Using physical unclonable functions for internet-of-thing security cameras

This paper proposes a low-cost solution to develop IoT security cameras. Integrity and confidentiality of the image data are achieved by cryptographic modules that implement symmetric key-based techniques which are usually available in the hardware of the IoT cameras. The novelty of this proposal is that the secret key required is not stored but reconstructed from the start-up values of a SRAM in the camera hardware acting as a PUF (Physical Unclonable Function), so that the physical authenticity of the camera is also ensured. The start-up values of the SRAM are also exploited to change the IV (Initialization Vector) in the encryption algorithm. All the steps for enrollment and normal operation can be included in a simple firmware to be executed by the camera. There is no need to include specific hardware but only a SRAM is needed which could be powered down and up by firmware.Ministerio de Economía y Competitividad del Gobierno de España y fondos europeos FEDER-TEC2014-57971-RConsejo Superior de Investigaciones Científicas (CSIC)-HW-SEEDS 201750E010V Plan Propio de Investigación de la Universidad de Sevill

Performance of Secure Boot in Embedded Systems

With the proliferation of the Internet of Things (IoT), the need to prioritize the overall system security is more imperative than ever. The IoT will profoundly change the established usage patterns of embedded systems, where devices traditionally operate in relative isolation.Internet connectivity brought by the IoT exposes such previously isolated internal device structures to cyber-attacks through the Internet, which opens new attack vectors and vulnerabilities. For example, a malicious user can modify the firmware or operating system by using a remote connection, aiming to deactivate standard defenses against malware. The criticality of applications, for example, in the Industrial IoT (IIoT) further underlines the need to ensure the integrity of the embedded software. One common approach to ensure system integrity is to verify the operating system and application software during the boot process. However, safety-critical IoT devices have constrained boot-up times, and home IoT devices should become available quickly after being turned on. Therefore, the boot-time can affect the usability of a device.This paper analyses performance trade-offs of secure boot for medium-scale embedded systems, such as Beaglebone and Raspberry Pi. We evaluate two secure boot techniques, one is only software-based, and the second is supported by a hardware-based cryptographic storage unit.For the software-based method, we show that secure boot merely increases the overall boot time by 4 %.Moreover, the additional cryptographic hardware storage increases the boot-up time by 36 %

Design, implementation, and analysis of efficient tools based on PUFs for hardware security applications

A Physical Unclonable Function (PUF) is a physical system that leverages manufacturing process variations to generate unclonable and inherent instance-specific measurements of physical objects. PUF is equivalent to human biometrics in many ways where each human has a unique fingerprint. PUF can securely generate unique and unclonable signatures that allow PUF to bootstrap the implementation of various physical security issues. In this thesis, we discuss PUFs, extend it to a novel SW-PUF, and explore some techniques to utilize it in security applications. We first present the SW-PUF - basic building block of this thesis, a novel PUF design that measures processor chip ALU silicon biometrics in a manner similar to all PUFs. Additionally, it composes the silicon measurement with the data-dependent delay of a particular program instruction in a way that is difficult to decompose through a mathematical model. We then implement the proposed PUF to solve various security issues for applications such as Software Protection and Trusted Computing. We prove that the SW-PUF can provide a more robust root of trust for measurement than the existing trusted platform module (TPM). Second, we present the Reversible SW-PUF , a novel PUF design based on the SW-PUF that is capable of computing partial inputs given its outputs. Given the random output signature of specific instruction in a specific basic block of the program, only the computing platform that originally computed the instruction can accurately regenerate the inputs of the instruction correctly within a certain number of bits. We then implement the Reversible SW-PUF to provide a verifiable computation method. Our scheme links the outsourced software with the cloud-node hardware to provide proof of the computational integrity and the resultant correctness of the results with high probability. Finally, we employ the SW-PUF and the Reversible SW-PUF to provide a trust attribute for data on the Internet of Thing (IoT) systems by combining data provenance and privacy-preserving methods. In our scheme, an IoT server can ensure that the received data comes from the IoT device that owns it. In addition, the server can verify the integrity of the data by validating the provenance metadata for data creation and modification

High Speed Clock Glitching

In recent times, hardware security has drawn a lot of interest in the research community. With physical proximity to the target devices, various fault injection hardware attack methods have been proposed and tested to alter their functionality and trigger behavior not intended by the design. There are various types of faults that can be injected depending on the parameters being used and the level at which the device is tampered with. The literature describes various fault models to inject faults in clock of the target but there are no publications on overclocking circuits for fault injection. The proposed method bridges this gap by conducting high-speed clock fault injection on latest high-speed micro-controller units where the target device is overclocked for a short duration in the range of 4-1000 ns. This thesis proposes a method of generating a high-speed clock and driving the target device using the same clock. The properties of the target devices for performing experiments in this research are: Externally accessible clock input line and GPIO line. The proposed method is to develop a high-speed clock using custom bit-stream sent to FPGA and subsequently using external analog circuitry to generate a clock-glitch which can inject fault on the target micro-controller. Communication coupled with glitching allows us to check the target\u27s response, which can result in information disclosure.This is a form of non-invasive and effective hardware attack. The required background, methodology and experimental setup required to implement high-speed clock glitching has been discussed in this thesis. The impact of different overclock frequencies used in clock fault injection is explored. The preliminary results have been discussed and we show that even high-speed micro-controller units should consider countermeasures against clock fault injection. Influencing the execution of Tiva C Launchpad and STM32F4 micro-controller units has been shown in this thesis. The thesis details the method used for the testing a

Enhancing Trust in Devices and Transactions of the Internet of Things

With the rise of the Internet of Things (IoT), billions of smart embedded devices will interact frequently.These interactions will produce billions of transactions.With IoT, users can utilize their phones, home appliances, wearables, or any other wireless embedded device to conduct transactions.For example, a smart car and a parking lot can utilize their sensors to negotiate the fees of a parking spot.The success of IoT applications highly depends on the ability of wireless embedded devices to cope with a large number of transactions.However, these devices face significant constraints in terms of memory, computation, and energy capacity.With our work, we target the challenges of accurately recording IoT transactions from resource-constrained devices. We identify three domain-problems: a) malicious software modification, b) non-repudiation of IoT transactions, and c) inability of IoT transactions to include sensors readings and actuators.The motivation comes from two key factors.First, with Internet connectivity, IoT devices are exposed to cyber-attacks.Internet connectivity makes it possible for malicious users to find ways to connect and modify the software of a device.Second, we need to store transactions from IoT devices that are owned or operated by different stakeholders.The thesis includes three papers. In the first paper, we perform an empirical evaluation of Secure Boot on embedded devices.In the second paper, we propose IoTLogBlock, an architecture to record off-line transactions of IoT devices.In the third paper, we propose TinyEVM, an architecture to execute off-chain smart contracts on IoT devices with an ability to include sensor readings and actuators as part of IoT transactions

Secure HfO2 based charge trap EEPROM with lifetime and data retention time modeling

Trusted computing is currently the most promising security strategy for cyber physical systems. Trusted computing platform relies on securely stored encryption keys in the on-board memory. However, research and actual cases have shown the vulnerability of the on-board memory to physical cryptographic attacks. This work proposed an embedded secure EEPROM architecture employing charge trap transistor to improve the security of storage means in the trusted computing platform. The charge trap transistor is CMOS compatible with high dielectric constant material as gate oxide which can trap carriers. The process compatibility allows the secure information containing memory to be embedded with the CPU. This eliminates the eavesdropping and optical observation. This effort presents the secure EEPROM cell, its high voltage programming control structure and an interface architecture for command and data communication between the EEPROM and CPU. The interface architecture is an ASIC based design that exclusively for the secure EEPROM. The on-board programming capability enables adjustment of programming voltages and accommodates EEPROM threshold variation due to PVT to optimize lifetime. In addition to the functional circuitry, this work presents the first model of lifetime and data retention time tradeoff for this new type of EEPROM. This model builds the bridge between desired data retention time and lifetime while producing the corresponding programming time and voltage