Physically Restricted Authentication and Encryption for - - PDF document

▶

Aug 27, 2023 380 likes •443 views

11/12/09 Physically Restricted Authentication and Encryption for Cyber-physical Systems Michael Kirkpatrick, Elisa Bertino Purdue University Frederick Sheldon Oak Ridge National Laboratory DHS: S&T Workshop on Future Directions in

SLIDE 1

11/12/09 1

Managed by UT-Battelle for the Department of Energy

Michael Kirkpatrick, Elisa Bertino Purdue University Frederick Sheldon Oak Ridge National Laboratory DHS: S&T Workshop on Future Directions in Cyber-physical Systems Security July 23, 2009

Physically Restricted Authentication and Encryption for Cyber-physical Systems

2 Managed by UT-Battelle for the Department of Energy Cyber Cyberspace Sciences & Inf space Sciences & Infor

mation tion Intelligence R Intelligence Resear esearch Gr h Group

Key Problems for CPS

Data provenance and integrity

– Origin of data is known – Changes are tracked

CPS vs. traditional computing

– Decentralized – Not desktop/server model – Continuous, not discrete

Goal is to restrict access to trusted devices

– First, one must identify the device!

SLIDE 2

11/12/09 2

3 Managed by UT-Battelle for the Department of Energy Cyber Cyberspace Sciences & Inf space Sciences & Infor

mation tion Intelligence R Intelligence Resear esearch Gr h Group

Authorization Mechanisms

Physical key

– Continuous – “Clonable”

Cryptographic key

– Discrete – Clonable

CPS identification

– Based on continuous, physical properties – Can be discretized – Unclonable

4 Managed by UT-Battelle for the Department of Energy Cyber Cyberspace Sciences & Inf space Sciences & Infor

mation tion Intelligence R Intelligence Resear esearch Gr h Group

Physical Unclonable Functions (PUFs)

One-way function

– Given challenge Ci , response is Ri – Ri cannot be predicted or duplicated – Ri continuous, but can be made discrete

SRAM-based PUFs

– SRAM bits start in the same state (0 or 1) with high probability

Not affected by previous computation

– Ci is a range of memory locations in SRAM

SLIDE 3

11/12/09 3

5 Managed by UT-Battelle for the Department of Energy Cyber Cyberspace Sciences & Inf space Sciences & Infor

mation tion Intelligence R Intelligence Resear esearch Gr h Group

Usage of Discretized PUFs

Secure cryptographic key storage

– Given key K, create and store X = K XOR Ri – X can be stored in plaintext (!)

Cryptographic key generation

– For ECC, point P, Ri is private key, Kpub = Ri * P – For Feige-Fiat-Shamir, public identity commitment is Ri

2 mod n

6 Managed by UT-Battelle for the Department of Energy Cyber Cyberspace Sciences & Inf space Sciences & Infor

mation tion Intelligence R Intelligence Resear esearch Gr h Group

Advantages of PUFs

SRAM is everywhere

– ASICs, processor caches, FPGAs, micro- controllers, embedded devices – Devices without TPM or tamper-proof hardware

Cryptographic key exists only when needed
Bound to the hardware itself

– Uniquely identifies hardware instance

SLIDE 4

11/12/09 4

7 Managed by UT-Battelle for the Department of Energy Cyber Cyberspace Sciences & Inf space Sciences & Infor

mation tion Intelligence R Intelligence Resear esearch Gr h Group

Challenges and Open Problems

No tool support

– PUFs have been created just as proof-of-concept

Delicacy of (Ci,Ri) and revocation
New protocols designed specifically for PUFs

– Use function as ZKPK secret

Heterogeneous devices for CPS

– PUFs for different types of hardware?

Scalable identity management for large

sensor networks

8 Managed by UT-Battelle for the Department of Energy Cyber Cyberspace Sciences & Inf space Sciences & Infor

mation tion Intelligence R Intelligence Resear esearch Gr h Group

References

B. Gassend, D. Clarke, M. van Dijk, S. Devadas, “Controlled Physical Random

Functions.” In Proceedings of the 18th Annual Computer Security Applications Conference (ACSAC), 2002.

J. Guajardo, S. S. Kumar, G.-J. Schrijen, P. Tuyls, “Physical Unclonable

Functions and Public-key Crypto for FPGA IP Protection.” In International Conference on Field Programmable Logic and Applications, 2007.

S. S. Kumar, J Guajardo, R. Maes, G.-J. Schrijen, P. Tuyls, “Extended Abstract:

The Butterfly PUF Protecting IP on Every FPGA.” In IEEE International Workshop on Hardware-Oriented Security and Trust (HOST), 2008.

G. E. Suh, S. Devadas, “Physical Unclonable Functions for Device

11/12/09 1

Michael Kirkpatrick, Elisa Bertino Purdue University Frederick Sheldon Oak Ridge National Laboratory DHS: S&T Workshop on Future Directions in Cyber-physical Systems Security July 23, 2009

Physically Restricted Authentication and Encryption for Cyber-physical Systems

Key Problems for CPS

– Origin of data is known – Changes are tracked

– Decentralized – Not desktop/server model – Continuous, not discrete

– First, one must identify the device!

11/12/09 2

Authorization Mechanisms

– Continuous – “Clonable”

– Discrete – Clonable

– Based on continuous, physical properties – Can be discretized – Unclonable

Physical Unclonable Functions (PUFs)

– Given challenge Ci , response is Ri – Ri cannot be predicted or duplicated – Ri continuous, but can be made discrete

– SRAM bits start in the same state (0 or 1) with high probability

– Ci is a range of memory locations in SRAM

11/12/09 3

Usage of Discretized PUFs

– Given key K, create and store X = K XOR Ri – X can be stored in plaintext (!)

– For ECC, point P, Ri is private key, Kpub = Ri * P – For Feige-Fiat-Shamir, public identity commitment is Ri

2 mod n

Advantages of PUFs

– ASICs, processor caches, FPGAs, micro- controllers, embedded devices – Devices without TPM or tamper-proof hardware

– Uniquely identifies hardware instance

11/12/09 4

Challenges and Open Problems

– PUFs have been created just as proof-of-concept

– Use function as ZKPK secret

– PUFs for different types of hardware?

sensor networks

References

Functions.” In Proceedings of the 18th Annual Computer Security Applications Conference (ACSAC), 2002.

Functions and Public-key Crypto for FPGA IP Protection.” In International Conference on Field Programmable Logic and Applications, 2007.

The Butterfly PUF Protecting IP on Every FPGA.” In IEEE International Workshop on Hardware-Oriented Security and Trust (HOST), 2008.

Authentication and Secret Key Generation.” In Proceedings of the 44th IEEE Design Automation Conference (DAC), 2007.