Mike Duren
ABSTRACT
In recent decades, human biometrics have been used authenticate the identity of human beings and provide access control. In this paper, we describe the use of Silicon-based "Biometrics" (SIOMETRICS) as the root of trust for Identity Management. This disruptive technological approach is a result of a combination of recent advances in Physical Unclonable Function (PUF) technology, which uses the inherent minute manufacturing variations in semiconductor devices as a silicon "fingerprint," and advanced identity management techniques. Collaboration between academia, leading industry innovators, and a high assurance security DoD provider has resulted in an architectural approach to change the paradigm in cyber security by reducing the attack surface and total cost of security. This approach is applicable to addressing the supply chain risk management problem by providing a lifecycle chain of custody/trust and securing: content/services ("the Cloud"), Mobile Device Integrity (MDI), Bring Your Own Device (BYOD), weapon systems, critical infrastructure protection, and other use cases.
- Devadas, S., Suh, E., Paral, S., Sowell, R., Ziola, T., and Khandelwal, V. 2008. Design and implementation of PUF-based unclonable RFID ICs for anti-counterfeiting and security applications. IEEE International Conference on RFID, 2008, pp. 58--64.Google Scholar
- Gassend, B., Clarke, D., Dijk, M.-V., and Devadas, S. 2002. Silicon physical random functions. ACM Computer and Communication Security (CCS) Conference, 2002. Google ScholarDigital Library
- Holcomb, D., Burleson, W., and Fu, K. 2007. Initial SRAM state as a fingerprint and source of true random numbers for RFID tags. IEEE International Conference on RFID, 2007.Google Scholar
- Lim, D. 2004. Extracting secret keys from integrated circuits. Master's thesis, Department of Electrical Engineering and Computer Science, Massachusetts Institute of Technology (MIT), 2004.Google Scholar
- Paral, Z., and Devadas, S. 2011. Reliable and efficient PUF-based key generation using pattern matching, IEEE Symposium on Hardware-Oriented Security and Trust (HOST), 2011.Google Scholar
- Ruhrmair, U., Sehnke, F., Sorter, J., Dror, G., Devadas S., and Schmidhuber, J. 2010. Modeling attacks on Physical Unclonable Functions. ACM Computer and Communication Security (CCS) Conference, 2010. Google ScholarDigital Library
- Su, Y., Holleman, J., and Otis, B. 2007. A 1.6pJ/bit 96 (percent) stable chip ID generating circuit using process variations. IEEE International Solid-State Circuits Conference (ISSCC), 2007, pp. 200--201.Google Scholar
- Suh, G. 2005. AEGIS: a single-chip secure processor. PhD thesis, Department of Electrical Engineering and Computer Science, Massachusetts Institute of Technology (MIT), 2005. Google ScholarDigital Library
- Suh, G. and Devadas, S., 2007. Physical Unclonable Functions for device authentication and secret key generation. Design Automation Conference (DAC), 2007, pp. 9--14. Google ScholarDigital Library
- Yu, M., and Devadas, S. 2010. Recombination of Physical Unclonable Functions. Government Microcircuit Applications and Critical Technology Conference (GOMACTech), 2010.Google Scholar
- Yu, M., Sowell, R., Singh, A., M'Raïhi, D., and Devadas, S. 2012. Performance Metrics and Empirical Results of a PUF Cryptographic Key Generation ASIC. IEEE Symposium on Hardware-Oriented Security and Trust (HOST), 2012Google Scholar
Index Terms
- Resilient device authentication system (RDAS) through SIOMETRICS
Recommendations
Taxonomy and analysis of security protocols for Internet of Things
AbstractThe Internet of Things (IoT) is a system of physical as well as virtual objects (each with networking capabilities incorporated) that are interconnected to exchange and collect information locally or remotely over the Internet. Since ...
Highlights- We first discuss essential security requirements that are needed to secure IoT environment. We also discuss the threat model and various attacks related to ...
Blockchain-based scalable authentication for IoT: poster abstract
SenSys '20: Proceedings of the 18th Conference on Embedded Networked Sensor SystemsDevice identity management and authentication are one of the critical and primary security challenges in IoT. In order to decrease the IoT attack surface and provide protection from security threats such as introduction of fake IoT nodes and identity ...
Refillable PUF authentication protocol for constrained devices
Connected devices are deployed at a rapid rate and in broad domains like home automation or industry, forming the Internet of Things. Those devices need to be secure and trusted to prevent malicious use. However some connected devices are low-cost, memory ...
Comments