6 research outputs found
Contributions on using embedded memory circuits as physically unclonable functions considering reliability issues
[eng] Moving towards Internet-of-Things (IoT) era, hardware security becomes a crucial
research topic, because of the growing demand of electronic products that are remotely
connected through networks. Novel hardware security primitives based on
manufacturing process variability are proposed to enhance the security of the IoT
systems. As a trusted root that provides physical randomness, a physically unclonable
function is an essential base for hardware security.
SRAM devices are becoming one of the most promising alternatives for the
implementation of embedded physical unclonable functions as the start-up value of
each bit-cell depends largely on the variability related with the manufacturing process.
Not all bit-cells experience the same degree of variability, so it is possible that some cells
randomly modify their logical starting value, while others will start-up always at the
same value. However, physically unclonable function applications, such as identification
and key generation, require more constant logical starting value to assure high reliability
in PUF response. For this reason, some kind of post-processing is needed to correct the
errors in the PUF response.
Unfortunately, those cells that have more constant logic output are difficult to be
detected in advance. This work characterizes by simulation the start-up value
reproducibility proposing several metrics suitable for reliability estimation during design
phases. The aim is to be able to predict by simulation the percentage of cells that will be
suitable to be used as PUF generators. We evaluate the metrics results and analyze the
start-up values reproducibility considering different external perturbation sources like several power supply ramp up times, previous internal values in the bit-cell, and
different temperature scenarios. The characterization metrics can be exploited to
estimate the number of suitable SRAM cells for use in PUF implementations that can be
expected from a specific SRAM design.[cat] En l’era de la Internet de les coses (IoT), garantir la seguretat del hardware ha
esdevingut un tema de recerca crucial, en especial a causa de la creixent demanda de
productes electrònics que es connecten remotament a través de xarxes. Per millorar la
seguretat dels sistemes IoT, s’han proposat noves solucions hardware basades en la
variabilitat dels processos de fabricació. Les funcions físicament inclonables (PUF)
constitueixen una font fiable d’aleatorietat física i són una base essencial per a la
seguretat hardware.
Les memòries SRAM s’estan convertint en una de les alternatives més prometedores per
a la implementació de funcions físicament inclonables encastades. Això és així ja que el
valor d’encesa de cada una de les cel·les que formen els bits de la memòria depèn en
gran mesura de la variabilitat pròpia del procés de fabricació. No tots els bits tenen el
mateix grau de variabilitat, així que algunes cel·les canvien el seu estat lògic d’encesa de
forma aleatòria entre enceses, mentre que d’altres sempre assoleixen el mateix valor
en totes les enceses. No obstant això, les funcions físicament inclonables, que s’utilitzen
per generar claus d’identificació, requereixen un valor lògic d’encesa constant per tal
d’assegurar una resposta fiable del PUF. Per aquest motiu, normalment es necessita
algun tipus de postprocessament per corregir els possibles errors presents en la resposta
del PUF. Malauradament, les cel·les que presenten una resposta més constant són
difícils de detectar a priori.
Aquest treball caracteritza per simulació la reproductibilitat del valor d’encesa de cel·les
SRAM, i proposa diverses mètriques per estimar la fiabilitat de les cel·les durant les fases de disseny de la memòria. L'objectiu és ser capaç de predir per simulació el percentatge
de cel·les que seran adequades per ser utilitzades com PUF. S’avaluen els resultats de
diverses mètriques i s’analitza la reproductibilitat dels valors d’encesa de les cel·les
considerant diverses fonts de pertorbacions externes, com diferents rampes de tensió
per a l’encesa, els valors interns emmagatzemats prèviament en les cel·les, i diferents
temperatures. Es proposa utilitzar aquestes mètriques per estimar el nombre de cel·les
SRAM adients per ser implementades com a PUF en un disseny d‘SRAM específic.[spa] En la era de la Internet de las cosas (IoT), garantizar la seguridad del hardware se ha
convertido en un tema de investigación crucial, en especial a causa de la creciente
demanda de productos electrónicos que se conectan remotamente a través de redes.
Para mejorar la seguridad de los sistemas IoT, se han propuesto nuevas soluciones
hardware basadas en la variabilidad de los procesos de fabricación. Las funciones
físicamente inclonables (PUF) constituyen una fuente fiable de aleatoriedad física y son
una base esencial para la seguridad hardware.
Las memorias SRAM se están convirtiendo en una de las alternativas más prometedoras
para la implementación de funciones físicamente inclonables empotradas. Esto es así,
puesto que el valor de encendido de cada una de las celdas que forman los bits de la
memoria depende en gran medida de la variabilidad propia del proceso de fabricación.
No todos los bits tienen el mismo grado de variabilidad. Así pues, algunas celdas cambian
su estado lógico de encendido de forma aleatoria entre encendidos, mientras que otras
siempre adquieren el mismo valor en todos los encendidos. Sin embargo, las funciones
físicamente inclonables, que se utilizan para generar claves de identificación, requieren
un valor lógico de encendido constante para asegurar una respuesta fiable del PUF. Por
este motivo, normalmente se necesita algún tipo de posprocesado para corregir los
posibles errores presentes en la respuesta del PUF. Desafortunadamente, las celdas que
presentan una respuesta más constante son difíciles de detectar a priori.
Este trabajo caracteriza por simulación la reproductibilidad del valor de encendido de
celdas SRAM, y propone varias métricas para estimar la fiabilidad de las celdas durante las fases de diseño de la memoria. El objetivo es ser capaz de predecir por simulación el
porcentaje de celdas que serán adecuadas para ser utilizadas como PUF. Se evalúan los
resultados de varias métricas y se analiza la reproductibilidad de los valores de
encendido de las celdas considerando varias fuentes de perturbaciones externas, como
diferentes rampas de tensión para el encendido, los valores internos almacenados
previamente en las celdas, y diferentes temperaturas. Se propone utilizar estas métricas
para estimar el número de celdas SRAM adecuadas para ser implementadas como PUF
en un diseño de SRAM específico
Practical Lightweight Security: Physical Unclonable Functions and the Internet of Things
In this work, we examine whether Physical Unclonable Functions (PUFs) can act as lightweight security mechanisms for practical applications in the context of the Internet of Things (IoT). In order to do so, we first discuss what PUFs are, and note that memory-based PUFs seem to fit the best to the framework of the IoT. Then, we consider a number of relevant memory-based PUF designs and their properties, and evaluate their ability to provide security in nominal and adverse conditions. Finally, we present and assess a number of practical PUF-based security protocols for IoT devices and networks, in order to confirm that memory-based PUFs can indeed constitute adequate security mechanisms for the IoT, in a practical and lightweight fashion.
More specifically, we first consider what may constitute a PUF, and we redefine PUFs as inanimate physical objects whose characteristics can be exploited in order to obtain a behaviour similar to a highly distinguishable (i.e., “(quite) unique”) mathematical function. We note that PUFs share many characteristics with biometrics, with the main difference being that PUFs are based on the characteristics of inanimate objects, while biometrics are based on the characteristics of humans and other living creatures. We also note that it cannot really be proven that PUFs are unique per instance, but they should be considered to be so, insofar as (human) biometrics are also considered to be unique per instance.
We, then, proceed to discuss the role of PUFs as security mechanisms for the IoT, and we determine that memory-based PUFs are particularly suited for this function. We observe that the IoT nowadays consists of heterogeneous devices connected over diverse networks, which include both high-end and resource-constrained devices. Therefore, it is essential that a security solution for the IoT is not only effective, but also highly scalable, flexible, lightweight, and cost-efficient, in order to be considered as practical. To this end, we note that PUFs have been proposed as security mechanisms for the IoT in the related work, but the practicality of the relevant security mechanisms has not been sufficiently studied.
We, therefore, examine a number of memory-based PUFs that are implemented using Commercial Off-The-Shelf (COTS) components, and assess their potential to serve as acceptable security mechanisms in the context of the IoT, not only in terms of effectiveness and cost, but also under both nominal and adverse conditions, such as ambient temperature and supply voltage variations, as well as in the presence of (ionising) radiation. In this way, we can determine whether memory-based PUFs are truly suitable to be used in the various application areas of the IoT, which may even involve particularly adverse environments, e.g., in IoT applications involving space modules and operations.
Finally, we also explore the potential of memory-based PUFs to serve as adequate security mechanisms for the IoT in practice, by presenting and analysing a number of cryptographic protocols based on these PUFs. In particular, we study how memory-based PUFs can be used for key generation, as well as device identification, and authentication, their role as security mechanisms for current and next-generation IoT devices and networks, and their potential for applications in the space segment of the IoT and in other adverse environments. Additionally, this work also discusses how memory-based PUFs can be utilised for the implementation of lightweight reconfigurable PUFs that allow for advanced security applications. In this way, we are able to confirm that memory-based PUFs can indeed provide flexible, scalable, and efficient security solutions for the IoT, in a practical, lightweight, and inexpensive manner
Theoretical and Practical Approaches for Hardness Amplification of PUFs
The era of PUFs has been characterized by the efforts put into research and the development of PUFs that are robust against attacks, in particular, machine learning (ML) attacks. In the lack of systematic and provable methods for this purpose, we have witnessed the ever-continuing competition between PUF designers/ manufacturers, cryptanalysts, and of course, adversaries that maliciously break the security of PUFs. This is despite a series of acknowledged principles developed in cryptography and complexity theory, under the umbrella term ``hardness amplification. The goal of studies on the hardness amplification is to build a strongly secure construction out of considerably weaker primitives. This paper aims at narrowing the gap between these studies and hardware security, specifically for applications in the domain of PUFs. To this end, we first review an example of practical efforts made to construct more secure PUFs, namely the concept of rolling PUFs. Based on what can be learned from this and central insights provided by the ML and complexity theory, we propose a new PUF-based scheme built around the idea of using a new function, namely, the Tribes function, which combines the outputs of a set of PUFs to generate the final response. Our theoretical findings are discussed in an exhaustive manner and supported by the results of experiments, conducted extensively on real-world PUFs
Physical layer security for IoT applications
The increasing demands for Internet of things (IoT) applications and the tremendous increase in the volume of IoT generated data bring novel challenges for the fifth generation (5G) network. Verticals such as e-Health, vehicle to everything (V2X) and unmanned aerial vehicles (UAVs) require solutions that can guarantee low latency, energy efficiency,massive connectivity, and high reliability. In particular, finding strong security mechanisms that satisfy the above is of central importance for bringing the IoT to life.
In this regards, employing physical layer security (PLS) methods could be greatly beneficial for IoT networks. While current security solutions rely on computational complexity, PLS is based on information theoretic proofs. By removing the need for computational power, PLS is ideally suited for resource constrained devices. In detail, PLS can ensure security using the inherit randomness already present in the physical channel. Promising schemes from the physical layer include physical unclonable functions (PUFs), which are seen as the hardware fingerprint of a device, and secret key generation (SKG) from wireless fading coefficients, which provide the wireless fingerprint of the communication channel between devices.
The present thesis develops several PLS-based techniques that pave the way for a new breed of latency-aware, lightweight, security protocols. In particular, the work proposes: i) a fast multi-factor authentication solution with verified security properties based on PUFs, proximity detection and SKG; ii) an authenticated encryption SKG approach that interweaves data transmission and key generation; and, iii) a set of countermeasures to man-in-the-middle and jamming attacks. Overall, PLS solutions show promising performance, especially in the context of IoT applications, therefore, the advances in this thesis should be considered for beyond-5G networks
Smart Wireless Sensor Networks
The recent development of communication and sensor technology results in the growth of a new attractive and challenging area - wireless sensor networks (WSNs). A wireless sensor network which consists of a large number of sensor nodes is deployed in environmental fields to serve various applications. Facilitated with the ability of wireless communication and intelligent computation, these nodes become smart sensors which do not only perceive ambient physical parameters but also be able to process information, cooperate with each other and self-organize into the network. These new features assist the sensor nodes as well as the network to operate more efficiently in terms of both data acquisition and energy consumption. Special purposes of the applications require design and operation of WSNs different from conventional networks such as the internet. The network design must take into account of the objectives of specific applications. The nature of deployed environment must be considered. The limited of sensor nodes� resources such as memory, computational ability, communication bandwidth and energy source are the challenges in network design. A smart wireless sensor network must be able to deal with these constraints as well as to guarantee the connectivity, coverage, reliability and security of network's operation for a maximized lifetime. This book discusses various aspects of designing such smart wireless sensor networks. Main topics includes: design methodologies, network protocols and algorithms, quality of service management, coverage optimization, time synchronization and security techniques for sensor networks