7 research outputs found
PUF+IBE: Blending Physically Unclonable Functions with Identity Based Encryption for Authentication and Key Exchange in IoTs
Physically Unclonable Functions (PUFs) promise to be a critical hardware primitive to provide unique identities to billions of
connected devices in Internet of Things (IoTs). In traditional authentication protocols a user presents a set of credentials with an
accompanying proof such as password or digital certificate. However, IoTs need more evolved methods as these classical techniques
suffer from the pressing problems of password dependency and inability to bind access requests to the “things” from which they
originate. Additionally, the protocols need to be lightweight and heterogeneous. Although PUFs seem promising to develop such
mechanism, it puts forward an open problem of how to develop such mechanism without needing to store the secret
challenge-response pair (CRP) explicitly at the verifier end. In this paper, we develop an authentication and key exchange protocol by
combining the ideas of Identity based Encryption (IBE), PUFs and Key-ed Hash Function to show that this combination can help to do
away with this requirement. The security of the protocol is proved formally under the Session Key Security and the Universal
Composability Framework. A prototype of the protocol has been implemented to realize a secured video surveillance camera using a
combination of an Intel Edison board, with a Digilent Nexys-4 FPGA board consisting of an Artix-7 FPGA, together serving as the IoT
node. We show, though the stand-alone video camera can be subjected to man-in-the-middle attack via IP-spoofing using standard
network penetration tools, the camera augmented with the proposed protocol resists such attacks and it suits aptly in an IoT
infrastructure making the protocol deployable for the industry
Detecting Impersonation Attacks in a Static WSN
The current state of security found in the IoT domain is highly flawed, a major problem being that the cryptographic keys used for authentication can be easily extracted and thus enable a myriad of impersonation attacks. In this MSc thesis a study is done of an authentication mechanism called device fingerprinting. It is a mechanism which can derive the identity of a device without relying on device identity credentials and thus detect credential-based impersonation attacks. A proof of concept has been produced to showcase how a fingerprinting system can be designed to function in a resource constrained IoT environment. A novel approach has been taken where several fingerprinting techniques have been combined through machine learning to improve the system’s ability to deduce the identity of a device. The proof of concept yields high performant results, indicating that fingerprinting techniques are a viable approach to achieve security in an IoT system
Subwavelength Engineering of Silicon Photonic Waveguides
The dissertation demonstrates subwavelength engineering of silicon photonic waveguides in the form of two different structures or avenues: (i) a novel ultra-low mode area v-groove waveguide to enhance light-matter interaction; and (ii) a nanoscale sidewall crystalline grating performed as physical unclonable function to achieve hardware and information security. With the advancement of modern technology and modern supply chain throughout the globe, silicon photonics is set to lead the global semiconductor foundries, thanks to its abundance in nature and a mature and well-established industry. Since, the silicon waveguide is the heart of silicon photonics, it can be considered as the core building block of modern integrated photonic systems. Subwavelength structuring of silicon waveguides shows immense promise in a variety of field of study, such as, tailoring electromagnetic near fields, enhancing light-matter interactions, engineering anisotropy and effective medium effects, modal and dispersion engineering, nanoscale sensitivity etc. In this work, we are going to exploit the boundary conditions of modern silicon photonics through subwavelength engineering by means of novel ultra-low mode area v-groove waveguide to answer long-lasting challenges, such as, fabrication of such sophisticated structure while ensuring efficient coupling of light between dissimilar modes. Moreover, physical unclonable function derived from our nanoscale sidewall crystalline gratings should give us a fast and reliable optical security solution with improved information density. This research should enable new avenues of subwavelength engineered silicon photonic waveguide and answer to many unsolved questions of silicon photonics foundries
Contributions on using embedded memory circuits as physically unclonable functions considering reliability issues
[eng] Moving towards Internet-of-Things (IoT) era, hardware security becomes a crucial
research topic, because of the growing demand of electronic products that are remotely
connected through networks. Novel hardware security primitives based on
manufacturing process variability are proposed to enhance the security of the IoT
systems. As a trusted root that provides physical randomness, a physically unclonable
function is an essential base for hardware security.
SRAM devices are becoming one of the most promising alternatives for the
implementation of embedded physical unclonable functions as the start-up value of
each bit-cell depends largely on the variability related with the manufacturing process.
Not all bit-cells experience the same degree of variability, so it is possible that some cells
randomly modify their logical starting value, while others will start-up always at the
same value. However, physically unclonable function applications, such as identification
and key generation, require more constant logical starting value to assure high reliability
in PUF response. For this reason, some kind of post-processing is needed to correct the
errors in the PUF response.
Unfortunately, those cells that have more constant logic output are difficult to be
detected in advance. This work characterizes by simulation the start-up value
reproducibility proposing several metrics suitable for reliability estimation during design
phases. The aim is to be able to predict by simulation the percentage of cells that will be
suitable to be used as PUF generators. We evaluate the metrics results and analyze the
start-up values reproducibility considering different external perturbation sources like several power supply ramp up times, previous internal values in the bit-cell, and
different temperature scenarios. The characterization metrics can be exploited to
estimate the number of suitable SRAM cells for use in PUF implementations that can be
expected from a specific SRAM design.[cat] En l’era de la Internet de les coses (IoT), garantir la seguretat del hardware ha
esdevingut un tema de recerca crucial, en especial a causa de la creixent demanda de
productes electrònics que es connecten remotament a través de xarxes. Per millorar la
seguretat dels sistemes IoT, s’han proposat noves solucions hardware basades en la
variabilitat dels processos de fabricació. Les funcions físicament inclonables (PUF)
constitueixen una font fiable d’aleatorietat física i són una base essencial per a la
seguretat hardware.
Les memòries SRAM s’estan convertint en una de les alternatives més prometedores per
a la implementació de funcions físicament inclonables encastades. Això és així ja que el
valor d’encesa de cada una de les cel·les que formen els bits de la memòria depèn en
gran mesura de la variabilitat pròpia del procés de fabricació. No tots els bits tenen el
mateix grau de variabilitat, així que algunes cel·les canvien el seu estat lògic d’encesa de
forma aleatòria entre enceses, mentre que d’altres sempre assoleixen el mateix valor
en totes les enceses. No obstant això, les funcions físicament inclonables, que s’utilitzen
per generar claus d’identificació, requereixen un valor lògic d’encesa constant per tal
d’assegurar una resposta fiable del PUF. Per aquest motiu, normalment es necessita
algun tipus de postprocessament per corregir els possibles errors presents en la resposta
del PUF. Malauradament, les cel·les que presenten una resposta més constant són
difícils de detectar a priori.
Aquest treball caracteritza per simulació la reproductibilitat del valor d’encesa de cel·les
SRAM, i proposa diverses mètriques per estimar la fiabilitat de les cel·les durant les fases de disseny de la memòria. L'objectiu és ser capaç de predir per simulació el percentatge
de cel·les que seran adequades per ser utilitzades com PUF. S’avaluen els resultats de
diverses mètriques i s’analitza la reproductibilitat dels valors d’encesa de les cel·les
considerant diverses fonts de pertorbacions externes, com diferents rampes de tensió
per a l’encesa, els valors interns emmagatzemats prèviament en les cel·les, i diferents
temperatures. Es proposa utilitzar aquestes mètriques per estimar el nombre de cel·les
SRAM adients per ser implementades com a PUF en un disseny d‘SRAM específic.[spa] En la era de la Internet de las cosas (IoT), garantizar la seguridad del hardware se ha
convertido en un tema de investigación crucial, en especial a causa de la creciente
demanda de productos electrónicos que se conectan remotamente a través de redes.
Para mejorar la seguridad de los sistemas IoT, se han propuesto nuevas soluciones
hardware basadas en la variabilidad de los procesos de fabricación. Las funciones
físicamente inclonables (PUF) constituyen una fuente fiable de aleatoriedad física y son
una base esencial para la seguridad hardware.
Las memorias SRAM se están convirtiendo en una de las alternativas más prometedoras
para la implementación de funciones físicamente inclonables empotradas. Esto es así,
puesto que el valor de encendido de cada una de las celdas que forman los bits de la
memoria depende en gran medida de la variabilidad propia del proceso de fabricación.
No todos los bits tienen el mismo grado de variabilidad. Así pues, algunas celdas cambian
su estado lógico de encendido de forma aleatoria entre encendidos, mientras que otras
siempre adquieren el mismo valor en todos los encendidos. Sin embargo, las funciones
físicamente inclonables, que se utilizan para generar claves de identificación, requieren
un valor lógico de encendido constante para asegurar una respuesta fiable del PUF. Por
este motivo, normalmente se necesita algún tipo de posprocesado para corregir los
posibles errores presentes en la respuesta del PUF. Desafortunadamente, las celdas que
presentan una respuesta más constante son difíciles de detectar a priori.
Este trabajo caracteriza por simulación la reproductibilidad del valor de encendido de
celdas SRAM, y propone varias métricas para estimar la fiabilidad de las celdas durante las fases de diseño de la memoria. El objetivo es ser capaz de predecir por simulación el
porcentaje de celdas que serán adecuadas para ser utilizadas como PUF. Se evalúan los
resultados de varias métricas y se analiza la reproductibilidad de los valores de
encendido de las celdas considerando varias fuentes de perturbaciones externas, como
diferentes rampas de tensión para el encendido, los valores internos almacenados
previamente en las celdas, y diferentes temperaturas. Se propone utilizar estas métricas
para estimar el número de celdas SRAM adecuadas para ser implementadas como PUF
en un diseño de SRAM específico
An ICMetric based multiparty communication framework
Cryptographic algorithms have always relied on stored keys for the provision of security services. Since these keys are stored on a system this makes them prone to attack. Efforts to increase the key size makes brute forcing difficult but does not eliminate key theft.
This thesis proposes a comprehensive security framework for groups of devices. The research makes four major contributions to improve the security of devices in the multiparty environment. The proposed framework uses the novel Integrated Circuit Metric (ICMetric) technology which proposes utilizing measurable properties and features of a device to create a device identification. This device identification called the ICMetric is used to create cryptographic keys which are then used in the designed cryptosystems.
The first contribution of the thesis is the creation of an ICMetric using sensors found in modern smart devices. The research explores both explicit and implicit features which can be used to generate of an ICMetric.
The second contribution of this research is the creation of a group ICMetric which is computed using the device ICMetric. The computation of the device ICMetric is a particular challenge as it has to be computed without violating the properties of the ICMetric technology.
The third contribution is the demonstration that an ICMetric can be used for the creation of symmetric key. The fourth contribution of this research is an efficient RSA based asymmetric key generation scheme for the multiparty environment.
Designing a system using widely accepted cryptographic primitives does not guarantee a secure system therefore the security of proposed schemes has been studied under the standard model. The schemes presented in this thesis attempt to improve the security of devices in the group environment. The schemes demonstrate that key theft deterrent technologies can be incorporated into cryptographic schemes to offer higher levels of security and privacy