B-TREPID: Batteryless tamper-resistant envelope with a PUF and integrity detection
Protecting embedded devices against physical attacks is a challenging task since the attacker has control of the device in a hostile environment. To address this issue, current countermeasures typically use a battery-backed tamper-respondent envelope that encloses the entire device to create a trusted compartment. However, the battery affects the system's robustness and weight, and also leads to difficulties with the security mechanism while shipping the device. In contrast, we present a batteryless tamper-resistant envelope, which contains a fine mesh of electrodes, and its complementary security concept. An evaluation unit checks the integrity of the sensor mesh by detecting short and open circuits. Additionally, it measures the capacitances of the mesh. Once its preliminary integrity is confirmed, a cryptographic key is derived from the capacitive measurements that represent a PUF, to decrypt and authenticate the firmware of the enclosed host system. We demonstrate the feasibility of our concept, provide details on the layout and electrical properties of the batteryless envelope, and explain the underlying security architecture. Practical results from a set of manufactured envelopes facilitate future research.