SecuCode: Intrinsic PUF Entangled Secure Wireless Code Dissemination for Computational RFID Devices

The simplicity of deployment and perpetual operation of energy harvesting devices provides a compelling proposition for a new class of edge devices for the Internet of Things. In particular, Computational Radio Frequency Identification (CRFID) devices are an emerging class of battery-free, computational, sensing enhanced devices that harvest all of their energy for operation. Despite wireless connectivity and powering, secure wireless firmware updates remains an open challenge for CRFID devices due to: intermittent powering, limited computational capabilities, and the absence of a supervisory operating system. We present, for the first time, a secure wireless code dissemination (SecuCode) mechanism for CRFIDs by entangling a device intrinsic hardware security primitive Static Random Access Memory Physical Unclonable Function (SRAM PUF) to a firmware update protocol. The design of SecuCode: i) overcomes the resource-constrained and intermittently powered nature of the CRFID devices; ii) is fully compatible with existing communication protocols employed by CRFID devices in particular, ISO-18000-6C protocol; and ii) is built upon a standard and industry compliant firmware compilation and update method realized by extending a recent framework for firmware updates provided by Texas Instruments. We build an end-to-end SecuCode implementation and conduct extensive experiments to demonstrate standards compliance, evaluate performance and security.Comment: Accepted to the IEEE Transactions on Dependable and Secure Computin

Roadmap on optical security

Postprint (author's final draft

Creation of public use files: lessons learned from the comparative effectiveness research public use files data pilot project

In this paper we describe lessons learned from the creation of Basic Stand Alone (BSA) Public Use Files (PUFs) for the Comparative Effectiveness Research Public Use Files Data Pilot Project (CER-PUF). CER-PUF is aimed at increasing access to the Centers for Medicare and Medicaid Services (CMS) Medicare claims datasets through PUFs that: do not require user fees and data use agreements, have been de-identified to assure the confidentiality of the beneficiaries and providers, and still provide substantial analytic utility to researchers. For this paper we define PUFs as datasets characterized by free and unrestricted access to any user. We derive lessons learned from five major project activities: (i) a review of the statistical and computer science literature on best practices in PUF creation, (ii) interviews with comparative effectiveness researchers to assess their data needs, (iii) case studies of PUF initiatives in the United States, (iv) interviews with stakeholders to identify the most salient issues regarding making microdata publicly available, and (v) the actual process of creating the Medicare claims data BSA PUFs

Implementação fotónica de funções fisicamente não clonáveis

This dissertation aimed to study and develop optical Physically Unclonable Functions, which are physical devices characterized by having random intrinsic variations, thus being eligible towards high security systems due to their unclonability, uniqueness and randomness. With the rapid expansion of technologies such as Internet of Things and the concerns around counterfeited goods, secure and resilient cryptographic systems are in high demand. Moreover the development of digital ecosystems, mobile applications towards transactions now require fast and reliable algorithms to generate secure cryptographic keys. The statistical nature of speckle-based imaging creates an opportunity for these cryptographic key generators to arise. In the scope of this work, three different tokens were implemented as physically unclonable devices: tracing paper, plastic optical fiber and an organic-inorganic hybrid. These objects were subjected to a visible light laser stimulus and produced a speckle pattern which was then used to retrieve the cryptographic key associated to each of the materials. The methodology deployed in this work features the use of a Discrete Cosine Transform to enable a low-cost and semi-compact 128-bit key encryption channel. Furthermore, the authentication protocol required the analysis of multiple responses from different samples, establishing an optimal decision threshold level that maximized the robustness and minimized the fallibility of the system. The attained 128-bit encryption system performed, across all the samples, bellow the error probability detection limit of 10-12, showing its potential as a cryptographic key generator.Nesta dissertação pretende-se estudar e desenvolver Funções Fisicamente Não Clonáveis, dispositivos caracterizados por terem variações aleatórias intrínsecas, sendo, portanto, elegíveis para sistemas de alta segurança devido à sua impossibilidade de clonagem, unicidade e aleatoriedade. Com a rápida expansão de tecnologias como a Internet das Coisas e as preocupações com produtos falsificados, os sistemas criptográficos seguros e resilientes são altamente requisitados. Além disso, o desenvolvimento de ecossistemas digitais e de aplicações móveis para transações comerciais requerem algoritmos rápidos e seguros de geração de chaves criptográficas. A natureza estatística das imagens baseadas no speckle cria uma oportunidade para o aparecimento desses geradores de chaves criptográficas. No contexto deste trabalho, três dispositivos diferentes foram implementados como funções fisicamente não clonáveis, nomeadamente, papel vegetal, fibra ótica de plástico e um híbrido orgânico-inorgânico. Estes objetos foram submetidos a um estímulo de luz coerente na região espectral visível e produziram um padrão de speckle o qual foi utilizado para recuperar a chave criptográfica associada a cada um dos materiais. A metodologia implementada neste trabalho incorpora a Transformada Discreta de Cosseno, o que possibilita a criação de um sistema criptográfico de 128 bits caracterizado por ser semi-compacto e de baixo custo. O protocolo de autenticação exigiu a análise de múltiplas respostas de diferentes Physically Unclonable Functions (PUFs), o que permitiu estabelecer um nível de limite de decisão ótimo de forma a maximizar a robustez e minimizar a probabilidade de erro por parte do sistema. O sistema de encriptação de 128 bits atingiu valores de probabilidade de erro abaixo do limite de deteção, 10-12, para todas as amostras, mostrando o seu potencial como gerador de chaves criptográficas.Mestrado em Engenharia Físic

Lightweight PUF-Based Gate Replacement Technique to Reduce Leakage of Information through Power Profile Analysis

The major challenge faced by electronic device designers is to defend the system from attackers and malicious modules called Hardware Trojans and to deliver a secured design. Although there are many cryptographic preventive measures in place adversaries find different ways to attack the device. Differential Power Analysis (DPA) attack is a type of Side Channel Attacks, used by an attacker to analyze the power leakage in the circuit, through which the functionality of the circuit is extracted. To overcome this, a lightweight approach is proposed in this paper using, Wave Dynamic Differential Logic (WDDL) technique, without incurring any additional resource cost and power. The primary objective of WDDL is to make the power consumption constant of an entire circuit by restricting the leakage power. The alternate strategy used by an adversary is to leak the information through reverse engineering. The proposed work avoids this by using a bit sequencer and a modified butterfly PUF based randomizing architecture. A modified version of butterfly PUF is also proposed in this paper, and from various qualitative tests performed it is evident that this PUF can prevent information leakage. This work is validated on ISCAS 85, ISCAS 89 benchmark circuits and the results obtained indicate that the difference in leakage power is found to be very marginal