Researchers at MIT, in collaboration with the MIT-IBM Watson AI Lab, have engineered a new type of chip designed to enhance the security of smartphone data.
This breakthrough is especially relevant for health-monitoring apps and other mobile applications that handle sensitive information.
The chip helps protect against cyber threats while ensuring that large AI models can operate efficiently on devices.
The modern smartphone apps we use for monitoring health or managing finances rely on complex machine-learning models.
Traditionally, these models have been challenging to run on smartphones directly due to their size and the need for frequent data exchanges with central servers, making them slow and power-hungry.
Additionally, when data is frequently transferred, it becomes vulnerable to cyber-attacks.
Addressing these concerns, the team led by Maitreyi Ashok, a graduate student in electrical engineering and computer science at MIT, developed a machine-learning accelerator chip that is tough against the most common cyber-attacks while maintaining the privacy and integrity of user data.
This chip is particularly useful for AI-driven applications like virtual reality or autonomous driving, which demand robust computational power and security.
While the inclusion of this technology could slightly raise the cost and reduce the energy efficiency of devices, the trade-off for enhanced security is often worthwhile, according to Ashok.
“Our goal was to build security into the system from the start, which is far less costly than trying to add it later,” Ashok explains. She further stresses the importance of considering security early in the design process to manage various trade-offs effectively.
The study, which will be presented at the IEEE Custom Integrated Circuits Conference in Denver, highlights how the chip uses digital in-memory compute (IMC).
This method performs computations within the device’s memory where parts of the machine-learning model are stored, thus reducing the amount of data transferred and minimizing exposure to potential security breaches.
However, IMC chips are typically prone to certain cyber threats. To enhance security, Ashok and her team employed a three-pronged strategy.
First, they introduced a novel security measure that breaks down data into random segments that can’t be easily pieced together by attackers, mitigating what’s known as side-channel attacks.
Secondly, to defend against bus-probing attacks—where hackers attempt to steal data directly from the communication lines—they implemented a lightweight encryption method that protects data stored outside the main chip. This encryption only decrypts data as needed.
Thirdly, the team innovated by generating encryption keys directly on the chip using a method called a physically unclonable function.
This technique utilizes minute, naturally occurring variations in the manufacturing process of each chip to produce a unique key, enhancing security without the need for complex computations.
In testing their design, the researchers attempted to hack their own chip using both side-channel and bus-probing attacks but failed to breach its defenses even after millions of attempts. In contrast, a conventional, unprotected chip succumbed to data theft after just 5,000 attempts.
Despite these successes, the new security measures do require more energy and increase the chip size, which could lead to higher production costs.
The team acknowledges these drawbacks and plans to explore ways to optimize the chip’s design further to reduce its energy consumption and physical footprint, making it more practical for widespread implementation.
“Our future work will focus on balancing security with cost and energy efficiency, potentially making slight compromises on security to achieve more practicable solutions,” says Ashok.
This ongoing research underscores the critical role of security in the development of advanced technologies for mobile and edge devices.
Source: MIT.
