Michael S. Kirkpatrick
Elisa Bertino
ABSTRACT
Cryptographers have proposed the notion of read-once keys (ROKs) as a beneficial tool for a number of applications, such as delegation of authority. The premise of ROKs is that the key is destroyed by the process of reading it, thus preventing subsequent accesses. While the idea and the applications are well-understood, the consensus among cryptographers is that ROKs cannot be produced by algorithmic processes alone. Rather, a trusted hardware mechanism is needed to support the destruction of the key. In this work, we propose one such approach for using a hardware design to generate ROKs. Our approach is an application of physically unclonable functions (PUFs). PUFs use the intrinsic differences in hardware behavior to produce a random function that is unique to that hardware instance. Our design consists of incorporating the PUF in a feedback loop to make reading the key multiple times physically impossible.
- Polarssl: Small cryptographic library. http://www.polarssl.org/, 2008.Google Scholar
- Encryption for ARM MCUs. http://ics.nxp.com/literature/presentations/microcontrollers/pdf/nxp.security.innovation.encryption.pdf, 2010.Google Scholar
- Ironkey military strength flash drives. http://www.ironkey.com/, 2010.Google Scholar
- KNJN FPGA development boards. http://www.knjn.com/FPGA-FX2.html, 2010.Google Scholar
- A. Akavia, S. Goldwasser, and V. Vaikuntanathan. Simultaneous hardcore bits and cryptography against memory attacks. In TCC '09: Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography, pages 474--495, Berlin, Heidelberg, 2009. Springer-Verlag. Google ScholarDigital Library
- M. J. Atallah, E. D. Bryant, J. T. Korb, and J. R. Rice. Binding software to specific native hardware in a VM environment: The PUF challenge and opportunity. In VMSEC '08. ACM, 2008. Google ScholarDigital Library
- B. Barak, O. Goldreich, R. Impagliazzo, S. Rudich, A. Sahai, S. Vadhan, and K. Yang. On the (im)possibility of obfuscating programs. In Lecture Notes in Computer Science, pages 1--18. Springer-Verlag, 2001. Google ScholarDigital Library
- A. Berzati, C. Canovas, J.-G. Dumas, and L. Goubin. Fault attacks on RSA public keys: Left-to-right implementations are also vulnerable. In CT-RSA '09: Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology, pages 414--428, Berlin, Heidelberg, 2009. Springer-Verlag. Google ScholarDigital Library
- A. Berzati, C. Canovas, and L. Goubin. In(security) against fault injection attacks for CRT-RSA implementations. Fault Diagnosis and Tolerance in Cryptography, Workshop on, 0:101--107, 2008. Google ScholarDigital Library
- A. Berzati, C. Canovas, and L. Goubin. Perturbating RSA public keys: An improved attack. In E. Oswald and P. Rohatgi, editors, Cryptographic Hardware and Embedded Systems (CHES 2008), volume 5154 of Lecture Notes in Computer Science, pages 380--395. Springer Berlin/Heidelberg, 2008. Google ScholarDigital Library
- E. Brier, B. Chevallier-mames, M. Ciet, C. Clavier, and École Normale Supérieure. Why one should also secure RSA public key elements. In Cryptographic Hardware and Embedded Systems (CHES 2006), volume 4249 of Lecture Notes in Computer Science, pages 324--338. Springer-Verlag, 2006. Google ScholarDigital Library
- B. Danev, T. S. Heydt-Benjamin, and S. Čapkun. Physical-layer identification of RFID devices. In Proceedings of the USENIX Security Symposium, 2009. Google ScholarDigital Library
- S. Devadas, E. Suh, S. Paral, R. Sowell, T. Ziola, and V. Khandelwal. Design and implementation of PUF-based "unclonable" RFID ICs for anti-counterfeiting and security applications. In 2008 IEEE International Conference on RFID, pages 58--64, 2008.Google ScholarCross Ref
- K. B. Frikken, M. Blanton, and M. J. Atallah. Robust authentication using physically unclonable functions. In Information Security Conference (ISC), September 2009. Google ScholarDigital Library
- B. Gassend, D. Clarke, M. van Dijk, and S. Devadas. Controlled physical random functions. In Proceedings of the 18th Annual Computer Security Applications Conference (ACSAC), 2002. Google ScholarDigital Library
- B. Gassend, D. Clarke, M. van Dijk, and S. Devadas. Silicon physical random functions. In Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS'02), 2002. Google ScholarDigital Library
- R. Geambasu, T. Kohno, A. Levy, and H. M. Levy. Vanish: Increasing data privacy with self-destructing data. In Proc. of the 18th USENIX Security Symposium, 2009. Google ScholarDigital Library
- S. Goldwasser, Y. T. Kalai, and G. N. Rothblum. One-time programs. In CRYPTO 2008: Proceedings of the 28th Annual conference on Cryptology, pages 39--56, Berlin, Heidelberg, 2008. Springer-Verlag. Google ScholarDigital Library
- V. Goyal, Y. Ishai, A. Sahai, R. Venkatesan, and A. Wadia. Founding cryptography on tamper-proof hardware tokens. In D. Micciancio, editor, Theory of Cryptography, volume 5978 of Lecture Notes in Computer Science, pages 308--326. Springer Berlin/Heidelberg, 2010. Google ScholarDigital Library
- J. Guajardo, S. S. Kumar, G.-J. Schrijen, and P. Tuyls. FPGA intrinsic PUFs and their use for IP protection. In Proceedings of the 9th Cryptographic Hardware and Embedded Systems Workshop (CHES), pages 63--80, 2007. Google ScholarDigital Library
- J. Guajardo, S. S. Kumar, G.-J. Schrijen, and P. Tuyls. Physical unclonable functions and public-key crypto for FPGA IP protection. In International Conference on Field Programmable Logic and Applications, pages 189--195, 2007.Google ScholarCross Ref
- M. Kirkpatrick and E. Bertino. Physically restricted authentication with trusted hardware. In The Fourth Annual Workshop on Scalable Trusted Computing (ACM STC '09), November 2009. Google ScholarDigital Library
- M. S. Kirkpatrick and S. Kerr. Enforcing physically restricted access control for remote data. In 1st ACM Conference on Data and Application Security and Privacy (CODASPY), February 2011. Google ScholarDigital Library
- M. S. Kirkpatrick, S. Kerr, and E. Bertino. PUF ROKs: Generating read-once keys with physically unclonable functions (extended abstract). In 6th Annual Cyber Security and Information Intelligence Research Workshop (CSIIRW), April 2010. Google ScholarDigital Library
- N. Koblitz. Elliptic curve cryptosystems. Mathematics of Computation, pages 203--209, 1987.Google ScholarCross Ref
- P. Kocher, J. Jaffe, and B. Jun. Introduction to differential power analysis and related attacks. Technical report, Cryptography Research, 1998.Google Scholar
- V. Kolesnikov. Truly efficient string oblivious transfer using resettable tamper-proof tokens. In TCC, pages 327--342, 2010. Google ScholarDigital Library
- K. Lofstrom, W. Daasch, and D. Taylor. IC identification circuit using device mismatch. In Solid-State Circuits Conference, 2000. Digest of Technical Papers. ISSCC. 2000 IEEE International, pages 372--373, 2000.Google ScholarCross Ref
- S. Narayanan, A. Raghunathan, and R. Venkatesan. Obfuscating straight line arithmetic programs. In DRM '09: Proceedings of the nineth ACM workshop on Digital rights management, pages 47--58, New York, NY, USA, 2009. ACM. Google ScholarDigital Library
- A. Pellegrini, V. Bertacco, and T. Austin. Fault-based attack of RSA authentication. In Design Automation and Test in Europe (DATE), March 2010. Google ScholarDigital Library
- M. Riley and I. Richardson. Reed-solomon codes. http://www.cs.cmu.edu/afs/cs.cmu.edu/project/pscico-guyb/realworld/www/reedsolomon/reed_solomon_codes.html, 1998.Google Scholar
- S. Rockliff. The error correcting codes (ecc) page. http://www.eccpage.com/, 2008.Google Scholar
- L. F. G. Sarmenta, M. van Dijk, C. W. O'Donnell, J. Rhodes, and S. Devadas. Virtual monotonic counters and count-limited objects using a tpm without a trusted os. In STC '06: Proceedings of the first ACM workshop on Scalable trusted computing, pages 27--42, New York, NY, USA, 2006. ACM. Google ScholarDigital Library
- G. E. Suh and S. Devadas. Physcal unclonable functions for device authentication and secret key generation. In Proceedings of the 44th IEEE Design Automation Conference (DAC), pages 9--14. IEEE Press, 2007. Google ScholarDigital Library
- G. E. Suh, C. W. O'Donnell, and S. Devadas. AEGIS: A single-chip secure processor. In Elsevier Information Security Technical Report, volume 10, pages 63--73, 2005. Google ScholarDigital Library
- G. E. Suh, C. W. O'Donnell, and S. Devadas. Aegis: A single-chip secure processor. IEEE Design and Test of Computers, 24(6):570--580, 2007. Google ScholarDigital Library
- V. Sundaresan, S. Rammohan, and R. Vemuri. Defense against side-channel power analysis attacks on microelectronic systems. pages 144--150, Jul. 2008.Google Scholar
Index Terms
- PUF ROKs: a hardware approach to read-once keys
Recommendations
PEAR: a hardware based protocol authentication system
SPRINGL '10: Proceedings of the 3rd ACM SIGSPATIAL International Workshop on Security and Privacy in GIS and LBSAs users have to manage an increasing number of accounts, they have to balance password security and password usability. As such, many users use insecure passwords resulting in their accounts and data being vulnerable to unauthorized accesses. In this ...
Enforcing physically restricted access control for remote data
CODASPY '11: Proceedings of the first ACM conference on Data and application security and privacyIn a distributed computing environment, remote devices must often be granted access to sensitive information. In such settings, it is desirable to restrict access only to known, trusted devices. While approaches based on public key infrastructure and ...
PUF ROKs: generating read-once keys from physically unclonable functions
CSIIRW '10: Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence ResearchCryptographers have proposed the notion of read-once keys (ROKs) as a beneficial tool for a number of applications, such as delegation of authority. The premise of ROKs is that the key is destroyed by the process of reading it, thus preventing ...
Comments