Computer Security by Hardware-Intrinsic Authentication

  • Caio Hoffman UNICAMP
  • Diego F. Aranha UNICAMP / Aarhus University
  • Mario Lúcio Côrtes UNICAMP
  • Guido Costa Souza de Araújo UNICAMP

Resumo


The Internet of Things (IoT) has brought evident security concerns. New solutions in security for IoT will need to reduce the dependency on nonvolatile memory for key storage, promote easier means to uniquely identify billions of devices, etc. Physical Unclonable Functions (PUFs) have been adopted as the future for key derivation and hardware fingerprinting. This work presents CSHIA: a new computer architecture that takes into account limitations and strengths of PUFs to provide code and data integrity and authenticity in a seamless design that does not demand changes in processors microarchitecture or software. We describe and analyze a full-fledged FPGA deployment of the architecture and consider attack scenarios, including side-channel attacks on PUFs.

Referências

ARM (2018). Arm cyber security manifesto 2018/2019. Retrieved Jun 21, 2020 from https://www.arm.com/resources/manifesto/iot-security.

Hoffman, C. (2019). Computer Security by Hardware-Intrinsic Authentication. PhD thesis, University of Campinas. Availale at: http://repositorio.unicamp.br/bitstream/REPOSIP/333630/1/Hoffman_Caio_D.pdf.

Hoffman, C., Cortes, M., Aranha, D., and Araujo, G. (2015). Computer security by hardware-intrinsic authentication. In Hardware/Software Codesign and System Synthesis (CODES+ISSS), 2015 International Conference on, pages 143–152.

Hoffman, C., Gebotys, C., Aranha, D. F., Cortes, M., and Araujo, G. (2019). Circumventing uniqueness of xor arbiter pufs. In 2019 22nd Euromicro Conference on Digital System Design (DSD), pages 222–229. IEEE.

Maes, R., van der Leest, V., van der Sluis, E., and Willems, F. (2016). Secure key generation from biased pufs: extended version. Journal of Cryptographic Engineering, 6(2):121–137.

Mutschler, A. S. (2020). Non-volatile memory tradeoffs intensify. Retrieved Jun 27, 2020 from https://semiengineering.com/non-volatile-memory-tradeoffs-intensify/.

Rührmair, U., Sehnke, F., Sölter, J., Dror, G., Devadas, S., and Schmidhuber, J. (2010). Modeling Attacks on Physical Unclonable Functions. CCS ’10, pages 237–249. ACM.

Sepúlveda, J., Wilgerodt, F., and Pehl, M. (2019). Towards memory integrity and authenticity of multi-processors system-on-chip using physical unclonable functions. it - Information Technology, 61(1):29 – 43.

Shao, F., Sun, R., Diao, K., and Wang, X. (2008). A new secure architecture of network computer based on single cpu and dual bus. ISEC ’08, pages 309–314. IEEE.

Suh, G. E., O’Donnell, C. W., Sachdev, I., and Devadas, S. (2005). Design and implementation of the aegis single-chip secure processor using physical random functions. SIGARCH Comput. Archit. News, 33(2):25–36.

Szefer, J. and Martonosi, M. (2018). Principles of Secure Processor Architecture Design. Morgan & Claypool Publishers.

Wang, R., Selimis, G., Maes, R., and Goossens, S. (2020). Long-term continuous assessment of sram puf and source of random numbers. DATE ’20, pages 7–12, San Jose, CA, USA. EDA Consortium.
Publicado
13/10/2020
HOFFMAN, Caio; ARANHA, Diego F.; CÔRTES, Mario Lúcio; ARAÚJO, Guido Costa Souza de. Computer Security by Hardware-Intrinsic Authentication. In: CONCURSO DE TESES E DISSERTAÇÕES - SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 20. , 2020, Evento Online. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2020 . p. 9-16. DOI: https://doi.org/10.5753/sbseg_estendido.2020.19264.