Identities for Embedded Systems Enabled by Physical Unclonable Functions

Embedded systems, such as automotive control units, industrial automation systems, RFID tags or mobile devices are dominated by integrated circuits implementing their functionality. Since these systems operate in increasingly networked or untrusted environments, their protection against attacks and malicious manipulations becomes a critical security issue. Physical Unclonable Functions (PUFs) represent an interesting solution to enable security on embedded systems, since they allow identification and authentication of CMOS devices without non-volatile memory. In this paper, we explain benefits and applications of PUFs and give an overview of popular implementations. Further, we show that PUFs face hardware as well as modeling attacks. Therefore, specific analyses and hardening has to be performed, in order to establish PUFs as a reliable security primitive for embedded systems.

[1]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[2]  Shwetak N. Patel,et al.  Experimental Security Analysis of a Modern Automobile , 2010, 2010 IEEE Symposium on Security and Privacy.

[3]  David Naccache,et al.  Cryptographic Hardware and Embedded Systems — CHES 2001 , 2001 .

[4]  Georg Sigl,et al.  Protecting PUF Error Correction by Codeword Masking , 2013, IACR Cryptol. ePrint Arch..

[5]  Mitsuru Matsui,et al.  Cryptographic Hardware and Embedded Systems - CHES 2006, 8th International Workshop, Yokohama, Japan, October 10-13, 2006, Proceedings , 2006, CHES.

[6]  Christophe Clavier,et al.  Cryptographic Hardware and Embedded Systems - CHES 2009, 11th International Workshop, Lausanne, Switzerland, September 6-9, 2009, Proceedings , 2009, CHES.

[7]  Matthias Hiller,et al.  Complementary IBS: Application specific error correction for PUFs , 2012, 2012 IEEE International Symposium on Hardware-Oriented Security and Trust.

[8]  Walter Fumy,et al.  A New Security Architecture for Smartcards Utilizing PUFs , 2012, ISSE.

[9]  Jorge Guajardo,et al.  FPGA Intrinsic PUFs and Their Use for IP Protection , 2007, CHES.

[10]  Georg Sigl,et al.  Side-Channel Analysis of PUFs and Fuzzy Extractors , 2011, TRUST.

[11]  Srinivas Devadas,et al.  Secure and robust error correction for physical unclonable functions , 2010, IEEE Design & Test of Computers.

[12]  M. Kuhn,et al.  The Advanced Computing Systems Association Design Principles for Tamper-resistant Smartcard Processors Design Principles for Tamper-resistant Smartcard Processors , 2022 .

[13]  Elisabeth Oswald,et al.  Cryptographic Hardware and Embedded Systems - CHES 2008, 10th International Workshop, Washington, D.C., USA, August 10-13, 2008. Proceedings , 2008, CHES.

[14]  Neal Koblitz,et al.  Advances in Cryptology — CRYPTO ’96 , 2001, Lecture Notes in Computer Science.

[15]  G. Edward Suh,et al.  Physical Unclonable Functions for Device Authentication and Secret Key Generation , 2007, 2007 44th ACM/IEEE Design Automation Conference.

[16]  Ingrid Verbauwhede,et al.  Low-Overhead Implementation of a Soft Decision Helper Data Algorithm for SRAM PUFs , 2009, CHES.

[17]  Hugo Krawczyk,et al.  LFSR-based Hashing and Authentication , 1994, CRYPTO.

[18]  Francis Olivier,et al.  Electromagnetic Analysis: Concrete Results , 2001, CHES.

[19]  Thomas Jensen,et al.  Smart Card Programming and Security , 2001, Lecture Notes in Computer Science.

[20]  Sergei Skorobogatov,et al.  Semi-invasive attacks: a new approach to hardware security analysis , 2005 .

[21]  Miodrag Potkonjak,et al.  Hardware-Based Public-Key Cryptography with Public Physically Unclonable Functions , 2009, Information Hiding.

[22]  Yvo Desmedt,et al.  Advances in Cryptology — CRYPTO ’94 , 2001, Lecture Notes in Computer Science.

[23]  Ulrich Rührmair,et al.  The Bistable Ring PUF: A new architecture for strong Physical Unclonable Functions , 2011, 2011 IEEE International Symposium on Hardware-Oriented Security and Trust.

[24]  Aggelos Kiayias,et al.  Traceable Signatures , 2004, EUROCRYPT.

[25]  Boris Skoric,et al.  Read-Proof Hardware from Protective Coatings , 2006, CHES.

[26]  Georg Sigl,et al.  Semi-invasive EM attack on FPGA RO PUFs and countermeasures , 2011 .

[27]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[28]  Benedikt Heinz,et al.  Localized electromagnetic analysis of RO PUFs , 2013, 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[29]  Yevgeniy Dodis,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, EUROCRYPT.

[30]  Srinivas Devadas,et al.  Modeling attacks on physical unclonable functions , 2010, CCS '10.

[31]  Ross J. Anderson Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .

[32]  Srinivas Devadas,et al.  Silicon physical random functions , 2002, CCS '02.

[33]  Ingrid Verbauwhede,et al.  Cryptographic Hardware and Embedded Systems - CHES 2007, 9th International Workshop, Vienna, Austria, September 10-13, 2007, Proceedings , 2007, CHES.

[34]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[35]  Ahmad-Reza Sadeghi,et al.  Efficient Helper Data Key Extractor on FPGAs , 2008, CHES.

[36]  Jean-Jacques Quisquater,et al.  ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards , 2001, E-smart.

[37]  Ulrich Rührmair,et al.  SIMPL Systems: On a Public Key Variant of Physical Unclonable Functions , 2009, IACR Cryptol. ePrint Arch..