powerpoint presentation file• digital fingerprints inspired by biometrics is an active research...
TRANSCRIPT
WESS 2013
Digital Fingerprints for Low-Cost Platforms using MEMS Sensors
Zane Franklin – Virginia Tech
09/29/2013
2
Outline
• Authentication
• Digital Fingerprints
• Sources of Uniqueness
• Implementation Details
• Results
• Conclusions / Future Works
3
Introduction
• Authentication is a key component of secure systems
• We use authentication in all secure communications
• In today’s systems, in place of humans, electronic devices communicate over non-secure channels
4
A Simple Authentication Protocol
• Prover and Challenger share a secret key
• Prover can verify the possession of a key without showing its content
• We focus on the generation of this Secret Key
Hash Function Hash Function
Authentication
Protocol
Challenger Prover
Secret
Key RNG/CNT
Digest Digest
Secret
Key
?=
Valid/
Fake
5
Application: The Internet of Things
• The Internet of Things is a large scale network of electronic devices
• These devices need to securely exchange information
• New challenges for security: How do we ensure the authenticity of these numerous devices?
6
Internet of Things = Internet of Sensors
• Low-cost devices utilizing microcontrollers and physical sensors
• Sensors enable devices to monitor environment parameters such as room temperature, navigation speed or ambient noise.
• The Internet of Things that is built with these capabilities would eventually become an Internet of Sensors
7
Shifting the Root of Trust
• Traditionally, microcontrollers form the root of trust in a network
• Secret Key must be stored in nonvolatile memory
• Threats:
• Tampering: false negatives
• Cloning: false positives
8
• With sensor–based fingerprints, the root of trust is shifted to sensors
• No storage needed
• Multiple sensors can contribute to secret key
Shifting the Root of Trust
9
Executive Summary
• We present:
An identification of the sources of uniqueness in a generic MEMS sensor.
Digital fingerprint generation using the uniqueness of a MEMS sensor
A quantification of the quality of generated digital fingerprints and observations of this method’s feasibility.
10
Generating the Secret Key
• Biometrics for authentication of individuals are used in systems where humans are the trusted parties.
• Like humans, digital fingerprints are unique to each individual and are hard to clone
• Digital fingerprints inspired by biometrics is an active research area
• How can we find
digital fingerprints?
11
Generating the Secret Key – Process Variation
• No two electronic components are identical
• Process variation causes device disparity
• We can exploit the process variation as a device-unique identifier
• A number of digital fingerprinting methods have been presented for SRAMs, FPGAs, microprocessors, etc.
12
Sources of Digital Fingerprints
ResourceTechnology
scaleSource of Variation
Measured Variation
Overhead of Operation
SRAM Nanometer ElectricalPower-up Values, Write Collisions
Power cycling, True Dual-Port
SRAMs
13
Sources of Digital Fingerprints
ResourceTechnology
scaleSource of Variation
Measured Variation
Overhead of Operation
SRAM Nanometer ElectricalPower-up Values, Write Collisions
Power cycling, True Dual-Port
SRAMs
Microprocessor Nanometer ElectricalExecution
Results of an Instruction
External High-Precision Clock
Generator
14
Sources of Digital Fingerprints
ResourceTechnology
scaleSource of Variation
Measured Variation
Overhead of Operation
SRAM Nanometer ElectricalPower-up Values, Write Collisions
Power cycling, True Dual-Port
SRAMs
Microprocessor Nanometer ElectricalExecution
Results of an Instruction
External High-Precision Clock
Generator
Dedicated Logic
Nanometer ElectricalTiming of Delay
Paths
Dedicated Unit, Reconfigurable Fabric (FPGA)
15
Sources of Digital Fingerprints
ResourceTechnology
scaleSource of Variation
Measured Variation
Overhead of Operation
SRAM Nanometer ElectricalPower-up Values, Write Collisions
Power cycling, True Dual-Port
SRAMs
Microprocessor Nanometer ElectricalExecution
Results of an Instruction
External High-Precision Clock
Generator
Dedicated Logic
Nanometer ElectricalTiming of Delay
Paths
Dedicated Unit, Reconfigurable Fabric (FPGA)
MEMS Sensors Micrometer MechanicalOffset Values,
Impulse Response
Extra sampling
16
MEMS Sensors
• Micro ElectroMechanical Systems
• Accelerometers, gyroscopes, resonators, pressure sensors, etc. all can be implemented in MEMS technology
• Sources of Variation:
• Geometry of structure
• Fabrication dimensions
• Feature complexities
• Scatters of material
• Control voltage
17
Target Platform, Experiment Setup
• ADXL345 accelerometer
• PIC32 microcontroller
• Stationary while under test
• 20 sensors
• 100 fingerprints/sensor
• Quality Metrics
• Uniqueness
• Reliability
18
Generating the Secret Key – Offset
• Offset values
• Result of process variation in accelerometers
• Position-dependent
• Precision-dependent
19
Generating the Secret Key - Impulse
• Electrostatic Impulse
• Creates artificial acceleration
• Implemented as self-test feature
• Impulse is subject to process variation
• Position Independent
20
Impulse Response/Self-Test
• Natural acceleration measured
• Impulse enabled, acceleration measured
• Natural acceleration + impulse response
• Difference used for secret key generation
• Position independence: natural acceleration removed
• Impulse variation + offset variation
21
Quality Metrics
• Validated on 20 ADXL345 sensors
• Uniqueness is a metric used for estimating how well each device is being authenticated
• Reliability is a metric used for estimating the reproducibility of the generated keys
22
Target Platform Effect on Metrics
• Reliability
• Noise increases with output data rate
• Sampling at 100Hz
• Uniqueness
• 48 bit outputs
• 16 bit output/axis
[19]
23
Results
• Uniqueness of the offset measurements (left) is 30.2±3.6 (with %90 CI) Reliability is 86.2
• Uniqueness of the impulse + offset measurements (right) is 42.64±4.3 (with %90 CI). Reliability is 92.17
Uniqueness: Offset Values Uniqueness: Offset + Impulse
24
Improvements in Future Work
• Outputs of multiple sensors can be combined for a larger key
• Improve uniqueness
• Improve reliability with error correction
• Investigate effects of:
• Temperature variation
• Aging
• Scaling to NEMS
25
Conclusions
• MEMS sensors can be successfully used in authentication schemes as unique sources of entropy
• Low-cost, memory-less alternative
• Outputs from multiple sensors in each device can be combined to create more secure secret keys
26
Questions
WESS 2013
Digital Fingerprints for Low-Cost Platforms using MEMS Sensors
27
Cost of Operation
*Only the sampling cost is shown
Output Data
Rate (Hz)Idd (µa) Power (µW)
Energy
(µJ)
3200 140 252 0.0788
1600 90 162 0.1013*
800 140 252 0.315
400 140 252 0.63
200 140 252 1.26
100 140 252 2.52*
50 90 162 3.24
25 60 108 4.32
12.5 50 90 7.2
6.25 45 81 12.96
3.13 40 72 23.0032
1.56 34 61.2 39.2308
0.78 23 41.4 53.0769
0.39 23 41.4 106.1538
0.2 23 41.4 207
28
Previous Work
• Previous work on implementing digital fingerprints on sensors:
• Rosenfald et al. showed the first example.
Photodiode-based sensor designed for fingerprint generation
High reliability and uniqueness
• Boneh et al. used MEMS accelerometer
Use only offset measurements
Requires further statistical quantification
29
References
[1] http://beyondplm.com/2012/01/11/plm-smart-products-and-internet-of-things/
[2]http://katv.images.worldnow.com/images/15161314_BG1.jpg
[3]http://www.wired.com/images/slideshow/2008/07/gallery_nano_letters/nano_letters_81_.jpg
[19] Analog Devices.: "ADXL345 datasheet." USA: Analog Devices, 2010