论文信息 - Practical Aspects of Quantization and Tamper-Sensitivity for Physically Obfuscated Keys

Practical Aspects of Quantization and Tamper-Sensitivity for Physically Obfuscated Keys

This work deals with key generation based on Physically Obfuscated Keys (POKs), i.e., a certain type of tamper-evident Physical Unclonable Function (PUF) that can be used as protection against invasive physical attacks. To design a protected device, one must take attacks such as probing of data lines or penetration of the physical security boundary into consideration. For the implementation of a POK as a countermeasure, physical properties of a material -- which covers all parts to be protected -- are measured. After measuring these properties, i.e. analog values, they have to be quantized in order to derive a cryptographic key. This paper will present and discuss the impact of the quantization method with regard to three parameters: key quality, tamper-sensitivity, and reliability. Our contribution is the analysis of two different quantization schemes considering these parameters. Foremost, we propose a new approach to achieve improved tamper-sensitivity in the worst-case with no information leakage. We then analyze a previous solution and compare it to our scenario. Based on empirical data we demonstrate the advantages of our approach. This significantly improves the level of protection of a tamper-resistant cryptographic device compared to cases not benefiting from our scheme.

Georg Sigl | Ludwig Kurzinger | Vincent Immler | Maxim Hennig

[1] Silvio Micali,et al. Algorithmic Tamper-Proof (ATP) Security: Theoretical Foundations for Security against Hardware Tampering , 2004, TCC.

[2] Blaise L. P. Gassend,et al. Physical random functions , 2003 .

[3] Jorge Guajardo,et al. FPGA Intrinsic PUFs and Their Use for IP Protection , 2007, CHES.

[4] Rafail Ostrovsky,et al. Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[5] Boris Skoric,et al. Key Extraction From General Nondiscrete Signals , 2010, IEEE Transactions on Information Forensics and Security.

[6] Steve H. Weingart. Physical Security Devices for Computer Subsystems: A Survey of Attacks and Defenses 2008 (Updated from the CHES 2000 version) , 2008 .

[7] Boris Skoric,et al. Read-Proof Hardware from Protective Coatings , 2006, CHES.

[8] Onur Günlü,et al. DCT based ring oscillator Physical Unclonable Functions , 2014, 2014 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP).

[9] Steve H. Weingart. Physical Security Devices for Computer Subsystems: A Survey of Attacks and Defences , 2000, CHES.

[10] Frans M. J. Willems,et al. Information Leakage in Fuzzy Commitment Schemes , 2010, IEEE Transactions on Information Forensics and Security.

[11] Frans M. J. Willems,et al. On information leakage in fuzzy commitment , 2010, Electronic Imaging.