Abstract
The Physically Unclonable Function (PUF), which extracts a unique device identification based on variations in manufacturing processes, has recently attracted attention. IoT devices, including sensor monitors and wearables, have come into widespread use, and various kinds of devices have access to a range of services. Device authentication and management of key to encryption communication data are essential for a secure service. We can realize secure authentication based on device identification extracted by a PUF. For example, PUF is used as a key generator to avoid storing the encryption key in a device. However, existing PUFs require dedicated hardware or software (driver) to extract device identification. Thus, it may not be possible to apply existing PUFs to IoT devices in a situation where there are a variety of devices and many device manufacturers. We can use characteristic values of existing sensors in an IoT device as an alternative to PUF. In this paper, we expand an existing software PUF based to support characteristic values extract from a gyroscope, and evaluate the entropy and robustness. We found that the same device identifier can be reliably extracted from a gyroscope even under conditions of high and low temperature, and low-pressure. No changes in the characteristic values of the gyroscope due to degradation with age were found over a wearing period exceeding than three years. The device identifier has up to 81.2 bits entropy with no error-correcting mechanism. It has up to 57.7 bits entropy when error-correction of one bit is applied to each characteristic value by a Fuzzy extractor.
A. Yoshimura—He currently belongs to TDC SOFT Inc.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
3GPP2: Removable User Identity Module (R-UIM) for cdma2000 Spread Spectrum Systems (2000). https://www.3gpp2.org/Public_html/Specs/CS0023-0.pdf
Apple: What’s New in iOS 7.0 - Apple Developer (2013). https://developer.apple.com/library/ios/releasenotes/General/WhatsNewIniOS/Articles/iOS7.html
Cao, Y., Zhang, L., Zalivaka, S.S., Chang, C., Chen, S.: CMOS image sensor based physical unclonable function for coherent sensor-level authentication. IEEE Trans. Circ. Syst. I: Regular Pap. 62(11), 2629–2640 (2015). https://doi.org/10.1109/TCSI.2015.2476318
Chatterjee, U., et al.: Building PUF based authentication and key exchange protocol for IoT without explicit CRPs in verifier database. IEEE Trans. Dependable Secur. Comput. 16(3), 424–437 (2019). https://doi.org/10.1109/TDSC.2018.2832201
Chatterjee, U., et al.: PUFSSL: an OpenSSL extension for PUF based authentication. In: 2018 IEEE 23rd International Conference on Digital Signal Processing (DSP), pp. 1–5, November 2018. https://doi.org/10.1109/ICDSP.2018.8631814
Che, W., Saqib, F., Plusquellic, J.: PUF-based authentication. In: 2015 IEEE/ACM International Conference on Computer-Aided Design (ICCAD), pp. 337–344, November 2015. https://doi.org/10.1109/ICCAD.2015.7372589
Chopra, J., Colopy, R.: SRAM Characteristics as Physical Unclonable Functions (2009). http://www.wpi.edu/Pubs/E-project/Available/E-project-031709-141338/
Dodis, Y., Ostrovsky, R., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. SIAM J. Comput. 38(1), 97–139 (2008). https://doi.org/10.1137/060651380
Fukushima, K., Hidano, S., Kiyomoto, S.: Sensor-based wearable PUF. In: Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016), pp. 207–214. INSTICC, SciTePress (2016). http://www.scitepress.org/DigitalLibrary/Link.aspx?doi=10.5220/0005946702070214
Gassend, B., Clarke, D., van Dijk, M., Devadas, S.: Silicon physical random functions. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, CCS 2002, p. 148 (2002). https://doi.org/10.1145/586110.586132
Gassend, B., Clarke, D., Lim, D., van Dijk, M., Devada, S.: Identification and authentication of integrated circuits. Concurrency Comput.: Practice Exp. 16(11), 1077–1098 (2004)
Goldreich, O., Ostrovsky, R.: Software protection and simulation on oblivious RAMs. J. ACM 43(3), 431–473 (1996). https://doi.org/10.1145/233551.233553
Google: Android 6.0 changes, access to hardware identifier (2015). http://developer.android.com/intl/ja/about/versions/marshmallow/android-6.0-changes.html#behavior-hardware-id
Google: Wear OS (2018). https://wearos.google.com/
Google: Android Things (2019). https://developer.android.com/things/
Hidano, S., Ohki, T., Takahashi, K.: Evaluation of security for biometric guessing attacks in biometric cryptosystem using fuzzy commitment scheme. In: Proceedings of 2012 International Conference of the Biometrics Special Interest Group, BIOSIG, pp. 1–6 (2012)
Hidano, S., Ohki, T., Komatsu, N., Takahashi, K.: A metric of identification performance of biometrics based on information content. In: Proceedings of 11th International Conference on Control, Automation, Robotics and Vision, ICARCV 2010, pp. 1274–1279 (2010). https://doi.org/10.1109/ICARCV.2010.5707961
IHS Markit: Number of Connected IoT Devices Will Surge to 125 Billion by 2030, IHS Markit Says (2015). http://www.statista.com/statistics/266210/
Keller, C., Gurkaynak, F., Kaeslin, H., Felber, N.: Dynamic memory-based physically unclonable function for the generation of unique identifiers and true random numbers. In: Proceedings of IEEE International Symposium on Circuits and Systems, vol. 3, pp. 2740–2743 (2014). https://doi.org/10.1109/ISCAS.2014.6865740
Kim, Y., Lee, Y.: CamPUF: physically unclonable function based on CMOS image sensor fixed pattern noise. In: Proceedings of the 55th Annual Design Automation Conference, DAC 2018, pp. 66:1–66:6. ACM, New York (2018). https://doi.org/10.1145/3195970.3196005
Kokonendji, C.C., Kiesse, T.S., Zocchi, S.S.: Discrete triangular distributions and non-parametric estimation for probability mass function. J. Nonparametric Stat. 19(6–8), 241–254 (2007). https://doi.org/10.1080/10485250701733747
Krishna, A.R., Narasimhan, S., Wang, X., Bhunia, S.: MECCA: a robust low-overhead PUF using embedded memory array. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 407–420. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-23951-9_27
Kumar, S.S., Guajardo, J., Maes, R., Schrijen, G.J., Tuyls, P.: The butterfly PUF protecting IP on every FPGA. In: Proceedings of 2008 IEEE International Workshop on Hardware-Oriented Security and Trust, HOST 2008, pp. 67–70 (2008). https://doi.org/10.1109/HST.2008.4559053
Lafortune, E.: ProGuard (2002). https://www.guardsquare.com/en/products/proguard
Lee, J., Lim, D.L.D., Gassend, B., Suh, G., Dijk, M.V., Devadas, S.: A technique to build a secret key in integrated circuits for identification and authentication applications. In: Proceedings of 2004 Symposium on VLSI Circuits, pp. 176–179 (2004). https://doi.org/10.1109/VLSIC.2004.1346548
Liu, W., Zhang, Z., Li, M., Liu, Z.: A trustworthy key generation prototype based on DDR3 PUF for wireless sensor networks. In: Proceedings of 2014 International Symposium on Computer, Consumer and Control, IS3C 2014, pp. 706–709 (2014). https://doi.org/10.1109/IS3C.2014.188
Maes, R., Tuyls, P., Verbauwhede, I.: A soft decision helper data algorithm for SRAM PUFs. In: Proceedings of IEEE International Symposium on Information Theory, ISIT 2009, pp. 2101–2105 (2009). https://doi.org/10.1109/ISIT.2009.5205263
Maes, R., Tuyls, P., Verbauwhede, I.: Low-overhead implementation of a soft decision helper data algorithm for SRAM PUFs. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 332–347. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04138-9_24
Maes, R., Verbauwhede, I.: Physically unclonable functions: a study on the state of the art and future research directions. In: Sadeghi, A.R., Naccache, D. (eds.) Towards Hardware-Intrinsic Security. ISC, pp. 3–37. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14452-3_1
Nakano, Y., Cid, C., Kiyomoto, S., Miyake, Y.: Memory access pattern protection for resource-constrained devices. In: Mangard, S. (ed.) CARDIS 2012. LNCS, vol. 7771, pp. 188–202. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-37288-9_13
Ostrovsky, R.: Efficient computation on oblibious RAMs. In: Proceedings of the 22nd Annual ACM Symposium on Theory of Computing, STOC 1990, pp. 514–523 (1990). https://doi.org/10.1145/233551.233553
Pappu, R., Recht, B., Taylor, J., Gershenfeld, N.: Physical one-way functions. Science 297, 2026–2030 (2002). https://doi.org/10.1126/science.1074376
Rahim, K., Tahir, H., Ikram, N.: Sensor based PUF IoT authentication model for a smart home with private blockchain. In: 2018 International Conference on Applied and Engineering Mathematics (ICAEM), pp. 102–108, September 2018. https://doi.org/10.1109/ICAEM.2018.8536295
Santiago, L., et al.: Realizing strong PUF from weak PUF via neural computing. In: 2017 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFT), pp. 1–6, October 2017. https://doi.org/10.1109/DFT.2017.8244433
Suzuki, D., Shimizu, K.: The glitch PUF: a new delay-PUF architecture exploiting glitch shapes. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 366–382. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-15031-9_25
Tehranipoor, F., Karimina, N., Xiao, K., Chandy, J.: DRAM based intrinsic physical unclonable functions for system level security. In: Proceedings of the 25th edition on Great Lakes Symposium on VLSI, GLSVLSI 2015, pp. 15–20 (2015). https://doi.org/10.1145/2742060.2742069
The 3rd Generation Partnership Project (3GPP): Specification of the Subscriber Identity Module - Mobile Equipment (SIM-ME) Interface (1990). http://www.3gpp.org/ftp/Specs/html-info/1111.htm
Trust Computing Group: Trusted Platform Module (2016). http://www.trustedcomputinggroup.org/developers/trusted_platform_module
Tuyls, P., Schrijen, G.-J., Škorić, B., van Geloven, J., Verhaegh, N., Wolters, R.: Read-proof hardware from protective coatings. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 369–383. Springer, Heidelberg (2006). https://doi.org/10.1007/11894063_29
Yao, Y., Kim, M., Li, J., Markov, I.L., Koushanfar, F.: ClockPUF: physical unclonable functions based on clock networks. In: 2013 Design, Automation Test in Europe Conference Exhibition (DATE), pp. 422–427, March 2013. https://doi.org/10.7873/DATE.2013.095
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
A Implementation on Wear OS Device
A Implementation on Wear OS Device
Figure 6 shows a sample implementation designed to acquire the maximum and minimum values of the gyroscope in a wearable device with Wear OS. The fields maxX, minX, maxY, minY, maxZ, and minZ are fields that store the tentative maximum and minimum values of the angular velocities around the x, y and z-axes. The method onSensorChanged is called when the sensor values have changed. We retrieve the event from the gyroscope by using the if statement. The angular velocities around the x, y, and z-axes are stored in the values array. The same code where Sensor.TYPE_GYROSCOPE is replaced with Sensor.TYPE_ACCELEROMETER can acquire the maximum and minimum values of accelerations along each axis.
The software PUF based on a gyroscope needs to set the highest sampling frequency on the sensors so that we can efficiently acquire the maximum and minimum values. We can set the sampling frequency through the registerListener method in Android. The method registers SensorEventListener that is used to receive notifications from the SensorManager when the sensor values have changed. The notification frequency is highest, and the period is a few milliseconds if SENSOR_DELAY_FASTEST is passed to the method.
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Fukushima, K., Yoshimura, A., Kiyomoto, S., Yamasaki, N. (2019). Evaluation of Software PUF Based on Gyroscope. In: Heng, SH., Lopez, J. (eds) Information Security Practice and Experience. ISPEC 2019. Lecture Notes in Computer Science(), vol 11879. Springer, Cham. https://doi.org/10.1007/978-3-030-34339-2_13
Download citation
DOI: https://doi.org/10.1007/978-3-030-34339-2_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-34338-5
Online ISBN: 978-3-030-34339-2
eBook Packages: Computer ScienceComputer Science (R0)