In the field of machine learning security, as one of the attack surfaces especially for edge devices, the application of side-channel analysis such as correlation power/electromagnetic analysis (CPA/CEMA) is expanding. Aiming to evaluate the leakage resistance of neural network (NN) model parameters, i.e. weights and biases, we conducted a feasibility study of CPA/CEMA on floating-point (FP) operations, which are the basic operations of NNs. This paper proposes approaches to recover weights and biases using CPA/CEMA on multiplication and addition operations, respectively. It is essential to take into account the characteristics of the IEEE 754 representation in order to realize the recovery with high precision and efficiency. We show that CPA/CEMA on FP operations requires different approaches than traditional CPA/CEMA on cryptographic implementations such as the AES.

We study a new transistor-level side-channel leakage caused by charges trapped in between stacked transistors namely residual electric charges (RECs). Building leakage models is important in designing countermeasures against side-channel attacks (SCAs). The conventional work showed that even a transistor-level leakage is measurable with a local electromagnetic measurement. One example is the current-path leak [1], [2]: an attacker can distinguish the number of transistors in the current path activated during a signal transition. Addressing this issue, Sugawara et al. proposed to use a mirror circuit that has the same number of transistors on its possible current paths. We show that this countermeasure is insufficient by showing a new transistor-level leakage, caused by RECs, not covered in the previous work. RECs can carry the history of the gate's state over multiple clock cycles and changes the gate's electrical behavior. We experimentally verify that RECs cause exploitable side-channel leakage. We also propose a countermeasure against REC leaks and designed advanced encryption standard-128 (AES-128) circuits using IO-masked dual-rail read-only memory with a 180-nm complementary metal-oxide-semiconductor (CMOS) process. We compared the resilience of our AES-128 circuits against EMA attacks with and without our countermeasure and investigated an RECs' effect on physically unclonable functions (PUFs). We further extend RECs to physically unclonable function. We demonstrate that RECs affect the performance of arbiter and ring-oscillator PUFs through experiments using our custom chips fabricated with 180- and 40-nm CMOS processes*.

In this study, a theory for estimating the dielectric properties for unknown materials from three reference materials without using a short condition was developed. Specifically, the relationships linking the S parameter, electrostatic capacity, the measurement instrument and the jig were determined for four equivalent circuits with three reference materials and an unknown material inserted into the jig. An equation for estimation of complex permittivity from three reference materials without short termination was thus derived. The formula's accuracy was then numerically verified for cases in which values indicating the dielectric properties of the reference materials and the actual material differed significantly, thereby verifying the effectiveness of the proposed method. Next, it was also found that dielectric constant could be correctly determined even when the observation plane was moved to the SOL calibration plane on the generator side. The dielectric properties of various liquids in the 0.50, 1.0 and 2.5 GHz bands as measured using the proposed method were then compared with corresponding conventional-method values. Finally, the validity of the proposed method was also indicated by measurement values showing the frequency characteristics of dielectric properties at frequencies ranging from 0.50 to 3.0 GHz.

In this study, expressions were compared with reference material using the coaxial feed-type open-ended cut-off circular waveguide reflection method to support simple and instantaneous evaluation of dielectric constants in small amounts of scarce liquids over a broad frequency range. S11 values were determined via electromagnetic analysis for individual jig structure conditions and dielectric property values without actual S11 measurement under the condition that the tip of the measurement jig with open and short-ended conditions and with the test material inserted. Next, information on the relationships linking jig structure, dielectric properties and S11 properties was stored on a database to simplify the procedure and improve accuracy in reference material evaluation. The accuracy of the estimation formula was first theoretically verified for cases in which values indicating the dielectric properties of the reference material and the actual material differed significantly to verify the effectiveness of the proposed method. The results indicated that dielectric property values for various liquids measured at 0.5 and 1.0GHz using the proposed method corresponded closely to those obtained using the method previously proposed by the authors. The effectiveness of the proposed method was evaluated by determining the dielectric properties of certain liquids at octave-range continuous frequencies between 0.5 and 1.0GHz based on interpolation from limited data of several frequencies. The results indicated that the approach enables quicker and easier measurement to establish the complex permittivity of liquids over a broad frequency range than the previous method.

We propose a new swept-frequency measurement method for the electromagnetic characterization of materials. The material is a multilayer cylinder that pierces a rectangular waveguide through two holes in the narrow waveguide walls. The complex permittivity and permeability of the material are calculated from measured S-parameters as an inverse problem. To this aim, the paper develops a complete electromagnetic formulation of the problem, where the effects of material insertion holes are taken into consideration. The formulation is validated through the measurement of ferrite and water samples in the S-band.

This paper provides a method based on electromagnetic (EM) analysis to predict conducted currents in the bulk current injection (BCI) test system for automotive components. The BCI test system is comprised of an injection probe, equipment under test (EUT), line impedance stabilization networks (LISNs), wires and an electric load. All components are modeled in full-wave EM analysis. The EM model of the injection probe enables us to handle multi wires. By using the transmission line theory, the BCI setup model is divided into several parts in order to reduce the calculation time. The proposed method is applied to an actual BCI setup of an automotive component and the simulated common mode currents at the input terminals of EUT have a good accuracy in the frequency range of 1-400MHz. The model separation reduces the calculation time to only several hours.

Electromagnetic analysis (EMA) against public-key cryptographic software on an embedded OS is presented in this paper. First, we propose a method for finding an observation point for EMA, where the EM radiation caused by cryptographic operations can be observed with low noise. The basic idea is to find specific EM radiation patterns produced by cryptographic operations given specific input pattern. During the operations, we scan the surface of the target device(s) with a micro magnetic probe. The scan is optimized in advanced using another compatible device that has the same central processing unit (CPU) and OS as the target device. We demonstrate the validity of the proposed EMAs through some EMA experiments with two types of RSA software on an embedded OS platform. The two types of RSA software have different implementations for modular multiplication algorithms: one is a typical and ready-made implementation using BigInteger class on Java standard library, and another is a custom-made implementation based on the Montgomery multiplication algorithm. We conduct experiments of chosen-message EMA using our scanning method, and show such EMAs successfully reveal the secret key of RSA software even under the noisy condition of the embedded OS platform. We also discuss some countermeasures against the above EMAs.

Positive real approximation of sampled frequency data obtained from electromagnetic analysis or measurement is presented. The proposed two methods are based on the Fourier expansion method. The frequency data are approximated by the Laguerre series that becomes the Fourier series with an infinite interval at an imaginary axis of complex plane. The proposed methods do not require any passivity check algorithm. The first method approximates the real parts of sampled data by the piecewise linear matrix function. The second method uses discrete Fourier transform. It is here proven that the approximated matrix function is an interpolative function for the real parts of sampled data. The proposed methods are applied to the approximation of per unit length parameters of multi-conductor system. The capability of the proposed methods is demonstrated.

Phase-nonreciprocal ε-negative and CRLH metamaterials are analyzed using a new approach in which field analysis and transmission line model are combined. The examined one-dimensional nonreciprocal metamaterials are composed of a ferrite-embedded microstrip line periodically loaded with shunt stubs. In the present approach, the phase constant nonreciprocity is analytically estimated and formulated under the assumption of operating frequency far above the ferromagnetic resonant frequency. The present approach gives a good explanation to the phenomenon in terms of ferromagnetic properties of the ferrite and asymmetric geometry of the metamaterial structure, showing a good agreement with numerical simulations and experiment.

Electromagnetic emissions leak confidential data of cryptographic devices. Electromagnetic Analysis (EMA) exploits such emission for cryptanalysis. The performance of EMA dramatically decreases when correlated noise, which is caused by the interference of clock network and exhibits strong correlation with encryption signal, is present in the acquired EM signal. In this paper, three techniques are proposed to reduce the correlated noise. Based on the observation that the clock signal has a high variance at the signal edges, the first technique: single-sample Singular Value Decomposition (SVD), extracts the clock signal with only one EM sample. The second technique: multi-sample SVD is capable of suppressing the clock signal with short sampling length. The third one: averaged subtraction is suitable for estimation of correlated noise when background samplings are included. Experiments on the EM signal during AES encryption on the FPGA and ASIC implementation demonstrate that the proposed techniques increase SNR as much as 22.94 dB, and the success rates of EMA show that the data-independent information is retained and the performance of EMA is improved.

In this paper, a new swept-frequency method for the measurement of the complex permittivity and permeability of materials is proposed. The method is based on the S-parameters measurement of a cylindrical material placed inside a rectangular waveguide, where the axis of the cylinder is perpendicular to the narrow waveguide walls. The usage of cylinders in measurement is beneficial because they are easy to fabricate and handle. A novel exact solution of the field scattered by the cylinder is developed. The solution is based on expanding the field in a sum of orthogonal modes in cylindrical coordinates. Excitation coefficients relating the cylindrical scattered field to the waveguide modes are derived, and are used to rigorously formulates the S-parameters. Measurement are performed in the S-band with two dielectric materials (PTFE, nylon), and in the X-band with one magnetic material (ferrite epoxy). The measurement results agree with those from the literature.

Advances in smart card technology encourages smart card use in more sensitive applications, such as storing important information and securing application. Smart cards are however vulnerable to side channel attacks. Power consumption and electromagnetic radiation of the smart card can leak information about the secret data protected by the smart card. Our paper describes two possible hardware countermeasures that protect against side channel information leakage. We show that power analysis can be prevented by adopting photo-coupling techniques. This method involves the use of LED with photovoltaic cells and photo-couplers on the power, reset, I/O and clock lines of the smart card. This method reduces the risk of internal data bus leakage on the external data lines. Moreover, we also discuss the effectiveness of reducing electromagnetic radiation by using embedded metal plates.

This paper describes a novel layout optimization technique using electromagnetic (EM) simulation. Simple equivalent circuits fitted to EM simulation results are employed in this method, to present a modification guide for a layout pattern. Fitting errors are also investigated with some layout patterns in order to clarify the applicable range of the method, because the errors restrict the range. The method has been successfully adopted to an X-band low noise MMIC amplifier (LNA). The layout pattern of the amplifier was optimized in only two days and the amplifier has achieved target performances--a 35 dB gain and a 1.7 dB noise figure--in one development cycle. The effective chip area has been miniaturized to 4.8 mm2. The area could be smaller than 70% in comparison with a conventional layout MMIC.

The validity of numerical design scheme of CP-PASS (Circularly Polarized Printed Array antenna composed of Strips and Slots) is considered. The strip element of CP-PASS is composed of a strip dipole and a window which increases the frequency bandwidth of the strip element. With the window, however, analysis of the antenna becomes difficult if a simple analytical model is used. The previous design procedure requierd an experimental procedure. By using modern computers, the FDTD (finite-difference time-domain) method becomes powerful tool for the analysis of 3D-structured antennas. In this paper, numerical results of the FDTD analysis for CP-PASS is compared with results from experiments. The characteristics of the unit-radiator of CP-PASS are demonstrated numerically. This paper shows that CP-PASS can be designed numerically and a new path has opened in the study of CP-PASS.