Miguel A. Prada-Delgado

Improved Generation of Identifiers, Secret Keys, and Random Numbers From SRAMs

This paper presents a method to simultaneously improve the quality of the identifiers, secret keys, and random numbers that can be generated from the start-up values of standard static random access memories (SRAMs). The method is based on classifying memory cells after evaluating their start-up values at multiple measurements in a registration phase. The registration can be done without unplugging the device from its application context, and with no need for a complex laboratory setup. The method has been validated experimentally with standard low-power SRAM modules in two different application specific integrated circuits (ASICs) fabricated with the 90-nm TSMC technology. The results show that with a simple registration the length of the identifiers can be reduced by 45%, the worst case bit error probability (which defines the complexity of the error correcting code needed to recover a secret key) can be reduced by 64%, and the worst case minimum entropy value is improved, thus reducing the number of bits that have to be processed to obtain full entropy by 81%. The method can be applied to standard digital designs by controlling the external power supply to the SRAM using software or by incorporating simple circuitry in the design. In the latter case, a module for implementing the method in an ASIC designed in the 90-nm TSMC technology occupies an active area of 42, 025 μm2.

VLSI Design of Trusted Virtual Sensors

This work presents a Very Large Scale Integration (VLSI) design of trusted virtual sensors providing a minimum unitary cost and very good figures of size, speed and power consumption. The sensed variable is estimated by a virtual sensor based on a configurable and programmable PieceWise-Affine hyper-Rectangular (PWAR) model. An algorithm is presented to find the best values of the programmable parameters given a set of (empirical or simulated) input-output data. The VLSI design of the trusted virtual sensor uses the fast authenticated encryption algorithm, AEGIS, to ensure the integrity of the provided virtual measurement and to encrypt it, and a Physical Unclonable Function (PUF) based on a Static Random Access Memory (SRAM) to ensure the integrity of the sensor itself. Implementation results of a prototype designed in a 90-nm Complementary Metal Oxide Semiconductor (CMOS) technology show that the active silicon area of the trusted virtual sensor is 0.86 mm2 and its power consumption when trusted sensing at 50 MHz is 7.12 mW. The maximum operation frequency is 85 MHz, which allows response times lower than 0.25 μs. As application example, the designed prototype was programmed to estimate the yaw rate in a vehicle, obtaining root mean square errors lower than 1.1%. Experimental results of the employed PUF show the robustness of the trusted sensing against aging and variations of the operation conditions, namely, temperature and power supply voltage (final value as well as ramp-up time).

Physical unclonable keys for smart lock systems using Bluetooth Low Energy

Nowadays, several smart lock systems use Bluetooth Low Energy (BLE) to stablish a wireless communication between the physical key (key fob, card, smartphone, etc.) and the lock. Security is based on creating and storing secret digital keys to establish a cryptographically secure communication. The problem is that several attacks can break such security, particularly the copy of the physical key. In order to increase the difficulty of the attacks, the physical keys described in this paper do not store the secret cryptographic keys but reconstruct them when they are needed and remove them when they are not used. Only the trusted physical keys are able to reconstruct the secrets with the public data stored in them. This is possible by using the start-up values of the SRAM in the BLE chip of the physical key, which acts as a physical unclonable function (PUF), so that if the physical key is copied, the lock cannot be opened. The idea has been proven with the development of a smart lock system with key fobs based on the CC2541 BLE system on chip from Texas Instruments. Experimental results are included to illustrate the performance.

A PUF- and Biometric-Based Lightweight Hardware Solution to Increase Security at Sensor Nodes

Security is essential in sensor nodes which acquire and transmit sensitive data. However, the constraints of processing, memory and power consumption are very high in these nodes. Cryptographic algorithms based on symmetric key are very suitable for them. The drawback is that secure storage of secret keys is required. In this work, a low-cost solution is presented to obfuscate secret keys with Physically Unclonable Functions (PUFs), which exploit the hardware identity of the node. In addition, a lightweight fingerprint recognition solution is proposed, which can be implemented in low-cost sensor nodes. Since biometric data of individuals are sensitive, they are also obfuscated with PUFs. Both solutions allow authenticating the origin of the sensed data with a proposed dual-factor authentication protocol. One factor is the unique physical identity of the trusted sensor node that measures them. The other factor is the physical presence of the legitimate individual in charge of authorizing their transmission. Experimental results are included to prove how the proposed PUF-based solution can be implemented with the SRAMs of commercial Bluetooth Low Energy (BLE) chips which belong to the communication module of the sensor node. Implementation results show how the proposed fingerprint recognition based on the novel texture-based feature named QFingerMap16 (QFM) can be implemented fully inside a low-cost sensor node. Robustness, security and privacy issues at the proposed sensor nodes are discussed and analyzed with experimental results from PUFs and fingerprints taken from public and standard databases.

Trusted Cameras on Mobile Devices Based on SRAM Physically Unclonable Functions

Nowadays, there is an increasing number of cameras placed on mobile devices connected to the Internet. Since these cameras acquire and process sensitive and vulnerable data in applications such as surveillance or monitoring, security is essential to avoid cyberattacks. However, cameras on mobile devices have constraints in size, computation and power consumption, so that lightweight security techniques should be considered. Camera identification techniques guarantee the origin of the data. Among the camera identification techniques, Physically Unclonable Functions (PUFs) allow generating unique, distinctive and unpredictable identifiers from the hardware of a device. PUFs are also very suitable to obfuscate secret keys (by binding them to the hardware of the device) and generate random sequences (employed as nonces). In this work, we propose a trusted camera based on PUFs and standard cryptographic algorithms. In addition, a protocol is proposed to protect the communication with the trusted camera, which satisfies authentication, confidentiality, integrity and freshness in the data communication. This is particularly interesting to carry out camera control actions and firmware updates. PUFs from Static Random Access Memories (SRAMs) are selected because cameras typically include SRAMs in its hardware. Therefore, additional hardware is not required and security techniques can be implemented at low cost. Experimental results are shown to prove how the proposed solution can be implemented with the SRAM of commercial Bluetooth Low Energy (BLE) chips included in the communication module of the camera. A proof of concept shows that the proposed solution can be implemented in low-cost cameras.

Trustworthy firmware update for Internet-of-Thing Devices using physical unclonable functions

Connected devices that are part of the so-called Internet of Things (IoT) need to update their firmware over their lifetime. The problem is that updates can be used by attackers to inject malicious code. This work presents a lightweight protocol to update each device in a secure way. The cryptographic keys employed are fresh and are not stored but reconstructed by exploiting the Physical Unclonable Functions (PUFs) of the device hardware. The feasibility of the proposal is illustrated with experimental results of IoT devices that use the SRAM PUFs in their Bluetooth Low Energy (BLE) system on chips.

Using Physical Unclonable Functions for Internet-of-Thing Security Cameras

This paper proposes a low-cost solution to develop IoT security cameras. Integrity and confidentiality of the image data are achieved by cryptographic modules that implement symmetric key-based techniques which are usually available in the hardware of the IoT cameras. The novelty of this proposal is that the secret key required is not stored but reconstructed from the start-up values of a SRAM in the camera hardware acting as a PUF (Physical Unclonable Function), so that the physical authenticity of the camera is also ensured. The start-up values of the SRAM are also exploited to change the IV (Initialization Vector) in the encryption algorithm. All the steps for enrollment and normal operation can be included in a simple firmware to be executed by the camera. There is no need to include specific hardware but only a SRAM is needed which could be powered down and up by firmware.

A VLSI module to authenticate unclonable things

This paper presents a novel VLSI module that implements a lightweight symmetric authentication protocol based on Keyed-Hash Message Authentication Code (HMAC). The cryptographic key and the random numbers needed by the protocol are generated efficiently by a SRAM acting as a Physical Unclonable Function (PUF).

Robust unclonable identifiers and true random numbers from off-the-shelf SRAMs

A demonstrator has been developed that shows how off-the-shelf SRAMs can be identified by their start-up values and how true random numbers can be extracted from them. It contains an FPGA that communicates with off-the-shelf SRAMs and with a USB 2.0 microcontroller which in turn communicates with a computer to show the results to users.