Presentation is loading. Please wait.

Presentation is loading. Please wait.

presented by Fabian Schläfli

Published byKathrine Engebretsen Modified over 4 years ago

Similar presentations

Presentation on theme: "presented by Fabian Schläfli"— Presentation transcript:

1 presented by Fabian Schläfli
CCS 2002 presented by Fabian Schläfli

2 Identification vs Authentication
the process of providing a system with your identity Authentication the process of verifying that the claimed identity is correct Identification: Authentication: Hi, I’m an undercover police officer. Please show me your police badge.

3 Overview Executive Summary Problem, Goal & Background
Key Approach and Ideas Novelty Mechanisms Key Results Summary Strengths and Weaknesses Takeaways Research history Discussion Explain what an integrated circuit (IC) is

4 Executive Summary Problem: providing authentication for an Integrated Circuit (IC) is difficult, expensive and insecure Goal: provide a method that provides authentication for ICs that is inexpensive, reliable and secure Method: implement a circuit that gives characteristic responses for each IC and that is hard to predict Result: secure authentication that is reliable even under varying environmental conditions Explain what an integrated circuit (IC) is

5 Overview Executive Summary Problem, Goal & Background
Key Approach and Ideas Novelty Mechanisms Key Results Summary Strengths and Weaknesses Takeaways Research history Discussion Explain what an integrated circuit (IC) is

6 Problem There are different applications which require identifying and authenticating an IC e.g. smartcard Explain what an integrated circuit (IC) is image source:

7 Problem There are different applications which require identifying and authenticating an IC e.g. smartcard Available methods involved embedding a unique secret key on the IC to provide authentication these ICs have to be made resistant to attacks that attempt to discover the key manufacturing such ICs is expensive and difficult numerous attacks against such ICs are known e.g. opening the IC and removing layers to analyze it Explain what an integrated circuit (IC) is image source (SIM card): image source (credit card):

8 Goal Provide a method to identify and authenticate an IC such that:
the method is inexpensive the method is fast and easy to evaluate the authentication works reliably even under varying environmental conditions the authentication is secure against both invasive and non-invasive attacks describe what invasive and non-invasive attacks are (?)

9 Background Manufacturing process variations
mask variations temperature variations pressure variations The magnitude of delay variation due to random variations can be 5% or more image source:

10 Overview Executive Summary Problem, Goal & Background
Key Approach and Ideas Novelty Mechanisms Key Results Summary Strengths and Weaknesses Takeaways Research history Discussion Explain what an integrated circuit (IC) is

11 Key Approach and Ideas Authenticate an IC by implementing a function that returns unpredictably different output on different ICs Physical Unclonable Function (PUF) also called: Physical Random Function function that maps challenges to responses challenge response pair (CRP) physical function which returns different responses to the same challenge on different devices “digital fingerprint” of the device easy to evaluate hard to characterize Refer to police example when explaining CRPs

12 Key Approach and Ideas: Authentication
The entity performing the authentication has to: analyze each PUF after production store characteristic CRPs in a database for each PUF Entity performing Authentication PUF send ID Select CRP corresponding to the PUFs ID from database send challenge Compute response based on received challenge send response Check whether the response matches the expected response

13 Key Approach and Ideas: Building a PUF
Use the delay variations that result from the manufacturing process variations to build a PUF fast to evaluate provides a high level of security inexpensive to produce requires no secure packaging Build a circuit that has a variable delay from device to device Measure the delay when applying a given input and return a value depending on the delay as response Return delay ratio rather than just the delay to provide reliability against environmental variations

14 Overview Executive Summary Problem, Goal & Background
Key Approach and Ideas Novelty Mechanisms Key Results Summary Strengths and Weaknesses Takeaways Research history Discussion Explain what an integrated circuit (IC) is

15 Novelty Eliminate the need to embed a secret key for authentication
provides more security cheaper to manufacture previous work was only able to identify ICs based on manufacturing variations, but not authenticate them First to work reliably even under varying environmental conditions Introduced the term PUF which is still being used today

16 Overview Executive Summary Problem, Goal & Background
Key Approach and Ideas Novelty Mechanisms Key Results Summary Strengths and Weaknesses Takeaways Research history Discussion Explain what an integrated circuit (IC) is

17 Mechanism: Measurement Circuit
explain CRPs again challenge “response”: gets further processed to ensure reliability against environmental variations counting bit: set to “1” for a predefined amount of clock cycles to enable the measurement

18 Mechanism: Measurement Circuit
delay circuit: variable delay from device to device more in a few moments

19 Mechanism: Measurement Circuit
oscillator block: self-oscillating circuit frequency is determined by the delay of the delay circuit

20 Mechanism: Measurement Circuit
edge-detector XOR outputs “1” exactly when the two FFs store different values The flip-flops store the past state of the same bit

21 Mechanism: Measurement Circuit
counting mechanism increases its value if and only if an edge got detected and the frequency is still being measured

22 Mechanism: Measurement Circuit
Detailed delay circuit

23 Mechanism: Delay Circuit
Challenge consists of n Bits Challenge Bit 1 Challenge Bit n

24 Mechanism: Delay Circuit
Consists of n-1 stages Each stage has two paths Challenge Bit 1 Challenge Bit n

25 Mechanism: Delay Circuit
Consists of n-1 stages Each stage has two paths: upper path Challenge Bit 1 Challenge Bit n

26 Mechanism: Delay Circuit
Consists of n-1 stages Each stage has two paths: lower path Challenge Bit 1 Challenge Bit n

27 Mechanism: Delay Circuit
A stage is made up of 2 blocks First block: switch block Challenge Bit 1 Challenge Bit n

28 Mechanism: Delay Circuit
A stage is made up of 2 blocks First block: switch block Challenge Bit 1 Challenge Bit n

29 Mechanism: Delay Circuit
A stage is made up of 2 blocks First block: switch block Challenge Bit 1 Challenge Bit n

30 Mechanism: Delay Circuit
A stage is made up of 2 blocks Second block: variable delay block Challenge Bit 1 Challenge Bit n

31 Mechanism: Delay Circuit
Remaining bit of the challenge is used to select whether the upper or the lower path gets propagated forward Challenge Bit 1 Challenge Bit n

32 Mechanism: Providing Reliability
Problem of environmental variations Varying ambient temperatures can influence the junction temperatures, which in turn directly influence the delays of the circuit Solution: Build multiple circuits and take the delay ratio You can evaluate all the circuits in parallel More stable result (can compensate at least 25 degrees Celsius in ambient temperature variation)

33 Mechanism: Controlled PUF
The PUF as we know it:

34 Mechanism: Controlled PUF
Some additional features:

35 Mechanism: Controlled PUF
Some additional features: Hash functions: to disguise the internal challenge and response

36 Mechanism: Controlled PUF
Some additional features: Hash functions: to disguise the internal challenge and response Error correction: to provide more reliability

37 Mechanism: Controlled PUF
Some additional features: Hash functions: to disguise the internal challenge and response Error correction: to provide more reliability Unique identifier: to provide unambiguity

38 Mechanism: Controlled PUF
Some additional features: Hash functions: to disguise the internal challenge and response Error correction: to provide more reliability Unique identifier: to provide unambiguity Application specific personality: to provide privacy

39 Overview Executive Summary Problem, Goal & Background
Key Approach and Ideas Novelty Mechanisms Key Results Summary Strengths and Weaknesses Takeaways Research history Discussion Explain what an integrated circuit (IC) is

40 Key Results: Methodology
Implementation of ICs on FPGAs All FPGAs have exactly the same circuits programmed onto them Delay circuit consists of 32 Buffers Clock speed of 50 MHz Loop delay of approximately 60 ns

41 Key Results Measurement error vs Inter-FPGA variation
Inter-FPGA variation is significantly larger than measurement error Information about identity can be extracted FPGA 4 FPGA 2 FPGA 3 FPGA 1 explain axes-problem, plot explanation Measurement error frequency

42 Frequency ratio variation
Key Results Absolute frequency vs frequency ratio (variable temperature between 25 and 50 degrees Celsius) Absolute frequency: variation is too big to extract identity information Frequency ratio: extraction of identity information is possible FPGA 1 FPGA 2 FPGA 2 FPGA 1 Frequency variation Frequency ratio variation absolute frequency frequency ratio

43 Overview Executive Summary Problem, Goal & Background
Key Approach and Ideas Novelty Mechanisms Key Results Summary Strengths and Weaknesses Takeaways Research history Discussion Explain what an integrated circuit (IC) is

44 Summary Problem: providing authentication for an Integrated Circuit (IC) is difficult, expensive and insecure Goal: provide a method that provides authentication for ICs that is inexpensive, reliable and secure Method: implement a circuit that gives characteristic responses for each IC and that is hard to predict Result: secure authentication that is reliable even under varying environmental conditions Explain what an integrated circuit (IC) is

45 Overview Executive Summary Problem, Goal & Background
Key Approach and Ideas Novelty Mechanisms Key Results Summary Strengths and Weaknesses Takeaways Research history Discussion Explain what an integrated circuit (IC) is

46 Strengths Provides a reliable way to identify and authenticate ICs
Method is inexpensive Method is fast to evaluate Method is reliable even under varying ambient temperatures Overall well structured and written paper

47 Weaknesses Local environmental variations might cause false negatives
Delay ratios would fail to compensate temperature changes if they only occur locally The results of the experiments are not explained very well The plots are missing axes labeling Sometimes peculiar units get used without explanation The entity performing the authentication needs to maintain a database containing all necessary CRPs for each user Since each CRP can be used only once, this can add up to quite a big amount of data If you run out of CRPs you need to “reload” the database Dependent on the production procedure being inaccurate PUFs will not work anymore if environmental variations and measurement errors dominate manufacturing process variations describe what false negatives are (?)

48 Overview Executive Summary Problem, Goal & Background
Key Approach and Ideas Novelty Mechanisms Key Results Summary Strengths and Weaknesses Takeaways Research history Discussion Explain what an integrated circuit (IC) is

49 Takeaways PUFs are a reliable and secure way to provide identification and authentication for ICs Authentication is possible without the need of a secret key PUFs are gaining interest in the industry today Drawbacks of a method can prove to be helpful when trying to solve another problem

50 Overview Executive Summary Problem, Goal & Background
Key Approach and Ideas Novelty Mechanisms Key Results Summary Strengths and Weaknesses Takeaways Research history Discussion Explain what an integrated circuit (IC) is

51 Use structure of paper to identify counterfeit banknotes
Research History Presented paper D. Bauder, An Anti-counterfeiting Concept for Currency Systems. Technical Report PTK-11990, Sandia National Labs, Albuquerque, NM, 1983 Use structure of paper to identify counterfeit banknotes image source:

52 Research History Presented paper K. Lofstrom, W. R. Daasch, and D. Taylor. “IC Identification Circuit Using Device Mismatch”. In Proceedings of ISSCC 2000, pages 372–373, February 2000

53 Research History Presented paper B. Gassend, D. Clarke, M. van Dijk, and S. Devadas. Controlled Physical Random Functions. In Proceedings of the 18th Annual Computer Security Conference, December 2002

54 Research History Presented paper Over 1200 citations

55 Implementation in the Xilinx Zynq UltraScale+
Research History Presented paper Implementation in the Xilinx Zynq UltraScale+ image source:

56 Research History Presented paper J. S. Kim, M. Patel, H. Hassan, and O. Mutlu, “The DRAM Latency PUF: Quickly Evaluating Physical Unclonable Functions by Exploiting the Latency–Reliability Tradeoff in Modern DRAM Devices,” in HPCA, 2018.

57 Overview Executive Summary Problem, Goal & Background
Key Approach and Ideas Novelty Mechanisms Key Results Summary Strengths and Weaknesses Takeaways Research history Discussion Explain what an integrated circuit (IC) is

58 Discussion Can you think of any attacks against the described PUFs?

59 Discussion 1st approach: Produce a copy of the PUF
Would require production and characterization of a huge amount of ICs

60 Discussion 2nd approach:
Measure the delay of each device and wire in the IC precisely to build a model of the PUF Invasive attack Likely to change the behavior of the PUF due to electromagnetic coupling which renders the measurements worthless Non-invasive attack E.g. Differential Power Analysis is not very useful either because the power consumption does not really depend on the delays of the individual internal devices

61 Discussion 3rd approach:
Exhaustively enumerating all challenges and afterwards replay them from a database Possible but basically unfeasible

62 Discussion 4th approach:
Measuring the responses to a limited amount of challenges and building a model based on these measurements Probably the most promising attack However properties of the PUF such as the non-monotony of the delays make it quite hard to determine a model

63 Discussion Can you think of other types of PUFs? Delay PUF DRAM PUF
Paper PUF Optical PUF Fingerprint image source (Optical PUF): image source (Fingerprint):

64 Backup Frequency shift resulting from electromagnetic coupling compared to measurement error frequency

65 Backup The differences between FPGA can only be detected through differences in texture, not in the overall structure response response challenge challenge

66 Backup Measure responses in time when undergoing changes in ambient temperature with and without compensation absolute frequency frequency ratio time time

Download ppt "presented by Fabian Schläfli"

Similar presentations

Trusted Design In FPGAs

Trusted Design In FPGAs
Physical Unclonable Functions and Applications

Physical Unclonable Functions and Applications
Physical Unclonable Functions

Physical Unclonable Functions
Software Certification and Attestation Rajat Moona Director General, C-DAC.

Software Certification and Attestation Rajat Moona Director General, C-DAC.
SIA: Secure Information Aggregation in Sensor Networks Bartosz Przydatek, Dawn Song, Adrian Perrig Carnegie Mellon University Carl Hartung CSCI 7143: Secure.

SIA: Secure Information Aggregation in Sensor Networks Bartosz Przydatek, Dawn Song, Adrian Perrig Carnegie Mellon University Carl Hartung CSCI 7143: Secure.
COMPUTER ARCHITECTURE & OPERATIONS I Instructor: Hao Ji.

COMPUTER ARCHITECTURE & OPERATIONS I Instructor: Hao Ji.
Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Authentication Approaches over Internet Jia Li

Authentication Approaches over Internet Jia Li
CS1Q Computer Systems Lecture 11 Simon Gay. Lecture 11CS1Q Computer Systems - Simon Gay2 The D FlipFlop A 1-bit register is called a D flipflop. When.

CS1Q Computer Systems Lecture 11 Simon Gay. Lecture 11CS1Q Computer Systems - Simon Gay2 The D FlipFlop A 1-bit register is called a D flipflop. When.
Multi-core Programming Introduction Topics. Topics General Ideas Moore’s Law Amdahl's Law Processes and Threads Concurrency vs. Parallelism.

Multi-core Programming Introduction Topics. Topics General Ideas Moore’s Law Amdahl's Law Processes and Threads Concurrency vs. Parallelism.
1 UCR Hardware Security Primitives with focus on PUFs Slide credit: Srini Devedas and others.

1 UCR Hardware Security Primitives with focus on PUFs Slide credit: Srini Devedas and others.
Project Presentation: Physical Unclonable Functions

Project Presentation: Physical Unclonable Functions
Physically Unclonable Function– Based Security and Privacy in RFID Systems Leonid Bolotnyy and Gabriel Robins Dept. of Computer Science University of Virginia.

Physically Unclonable Function– Based Security and Privacy in RFID Systems Leonid Bolotnyy and Gabriel Robins Dept. of Computer Science University of Virginia.
Security Analysis of a Cryptographically- Enabled RFID Device Steve Bono, Matthew Green, Adam Stubblefield, Ari Juels, Avi Rubin, Michael Szydlo Usenix.

Security Analysis of a Cryptographically- Enabled RFID Device Steve Bono, Matthew Green, Adam Stubblefield, Ari Juels, Avi Rubin, Michael Szydlo Usenix.
1 Biometric Databases. 2 Overview Problems associated with Biometric databases Some practical solutions Some existing DBMS.

1 Biometric Databases. 2 Overview Problems associated with Biometric databases Some practical solutions Some existing DBMS.
Identification Authentication. 2 Authentication Allows an entity (a user or a system) to prove its identity to another entity Typically, the entity whose.

Identification Authentication. 2 Authentication Allows an entity (a user or a system) to prove its identity to another entity Typically, the entity whose.
Focus On Bluetooth Security Presented by Kanij Fatema Sharme.

Focus On Bluetooth Security Presented by Kanij Fatema Sharme.
PREPARED BY: MS. ANGELA R.ICO & MS. AILEEN E. QUITNO (MSE-COE) COURSE TITLE: OPERATING SYSTEM PROF. GISELA MAY A. ALBANO PREPARED BY: MS. ANGELA R.ICO.

PREPARED BY: MS. ANGELA R.ICO & MS. AILEEN E. QUITNO (MSE-COE) COURSE TITLE: OPERATING SYSTEM PROF. GISELA MAY A. ALBANO PREPARED BY: MS. ANGELA R.ICO.
Buffering Techniques Greg Stitt ECE Department University of Florida.

Buffering Techniques Greg Stitt ECE Department University of Florida.
7/10/20161 Computer Security Protection in general purpose Operating Systems.

7/10/20161 Computer Security Protection in general purpose Operating Systems.

Similar presentations

Ads by Google