Researchers from MIT and the MIT-IBM Watson AI Lab have developed a hardware solution that enhances the security of machine-learning applications on smartphones. Current health-monitoring apps require large amounts of data to be transferred back and forth between the phone and a central server, which can create security vulnerabilities and inefficiency. To counter this, the team developed a chip that resists the two most common types of cyber attacks, and also enables large AI models to operate efficiently on device.
The chip was centred on a concept known as digital in-memory compute (IMC), where computations are processed within the device memory. IMC chips typically reduce data transfers by splitting large models into smaller pieces that are stored in the device’s memory. However, this can expose the device to hackers who employ side-channel and bus-probing attacks. Side-channel attacks involve monitoring the chip’s power use to reverse-engineer data, while bus-probing attacks steal bits of the model and dataset by examining the device and its memory.
To mitigate both attack types, the team developed three security measures: splitting data into random pieces to obstruct side-channel attacks; using a lightweight cipher to protect the device against bus-probing attacks; and generating decryption keys directly on the chip. These keys were made from inconsistencies in chip wiring created in the manufacturing process, a solution known as a physically unclonable function.
Despite its success in resisting attacks during in-house hacking tests, the introduction of the chip results in slightly reduced energy efficiency and a larger chip size, making it more expensive. However, the team believes that the developments in ensuring secure operation make it a viable solution for future integrations into mobile devices. They plan to explore methods to reduce the chip size and energy consumption to lower costs and ease implementation.