250 research outputs found

    Lower bounds on the probability of deception in authentication with arbitration

    Get PDF
    The paper investigates a model for authentication in which not only an outsider, but also the transmitter or the receiver, may cheat. Lower bounds on the probability of success for different types of deception as well as on the parameters of secure authentication codes are derived. The latter bounds are shown to be tight by demonstrating codes in projective space that meet the bounds with equality

    Design and Evaluation of FPGA-based Hybrid Physically Unclonable Functions

    Get PDF
    A Physically Unclonable Function (PUF) is a new and promising approach to provide security for physical systems and to address the problems associated with traditional approaches. One of the most important performance metrics of a PUF is the randomness of its generated response, which is presented via uniqueness, uniformity, and bit-aliasing. In this study, we implement three known PUF schemes on an FPGA platform, namely SR Latch PUF, Basic RO PUF, and Anderson PUF. We then perform a thorough statistical analysis on their performance. In addition, we propose the idea of the Hybrid PUF structure in which two (or more) sources of randomness are combined in a way to improve randomness. We investigate two methods in combining the sources of randomness and we show that the second one improves the randomness of the response, significantly. For example, in the case of combining the Basic RO PUF and the Anderson PUF, the Hybrid PUF uniqueness is increased nearly 8%, without any pre-processing or post-processing tasks required. Two main categories of applications for PUFs have been introduced and analyzed: authentication and secret key generation. In this study, we introduce another important application for PUFs. In fact, we develop a secret sharing scheme using a PUF to increase the information rate and provide cheater detection capability for the system. We show that, using the proposed method, the information rate of the secret sharing scheme will improve significantly

    Physical Unclonable Function Reliability on Reconfigurable Hardware and Reliability Degradation with Temperature and Supply Voltage Variations

    Get PDF
    A hardware security solution using a Physical Unclonable Function (PUF) is a promising approach to ensure security for physical systems. PUF utilizes the inherent instance-specific parameters of physical objects and it is evaluated based on the performance parameters such as uniqueness, reliability, randomness, and tamper evidence of the Challenge and Response Pairs (CRPs). These performance parameters are affected by operating conditions such as temperature and supply voltage variations. In addition, PUF implementation on Field Programmable Gate Array (FPGA) platform is proven to be more complicated than PUF implementation on Application-Specific Integrated Circuit (ASIC) technologies. The automatic placement and routing of logic cells in FPGA can affect the performance of PUFs due to path delay imbalance. In this work, the impact of power supply and temperature variations, on the reliability of an arbiter PUF is studied. Simulation results are conducted to determine the effects of these varying conditions on the CRPs. Simulation results show that ± 10% of power supply variation can affect the reliability of an arbiter PUF by about 51%, similarly temperature fluctuation between -40 0C and +60 0C reduces the PUF reliability by 58%. In addition, a new methodology to implement a reliable arbiter PUF on an FPGA platform is presented. Instead of using an extra delay measurement module, the Chip Planner tool for FPGA is used for manually placement to minimize the path delay misalignment to less than 8 ps

    Implementação de uma arquitetura para execução segura de código utilizando PUFs

    Get PDF
    Orientador: Guido Costa Souza de AraújoDissertação (mestrado) - Universidade Estadual de Campinas, Instituto de ComputaçãoResumo: As técnicas padrões de design para proteger a execução de código são baseadas em mecanismos criptográficos bem conhecidos e em recursos de (micro) arquitetura para codificar transações de barramento ou isolar o código seguro em plataformas confiáveis, entre outras. Embora essas técnicas geralmente forneçam níveis adequados de segurança, a maioria delas é ineficiente, consideravelmente impacta o projeto da (micro) arquitetura, requer mudanças extensas na cadeia de ferramentas de programação ou é tão complicada que pode criar brechas de segurança inesperadas. Com o objetivo de resolver esses problemas de segurança na execução de códigos, a Segurança de Computadores por Autenticação Intrínseca ao Hardware (CSHIA) foi proposta para autenticar todos os blocos de uma memória externa usando uma chave exclusiva extraída de Funções Físicas não Clonáveis (PUFs). Com base na implementação em FPGA do processador Leon3 da Gaisler, este trabalho apresenta uma prova de conceito do CSHIA, apresentando os detalhes e uma descrição detalhada da implementação do hardware, os compromissos do design e a integração entre a arquitetura e um processador real. Mostramos os recursos do FPGA, uma avaliação de desempenho com benchmarks padrão da indústria e estimativas de energia e área. A versão final do CSHIA forneceu um design robusto e melhoria de segurança para o processador selecionado, à custa de 2,76% a 5,77% de sobrecarga de desempenho, dependendo da solução adotada com um aumento da área lógica de 34% para a configuração selecionada. A implementação final do CSHIA tornou-se uma plataforma altamente configurável que oferece várias opções de design e recursos de segurança a um usuário final, onde este trabalho contribuiu para fornecer um chassi que pode ser usado por qualquer sistema AMBA2Abstract: Standard design techniques to secure code execution are based on well-known cryptographic mechanisms and (micro) architecture features to encode bus transactions, or isolate secure code into trusted platforms, among others. Although such techniques usually provide proper levels of security, most of them are either inefficient, considerably impact processor (micro) architecture design, require extensive changes in the programming tool-chain, or are so complicated that may create unexpected security loopholes. Aiming to address this security issues in code execution the Computer Security by Hardware-Intrinsic Authentication (CSHIA) was proposed to provide authenticity by authenticating all memory blocks of an external memory using a unique key extracted from Physical Unclonable Functions (PUFs). Based on Gaisler's Leon3 FPGA implementation, this work presents a proof-of-concept of CSHIA, presenting the details and an in-depth description of the hardware implementation, the design tradeoffs, and the integration between the architecture and a real processor. We show the FPGA resources, a performance evaluation with industry standard benchmarks and power and area estimations. The final CSHIA version provided a robust design and security improvement to the selected processor at the expense of 2.76% to 5.77% of performance overhead depending on the solution adopted with logic area overhead of 34% for the selected configuration. The final CSHIA implementation became a highly configurable platform that offers several design choices and security features to an end user, where this work contributed to provide a chassis that can be used by any AMBA2 systemMestradoCiência da ComputaçãoMestre em Ciência da Computaçã

    #NotIntendedToBeAFactualStatement: On Truth and Lies in an Affective Sense

    Get PDF

    Nano-intrinsic security primitives for internet of everything

    Get PDF
    With the advent of Internet-enabled electronic devices and mobile computer systems, maintaining data security is one of the most important challenges in modern civilization. The innovation of physically unclonable functions (PUFs) shows great potential for enabling low-cost low-power authentication, anti-counterfeiting and beyond on the semiconductor chips. This is because secrets in a PUF are hidden in the randomness of the physical properties of desirably identical devices, making it extremely difficult, if not impossible, to extract them. Hence, the basic idea of PUF is to take advantage of inevitable non-idealities in the physical domain to create a system that can provide an innovative way to secure device identities, sensitive information, and their communications. While the physical variation exists everywhere, various materials, systems, and technologies have been considered as the source of unpredictable physical device variation in large scales for generating security primitives. The purpose of this project is to develop emerging solid-state memory-based security primitives and examine their robustness as well as feasibility. Firstly, the author gives an extensive overview of PUFs. The rationality, classification, and application of PUF are discussed. To objectively compare the quality of PUFs, the author formulates important PUF properties and evaluation metrics. By reviewing previously proposed constructions ranging from conventional standard complementary metal-oxide-semiconductor (CMOS) components to emerging non-volatile memories, the quality of different PUFs classes are discussed and summarized. Through a comparative analysis, emerging non-volatile redox-based resistor memories (ReRAMs) have shown the potential as promising candidates for the next generation of low-cost, low-power, compact in size, and secure PUF. Next, the author presents novel approaches to build a PUF by utilizing concatenated two layers of ReRAM crossbar arrays. Upon concatenate two layers, the nonlinear structure is introduced, and this results in the improved uniformity and the avalanche characteristic of the proposed PUF. A group of cell readout method is employed, and it supports a massive pool of challenge-response pairs of the nonlinear ReRAM-based PUF. The non-linear PUF construction is experimentally assessed using the evaluation metrics, and the quality of randomness is verified using predictive analysis. Last but not least, random telegraph noise (RTN) is studied as a source of entropy for a true random number generation (TRNG). RTN is usually considered a disadvantageous feature in the conventional CMOS designs. However, in combination with appropriate readout scheme, RTN in ReRAM can be used as a novel technique to generate quality random numbers. The proposed differential readout-based design can maintain the quality of output by reducing the effect of the undesired noise from the whole system, while the controlling difficulty of the conventional readout method can be significantly reduced. This is advantageous as the differential readout circuit can embrace the resistance variation features of ReRAMs without extensive pre-calibration. The study in this thesis has the potential to enable the development of cost-efficient and lightweight security primitives that can be integrated into modern computer mobile systems and devices for providing a high level of security
    corecore