Meng-Day (Mandel) Yu
Abstract
Authentication of physical items is an age-old problem. Common approaches include the use of bar codes, QR codes, holograms, and RFID (radio-frequency identification) tags. Traditional RFID tags and bar codes use a public identifier as a means of authenticating. A public identifier, however, is static: it is the same each time when queried and can be easily copied by an adversary. Holograms can also be viewed as public identifiers: a knowledgeable verifier knows all the attributes to inspect visually. It is difficult to make hologram-based authentication pervasive; a casual verifier does not know all the attributes to look for. Further, to achieve pervasive authentication, it is useful for the authentication modality to be easy to integrate with modern electronic devices (e.g., mobile smartphones) and to be easy for non-experts to use.
- Becker, G. 2015. The gap between promise and reality: on the insecurity of XOR arbiter PUFs. International Workshop on Cryptographic Hardware and Embedded Systems: 535-555.Google Scholar
Cross Ref
- Boneh, D., Joux, A., Nguyen, P. 2000. Why textbook elgamal and RSA encryption are insecure. Advances in Cryptology ASIACRYPT: 30-43. Google ScholarDigital Library
- Counterfeiting and piracy: stamping it out, The Economist. April 23, 2016.Google Scholar
- Delvaux, J., Peeters, R., Gu, D., Verbauwhede, I. 2015. A survey on entity authentication with strong PUFs. ACM Computing Surveys 48(2): 26:1-26:42. Google ScholarDigital Library
- Ganji, F., Tajik, S., Seifert, J.-P. 2015. Why attackers win: on the learnability of XOR arbiter PUFs. International Conference on Trust and Trustworthy Computing: 22-39.Google ScholarCross Ref
- Gassend, B., Clarke, D., van Dijk, M., Devadas, S. 2002. Silicon physical random functions. ACM Conference on Computer and Communication Security. Google ScholarDigital Library
- Lim, D. 2004. Extracting secret keys from integrated circuits. Master's thesis, MIT.Google Scholar
- Majzoobi, M. Rostami, M., Koushanfar, F., Wallach, D., Devadas, S. 2012. SlenderPUF: a lightweight, robust and secure strong PUF by substring matching. IEEE International Workshop on Trustworthy Embedded Devices.Google Scholar
- Quadir, S. E., Chen, J., Forte, D., Asadizanjani, N., Shahbazmohamadi, S., Wang, L., Chandy, J., Tehranipoor, M. 2016. A survey on chip-to-system reverse engineering. ACM Journal on Emerging Technologies in Computing Systems 13(1). Google ScholarDigital Library
- Quinn, G., Grother, P. 2012. IREX III: Supplement I: Failure Analysis. NIST Interagency Report 7853.Google Scholar
- Rührmair, U., Sehnke, F., Sölter, J., Dror, G., Devadas, S. Schmidhuber, J. 2010. Modeling attacks on physical unclonable functions. ACM Conference on Computer and Communication Security. Google ScholarDigital Library
- Rührmair, U., Sölter, J., Sehnke, F., Xu, X., Mahmoud, A., Stoyanova, V., Dror, G., Schmidhuber, J., Burleson, W., Devadas, S. 2013. PUF modeling attacks on simulated and silicon data. IEEE Transactions on Information Forensics and Security 8(11): 1876-1891. Google ScholarDigital Library
- Schneier, B. 2004. Sensible authentication. ACM Queue 1(10): 74-78. Google ScholarDigital Library
- Suh, G. E., Devadas, S. 2007. Physical unclonable functions for device authentication and secret key generation. Design Automation Conference: 9-14. Google ScholarDigital Library
- Suh, G. E. 2005. AEGIS: a single-chip secure processor. Ph.D. thesis, Electrical Engineering and Computer Science Dept., MIT. Google ScholarDigital Library
- Valiant, L. 1984. A theory of the learnable. Communications of the ACM 27(11): 1134-1142. Google ScholarDigital Library
- Valsorda, F. 2013. The ECB penguin; https://blog.filippo.io/the-ecb-penguin/.Google Scholar
- Wilson, C., Hicklin, R., Bone, M., Korves, H., Grother, P., Ulery, B., Micheals, R., Zoepfl, M., Otto, S., Watson, C. 2004. Fingerprint vendor technology evaluation 2003: summary of results and analysis report. NIST Internal Report 7123.Google Scholar
- Xilinx Inc. 2016. Xilinx addresses rigorous security demands at fifth annual working group for broad range of applications; http://www.prnewswire.com/news-releases/xilinx-addresses-rigorous-security-demands-at-fifth-annual-working-group-for-broad-range-of-applications-300351291.html.Google Scholar
- Yu, M. Hiller, M., Delvaux, J., Sowell, R., Devadas, S., Verbauwhede, I. 2016. A lockdown technique to prevent machine learning on PUFs for lightweight authentication. IEEE Transactions on Multi-Scale Computing Systems 2(3): 146-159.Google ScholarCross Ref
- Yu, M., M'Raïhi, D., Verbauwhede, I., Devadas, S. 2014. A noise bifurcation architecture for linear additive physical functions. IEEE International Symposium on Hardware Oriented Security and Trust: 124-129.Google ScholarCross Ref
Index Terms
- Pervasive, Dynamic Authentication of Physical Items: The use of silicon PUF circuits
Recommendations
Practical deniable authentication for pervasive computing environments
Pervasive computing environments allow users to get services anytime and anywhere. Security has become a great challenge in pervasive computing environments because of its heterogeneity, openness, mobility and dynamicity. In this paper, we propose two ...
Connecting the Physical World with Pervasive Networks
This article addresses the challenges and opportunities of instrumenting the physical world with pervasive networks of sensor-rich, embedded computation. Such systems will fulfill two of Mark Weiser's key objectives-ubiquity, by injecting computation ...
Comments