Hardware Intrinsic Security to Protect Value in the Mobile Market
More and more mobile device manufacturers are recognizing the importance of security for their devices in order to protect valuable information of their customers. However, the security of many mobile devices currently does not suffice to protect against modern sophisticated attackers. This paper will go into detail on how these devices can be secured at the hardware level, to ensure that the data of mobile users can be protected against these skilled attackers. For strong protection anchored in hardware, this paper describes the concept of Hardware Intrinsic Security (HIS) and its security benefits for the mobile market. Using HIS technology a root of trust can be created in silicon, which is based on unique physical characteristics of the chips inside mobile devices. These characteristics can be thought of as the electronic fingerprint of a device, a technique also referred to as Physical Unclonable Functions (PUFs). A PUF is a basic building block for extracting this electronic fingerprint, but it does not provide a security solution by itself. In order to use a PUF in a security product or solution, it must be deployed in a controlled and secure way. This paper describes an extensively tested way of working for designing and implementing an electronic fingerprint, which is derived from these physical characteristics, into the systems required for providing strong security solutions on mobile devices.
KeywordsEntropy Europe Defend Extractor
Unable to display preview. Download preview PDF.
- [Flyl14] Flylogic, “Flylogic Blog,” http://www.flylogic.net/blog.
- [GCDD02] B. Gassend, D. Clarke, M. van Dijk, and S. Devadas, “Silicon physical random functions,” in ACM Conference on Computer and Communications Security (CCS’02). New York, NY, USA: ACM, 2002, pp.148–160.Google Scholar
- [GKST07] J. Guajardo, S. S. Kumar, G.-J. Schrijen, and P. Tuyls, “FPGA intrinsic PUFs and their use for IP protection,” in Workshop on Cryptographic Hardware and Embedded Systems (CHES ’07), ser. LNCS, vol. 4727, Berlin, Heidelberg: Springer-Verlag, 2007, pp. 63–80.Google Scholar
- [Maes13] R. Maes, “Physically Unclonable Functions – Constructions, Properties and Applications”, Springer 2013, ISBN 978-3-642-41394-0, pp. 1-172Google Scholar
- [MaTV08] R. Maes, P. Tuyls, and I. Verbauwhede, “Intrinsic PUFs from flip-flops on reconfigurable devices,” in Workshop on Information and System Security (WISSec 2008), Eindhoven, NL, 2008, p. 17.Google Scholar
- [KKRS12] S. Katzenbeisser, U. Kocabas¸, V. Rozic, A.-R. Sadeghi, I. Verbauwhede, and C. Wachsmann, “PUFs: Myth, Fact or Busted? A Security Evaluation of Physically Unclonable Functions (PUFs) Cast in Silicon,” in Cryptographic Hardware and Embedded Systems (CHES) 2012, ser. Lecture Notes in Computer Science, Springer Berlin Heidelberg, 2012, vol. 7428, pp. 283–301.Google Scholar
- [BhCM12] M. Bhargava, C. Cakir, and K. Mai, “Comparison of bi-stable and delay-based Physical Unclonable Functions from measurements in 65nm bulk CMOS,” in Custom Integrated Circuits Conference (CICC), 2012 IEEE, 2012, pp. 1–4.Google Scholar
- [ScLe12] G.-J. Schrijen and V. van der Leest, “Comparative analysis of SRAM memories used as PUF primitives,” in Design, Automation Test in Europe Conference Exhibition (DATE) 2012, march 2012, pp. 1319 –1324.Google Scholar
- [LiTu03] J.-P. Linnartz and P. Tuyls, “New shielding functions to enhance privacy and prevent misuse of biometric templates,” in Audio- and Video- Based Biometric Person Authentication, ser. Lecture Notes in Computer Science, Springer Berlin Heidelberg, 2003, vol. 2688, pp. 393–402.Google Scholar
- [DoRS04] Y. Dodis, L. Reyzin, and A. Smith, “Fuzzy extractors: How to generate strong keys from biometrics and other noisy data,” in Advances in Cryptology – EUROCRYPT 2004, ser. Lecture Notes in Computer Science, Springer Berlin Heidelberg, 2004, vol. 3027, pp. 523–540.Google Scholar
- [HBNS13] C. Helfmeier, C. Boit, D. Nedospasov, and J.-P. Seifert, “Cloning physically unclonable functions,” in Hardware-Oriented Security and Trust (HOST), 2013 IEEE International Symposium on, 2013, pp. 1–6.Google Scholar
- [NSHB13] D. Nedospasov, J.-P. Seifert, C. Helfmeier, and C. Boit, “Invasive PUF analysis,” in Fault Diagnosis and Tolerance in Cryptography (FDTC), 2013 Workshop on, 2013, pp. 30–38.Google Scholar
- [ZZHQ14] S. Zhao, Q. Zhang, G. Hu, Y. Qin, and D. Feng, “Providing Root of Trust for ARM TrustZone using SRAM PUFs,” in Cryptology ePrint Archive: Report 2014/464, 2014. http://eprint.iacr.org/2014/464
- [SALK14] A. Schaller, T. Arul, V. van der Leest, and S. Katzenbeisser, „Lightweight Anti-Counterfeiting Solution for Low-End Commodity Hardware Using Inherent PUFs „, to be published at 7th International Conference on Trust & Trustworthy Computing (TRUST) 2014.Google Scholar