Fraunhofer-Institut für Angewandte und Integrierte Sicherheit AISEC

Filters

7
7
Reset filters

Settings
Now showing 1 - 7 of 7
  • Publication
    New Insights to Key Derivation for Tamper-Evident Physical Unclonable Functions
    ( 2019)
    Immler, V.
    ;
    Uppund, K.
    Several publications presented tamper-evident Physical Unclonable Functions (PUFs) for secure storage of cryptographic keys and tamper-detection. Unfortunately, previously published PUF-based key derivation schemes do not sufficiently take into account the specifics of the underlying application, i.e., an attacker that tampers with the physical parameters of the PUF outside of an idealized noise error model. This is a notable extension of existing schemes for PUF key derivation, as they are typically concerned about helper data leakage, i.e., by how much the PUF's entropy is diminished when gaining access to its helper data. To address the specifics of tamper-evident PUFs, we formalize the aspect of tamper-sensitivity, thereby providing a new tool to rate by how much an attacker is allowed to tamper with the PUF. This complements existing criteria such as effective number of secret bits for entropy and failure rate for reliability. As a result, it provides a fair comparison among different schemes and independent of the PUF implementation, as its unit is based on the noise standard deviation of the underlying PUF measurement. To overcome the limitations of previous schemes, we then propose an Error-Correcting Code (ECC) based on the Lee metric, i.e., a distance metric well-suited to describe the distance between q-ary symbols as output from an equidistant quantization, i.e., a higher-order alphabet PUF. This novel approach is required, as the underlying symbols' bits are not i.i.d. which hinders applying previous state-of-the-art approaches. We present the concept for our scheme and demonstrate its feasibility based on an empirical PUF distribution. The benefits of our approach are an increase by over 21% in effective secret bit compared to previous approaches based on equidistant quantization. At the same time, we improve tamper-sensitivity compared to an equiprobable quantization while ensuring similar reliability and entropy. Hence, this work opens up a new direction of how to interpret the PUF output and details a practically relevant scheme outperforming all previous constructions.
  • Publication
    Variable-Length Bit Mapping and Error-Correcting Codes for Higher-Order Alphabet PUFs
    ( 2019)
    Immler, V.
    ;
    Hiller, M.
    ;
    Liu, Q.
    ;
    Lenz, A.
    ;
    Wachter-Zeh, A.
    evice-specific physical characteristics provide the foundation for physical unclonable functions (PUFs), a hardware primitive for secure storage of cryptographic keys. Thus far, they have been implemented by either directly evaluating a binary output or by mapping symbols from a higher-order alphabet to a fixed-length bit sequence. However, when combined with equidistant quantization, this causes significant bias in the derived secret which is a security issue. To overcome this limitation, we propose a variable-length bit mapping that reflects the properties of a Gray code in a different metric, namely the Levenshtein metric instead of the classical Hamming metric. Subsequent error correction is therefore based on a custom insertion/deletion error-correcting code (ECC). This new approach effectively counteracts the bias in the derived key already at the input side of the ECC. We present the concept for our scheme and demonstrate its feasibility based on an empirical PUF distribution. As a result, we increase the effective output bit length of the secret by over 40% compared to state-of-the-art approaches. In addition to that, we investigate different segmentation approaches which is important due to the variable length of the considered values. Practical implementation results demonstrate that the proposed scheme requires only a fraction of the execution time compared to Bose-Chaudhuri-Hocquenghem (BCH) codes. This opens up a new direction of ECCs for PUFs that output responses with symbols of a higher-order alphabet.
  • Publication
    Secure Physical Enclosures from Coverswith Tamper-Resistance
    ( 2019)
    Immler, V.
    ;
    Obermaier, J.
    ;
    Ng, K.K.
    ;
    Ke, F.X.
    ;
    Lee, J.
    ;
    Lim, Y.P.
    ;
    Oh, W.K.
    ;
    Wee, K.H.
    ;
    Sigl, G.
    Ensuring physical security of multiple-chip embedded systems on a PCB is challenging, since the attacker can control the device in a hostile environment. To detect physical intruders as part of a layered approach to security, it is common to create a physical security boundary that is difficult to penetrate or remove, e.g., enclosures created from tamper-respondent envelopes or covers. Their physical integrity is usually checked by active sensing, i.e., a battery-backed circuit continuously monitors the enclosure. However, adoption is often hampered by the disadvantages of a battery and due to specialized equipment which is required to create the enclosure. In contrast, we present a batteryless tamper-resistant cover made from standard flexPCB technology, i.e., a commercially widespread, scalable, and proven technology. The cover comprises a fine mesh of electrodes and an evaluation unit underneath the cover checks their integrity by detecting short and open circuits. Additionally, it measures the capacitances between the electrodes of the mesh. Once its preliminary integrity is confirmed, a cryptographic key is derived from the capacitive measurements representing a PUF, to decrypt and authenticate sensitive data of the enclosed system. We demonstrate the feasibility of our concept, provide details on the layout, electrical properties of the cover, and explain the underlying security architecture. Practical results including statistics over a set of 115 flexPCB covers, physical attacks, and environmental testing support our design rationale. Hence, our work opens up a new direction of counteracting physical tampering without the need of batteries, while aiming at a physical security level comparable to FIPS 140-2 level 3.
  • Publication
    Your rails cannot hide from localized EM
    ( 2018)
    Immler, V.
    ;
    Specht, R.
    ;
    Unterstein, F.
    Protecting cryptographic implementations against side-channel attacks is a must to prevent leakage of processed secrets. As a cell-level countermeasure, so-called DPA-resistant logic styles have been proposed to prevent a data-dependent power consumption. As most of the DPA-resistant logic is based on dual rails, properly implementing them is a challenging task on FPGAs which is due to their fixed architecture and missing freedom in the design tools. While previous works show a significant security gain when using such logic on FPGAs, we demonstrate this only holds for power analysis. In contrast, our attack using high-resolution electromagnetic analysis is able to exploit local characteristics of the placement and routing such that only a marginal security gain remains, therefore creating a severe threat. To further analyze the properties of both attack and implementation, we develop a custom placer to improve the default placement of the analyzed AES S-box. Different cost functions for the placement are tested and evaluated w.r.t. the resulting side-channel resistance on a Spartan-6 FPGA. As a result, we are able to more than double the resistance of the design compared to cases not benefiting from the custom placement.
  • Publication
    The Past, Present, and Future of Physical Security Enclosures: From Battery-Backed Monitoring to PUF-Based Inherent Security and Beyond
    ( 2018)
    Obermaier, J.
    ;
    Immler, V.
    Withstanding physical attacks in a hostile environment is of utmost importance for nowadays electronics. However, due to the long and costly development of integrated circuits (ICs), IC-level countermeasures are typically only included in varying degree and not in every chip of a device. Therefore, multiple-chip modules requiring higher levels of security are additionally protected against tampering by a physical security enclosure, e.g., by an envelope that completely encloses the device. For decades, these physical boundaries on a device-level were monitored using battery-backed mechanisms to enable detection of an attempted physical intrusion even if the underlying system is powered off. However, the battery affects the system's robustness, weight, prevents extended storage, and also leads to difficulties with the security mechanism while shipping the device. In this position paper, we present our assessment of various battery-backed tamper-respondent solutions and argue that while offering the intriguing benefit of instantaneous detection and response, the low-power nature of battery-backup contradicts a tamper-sensitive measurement, among other problems. We are therefore of the opinion that more effort should be spent towards enclosures that are based on tamper-evident physical unclonable functions (PUFs), as they are designated to provide a high level of security on the one hand and do not require a battery on the other hand. To further substantiate our argument, we summarize the work in this domain to also facilitate future research.
  • Publication
    Efficient security zones implementation through hierarchical group key management at NoC-based MPSoCs
    ( 2017)
    Sepulveda, J.
    ;
    Flórez, D.
    ;
    Immler, V.
    ;
    Gogniat, G.
    ;
    Sigl, G.
    Sensitive applications are split into the IP cores of the Multi-Processors System-on-Chip (MPSoCs). In order to isolate the sensitive communication among such IP cores, security zones based on conference keys agreement can be built. However, the flexibility and dynamic nature of MPSoCs force reshaping the security zones at runtime. It is still a challenge to achieve efficient computation and distribution of new conference keys in MPSoC environments. In order to solve this problem, in this work we propose the combination of two techniques: i) high performance NoC, able to efficiently communicate data and control packets in the system; and ii) hierarchical group-key management for efficient security zone modification. We implement three hierarchical protocols and we show that by decentralizing the security management of the rekeying process and using a two-level NoC, it is possible to achieve an improvement of the performance compared to the previous flat approaches.
  • Publication
    Hierarchical group-key management for NoC-based MPSoCs protection
    ( 2016)
    Sepulveda, J.
    ;
    Flórez, D.
    ;
    Immler, V.
    ;
    Gogniat, G.
    ;
    Sigl, G.
    Group keys can be used in order to communicate secretly sensitive data among IP cores. However, the flexibility and dynamic nature of MPSoCs force reshaping the security zones at runtime. Members of a zone must be able to efficiently compute the new group key while former members must be prevented for data disclosure. Efficiently creating security zones for achieving sensitive traffic isolation in MPSoC environments is a challenging problem. In this work we present the implementation of hierarchical group-key management for NoC-based systems in order to efficiently perform the rekeying process. We implement three hierarchical protocols and we show that by decentralizing the security management of the rekeying process, it is possible to achieve an improvement of the performance when compared to the previous flat approaches.