Skip to main content
SpringerLink
Log in
Book cover

International Symposium on Applied Reconfigurable Computing

ARC 2021: Applied Reconfigurable Computing. Architectures, Tools, and Applications pp 203–217Cite as

Clone-Resistant Secured Booting Based on Unknown Hashing Created in Self-Reconfigurable Platform

  • Conference paper
  • First Online:

  • 877 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 12700))

Abstract

Deploying a physically unclonable trusted anchor is required for securing software running on embedded systems. Common mechanisms combine secure boot with either stored secret keys or keys extracted from a Physical Unclonable Function (PUF). We propose a new secure boot mechanism that is hardware-based, individual to each device, and keyless to prohibit any unauthorized alteration of the software running on a particular device. Our solution is based on the so-called Secret Unknown Hash (SUH), a self-created random secret unknown hardwired hash function residing as a permanent digital hardware-module in the device’s physical layout. It is initiated in the device in a post-manufacturing, unpredictable single event process in self-reconfigurable non-volatile SoC FPGAs. In this work, we explain the SUH creation process and its integration for a device-specific secure boot. The SUH is shown to be lightweight when implemented in a sample scenario as a DM-PRESENT-based hash function. A security analysis is also presented, highlighting the different proposed sample SUH-class entropies.

R. Zarrouk—Supported by a research grant from the German Academic Exchange Service (DAAD).

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Arbaugh, W.A., Farber, D.J., Smith, J.M.: A secure and reliable bootstrap architecture. In: Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy, pp. 65–71. IEEE (1997). https://doi.org/10.1109/secpri.1997.601317

  2. Langner, R.: Stuxnet: dissecting a cyberwarfare weapon. IEEE Secur. Priv. 9, 49–51 (2011). https://doi.org/10.1109/MSP.2011.67

    Article  Google Scholar 

  3. Quarta, D., Pogliani, M., Polino, M., Maggi, F., Zanchettin, A.M., Zanero, S.: An experimental security analysis of an industrial robot controller. In: Proceedings - IEEE Symposium on Security and Privacy, pp. 268–285. IEEE (2017). https://doi.org/10.1109/SP.2017.20

  4. Skorobogatov, S.P.: Semi-invasive attacks - a new approach to hardware security analysis. Cambridge (2005)

    Google Scholar 

  5. Sanwald, S., Kaneti, L., St, M., Martin, B.: Secure boot revisited : challenges for secure implementations in the automotive domain. In: 17th Escar Europe: Embedded Security in Cars, pp. 113–127. Ruhr-Universität Bochum, Universitätsbibliothek (2019). https://doi.org/10.13154/294-6662

  6. Bhat, A.: Secure boot, chain of trust and data protection. In: Embedded World Conference 2019 (2019)

    Google Scholar 

  7. Jacob, N., et al.: Securing FPGA SoC configurations independent of their manufacturers. In: 30th IEEE International System-on-Chip Conference (SOCC), pp. 114–119. IEEE (2017). https://doi.org/10.1109/SOCC.2017.8226019

  8. Muller, K.U., Ulrich, R., Stanitzki, A., Kokozinski, R.: Enabling secure boot functionality by using physical unclonable functions. In: PRIME 2018 - 14th Conference on Ph.D. Research in Microelectronics and Electronics, pp. 81–84. IEEE, Prague, Czech Republic (2018). https://doi.org/10.1109/PRIME.2018.8430370

  9. Owen Jr., D., et al.: An autonomous, self-authenticating, and self-contained secure boot process for field-programmable gate arrays. Cryptography 2, 15 (2018). https://doi.org/10.3390/cryptography2030015

    Article  Google Scholar 

  10. Haj-Yahya, J., Wong, M.M., Pudi, V., Bhasin, S., Chattopadhyay, A.: Lightweight secure-boot architecture for RISC-V system-on-chip. In: 20th International Symposium on Quality Electronic Design (ISQED), pp. 216–223. IEEE, Santa Clara, CA, USA (2019). https://doi.org/10.1109/ISQED.2019.8697657

  11. Guajardo, J.: Physical Unclonable Functions (PUFs). In: Encyclopedia of Cryptography and Security. Springer, Boston, MA (2011). https://doi.org/10.1007/978-1-4419-5906-5

  12. Pappu, R., Recht, B., Taylor, J., Gershenfeld, N.: Physical one-way functions. Science 297(5589), 2026–2030 (2002). https://doi.org/10.1126/science.1074376

    Article  Google Scholar 

  13. Delvaux, J., Peeters, R., Gu, D., Verbauwhede, I.: A survey on lightweight entity authentication with strong pufs. ACM Comput. Surv. 48, 1–42 (2015). https://doi.org/10.1145/2818186

  14. Rührmair, U., Sölter, J.: PUF modeling attacks: an introduction and overview. In: 2014 Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 1–6. IEEE, Dresden, Germany (2014). https://doi.org/10.7873/DATE2014.361

  15. Schuster, D., Hesselbarth, R.: Evaluation of bistable ring PUFs using single layer neural networks. In: Holz, T., Ioannidis, S. (eds.) Trust 2014. LNCS, vol. 8564, pp. 101–109. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-08593-7_7

    Chapter  Google Scholar 

  16. Xu, X., Rührmair, U., Holcomb, D.E., Burleson, W.: Security evaluation and enhancement of bistable ring PUFs. In: Mangard, S., Schaumont, P. (eds.) RFIDSec 2015. LNCS, vol. 9440, pp. 3–16. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-24837-0_1

    Chapter  Google Scholar 

  17. Roelke, A., Stan, M.R.: Attacking an SRAM-Based PUF through wearout. In: 2016 IEEE Computer Society Annual Symposium on VLSI (ISVLSI), pp. 206–211. IEEE, Pittsburgh, PA, USA (2016). https://doi.org/10.1109/ISVLSI.2016.68

  18. Koeberl, P., Li, J., Rajan, A., Wu, W.: Entropy loss in PUF-based key generation schemes: the repetition code pitfall. In: 2014 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp. 44–49. IEEE, Arlington, VA, USA (2014). https://doi.org/10.1109/HST.2014.6855566

  19. Adi, W.: Autonomous physical secret functions and clone-resistant identification. International Journal of Advanced Science and Technology, vol. 14 (2010)

    Google Scholar 

  20. Wollinger, T., Paar, C., Guajardo, J.: Security on FPGAs: state-of-the-art implementations and attacks. ACM Trans. Embed. Comput. Syst. 3, 534–574 (2004). https://doi.org/10.1145/1015047.1015052

    Article  Google Scholar 

  21. Microsemi: User Guide SmartFusion2 and IGLOO2 FPGA Security and Best Practices (2017)

    Google Scholar 

  22. Lai, X., Massey, J.L.: Hash functions based on block ciphers. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 55–70. Springer, Heidelberg (1993). https://doi.org/10.1007/3-540-47555-9_5

    Chapter  Google Scholar 

  23. Schläffer, M.: Cryptanalysis of AES-Based Hash Functions (2011)

    Google Scholar 

  24. Bogdanov, A., et al.: PRESENT: an ultra-lightweight block cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74735-2_31

    Chapter  Google Scholar 

  25. Saarinen, M.-J.O.: Cryptographic analysis of All 4 × 4-Bit S-Boxes. In: Miri, A., Vaudenay, S. (eds.) SAC 2011. LNCS, vol. 7118, pp. 118–133. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-28496-0_7

    Chapter  Google Scholar 

  26. Bogdanov, A., Leander, G., Paar, C., Poschmann, A., Robshaw, M.J.B., Seurin, Y.: Hash functions and RFID tags: mind the gap. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 283–299. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85053-3_18

    Chapter  MATH  Google Scholar 

  27. Preneel, B., Govaerts, R., Vandewalle, J.: Hash functions based on block ciphers: a synthetic approach. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 368–378. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48329-2_31

    Chapter  Google Scholar 

  28. Microsemi: SmartFusion2 SoC FPGA Fabric User’s Guide (2017)

    Google Scholar 

  29. Bogdanov, A., Knežević, M., Leander, G., Toz, D., Varıcı, K., Verbauwhede, I.: spongent: a lightweight hash function. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 312–325. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-23951-9_21

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Computer and Network Engineering, Technical University of Braunschweig, 38106, Braunschweig, Germany

    Randa Zarrouk & Weal Adi

  2. Institute of Computer Engineering, University of Lübeck, 23562, Lübeck, Germany

    Saleh Mulhem & Mladen Berekovic

Authors
  1. Randa Zarrouk
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Saleh Mulhem
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Weal Adi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Mladen Berekovic
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Randa Zarrouk .

Editor information

Editors and Affiliations

  1. IRISA, University of Rennes 1, Rennes, France

    Steven Derrien

  2. Friedrich-Alexander-Universität Erlangen-Nürnberg, Erlangen, Germany

    Frank Hannig

  3. INESC-ID, Lisboa, Portugal

    Pedro C. Diniz

  4. ENSSAT, University of Rennes 1, Lannion, France

    Daniel Chillet

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Zarrouk, R., Mulhem, S., Adi, W., Berekovic, M. (2021). Clone-Resistant Secured Booting Based on Unknown Hashing Created in Self-Reconfigurable Platform. In: Derrien, S., Hannig, F., Diniz, P.C., Chillet, D. (eds) Applied Reconfigurable Computing. Architectures, Tools, and Applications. ARC 2021. Lecture Notes in Computer Science(), vol 12700. Springer, Cham. https://doi.org/10.1007/978-3-030-79025-7_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-79025-7_14

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-79024-0

  • Online ISBN: 978-3-030-79025-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation