Abstract
Withstanding physical attacks in a hostile environment is of utmost importance for nowadays electronics. However, due to the long and costly development of integrated circuits (ICs), IC-level countermeasures are typically only included in varying degree and not in every chip of a device. Therefore, multiple-chip modules requiring higher levels of security are additionally protected against tampering by a physical security enclosure, e.g., by an envelope that completely encloses the device. For decades, these physical boundaries on a device-level were monitored using battery-backed mechanisms to enable detection of an attempted physical intrusion even if the underlying system is powered off. However, the battery affects the system’s robustness, weight, prevents extended storage, and also leads to difficulties with the security mechanism while shipping the device. In this position paper, we present our assessment of various battery-backed tamper-respondent solutions and argue that while offering the intriguing benefit of instantaneous detection and response, the low-power nature of battery-backup contradicts a tamper-sensitive measurement, among other problems. We are therefore of the opinion that more effort should be spent towards enclosures that are based on tamper-evident physical unclonable functions (PUFs), as they are designated to provide a high level of security on the one hand and do not require a battery on the other hand. To further substantiate our argument, we summarize the work in this domain to also facilitate future research.
Similar content being viewed by others
References
National Institute of Standards and Technology (NIST) (2002) FIPS PUB 140-2: security requirements for cryptographic modules. NIST, Gaithersburg
Killmann W, Lemke-Rust K (2008) Common criteria protection profile - cryptographic modules security level “enhanced”
Weingart SH (2000) Physical security devices for computer subsystems: a survey of attacks and defenses. In: Cryptographic hardware and embedded systems — CHES 2000. Springer, Berlin, pp 302–317
Isaacs P, Morris T Jr, Fisher MJ, Cuthbert K (2013) Tamper proof, tamper evident encryption technology. In: Pan pacific symposium (SMTA)
Eren H, Sandor L (2005) Fringe-effect capacitive proximity sensors for tamper proof enclosures. In: Sensors for Industry Conference
Skorobogatov SP (2005) Semi-invasive attacks – a new approach to hardware security analysis. University of Cambridge, Computer Laboratory, Tech. Rep. UCAM-CL-TR-630
W.L. GORE & Associates Inc. (2007) Gore tamper respondent surface enclosure (commercial brochure). W.L. GORE & Associates Inc., Newark
Gassend B, Clarke D, Dijk MV, Devadas S (2002) Silicon physical random functions. In: ACM CCS
Herder C, Yu M, Koushanfar F, Devadas S (2014) Physical unclonable functions and applications. In: Proceedings of the IEEE, vol 102. IEEE, Piscataway
Helfmeier C, Nedospasov D, Tarnovsky C, Krissler J S, Boit C, Seifert JP (2013) Breaking and entering through the silicon. In: ACM Conference on Computer and Communications Security (CCS)
Vai M, Nahill B, Kramer J, Geis M, Utin D, Whelihan D, Khazan R (2015) Secure architecture for embedded systems. In: IEEE High Performance Extreme Computing Conference (HPEC)
Immler V, Obermaier J, König M, Hiller M, Sigl G (2018) B-TREPID: batteryless tamper-resistant envelope with a PUF and integrity detection. In: 2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)
BOURNS INC. (2007) Application note – security housing. http://application-notes.digchip.com/176/176-48205.pdf
Burke R, Queen C (2004) A security housing for a circuit. European Patent Office, Munich. WO Patent App. PCT/IE2004/000,043
SOG-IS (2013) Application of attack potential to smartcards. https://www.sogis.org/documents/cc/domains/sc/JIL-Application-of-Attack-Potential-to-Smartcards-v2-9.pdf
Payment Card Industry Security Standards Council (2013) Payment Card Industry PIN Transaction Security (PTS) v4.0. PCI, Wakefield
IBM (2012) IBM 4765 cryptographic coprocessor security module security policy (compliant to FIPS 140-2 level 4). December 2012, https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1505.pdf
Seales W B, Parker C S, Segal M, Tov E, Shor P, Porath Y (2016) From damage to discovery via virtual unwrapping: reading the scroll from En-Gedi. Sci Adv 2(9). https://doi.org/10.1126/sciadv.1601247
Pappu R, Recht B, Taylor J, Gershenfeld N (2002) Physical one-way functions. Science 297:2026–2030
Tuyls P, Schrijen G J, Skoric B, van Geloven J, Verhaegh N, Wolters R (2006) Read-proof hardware from protective coatings. In: Goubin L, Matsui M (eds) Workshop on Cryptographic Hardware and Embedded Systems (CHES), ser. LNCS, vol 4249. Springer, Berlin Heidelberg, pp 369–383
Esbach T, Fumy W, Kulikovska O, Merli D, Schuster D, Stumpf F (2012) A new security architecture for smartcards utilizing PUFs. In: ISSE Conference
Spain M, Fuller B, Ingols K, Cunningham R (2014) Robust keys from physical unclonable functions. In: IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp 88–92
Immler V, Hiller M, Liu Q, Lenz A, Wachter-Zeh A (2017) Variable length bit mapping and error-correcting codes for higher-order alphabet pufs. In: Security, Privacy, and Applied Cryptography Engineering (SPACE)
Immler V, Hennig M, Kürzinger L, Sigl G (2016) Practical aspects of quantization and tamper-sensitivity for physically obfuscated keys. In: Workshop on Cryptography and Security in Computing Systems (CS2). ACM, p 1318
Obermaier J, Immler V, Hiller M, Sigl G (2018) A measurement system for capacitive PUF-based security enclosures. In: 55th ACM/EDAC/IEEE Design Automation Conference (DAC)
Funding
This work was supported by the Fraunhofer Internal Programs under Grant No. MAVO 828 432.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Obermaier, J., Immler, V. The Past, Present, and Future of Physical Security Enclosures: From Battery-Backed Monitoring to PUF-Based Inherent Security and Beyond. J Hardw Syst Secur 2, 289–296 (2018). https://doi.org/10.1007/s41635-018-0045-2
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s41635-018-0045-2