Abstract
Physically Unclonable Functions (PUFs) are a promising technology in cryptographic application areas. The idea of PUFs is to make use of the unique “fingerprint” of the IC, to enable generation of secrets or keys without storing sensitive data permanently in memory. Since PUFs are “noisy” functions, some kind of post processing is required to reliably reconstruct the respective PUF response. Based on potential threats and vulnerabilities as well as the security requirements for PUF-based tokens we developed a draft version of a Protection Profile according to Common Criteria. This paper discusses the central parts of this Protection Profile, namely the Target of Evaluation (TOE), PUF-specific security functional requirements (SFRs), and requirements on the operational environment regarding the whole life cycle of the TOE.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Common Criteria for Information Technology Security Evaluation, Part 1: Introduction and General Model. CCMB-2012-09-001, Version 3.1, Revision 4 (September 2012)
Common Criteria for Information Technology Security Evaluation, Part 2: Security Functional Components. CCMB-2012-09-002, Version 3.1, Revision 4 (September 2012)
Common Criteria for Information Technology Security Evaluation, Part 3: Security Assurance Components. CCMB-2012-09-003, Version 3.1, Revision 4 (September 2012)
Eurosmart Security IC Platform Protection Profile. Version 1.0, BSI-PP-0035 (June 2007)
Bösch, C., Guajardo, J., Sadeghi, A.-R., Shokrollahi, J., Tuyls, P.: Efficient Helper Data Key Extractor on FPGAs. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 181–197. Springer, Heidelberg (2008)
Dodis, Y., Ostrovsky, R., Reyzin, L., Smith, A.: Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data. SIAM Journal on Computing, 38(1):97–139 (2008)
Fruhashi, K., Shiozaki, M., Fukushima, A., Murayama, T., Fujino, T.: The arbiter-PUF with high uniqueness utilizing novel arbiter circuit with Delay-Time Measurement. In: IEEE International Symposium on Circuits and Systems (ISCAS) 2011, pp. 2325–2328 (2011)
Gassend, B., Clarke, D., van Dijk, M., Devadas, S.: Controlled Physical Random Functions. In: IEEE (ed.) Proceedings of the 18th Annual Computer Security Applications Conference (ACSAC 2002), USA (2002)
Handschuh, H.: Hardware-Anchored Security Based on SRAM PUFs, Part 1. IEEE Security Privacy 10(3), 80–83 (2012)
Van Herrewege, A., Katzenbeisser, S., Maes, R., Peeters, R., Sadeghi, A.-R., Verbauwhede, I., Wachsmann, C.: Reverse Fuzzy Extractors: Enabling Lightweight Mutual Authentication for PUF-Enabled RFIDs. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 374–389. Springer, Heidelberg (2012)
Maes, R., Verbauwhede, I.: Physically Unclonable Functions: A Study on the State of the Art and Future Research Directions. In: Sadeghi, A.-R., Naccache, D. (eds.) Towards Hardware-Intrinsic Security, Information Security and Cryptography, pp. 3–37. Springer, Heidelberg (2010)
Schrijen, G.-J., van der Leest, V.: Comparative analysis of SRAM memories used as PUF primitives. In: Design, Automation Test in Europe Conference Exhibition (DATE), pp. 1319–1324 (2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 IFIP International Federation for Information Processing
About this paper
Cite this paper
Kolberger, A., Schaumüller-Bichl, I., Brunner, V., Deutschmann, M. (2014). Protection Profile for PUF-Based Devices. In: Cuppens-Boulahia, N., Cuppens, F., Jajodia, S., Abou El Kalam, A., Sans, T. (eds) ICT Systems Security and Privacy Protection. SEC 2014. IFIP Advances in Information and Communication Technology, vol 428. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-55415-5_8
Download citation
DOI: https://doi.org/10.1007/978-3-642-55415-5_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-55414-8
Online ISBN: 978-3-642-55415-5
eBook Packages: Computer ScienceComputer Science (R0)