- PVSM.RU - https://www.pvsm.ru -
Source: The online counterfeit economy [1]: consumer electronics, a report made by CSC in 2017
Over the past 10 years, the number of fake goods in the world has doubled. This data has been published in the latest Year-End Intellectual Property Rights Review by the US Department of Homeland Security in 2016 (the most current year tracked). A lot of the counterfeiting comes from China (56%), Hong Kong (36%) and Singapore (2%). The manufacturers of original goods suffer serious losses, some of which occur on the electronics market.
Many modern products contain electronic components: clothes, shoes, watches, jewellery, cars.
Last year, direct losses from the illegal copying of consumer electronics and electronic components in the composition of other goods were about $0.5 trillion.
How to solve this problem?
This problem can be solved by various methods of protecting digital electronics from illegal copying, modification and reverse engineering: hardware encryption (AES, RSA, etc.), hashing (for example, SHA-256, MD-5), the introduction of digital watermarks and fingerprints in the design description, lexical and functional obfuscation, formal verification, and others.
In this article, we will talk about one of the most cost-effective protection methods in terms of hardware costs—physical unclonable functions (PUF).
The disadvantage of most of the methods mentioned above is significant hardware costs and, as a result, high power consumption.
With the emergence of the concept of the Internet of Things (IoT), the requirements for the area occupied by a digital device on a chip of an integrated circuit, as well as for power consumption, become more stringent as the size of devices dramatically decreases from year to year.
One way to identify and authenticate digital devices is physical unclonable functions, which are much more economical to implement than the above protection methods.
What are PUF?It is difficult to find two absolutely identical objects among the material objects around us. Even in mass production, each object is unique due to inaccuracies and accidents. These features of each individual object can be registered and used as a unique identifier, a kind of a “fingerprint.”
A good example is optical PUF [2]. Take a piece of melted glass, add air bubbles to it, cool this mass and cut it into equal bars. The chance of getting two absolutely identical bars is negligible; air bubbles inside will be distributed unevenly. We can fix these differences by sending a laser beam to the bar (request), and receiving at the output a unique interference pattern of radiation beams after refraction (response). As a result, we obtain a physical unclonable function that will determine the dependence of the response on the input request. Of course, this function is not an analytic one, so neither the legal owner of the object nor an attacker can find it out in advance. You can only test a batch of products and create a table of input and output values, which will serve as criteria for determining the authenticity of objects.
PUF for the protection of electronics are based on the use of manufacturing process variations during the manufacture of integrated circuits: for example, accurate values for threshold voltages, signal propagation delays, the frequency of component operation, etc. In the standard design process, electronics design engineers seek to reduce the impact of variations on the final product. For PUF, on the contrary, this uncontrolled phenomenon is used to extract the randomness and uniqueness of a digital device.
Actually, PUF is similar to hardware implementations of hash functions, the only difference is that the uniqueness of the output value of the PUF is based on the uniqueness of a particular integrated circuit, and not on a mathematical algorithm.
The PUF input argument (request) is called the challenge (CH), and the output value is the response ®. In this way, for some integrated circuits — ICk, the set of challenges — {CH0, …, CHN-1} — will be uniquely mapped to the set of responses {R0, …, RN-1} with PUF:
A set of challenge-response pairs (CRP) {(CH0, R0), …, (CHN-1, RN-1)} uniquely characterizes the integrated circuit ICk and cannot be copied even for an absolutely identical design description (see diagram below).
Inter-chip and per-chip uniqueness of integrated circuits (IC)
As shown in the diagram, when implementing an identical design description of the PUF on different integrated circuits, the responses (Ri) to the same challenges (CHi) will be unique (significantly different from each other) for each copy. This phenomenon is called inter-chip uniqueness, i.e. the ability to distinguish integrated circuits from each other using PUF. When using identical realizations of PUF on a single chip to identify, for example, various components of intellectual property (IP), the phenomenon of per-chip uniqueness is observed. Since the realizations of the PUF inside a chip are different at least in their mutual arrangement, the per-chip uniqueness or chip-unique signatures is, as a rule, more pronounced than the inter-chip one.
Currently, there are many PUF implementations based on:
As shown above, there is a wide variety of types of PUFs that can be implemented both on digital devices and using other technologies (optical, magnetic, paper, etc.).
The first commercial implementation of PUF in 2008 was radio frequency identifiers manufactured by the Verayo Company. Also, currently, many FPGA manufacturers — for example, Xilinx [11] and Altera (Intel) [12] — use PUFs as the embedded non-cloning FPGA identifier.
Since PUFs are used as cryptographic primitives (random number generators, unique identifiers, hardware hash functions), many manufacturers do not disclose the use of PUFs to keep secret the details of the implementation of their security protocols from intruders.
As an example of PUF, we will use the implementation of the PUF [13] based on memory using the Xilinx Spartan 3E FPGA, which is part of the Digilent Nexys-2 development board. The memory element emulation was implemented as a bistable element, and the power on / off was modelled by reprogramming the FPGA using the same configuration file.
The figure below shows the identifiers of two identical FPGAs, obtained as a result of their programming with the same bit file. The black colour denotes “memory elements” that retain the value of 0 as a result of 100 reprogrammings, the white colour denotes the value of 1. The shades of grey are those that change the value from launch to launch. Accordingly, the more black in the “element” colour, the more values of 0 were generated as a result of reprogramming.
The 64-bit identifiers of two identical FPGAs
As seen from the figure, the “memory cards” method differs significantly: the Hamming distance for 64-bit identifiers is about 20. Accordingly, the probability that the identifier will be the same on different FPGAs is quite small, less than 0.01. The abovementioned «memory cards» can be used in two ways: to identify the FPGA and as a source of randomness due to the presence of non-permanent elements.
Reliable identification will require the use of error correction codes (ECC) [14] to stabilize the observed “memory cards.” Within this article, we used the majority selection method [15]. To implement a random number generator, on the contrary, requires the “reproduction” of the randomness of those “memory elements” whose values are unstable. For this purpose, we used signature analysis as a loss data compression algorithm. Standard hashing algorithms (for example, SHA-256) can also be used if the hardware cost constraints are not very tight.
Despite the relative novelty of this concept, this year the term PUF is celebrating its 17th birthday.
During this time, the scientific community has already managed to study both the problems and possible applications of PUF.
One of the main problems, which is demonstrated by the example of PUF based on memory, is the instability of some of the values, which, in turn, forces an engineer to use error correction codes and more reliable PUF architectures.
On the other hand, the very high stability puts PUF at risk of cryptographic attack using machine learning methods, i.e. the construction is sufficiently accurate—more than 95%—a mathematical model of the PUF, which was initially (until 2010) considered impossible in the scientific community.
Nevertheless, the use of PUF in modern commercial applications as a cryptographic primitive proves the promise of research in this field in search of new PUF architectures, as well as improving the characteristics of existing implementations.
Автор: Promwad
Источник [16]
Сайт-источник PVSM.RU: https://www.pvsm.ru
Путь до страницы источника: https://www.pvsm.ru/informatsionnaya-bezopasnost/313318
Ссылки в тексте:
[1] The online counterfeit economy: https://www.cscglobal.com/cscglobal/pdfs/The-Cost-of%20Online-Counterfeiting-Consumer-Electronics-EN.pdf
[2] optical PUF: https://eprint.iacr.org/2013/215.pdf
[3] Signal propagation delays: https://people.csail.mit.edu/devadas/pubs/puf-dac07.pdf
[4] Frequencies of the components: http://class.ece.iastate.edu/cpre583/project_presentations/PUFs_report.pdf
[5] Memory status: https://spqr.eecs.umich.edu/papers/holcomb-FERNS-IEEE-Computers.pdf
[6] CMOS Image Sensor: http://www.ntu.edu.sg/home/eechenss/Papers/Jnl-2015-CMOS%20Image%20Sensor%20based%20Physical%20Unclonable%20Function%20for%20Coherent%20Sensor-level%20Authentication.pdf
[7] Transistor threshold voltage: https://eprint.iacr.org/2016/582.pdf
[8] Current mirror: https://www.researchgate.net/profile/Zheng_Wang31/publication/319123557_Current_Mirror_Array_A_Novel_Circuit_Topology_for_Combining_Physical_Unclonable_Function_and_Machine_Learning/links/59b5e379aca2728472db9de3/Current-Mirror-Array-A-Novel-Circuit-Topology-for-Combining-Physical-Unclonable-Function-and-Machine-Learning.pdf
[9] External pressure on a smartphone screen: https://dl.acm.org/citation.cfm?id=2808418
[10] Paper structure: http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.701.1291&rep=rep1&type=pdf
[11] Xilinx: http://www.eenewseurope.com/news/xilinx-add-puf-security-zynq-devices-0
[12] Altera (Intel): https://www.intrinsic-id.com/altera-reveals-stratix-10-with-intrinsic-ids-puf-technology/
[13] the implementation of the PUF: https://libeldoc.bsuir.by/bitstream/123456789/1635/1/Zalivako_Skhemnaya.PDF
[14] error correction codes (ECC): https://en.wikipedia.org/wiki/Error_detection_and_correction
[15] the majority selection method: https://en.wikipedia.org/wiki/Majority_function
[16] Источник: https://habr.com/ru/post/446304/?utm_campaign=446304
Нажмите здесь для печати.