertise into practice, he spent two summers in the industry (Open Security Research), where he worked on fault attacks and power side channel attacks. Furthermore, he participated in a few security compititions to solve security issues in real systems, e.g. MITRE eCTF and NYU CSAW ESC. In particular, he won the first place at MITRE eCTF 2017 together with the other teammates (News).

He is also an active speaker at Security Seminar. He is currently giving a series of talks on the lessons he learned at Black Hat USA 2017 and DEF CON 2017.

In addition to his security research, he has taught ECE 3411 (Microprocessor Applications Laboratory) as a teaching assistant for two semesters (2016 Spring and Fall).

Research Interests

• Physical Unclonable Function (Interface) Design, Attack and Application
• Supply Chain Security
• Hardware Trojan Design and Detection
• Fault Attack and Concurrent Error Detection
• Side Channel Analysis and Countermeasures

Research Projects

• FPGA Implementation of a Cryptographically-Secure PUF Based on Learning Parity with Noise
  

  Previously, Herder et al. designed a new computational fuzzy extractor and physical unclonable function (PUF) challenge-response protocol based on the Learning Parity with Noise (LPN) problem. The protocol requires no irreversible state updates on the PUFs for security, like burning irreversible fuses, and can correct for significant measurement noise when compared to PUFs using a conventional (information theoretical secure) fuzzy extractor. However, Herder et al. did not implement their protocol. In this work, we give the first implementation of a challenge response protocol based on computational fuzzy extractors. Our main insight is that "confidence information" does not need to be kept private, if the noise vector is independent of the confidence information. This leads to a simplified version of LPN-based PUFs, which can be implemented by a software hardware co-design approach on Xilinx ZedBoard. Our simplifications allow for a dramatic reduction in area by making a mild security assumption on ring oscillator physical obfuscated key output bits.

• Security Analysis of DARPA's SHIELD Protocols
  

  With the globalization of semiconductor production, out-sourcing IC fabrication has become a trend in various aspects. This, however, introduces serious threats from the entire untrusted supply chain. To combat these threats, DARPA (Defense Advanced Research Projects Agency) has proposed the SHIELD (Supply Chain Hardware Integrity for Electronics Defense) program to design a secure hardware root-of-trust, called dielet, to be inserted into the host package of legitimately produced ICs. Dielets are RF powered and communicate with the outside world through their RF antennas. They have sensors which allow them to passively (without the need for power) record malicious events which can later be read out during an authentication protocol between the dielet and server with a smartphone as intermediary. First, we break DARPA's protocol by exploiting the weakness of deterministic encryption. Second, we propose secure and efficient authentication and initialization protocols for SHIELD to fix the loophole discovered by us. Third, we characterize the threat models into different categories based on the capability of the attackers. Also, in order to prove the security of our proposed protocols, we have a comprehensive formal analysis of them.

• Forward and Backward Secure Key Management
  

  Recent years have shown the fallacy of Certificate Authorities (CAs); insiders are able to steal master signing keys and impersonate certificates, exploitation of system vulnerabilities and other means of infiltration allow attackers to gain access to CAs and copy their keys, etc. The current attack surface exposed by CAs makes trust in their issued certificates questionable. Cryptography has found a partial solution with its introduction of forward security. The main problem, however, is what the current stolen key tells about to be used future keys for signing future certificates. This implies that a secure solution must rely on unclonable true randomness, which is not a straightforward exercise since newly generated secret keys need certain algebraic properties in order to offer forward security and newly reconfigured secret keys through tampering of digital state by an attacker should be revoked before the attacker is even able to sign valid certificates. We introduce a new notion of backward security which allows the legitimate owner of a reconstructed secret key to detect whether this key is known to another party before the owner will start using the key. We propose Programmable Logically Erasable PUFs, a new hardware security primitive based on a Physical Unclonable Function (PUF) which, given a PUF challenge, allows one to program the max number of times the PUF is allowed to measure the response corresponding to the challenge (after which the challenge response pair can be viewed as being erased). The above leads to efficient self-recovering certificate authorities; these CAs which in the presence of an adversary are able to recover from any impersonation attack by (a) revoking signing keys known to the adversary before the CA is going to use them and by (b) using a non-compromised signing key sequence (which exists with overwhelming probability) to replace the revoked ones.

• HaTCh: A Formal Framework of Hardware Trojan Design and Detection
  

  State of the art research has shown that existing HT detection techniques, which claim to detect all publicly available HT benchmarks, can still be defeated by carefully designing new sophisticated HTs. The reason being that these techniques consider the HT landscape to be limited only to the publicly known HT benchmarks. In this work, we present HaTCh, a pre-silicon logic testing based powerful detection algorithm which detects any HT from an exponentially large class of deterministic HTs with overwhelming probability. Given certain global characteristics regarding the stealthiness of the HT within this class, the computational complexity of our algorithm for practical HTs scales polynomially with the number of wires in the IP core. We argue that those HTs that fall outside the characterized class use HT design principles that allow HTs which can never be detected within the pre-silicon logic testing based paradigm.

Publications

• van Dijk, M., Jin, C., Maleki, H., Nguyen, P. H., and Rahaeimehr, R. "Weak-Unforgeable Tags for Secure Supply Chain Management", International Conference on Financial Cryptography and Data Security (FC), 2018
• Jin, C., Herder, C., Ren, L., Nguyen, P. H., Fuller, B., Devadas, S., and van Dijk, M. "FPGA Implementation of a Cryptographically-Secure PUF Based on Learning Parity with Noise", Cryptography, 2017
• Yan, W., Jin, C., Tehranipoor, F., and Chandy, J. "Phase Calibrated Ring Oscillator PUF Design and Implementation on FPGAs", International Conference on Field-Programmable Logic and Applications (FPL), 2017
• Haider, S.K., Jin, C., and van Dijk, M. "Advancing the State-of-the-Art in Hardware Trojans Design", IEEE International Midwest Symposium on Circuits and Systems (MWSCAS), 2017
• Maleki, H., Rahaeimehr, R., Jin, C., and van Dijk, M. "New Clone-Detection Approach for RFID-Based Supply Chains", IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), 2017
• Jin, C., Ren, L., Liu, X., Zhang, P., and van Dijk, M. "Mitigating Synchronized Hardware Trojan Attacks in Smart Grids", Workshop on Cyber-Physical Security and Resilience in Smart Grids (CPSR-SG), 2017
• Jin, C., and van Dijk, M. "Secure and Efficient Initialization and Authentication Protocols for SHIELD", IEEE Transactions on Dependable and Secure Computing (TDSC), 2017
• Haider, S. K., Jin, C., Ahmad, M., Shila, D. M., Khan, O., and van Dijk, M. "Advancing the State-of-the-Art in Hardware Trojans Detection", IEEE Transactions on Dependable and Secure Computing (TDSC), 2017
• Guo, X., Jin, C., Papadimitriou, A., Hely, D., and Karri, R."Can Algorithm Diversity in Stream Cipher Implementation Thwart (Natural and) Malicious Faults?", IEEE Transactions on Emerging Topics in Computing (TETC), 2015
• Guo, X., Karimi, N., Regazzoni, F., Jin, C., and Karri, R. "Simulation and Analysis of Negative-Bias Temperature Instability Aging on Power Analysis Attacks", IEEE International Symposium on Hardware Oriented Security and Trust (HOST), 2015
• Guo, X., Mukhopadhyay, D., Jin, C., and Karri, R."Security Analysis of Concurrent Error Detection against Differential Fault Analysis", Journal of Cryptographic Engineering (JCEN), 2014
• Guo, X., Mukhopadhyay, D., Jin, C., and Karri, R."NREPO: Normal Basis Recomputing with Permuted Operands", IEEE International Symposium on Hardware Oriented Security and Trust (HOST) , 2014

Eprints

• Nguyen, P. H., Sahoo, D. P., Jin, C., Mahmood, K., and van Dijk, M. "MXPUF: Secure PUF Design against State-of-the-art Modeling Attacks", Cryptography ePrint Archive, 2017
• Khan, R. S., Kanan, N., Jin, C., Scoggin, J., Noor, N., Muneer, S., Dirisaglik, F., Nguyen, P. H., Silva, H., van Dijk, M., and Gokirmak, A. "Intrinsically Reliable and Lightweight Physical Obfuscated Keys", arXiv, 2017
• Jin, C., Xu, X., Burleson, W., Ruhrmair, U., and van Dijk, M. "PLayPUF: Programmable Logically Erasable PUFs for Forward and Backward Secure Key Management", Cryptography ePrint Archive, 2015