Novel Cryptographic Authentication Mechanisms for Supply Chains and OpenStack

In this dissertation, first, we studied the Radio-Frequency Identification (RFID) tag authentication problem in supply chains. RFID tags have been widely used as a low-cost wireless method for detecting counterfeit product injection in supply chains. We open a new direction toward solving this problem by using the Non-Volatile Memory (NVM) of recent RFID tags. We propose a method based on this direction that significantly improves the availability of the system and costs less. In our method, we introduce the notion of Software Unclonability, which is a kind of one-time MAC for authenticating random inputs. Also, we introduce three lightweight constructions that are software unclonable. Second, we focus on OpenStack that is a prestigious open-source cloud platform. OpenStack takes advantage of some tokening mechanisms to establish trust between its modules and users. It turns out that when an adversary captures user tokens by exploiting a bug in a module, he gets extreme power on behalf of users. Here, we propose a novel tokening mechanism that ties commands to tokens and enables OpenStack to support short life tokens while it keeps the performance up

Functional mobile-based two-factor authentication by photonic physical unclonable functions

Given the rapid expansion of the Internet of Things and because of the concerns around counterfeited goods, secure and resilient cryptographic systems are in high demand. Due to the development of digital ecosystems, mobile applications for transactions require fast and reliable methods to generate secure cryptographic keys, such as Physical Unclonable Functions (PUFs). We demonstrate a compact and reliable photonic PUF device able to be applied in mobile-based authentication. A miniaturized, energy-efficient, and low-cost token was forged of flexible luminescent organic–inorganic hybrid materials doped with lanthanides, displaying unique challenge–response pairs (CRPs) for two-factor authentication. Under laser irradiation in the red spectral region, a speckle pattern is attained and accessed through conventional charge-coupled cameras, and under ultraviolet light-emitting diodes, it displays a luminescent pattern accessed through hyperspectral imaging and converted to a random intensity-based pattern, ensuring the two-factor authentication. This methodology features the use of a discrete cosine transform to enable a low-cost and semi-compact encryption system suited for speckle and luminescence-based CRPs. The PUF evaluation and the authentication protocol required the analysis of multiple CRPs from different tokens, establishing an optimal cryptographic key size (128 bits) and an optimal decision threshold level that minimizes the error probability.publishe

A Novel RFID Distance Bounding Protocol Based on Physically Unclonable Functions

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.Radio Frequency Identification (RFID) systems are vulnerable to relay attacks (i.e., mafia, terrorist and distance frauds) when they are used for authentication purposes. Distance bounding protocols are particularly designed as a countermeasure against these attacks. These protocols aim to ensure that the tags are in a distant area by measuring the round-trip delays during a rapid challenge-response exchange of short authenticated messages. Terrorist fraud is the most challenging attack to avoid, because a legitimate user (a tag owner) collaborates with an attacker to defeat the authentication system. Many RFID distance bounding protocols have been proposed recently, with encouraging results. However, none of them provides the ideal security against the terrorist fraud. Motivated by this need, we first introduce a strong adversary model for Physically Unclonable Functions (PUFs) based authentication protocol in which the adversary has access to volatile memory of the tag. We show that the security of Sadeghi et al.’s PUF based authentication protocol is not secure in this model. We provide a new technique to improve the security of their protocol. Namely, in our scheme, even if an adversary has access to volatile memory she cannot obtain all long term keys to clone the tag. Next, we propose a novel RFID distance bounding protocol based on PUFs which satisfies the expected security requirements. Comparing to the previous protocols, the use of PUFs in our protocol enhances the system in terms of security, privacy and tag computational overhead. We also prove that our extended protocol with a final signature provides the ideal security against all those frauds, remarkably the terrorist fraud. Besides that, our protocols enjoy the attractive properties of PUFs, which provide the most cost efficient and reliable means to fingerprint chips based on their physical properties

Using physical unclonable functions for internet-of-thing security cameras

This paper proposes a low-cost solution to develop IoT security cameras. Integrity and confidentiality of the image data are achieved by cryptographic modules that implement symmetric key-based techniques which are usually available in the hardware of the IoT cameras. The novelty of this proposal is that the secret key required is not stored but reconstructed from the start-up values of a SRAM in the camera hardware acting as a PUF (Physical Unclonable Function), so that the physical authenticity of the camera is also ensured. The start-up values of the SRAM are also exploited to change the IV (Initialization Vector) in the encryption algorithm. All the steps for enrollment and normal operation can be included in a simple firmware to be executed by the camera. There is no need to include specific hardware but only a SRAM is needed which could be powered down and up by firmware.Ministerio de Economía y Competitividad del Gobierno de España y fondos europeos FEDER-TEC2014-57971-RConsejo Superior de Investigaciones Científicas (CSIC)-HW-SEEDS 201750E010V Plan Propio de Investigación de la Universidad de Sevill

Reflective-Physically Unclonable Function based System for Anti-Counterfeiting

Physically unclonable functions (PUF) are physical security mechanisms, which utilize inherent randomness in processes used to instantiate physical objects. In this dissertation, an extensive overview of the state of the art in implementations, accompanying definitions and their analysis is provided. The concept of the reflective-PUF is presented as a product security solution. The viability of the concept, its evaluation and the requirements of such a system is explored

Improving the longevity of optically-read quantum dot physical unclonable functions

Quantum dot physically unclonable functions (QD-PUFs) provide a promising solution to the issue of counterfeiting. When quantum dots are deposited on a surface to create a token, they form a unique pattern that is unlikely to ever be reproduced in another token that is manufactured using the same process. It would also be an extreme engineering challenge to deterministically place quantum dots to create a forgery of a specific device. The degradation of the optical response of quantum dots over time, however, places a limitation on their practical usefulness. Here we report methods to minimise the degradation of photoluminescence (PL) from InP/ZnS quantum dots suspended in a polymer and demonstrates reliable authentication using a fingerprinting technique to extract a signature from PL, even after significant degradation has occurred. Using these techniques, it was found that the addition of a polylauryl methacrylate (PLMA) copolymer improved the longevity of devices. The best performing example of this was the Polystyrene-PLMA based material. From this, it is projected that 1,000 bits of information could be extracted and read after a period of years, therefore providing a compelling solution to the issue of counterfeiting

A Survey on Lightweight Entity Authentication with Strong PUFs

Physically unclonable functions (PUFs) exploit the unavoidable manufacturing variations of an integrated circuit (IC). Their input-output behavior serves as a unique IC \u27fingerprint\u27. Therefore, they have been envisioned as an IC authentication mechanism, in particular the subclass of so-called strong PUFs. The protocol proposals are typically accompanied with two PUF promises: lightweight and an increased resistance against physical attacks. In this work, we review nineteen proposals in chronological order: from the original strong PUF proposal (2001) to the more complicated noise bifurcation and system of PUFs proposals (2014). The assessment is aided by a unied notation and a transparent framework of PUF protocol requirements

Emerging physical unclonable functions with nanotechnology

Physical unclonable functions (PUFs) are increasingly used for authentication and identification applications as well as the cryptographic key generation. An important feature of a PUF is the reliance on minute random variations in the fabricated hardware to derive a trusted random key. Currently, most PUF designs focus on exploiting process variations intrinsic to the CMOS technology. In recent years, progress in emerging nanoelectronic devices has demonstrated an increase in variation as a consequence of scaling down to the nanoregion. To date, emerging PUFs with nanotechnology have not been fully established, but they are expected to emerge. Initial research in this area aims to provide security primitives for emerging integrated circuits with nanotechnology. In this paper, we review emerging nanotechnology-based PUFs