Tolga Arul

Verified

Tolga verified their affiliation via an institutional email.

Learn more

Verified

Tolga verified their affiliation via an institutional email.

Learn more

• Doctor of Engineering
• Research Associate at University of Passau

Nonlinearity is a crucial characteristic for implementing hardware security primitives or neuromorphic computing systems. The main feature of all memristive devices is this nonlinear behavior observed in their current-voltage characteristics. To comprehend the nonlinear behavior, we have to understand the coexistence of resistive, capacitive, and i...

This work investigates the potential of temperature-dependent resistors to serve as Physical Unclonable Functions (PUFs). Five types of temperature-dependent resistors were subjected to testing at four different temperatures. The analysis of the collected data revealed patterns and trends that do not immediately qualify the devices as PUFs, but ind...

In this article, we introduce a novel approach to achieving lightweight device authentication through the use of a low-complexity Convolutional Neural Network (CNN). In our work, we improve the False Authentication Rate (FAR) by transforming the standard CNN into a Bayesian CNN (BCNN or BNN). This transformation enables the use of probabilistic mod...

In this work, we analyse Commercial Off-The-Shelf (COTS) Resistive Random Access Memory (ReRAM) modules for their suitability to implement a novel runtime-accessible True Random Number Generator (TRNG). For this purpose, modules from two different manufacturers (Adesto Technologies and Fujitsu) were tested, which exhibited distinct characteristics...

This work expands the current state of the art in the field of chaos-based cryptography, by removing the need for a dedicated synchronisation line that provides a shared information channel between the relevant transmitter and the receiver devices. We present two different real-world implementations of a secure digital communication system based on...

In this work, we present a secure communication system based on synchronised Lorenz chaotic circuits. Drawing inspiration from similar works based on nonlinear Chua circuits, our secure communication system is based upon the synchronisation of two Lorenz circuits. One of these nonlinear circuits is incorporated into the transmitter and the other on...

The Raspberry Pi 3B+ is a well-known single-board computer that can be used to implement and test a number of hardware security primitives suitable for Commercial Off-The-Shelf (COTS) devices. However, the software that implements and tests these primitives is rarely made fully available as open-source code. In this work, we present and discuss ope...

Nonlinearity is a crucial characteristic for implementing hardware security primitives or neuromorphic computing systems. The main feature of all memristive devices is this nonlinear behavior observed in their current-voltage characteristics. To comprehend the nonlinear behavior, we have to understand the coexistence of resistive, capacitive, and i...

This work studies the effects of thermal stress on Dynamic Random-Access Memory (DRAM) retention-based Physical Unclonable Functions (PUFs) based on Commercial Off-The-Shelf (COTS) Single-Board Computer (SBC) modules. Our results show that prolonged thermal stress, in general, leads to a decrease in the entropy of the responses of this PUF (as the...

In this work, we explored a highly robust and unique Physical Unclonable Function (PUF) based on the stochastic assembly of single-walled Carbon NanoTubes (CNTs) integrated within a wafer-level technology. Our work demonstrated that the proposed CNT-based PUFs are exceptionally robust with an average fractional intra-device Hamming distance well be...

This manuscript contains supplementary information not presented in the primary manuscript, providing additional measurement data and corresponding descriptions.

Physical Unclonable Functions (PUFs) are increasingly used in the process of securing applications. For this purpose, it is crucial that the PUF satisfies all the required properties adequately, including Unpredictability. An important aspect of Unpredictability is Randomness, which includes being free of spatial correlation effects. However, most...

In this work, we present a novel method of increasing the entropy of the CNT-PUF, a Physical Unclonable Function (PUF) based on Carbon-NanoTube Field Effect Transistors (CNT-FETs). The binary responses of this PUF are based on the drain current I_D of each CNT-FET under the influence of a particular gate-source voltage V_GS, which, through the empl...

In this work, we present a device-based approach for a Single Sign-On (SSO) system that can be used for user authentication to web services hosted by remote servers. Our approach is based on the utilisation of intrinsic Physical Unclonable Functions (PUFs) and each user's credentials in the context of the Operating System (OS) found on the device....

In this work, we very briefly explore the use of neuromorphic and in-memory computing modules based on memristive circuits in the framework of predictive maintenance and supply chain management and security.

In this work, we very briefly explore the use of neuromorphic and in-memory computing modules based on memristive circuits in the framework of predictive maintenance and supply chain management and security.

p>This work presents the hardware demonstrator of a secure encryption system based on synchronised Chua chaotic circuits. In particular, the presented encryption system comprises two Chua circuits that are synchronised using a dedicated bidirectional synchronisation line. One of them forms part of the transmitter, while the other of the receiver. B...

p>In this work, we explore a highly robust and unique Physical Unclonable Function (PUF) based on the stochastic assembly of single-walled Carbon NanoTubes (CNTs) integrated within a wafer-level technology. Our work demonstrates that the proposed CNT-based PUFs are exceptionally robust with an average fractional intra-device Hamming distance of 0.0...

In this work, we explore a highly robust and unique Physical Unclonable Function (PUF) based on the stochastic assembly of single-walled Carbon NanoTubes (CNTs) integrated within a wafer-level technology. Our work demonstrates that the proposed CNT-based PUFs are exceptionally robust with an average fractional intra-device Hamming distance of 0.01...

p>In this work, we explore a highly robust and unique Physical Unclonable Function (PUF) based on the stochastic assembly of single-walled Carbon NanoTubes (CNTs) integrated within a wafer-level technology. Our work demonstrates that the proposed CNT-based PUFs are exceptionally robust with an average fractional intra-device Hamming distance of 0.0...

As the number of devices being interconnected increases, so does also the demand for (lightweight) security. To this end, Physical Unclonable Functions (PUFs) have been proposed as hardware primitives that can act as roots of trust and security. Recently, a new type of PUF based on Carbon NanoTubes (CNTs) has been proposed. At the same time, attack...

The ubiquity and pervasiveness of modern Internet of Things (IoT) devices opens up vast possibilities for novel applications, but simultaneously also allows spying on, and collecting data from, unsuspecting users to a previously unseen extent. This paper details a new attack form in this vein, in which the decay properties of widespread, off-the-sh...

In this work, we introduce two new types of Physical Unclonable Functions (PUFs) based on memristor arrays. Both PUFs use the output behavior of memristor cells when an excitation signal is applied to their input. First, the cells are identified by decomposing the signal response into different frequencies using the discrete Fourier transformation...

p>In this work, we examine the potential of Physical Unclonable Functions (PUFs) that have been implemented on NAND Flash memories using programming disturbances to act as sustainable primitives for the purposes of lightweight cryptography. In particular, we investigate the ability of such PUFs to tolerate temperature and voltage variations, and ex...

p>This work presents the hardware demonstrator of a secure encryption system based on synchronised Chua chaotic circuits. In particular, the presented encryption system comprises two Chua circuits that are synchronised using a dedicated bidirectional synchronisation line. One of them forms part of the transmitter, while the other of the receiver. B...

p>This work presents the hardware demonstrator of a secure encryption system based on synchronised Chua chaotic circuits. In particular, the presented encryption system comprises two Chua circuits that are synchronised using a dedicated bidirectional synchronisation line. One of them forms part of the transmitter, while the other of the receiver. B...

In this work, we present a Physical Unclonable Function (PUF) implemented on a Commercial Off-The-Shelf (COTS) NAND Flash memory module using programming disturbances, and examine the robustness of its responses to environmental variations. In particular, we test a removable Flash memory module serving as a PUF, under nominal conditions, as well as...

The ubiquity and pervasiveness of modern Internet of Things (IoT) devices opens up vast possibilities for novel applications, but simultaneously also allows spying on, and collecting data from, unsuspecting users to a previously unseen extent. This paper details a new attack form in this vein, in which the decay properties of widespread, off-the-sh...

In this work, we examine the potential of Physical Unclonable Functions (PUFs) that have been implemented on NAND Flash memories using programming disturbances to act as sustainable primitives for the purposes of lightweight cryptography. In particular, we investigate the ability of such PUFs to tolerate temperature and voltage variations, and exam...

p>In this work, we examine the potential of Physical Unclonable Functions (PUFs) that have been implemented on NAND Flash memories using programming disturbances to act as sustainable primitives for the purposes of lightweight cryptography. In particular, we investigate the ability of such PUFs to tolerate temperature and voltage variations, and ex...

This work concerns the demonstration of a security solution for a network of networks, which comprises heterogeneous devices and utilises diverse communication protocols. The security solution used in this work employs an architecture presented in a previous work, which is based upon the concept of hardware and software security co-engineering.

In recent years, a new generation of the Internet of Things (IoT 2.0) is emerging, based on artificial intelligence, the blockchain technology, machine learning, and the constant consolidation of pre-existing systems and subsystems into larger systems. In this work, we construct and examine a proof-of-concept prototype of such a system of systems,...

The field of computer hardware stands at the verge of a revolution driven by recent breakthroughs in emerging nanodevices. 'Nano Security' is a new Priority Program recently approved by DFG, the German Research Council. This initial-stage project initiative at the crossroads of nano-electronics and hardware-oriented security includes 11 projects wi...

Im Rahmen der Arbeitsgruppe CYBERSECURITY (CYSIS), Teil der Innovationsallianz von TU Darmstadt und DB Netz AG, wurde gemeinsam mit den Projektpartnern CISCO, Fraunhofer SIT, ÖBB und INCYDE das Whitepaper IT/OT-Security bei Internet of Railway Things (IoRT) erarbeitet. Darin werden Anwendungen von IoRT devices und mögliche IT Sicherheitsstrategien...

In recent years, the ubiquitous nature of Internet-of-Things (IoT) applications as well as the pervasive character of next-generation communication protocols, such as the 5G technology, have become widely evident. In this work, we identify the need for low-cost security in current and next-generation IoT networks and address this demand through the...

We propose a rule-based anomaly detection system for railway signalling that mitigates attacks by a Dolev-Yao attacker who is able to inject control commands and to perform semantic attacks. The system as well mitigates the effects of a compromised signal box that an attacker uses to issue licit but mistimed control messages. We consider an attacke...

In this work, we conduct and discuss a consensus-based risk analysis for a novel architecture of a driverless and electric prototype vehicle. While well-established safety standards like ISO 26262 provide frameworks to systematically assess risks of hazardous operational situations, the automotive security field has emerged only in the last years....

We propose a new anomaly detection system to defend against semantic attacks on the command and control communication in safety-critical railway signalling networks. To this end, we train artificial neural network on the communication of signal boxes connected to their signals, points, and train detection system. We show that it is possible to pred...

In this work, we propose defense techniques against message spoofing attacks in FlexRay networks. For this purpose, we explore how to leverage the slot- and channel-based FlexRay communication for ensuring the authenticity of safety-critical in-vehicle traffic. In particular, we suggest to split authentication tags across two physical independent c...

Abstract An increasing amount of information today is generated, exchanged, and stored digitally. This also includes long-lived and highly sensitive information (e.g., electronic health records, governmental documents) whose integrity and confidentiality must be protected over decades or even centuries. While there is a vast amount of cryptography-...

Recent studies have shown that aggregate CPU usage and power consumption traces on smartphones can leak information about applications running on the system or websites visited. In response, access to such data has been blocked for mobile applications starting from Android 8. In this work, we explore a new source of side-channel leakage for this cl...

In this work, we extend our previous manuscript regarding a systematic study of data remanence effects on an intrinsic Static Random Access Memory Physical Unclonable Function (SRAM PUF) implemented on a Commercial Off-The-Shelf (COTS) device in the temperature range between −110∘C and −40∘C. As the experimental results of our previous work show, a...

Securing a safety-critical system is a challenging task, because safety requirements have to be considered alongside security controls. We report on our experience to develop a security architecture for railway signalling systems starting from the bare safety-critical system that requires protection. We use a threat-based approach to determine secu...

Recent studies have shown that aggregate CPU usage and power consumption traces on smartphones can leak information about applications running on the system or websites visited. In response, access to such data has been blocked for mobile applications starting from Android 7. In this work, we explore a new source of side-channel leakage for this cl...

Recently, researchers have demonstrated how the lack of security features in road vehicles may allow adversaries to take over partial or even full control. Specifically, in-vehicle communication protocols are prone to attacks, because no security mechanisms have been developed for them. For a long time, they have been optimized only towards safety,...

Physical Unclonable Functions (PUFs) based on the retention times of the cells of a Dynamic Random Access Memory (DRAM) can be utilised for the implementation of cost-efficient and lightweight cryptographic protocols. However, as recent work has demonstrated, the times needed in order to generate their responses may prohibit their widespread usage....

Physical Unclonable Functions (PUFs) based on the retention times of the cells of a Dynamic Random Access Memory (DRAM) can be utilised for the implementation of cost-efficient and lightweight cryptographic protocols. However, as recent work has demonstrated, the times needed in order to generate their responses may prohibit their widespread usage....

Cryptographic applications usually require the storage of secret keys. Physical Unclonable Functions (PUFs) can provide secure key storage even on low-end hardware [Katz12], such as devices used for the Internet of Things (IoT). PUFs offer lightweight cryptographic solutions by exploiting intrinsic physical properties of hardware. Their security is...

Technische Universität Darmstadt Yale University University of Connecticut

Several cryptographic applications entail the availability of a secure storage on a device, for instance, to store secret keys. Physical Unclonable Functions (PUFs) can be used to provide such key storage on commodity devices in a cost-efficient manner [KKR + 12]. Their security is based on the existence of at least one (random but stable) output t...

We propose a novel short-interval charging model for pay-TV over IPTV. To realize this model we develop an approach that relies on the channel switching action of users to trigger the charging process. When a user switches to a paid channel a multicast rekeying procedure is triggered resulting in a new content key for all viewing users of that paid...

This paper presents a lightweight anti-counterfeiting solution using intrinsic Physically Unclonable Functions (PUFs), which are already embedded in most commodity hardware platforms. The presented solution is particularly suitable for low-end computing devices without on-board security features. Our anti-counterfeiting approach is based on extract...

The short-interval charging model is a customer-oriented charging model for pay-TV over Internet Protocol Television (IPTV). In contrast to conventional pay-TV models such as subscription-based pay-TV, pay-per-view and video on demand, this model allows charging for very short viewing intervals in the range of seconds. This paper presents the resul...

Trusted computing is gaining an increasing acceptance in the industry and finding its way to cloud computing. With this penetration, the question arises whether the concept of hard-wired security modules will cope with the increasing sophistication and security requirements of future IT systems and the ever expanding threats and violations. So far,...

Trusted computing is gaining an increasing acceptance in the industry and finding its way to cloud computing. With this penetration, the question arises whether the concept of hard-wired security modules will cope with the increasing sophistication and security requirements of future IT systems and the ever expanding threats and violations. So far,...

While a vast number of solutions to multicast group rekeying were published in the last years, a common base to evaluate these solutions and compare them with each other is still missing. This paper presents a unified and comprehensive way to evaluate the performance of different rekeying algorithms. A rekeying benchmark estimates rekeying costs fr...

This paper presents a new approach for performance evaluation of rekeying algorithms. New system metrics related to rekeying performance are defined: Rekeying Quality of Service and Rekeying Access Control. These metrics are estimated in relation to both group size and group dynamics. A simultor prototype demonstrates the merit of this unified asse...