A PUF-and biometric-based lightweight hardware solution to increase security at sensor nodes

Security is essential in sensor nodes which acquire and transmit sensitive data. However, the constraints of processing, memory and power consumption are very high in these nodes. Cryptographic algorithms based on symmetric key are very suitable for them. The drawback is that secure storage of secret keys is required. In this work, a low-cost solution is presented to obfuscate secret keys with Physically Unclonable Functions (PUFs), which exploit the hardware identity of the node. In addition, a lightweight fingerprint recognition solution is proposed, which can be implemented in low-cost sensor nodes. Since biometric data of individuals are sensitive, they are also obfuscated with PUFs. Both solutions allow authenticating the origin of the sensed data with a proposed dual-factor authentication protocol. One factor is the unique physical identity of the trusted sensor node that measures them. The other factor is the physical presence of the legitimate individual in charge of authorizing their transmission. Experimental results are included to prove how the proposed PUF-based solution can be implemented with the SRAMs of commercial Bluetooth Low Energy (BLE) chips which belong to the communication module of the sensor node. Implementation results show how the proposed fingerprint recognition based on the novel texture-based feature named QFingerMap16 (QFM) can be implemented fully inside a low-cost sensor node. Robustness, security and privacy issues at the proposed sensor nodes are discussed and analyzed with experimental results from PUFs and fingerprints taken from public and standard databases.Ministerio de Economía, Industria y Competitividad TEC2014-57971-R, TEC2017-83557-

Trusted Cameras on Mobile Devices Based on SRAM Physically Unclonable Functions

Nowadays, there is an increasing number of cameras placed on mobile devices connected to the Internet. Since these cameras acquire and process sensitive and vulnerable data in applications such as surveillance or monitoring, security is essential to avoid cyberattacks. However, cameras on mobile devices have constraints in size, computation and power consumption, so that lightweight security techniques should be considered. Camera identification techniques guarantee the origin of the data. Among the camera identification techniques, Physically Unclonable Functions (PUFs) allow generating unique, distinctive and unpredictable identifiers from the hardware of a device. PUFs are also very suitable to obfuscate secret keys (by binding them to the hardware of the device) and generate random sequences (employed as nonces). In this work, we propose a trusted camera based on PUFs and standard cryptographic algorithms. In addition, a protocol is proposed to protect the communication with the trusted camera, which satisfies authentication, confidentiality, integrity and freshness in the data communication. This is particularly interesting to carry out camera control actions and firmware updates. PUFs from Static Random Access Memories (SRAMs) are selected because cameras typically include SRAMs in its hardware. Therefore, additional hardware is not required and security techniques can be implemented at low cost. Experimental results are shown to prove how the proposed solution can be implemented with the SRAM of commercial Bluetooth Low Energy (BLE) chips included in the communication module of the camera. A proof of concept shows that the proposed solution can be implemented in low-cost cameras.España, Ministerio de Ciencia e Innovación TEC2014-57971-R TEC2017-83557-

Self-Stimulated Capillary Jet

Inspired by Savart’s pioneering work, we study the self-stimulated dynamics of a capillary jet. The feedback loop is realized by extracting surface perturbations from a section of the jet itself via a laserphotodiode pair, whose amplified signal drives an electromechanical actuator that, in turn, produces pressure perturbations at the exit chamber. Under specific conditions, this loop establishes phase-locked stimulation regimes that overcome the otherwise random natural breakup. For each laser position along the jet, the gain of the amplifier acts as a selector across a discrete set of observable frequencies. The main observed features are explained by a linear theory that combines the transfer function of each stage in the loop. Our findings are relevant to continuous inkjet technologies for the production of equally sized droplets.Spanish Research Agency Ministerio de Ciencia e Innovación and ERDF Project PGC2018-099217-B-I0

Using physical unclonable functions for internet-of-thing security cameras

This paper proposes a low-cost solution to develop IoT security cameras. Integrity and confidentiality of the image data are achieved by cryptographic modules that implement symmetric key-based techniques which are usually available in the hardware of the IoT cameras. The novelty of this proposal is that the secret key required is not stored but reconstructed from the start-up values of a SRAM in the camera hardware acting as a PUF (Physical Unclonable Function), so that the physical authenticity of the camera is also ensured. The start-up values of the SRAM are also exploited to change the IV (Initialization Vector) in the encryption algorithm. All the steps for enrollment and normal operation can be included in a simple firmware to be executed by the camera. There is no need to include specific hardware but only a SRAM is needed which could be powered down and up by firmware.Ministerio de Economía y Competitividad del Gobierno de España y fondos europeos FEDER-TEC2014-57971-RConsejo Superior de Investigaciones Científicas (CSIC)-HW-SEEDS 201750E010V Plan Propio de Investigación de la Universidad de Sevill

Transformando enseñanzas presenciales en semipresenciales: un ejemplo, la especialidad de Formación y Orientación Laboral en el Máster en Formación del Profesorado. Protocolo de actuación, evaluación y nuevos diseños para la docencia universitaria

Fac. de Ciencias Políticas y SociologíaFALSEsubmitte

Non-Fungible Tokens Based on ERC-4519 for the Rental of Smart Homes

The rental of houses is a common economic activity. However, there are many inconveniences that arise when renting a property. The lack of trust between the landlord and the tenant due to fraud or squatters makes it necessary to involve third parties to minimize risk. A blockchain (such as Ethereum) provides an ideal solution to act as a low-cost intermediary. This paper proposes the use of non-fungible tokens (NFTs) based on ERC-4519 for smart home tokenization. The ERC-4519 is an Ethereum standard for describing NFTs tied to physical assets, allowing smart homes (assets) to be linked to NFTs so that the smart homes can interact with the blockchain and perform transactions, know their landlord (owner) and assigned tenant (user), whether they are authenticated or not, and know their operating mode (NFT state). The payments associated with the rental process are made using the NFT, eliminating the need for additional fungible tokens and simplifying the process. The entire rental process is described and illustrated with a proof of concept using a Pycom Wipy 3.0 as a smart home gateway and a smart contract programmed in Solidity, which is deployed on the Goerli Testnet for Ethereum. Experimental results show that the smart home gateway takes a few tens of milliseconds to complete a transaction, and the transaction costs of the relevant functions of the smart contract are quite affordable

Secure Combination of IoT and Blockchain by Physically Binding IoT Devices to Smart Non-Fungible Tokens Using PUFs

Non-fungible tokens (NFTs) are widely used in blockchain to represent unique and non-interchangeable assets. Current NFTs allow representing assets by a unique identifier, as a possession of an owner. The novelty introduced in this paper is the proposal of smart NFTs to represent IoT devices, which are physical smart assets. Hence, they are also identified as the utility of a user, they have a blockchain account (BCA) address to participate actively in the blockchain transactions, they can establish secure communication channels with owners and users, and they operate dynamically with several modes associated with their token states. A smart NFT is physically bound to its IoT device thanks to the use of a physical unclonable function (PUF) that allows recovering its private key and, then, its BCA address. The link between tokens and devices is difficult to break and can be traced during their lifetime, because devices execute a secure boot and carry out mutual authentication processes with new owners and users that could add new software. Hence, devices prove their trusted hardware and software. A whole demonstration of the proposal developed with ESP32-based IoT devices and Ethereum blockchain is presented, using the SRAM of the ESP32 microcontroller as the PUFPeer reviewe

Use Case Examples of Ethereum Non-Fungible Tokens Tied to Assets Using ERC-4519

Ethereum is a dynamic blockchain that grows every day thanks to a community that creates and decides on various of its issues. The community participates through Ethereum Improvement Proposals (EIPs) at many levels, from proposals that describe new standards for the creation of new tokens to proposals that define new ways for the Ethereum main network to generate new blocks. This paper describes how an Ethereum Request for Comments (ERC)-type EIP, the ERC4519, was proposed last year to standardize the way to define non-fungible tokens (NFTs) representing assets that can generate their own Ethereum addresses and obey users and owners. Advantages provided by ERC-4519 in several use cases are illustrated. The examples show the facilities and the security improvements introduced in the management of both physical and digital assets by their owners and users. Particularly, use cases with physical assets such as IoT devices are illustrated

Non-Fungible Tokens Based on ERC-4519 for the Rental of Smart Homes

The rental of houses is a common economic activity. However, there are many inconveniences that arise when renting a property. The lack of trust between the landlord and the tenant due to fraud or squatters makes it necessary to involve third parties to minimize risk. A blockchain (such as Ethereum) provides an ideal solution to act as a low-cost intermediary. This paper proposes the use of non-fungible tokens (NFTs) based on ERC-4519 for smart home tokenization. The ERC-4519 is an Ethereum standard for describing NFTs tied to physical assets, allowing smart homes (assets) to be linked to NFTs so that the smart homes can interact with the blockchain and perform transactions, know their landlord (owner) and assigned tenant (user), whether they are authenticated or not, and know their operating mode (NFT state). The payments associated with the rental process are made using the NFT, eliminating the need for additional fungible tokens and simplifying the process. The entire rental process is described and illustrated with a proof of concept using a Pycom Wipy 3.0 as a smart home gateway and a smart contract programmed in Solidity, which is deployed on the Goerli Testnet for Ethereum. Experimental results show that the smart home gateway takes a few tens of milliseconds to complete a transaction, and the transaction costs of the relevant functions of the smart contract are quite affordable.Ministerio de Ciencia e Innovación PDC2021-121589-I00, PID2020-119397RB-I0

Trusted Cameras on Mobile Devices Based on SRAM Physically Unclonable Functions

Nowadays, there is an increasing number of cameras placed on mobile devices connected to the Internet. Since these cameras acquire and process sensitive and vulnerable data in applications such as surveillance or monitoring, security is essential to avoid cyberattacks. However, cameras on mobile devices have constraints in size, computation and power consumption, so that lightweight security techniques should be considered. Camera identification techniques guarantee the origin of the data. Among the camera identification techniques, Physically Unclonable Functions (PUFs) allow generating unique, distinctive and unpredictable identifiers from the hardware of a device. PUFs are also very suitable to obfuscate secret keys (by binding them to the hardware of the device) and generate random sequences (employed as nonces). In this work, we propose a trusted camera based on PUFs and standard cryptographic algorithms. In addition, a protocol is proposed to protect the communication with the trusted camera, which satisfies authentication, confidentiality, integrity and freshness in the data communication. This is particularly interesting to carry out camera control actions and firmware updates. PUFs from Static Random Access Memories (SRAMs) are selected because cameras typically include SRAMs in its hardware. Therefore, additional hardware is not required and security techniques can be implemented at low cost. Experimental results are shown to prove how the proposed solution can be implemented with the SRAM of commercial Bluetooth Low Energy (BLE) chips included in the communication module of the camera. A proof of concept shows that the proposed solution can be implemented in low-cost cameras.This work was supported in part by TEC2014-57971-R and TEC2017-83557-R projects from Ministerio de Ciencia, Innovación y Universidades of the Spanish Government (with support from the PO FEDER-FSE) and 201750E010 (HW-SEEDS) project from CSIC. The work of Rosario Arjona was supported by a Post-Doc Fellowship from the Spanish National Cybersecurity Institute (INCIBE). The work of Miguel A. Prada-Delgado was supported by V Plan Propio de Investigación through the University of Seville.Peer reviewe