A Smart Hardware Security Engine Combining Entropy Sources of ECG, HRV, and SRAM PUF for Authentication and Secret Key Generation

Securing personal data in wearable devices is becoming a crucial necessity as wearable devices are being deployed ubiquitously, which inadvertently exposes them to more sophisticated adversarial attacks. Although authentication systems using a single-entropy source, such as fingerprint or iris, are being used widely, successful spoofing attacks have been made, which show such systems’ vulnerability. To mitigate these issues, new biometric modalities [e.g., electrocardiogram (ECG) and photoplethysmogram (PPG)], as well as multifactor authentication/security engine designs, are being investigated. In this work, we present a new smart hardware security engine that combines three different sources of entropy, ECG, heart rate variability (HRV), and SRAM-based physical unclonable function (PUF) to perform real-time authentication and generate unique/random signatures. Such hybrid signatures vary person-to-person, device-to-device, and over time, which significantly reduces the scope of an attack and enables secure personal device authentication as well as secret random key generation. The prototype chip fabricated in 65-nm LP CMOS consumes $4.04~\mu \text{W}$ at 0.6 V for real-time authentication. Compared with ECG-only authentication, the average equal error rate of multi-source authentication is reduced by $7\times $ down to 0.2375% for a 741-subject in-house ECG database. The generalization capability of the hardware was also tested by evaluating equal error rate (EER) values using other ECG databases available online. Also, 256-bit keys generated by optimally combining ECG, HRV, and PUF values fully pass nine NIST randomness tests.

[1]  Jordi Luque,et al.  END-to-END Photopleth YsmographY (PPG) Based Biometric Authentication by Using Convolutional Neural Networks , 2018, 2018 26th European Signal Processing Conference (EUSIPCO).

[2]  Matthew C. Valenti,et al.  Multibiometric secure system based on deep learning , 2017, 2017 IEEE Global Conference on Signal and Information Processing (GlobalSIP).

[3]  Hyunggon Park,et al.  ECG Authentication System Design Based on Signal Analysis in Mobile and Wearable Devices , 2016, IEEE Signal Processing Letters.

[4]  Majid Komeili,et al.  Liveness Detection and Automatic Template Updating Using Fusion of ECG and Fingerprint , 2018, IEEE Transactions on Information Forensics and Security.

[5]  Himanshu Kaul,et al.  16.2 A 0.19pJ/b PVT-variation-tolerant hybrid physically unclonable function circuit for 100% stable secure key generation in 22nm CMOS , 2014, 2014 IEEE International Solid-State Circuits Conference Digest of Technical Papers (ISSCC).

[6]  Omer Paneth,et al.  Reusable Fuzzy Extractors for Low-Entropy Distributions , 2016, Journal of Cryptology.

[7]  Xiaohong Zhang,et al.  ECG authentication system design incorporating a convolutional neural network and generalized S-Transformation , 2018, Comput. Biol. Medicine.

[8]  R G Mark,et al.  Improved detection and classification of arrhythmias in noise-corrupted electrocardiograms using contextual information , 1990, [1990] Proceedings Computers in Cardiology.

[9]  Keshab K. Parhi,et al.  A data remanence based approach to generate 100% stable keys from an SRAM physical unclonable function , 2017, 2017 IEEE/ACM International Symposium on Low Power Electronics and Design (ISLPED).

[10]  Julian Togelius,et al.  DeepMasterPrints: Generating MasterPrints for Dictionary Attacks via Latent Variable Evolution* , 2017, 2018 IEEE 9th International Conference on Biometrics Theory, Applications and Systems (BTAS).

[11]  Yu Cao,et al.  A 1.06 μW smart ECG processor in 65 nm CMOS for real-time biometrie authentication and personal cardiac monitoring , 2019, 2017 Symposium on VLSI Circuits.

[12]  Jae-sun Seo,et al.  ECG Authentication Neural Network Hardware Design with Collective Optimization of Low Precision and Structured Compression , 2019, 2019 IEEE International Symposium on Circuits and Systems (ISCAS).

[13]  Karan Singh,et al.  Dry contact fingertip ECG-based authentication system using time, frequency domain features and support vector machine , 2015, 2015 37th Annual International Conference of the IEEE Engineering in Medicine and Biology Society (EMBC).

[14]  Massimo Alioto,et al.  Static Physically Unclonable Functions for Secure Chip Identification With 1.9–5.8% Native Bit Instability at 0.6–1 V and 15 fJ/bit in 65 nm , 2016, IEEE Journal of Solid-State Circuits.

[15]  Hee-Cheol Kim,et al.  Utilizing ECG Waveform Features as New Biometric Authentication Method , 2018 .

[16]  G. Moody,et al.  The Physionet/Computers in Cardiology challenge 2008: T-wave alternans , 2008, 2008 Computers in Cardiology.

[17]  Joseph A. O'Sullivan,et al.  Cardiovascular Biometrics: Combining Mechanical and Electrical Signals , 2015, IEEE Transactions on Information Forensics and Security.

[18]  Q. M. Wu,et al.  Fingerprint Liveness Detection from Different Fingerprint Materials Using Convolutional Neural Network and Principal Component Analysis , 2018 .

[19]  Md. Khayrul Bashar Integrated biometrics for human identification integrated biometrics , 2017, 2017 International Conference on Intelligent Informatics and Biomedical Sciences (ICIIBMS).

[20]  G. Moody,et al.  Spontaneous termination of atrial fibrillation: a challenge from physionet and computers in cardiology 2004 , 2004, Computers in Cardiology, 2004.

[21]  Álvaro Alesanco Iglesias,et al.  Biometric Authentication Using the PPG: A Long-Term Feasibility Study , 2018, Sensors.

[22]  Daniel E. Holcomb,et al.  Power-Up SRAM State as an Identifying Fingerprint and Source of True Random Numbers , 2009, IEEE Transactions on Computers.

[23]  Jeffrey M. Hausdorff,et al.  Physionet: Components of a New Research Resource for Complex Physiologic Signals". Circu-lation Vol , 2000 .

[24]  Pablo Laguna,et al.  A database for evaluation of algorithms for measurement of QT and other waveform intervals in the ECG , 1997, Computers in Cardiology 1997.

[25]  Dai Li,et al.  25.1 A 562F2 Physically Unclonable Function with a Zero-Overhead Stabilization Scheme , 2019, 2019 IEEE International Solid- State Circuits Conference - (ISSCC).

[26]  Yu Cao,et al.  A 1.06 μW smart ECG processor in 65 nm CMOS for real-time biometrie authentication and personal cardiac monitoring , 2017, VLSIC 2017.

[27]  Mark Mohammad Tehranipoor,et al.  Highly Reliable Key Generation From Electrocardiogram (ECG) , 2017, IEEE Transactions on Biomedical Engineering.

[28]  Sang Joon Kim,et al.  Designing ECG-based physical unclonable function for security of wearable devices , 2017, 2017 39th Annual International Conference of the IEEE Engineering in Medicine and Biology Society (EMBC).

[29]  Sang Joon Kim,et al.  A Smart Hardware Security Engine Combining Entropy Sources of ECG, HRV and SRAM PUF for Authentication and Secret Key Generation , 2019, 2019 IEEE Asian Solid-State Circuits Conference (A-SSCC).

[30]  I. Jekova,et al.  Biometric verification by cross-correlation analysis of 12-lead ECG patterns: Ranking of the most reliable peripheral and chest leads. , 2017, Journal of electrocardiology.

[31]  José María de Fuentes,et al.  Encryption by Heart (EbH) - Using ECG for time-invariant symmetric key generation , 2017, Future Gener. Comput. Syst..

[32]  Richa Singh,et al.  Group sparse representation based classification for multi-feature multimodal biometrics , 2016, Inf. Fusion.

[33]  Abdulmotaleb El-Saddik,et al.  ECG Authentication for Mobile Devices , 2016, IEEE Transactions on Instrumentation and Measurement.

[34]  Rabah Attia,et al.  ECG based authentication for e-healthcare systems: Towards a secured ECG features transmission , 2017, 2017 13th International Wireless Communications and Mobile Computing Conference (IWCMC).

[35]  Zhiqiang Wei,et al.  Wearable ECG calculation system based on microprocessor cluster , 2019 .

[36]  Xiaojiang Du,et al.  Salt Generation for Hashing Schemes based on ECG readings for Emergency Access to Implantable Medical Devices , 2018, 2018 International Symposium on Networks, Computers and Communications (ISNCC).

[37]  Elaine B. Barker,et al.  A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications , 2000 .

[38]  C. Peng,et al.  Age-related alterations in the fractal scaling of cardiac interbeat interval dynamics. , 1996, The American journal of physiology.

[39]  Pedro Peris-Lopez,et al.  Are the Interpulse Intervals of an ECG signal a good source of entropy? An in-depth entropy analysis based on NIST 800-90B recommendation , 2020, Future Gener. Comput. Syst..

[40]  Julian Togelius,et al.  Evolutionary Methods for Generating Synthetic MasterPrint Templates: Dictionary Attack in Fingerprint Recognition , 2018, 2018 International Conference on Biometrics (ICB).

[41]  Nicholas Costen,et al.  Multimodal biometric system for ECG, ear and iris recognition based on local descriptors , 2019, Multimedia Tools and Applications.

[42]  David Menotti,et al.  Deep Representations for Iris, Face, and Fingerprint Spoofing Detection , 2014, IEEE Transactions on Information Forensics and Security.

[43]  Mark Mohammad Tehranipoor,et al.  Non-fiducial PPG-based authentication for healthcare application , 2017, 2017 IEEE EMBS International Conference on Biomedical & Health Informatics (BHI).

[44]  Zhiyi Yu,et al.  A PUFs-based hardware authentication BLAKE algorithm in 65 nm CMOS , 2016 .

[45]  J. Martin Leo Manickam,et al.  ECG-Signal Based Secret Key Generation (ESKG) Scheme for WBAN and Hardware Implementation , 2018, Wireless Personal Communications.