Anti-counterfeiting, key distribution, and key storage in an ambient world via physical unclonable functions

Virtually all applications which provide or require a security service need a secret key. In an ambient world, where (potentially) sensitive information is continually being gathered about us, it is critical that those keys be both securely deployed and safeguarded from compromise. In this paper, we provide solutions for secure key deployment and storage of keys in sensor networks and radio frequency identification systems based on the use of Physical Unclonable Functions (PUFs). In addition, to providing an overview of different existing PUF realizations, we introduce a PUF realization aimed at ultra-low cost applications. We then show how the properties of Fuzzy Extractors or Helper Data algorithms can be used to securely deploy secret keys to a low cost wireless node. Our protocols are more efficient (round complexity) and allow for lower costs compared to previously proposed ones. We also provide an overview of PUF applications aimed at solving the counterfeiting of goods and devices.

[1]  Boris Skoric,et al.  ALGSICS - Combining Physics and Cryptography to Enhance Security and Privacy in RFID Systems , 2007, ESAS.

[2]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[3]  Daniel W. Engels,et al.  Standardization Requirements within the RFID Class Structure Framework , 2005 .

[4]  Christof Paar,et al.  Efficient Implementation of Elliptic Curve Cryptosystems on the TI MSP 430x33x Family of Microcontrollers , 2001, Public Key Cryptography.

[5]  Stephen A. Benton,et al.  Physical one-way functions , 2001 .

[6]  Shivakant Mishra,et al.  A Practical Study of Transitory Master Key Establishment ForWireless Sensor Networks , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[7]  Michael K. Reiter,et al.  Seeing-is-believing: using camera phones for human-verifiable authentication , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[8]  Adrian Perrig,et al.  Message-in-a-bottle: user-friendly and secure key deployment for sensor nodes , 2007, SenSys '07.

[9]  Daniel E. Holcomb,et al.  Initial SRAM State as a Fingerprint and Source of True Random Numbers for RFID Tags , 2007 .

[10]  Tom Kean,et al.  Cryptographic rights management of FPGA intellectual property cores , 2002, FPGA '02.

[11]  Aggelos Kiayias,et al.  Traceable Signatures , 2004, EUROCRYPT.

[12]  Boris Skoric,et al.  Read-Proof Hardware from Protective Coatings , 2006, CHES.

[13]  Blaise L. P. Gassend,et al.  Physical random functions , 2003 .

[14]  Matt Welsh,et al.  Deploying a wireless sensor network on an active volcano , 2006, IEEE Internet Computing.

[15]  Yvo Desmedt,et al.  Advances in Cryptology — CRYPTO ’94 , 2001, Lecture Notes in Computer Science.

[16]  Berk Sunar,et al.  Energy scalable universal hashing , 2005, IEEE Transactions on Computers.

[17]  Dawn Xiaodong Song,et al.  SIA: secure information aggregation in sensor networks , 2003, SenSys '03.

[18]  Matt Welsh,et al.  Sensor networks for emergency response: challenges and opportunities , 2004, IEEE Pervasive Computing.

[19]  Ronald Cramer,et al.  Advances in Cryptology - EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005, Proceedings , 2005, EUROCRYPT.

[20]  Gene Tsudik,et al.  Security and Privacy in Ad-hoc and Sensor Networks, Second European Workshop, ESAS 2005, Visegrad, Hungary, July 13-14, 2005, Revised Selected Papers , 2005, ESAS.

[21]  David E. Culler,et al.  SPINS: Security Protocols for Sensor Networks , 2001, MobiCom '01.

[22]  Bart Preneel,et al.  Software Performance of Universal Hash Functions , 1999, EUROCRYPT.

[23]  Joseph M. Kahn,et al.  Wireless Communications for Smart Dust , 1998 .

[24]  Srdjan Capkun,et al.  Key Agreement in Peer-to-Peer Wireless Networks , 2006, Proceedings of the IEEE.

[25]  M. Weiser The Computer for the Twenty-First Century , 1991 .

[26]  Dawn Xiaodong Song,et al.  Random key predistribution schemes for sensor networks , 2003, 2003 Symposium on Security and Privacy, 2003..

[27]  Srdjan Capkun,et al.  Implications of radio fingerprinting on the security of sensor networks , 2007, 2007 Third International Conference on Security and Privacy in Communications Networks and the Workshops - SecureComm 2007.

[28]  Jorge Guajardo,et al.  Brand and IP protection with physical unclonable functions , 2008, 2008 IEEE International Symposium on Circuits and Systems.

[29]  Rafail Ostrovsky,et al.  Secure Remote Authentication Using Biometric Data , 2005, EUROCRYPT.

[30]  G. DeJean,et al.  Making RFIDs unique - radio frequency certificates of authenticity , 2006, 2006 IEEE Antennas and Propagation Society International Symposium.

[31]  Stephen Foster,et al.  Are you with me , 2007 .

[32]  Mitsuru Matsui,et al.  Cryptographic Hardware and Embedded Systems - CHES 2006, 8th International Workshop, Yokohama, Japan, October 10-13, 2006, Proceedings , 2006, CHES.

[33]  Frank Stajano,et al.  The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks , 1999, Security Protocols Workshop.

[34]  Xavier Boyen,et al.  Reusable cryptographic fuzzy extractors , 2004, CCS '04.

[35]  Jorge Guajardo,et al.  FPGA Intrinsic PUFs and Their Use for IP Protection , 2007, CHES.

[36]  Ari Juels,et al.  RFID security and privacy: a research survey , 2006, IEEE Journal on Selected Areas in Communications.

[37]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[38]  Bernt Schiele,et al.  Smart-Its Friends: A Technique for Users to Easily Establish Connections between Smart Artefacts , 2001, UbiComp.

[39]  Csusb October 1st 2001 , 2001 .

[40]  Martin Wattenberg,et al.  A fuzzy commitment scheme , 1999, CCS '99.

[41]  Boris Skoric,et al.  RFID security : cryptography and physics perspectives , 2008 .

[42]  Blake Hannaford,et al.  "Are You with Me?" - Using Accelerometers to Determine If Two Devices Are Carried by the Same Person , 2004, Pervasive.

[43]  Mahalingam Ramkumar,et al.  An efficient key predistribution scheme for ad hoc network security , 2005, IEEE Journal on Selected Areas in Communications.

[44]  M. Dohler,et al.  IEEE Antennas and Propagation Society international symposium , 2003 .

[45]  Tughrul Arslan,et al.  IEEE International Symposium on Circuits and Systems (ISCAS 2008) , 2008 .

[46]  Neal Koblitz,et al.  Advances in Cryptology — CRYPTO ’96 , 2001, Lecture Notes in Computer Science.

[47]  Jean-Paul M. G. Linnartz,et al.  New Shielding Functions to Enhance Privacy and Prevent Misuse of Biometric Templates , 2003, AVBPA.

[48]  Mark Weiser The computer for the 21st century , 1991 .

[49]  Dhiraj K. Pradhan,et al.  A Routing-Aware ILS Design Technique , 2011, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[50]  Claude Castelluccia,et al.  TinyRNG: A Cryptographic Random Number Generator for Wireless Sensors Network Nodes , 2007, 2007 5th International Symposium on Modeling and Optimization in Mobile, Ad Hoc and Wireless Networks and Workshops.

[51]  Boris Skoric,et al.  Experimental Hardware for Coating PUFs and Optical PUFs , 2007 .

[52]  Christof Paar,et al.  E-Passport: The Global Traceability Or How to Feel Like a UPS Package , 2006, WISA.

[53]  Simson L. Garfinkel,et al.  RFID privacy: an overview of problems and proposed solutions , 2005, IEEE Security & Privacy Magazine.

[54]  Ian F. Akyildiz,et al.  Wireless sensor networks , 2007 .

[55]  Miodrag Potkonjak,et al.  Watermarking techniques for intellectual property protection , 1998, Proceedings 1998 Design and Automation Conference. 35th DAC. (Cat. No.98CH36175).

[56]  S. Roy,et al.  The impact of random doping effects on CMOS SRAM cell , 2004, Proceedings of the 30th European Solid-State Circuits Conference.

[57]  R. Pappu,et al.  Physical One-Way Functions , 2002, Science.

[58]  Daniel W. Engels,et al.  On the Future of RFID Tags and Protocols , 2003 .

[59]  Ying Su,et al.  A 1.6pJ/bit 96% Stable Chip-ID Generating Circuit using Process Variations , 2007, 2007 IEEE International Solid-State Circuits Conference. Digest of Technical Papers.

[60]  Yunghsiang Sam Han,et al.  A pairwise key pre-distribution scheme for wireless sensor networks , 2003, CCS '03.

[61]  E. Seevinck,et al.  Static-noise margin analysis of MOS SRAM cells , 1987 .

[62]  Boris Skoric,et al.  Robust Key Extraction from Physical Uncloneable Functions , 2005, ACNS.

[63]  Jacques Stern,et al.  Advances in Cryptology — EUROCRYPT ’99 , 1999, Lecture Notes in Computer Science.

[64]  Boris Skoric Security with Noisy Data - (Extended Abstract of Invited Talk) , 2010, Information Hiding.

[65]  Diana K. Smetters,et al.  Talking to Strangers: Authentication in Ad-Hoc Wireless Networks , 2002, NDSS.

[66]  Mukesh Singhal,et al.  Security in wireless sensor networks , 2008, Wirel. Commun. Mob. Comput..

[67]  S. Devadas,et al.  PUF-Based Random Number Generation , 2004 .

[68]  Frank Stajano,et al.  The Resurrecting Duckling - What Next? , 2000, Security Protocols Workshop.

[69]  Ross J. Anderson,et al.  Key infection: smart trust for smart dust , 2004, Proceedings of the 12th IEEE International Conference on Network Protocols, 2004. ICNP 2004..

[70]  Frédéric Thiesse,et al.  Extending the EPC network: the potential of RFID in anti-counterfeiting , 2005, SAC '05.

[71]  Patrick Schaumont,et al.  Offline Hardware/Software Authentication for Reconfigurable Platforms , 2006, CHES.

[72]  Mohamed I. Elmasry,et al.  Low-Power Digital VLSI Design: Circuits and Systems , 1995 .

[73]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[74]  G. Edward Suh,et al.  Extracting secret keys from integrated circuits , 2005, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[75]  Victor Shoup,et al.  On Fast and Provably Secure Message Authentication Based on Universal Hashing , 1996, CRYPTO.

[76]  Larry Carter,et al.  Universal Classes of Hash Functions , 1979, J. Comput. Syst. Sci..

[77]  G.-J. Schrijen,et al.  Physical Unclonable Functions and Public-Key Crypto for FPGA IP Protection , 2007, 2007 International Conference on Field Programmable Logic and Applications.

[78]  Matt Welsh,et al.  Sensor networks for medical care , 2005, SenSys '05.

[79]  Yan Zhang,et al.  RFID Security: Techniques, Protocols and System-On-Chip Design , 2008 .

[80]  Srinivas Devadas,et al.  Silicon physical random functions , 2002, CCS '02.

[81]  Matthew Green,et al.  Security Analysis of a Cryptographically-Enabled RFID Device , 2005, USENIX Security Symposium.

[82]  Adrian Perrig,et al.  Security and Privacy in Sensor Networks , 2003, Computer.

[83]  J. Meindl,et al.  The impact of intrinsic device fluctuations on CMOS SRAM cell stability , 2001, IEEE J. Solid State Circuits.

[84]  Hugo Krawczyk,et al.  LFSR-based Hashing and Authentication , 1994, CRYPTO.

[85]  Donggang Liu,et al.  Group-based key pre-distribution in wireless sensor networks , 2005, WiSe '05.

[86]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[87]  Douglas R. Stinson,et al.  Advances in Cryptology — CRYPTO’ 93 , 2001, Lecture Notes in Computer Science.

[88]  Miodrag Potkonjak,et al.  Security in sensor networks: watermarking techniques , 2004 .

[89]  Claude Castelluccia,et al.  Shake them up!: a movement-based pairing protocol for CPU-constrained devices , 2005, MobiSys '05.

[90]  Srinivas Devadas,et al.  Controlled physical random functions , 2002, 18th Annual Computer Security Applications Conference, 2002. Proceedings..

[91]  Ingrid Verbauwhede,et al.  Cryptographic Hardware and Embedded Systems - Ches 2007 , 2008 .

[92]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.