Physically Unclonable Functions In a M2M Authentication context

Physically Unclonable FunctionsPhysically Unclonable FunctionsIn a M2M Authentication contextAtos Worldlinedd-mm-yyyyAtos Worldline

| 16-11-2011| Cauchie StéphaneO&D-R&D Team

Transactional services. Powering progress

SummarySummary

ADS+ Consortium

Project definitionj

Physically Unclonable FunctionsPhysically Unclonable Functions

Hardware Layer

Applicative LayerApplicative Layer

Project status & Conclusion

| 16-11-2011| Cauchie StéphaneO&D-R&D Team2

SummarySummary

Context : ADS+ Consortium


ADS+ Consortium

▶ Bank & Industry

ADS+ Consortium


ADS+ Consortium

▶ Bank & Industry

ADS+ Consortium

▶ S&M Industries▶ S&M Industries


ADS+ Consortium

▶ Bank & Industry

ADS+ Consortium

▶ S&M Industries▶ S&M Industries

▶ Labs

▶ Funding Agency


SummarySummary

ADS+ Consortium

Project definitionj


Context of ProjectContext of Project

Needs and requirements bound to the payment card are heavierManagement becomes more and more complex and expensiveManagement becomes more and more complex and expensive

to design and validate a new open and standard POI (Point of Infrastructure) Architecture for the Distribution of

secure Servicessecure Services standardizationproposals(EPAS, ISO)

A Web architecture - a thin client POI

- A server of infrastructure- Some ADS+ services

Major scientific and industrial impacts


KinematicsKinematics

merchant

secure channel

establishmentMerchant

Authentication

Infrastructure

ADS+ services


ADS+ services

Kinematics10/10/2010

ConfidentialKinematics

merchant

Confidential

Infrastructure

Customer

ADS+ services


ADS+ services

Technical innovation on the POITechnical innovation on the POI

Replace the certificats x.509 in POI Composants Authentication

PUF Technology

Low costLow cost

less complex than PKIless complex than PKI

No private key to protect

No private key to protect


SummarySummary

ADS+ Consortium

Project definitionj



PUF Concepts

Introduced by Pappu (cf Physical One Way Functions 2001)

PUF Concepts

Introduced by Pappu (cf. Physical One-Way Functions, 2001)

The observation :

Component manufacturing processes induce minor differences between two objects yet being made under the same conditions

The idea :

To exploit these minor differences to generate a secret


How to generate a secret ?g

Application challenge ResponseBlack Box

Error detection and correction Noisyo detect o a d co ect o

SRAM PUFHardware

SRAM PUF, Optical PUF Coating PUFArbiter PUF


Categories of PUFsg

t-Strong PUF vs Weak PUF

« a Strong t-PUF has a sufficient number of Challenge-response pairs such that it is difficult for an Attackers, who obtained some challenge-response pairs during a time t, to predict a response from a challenge

C ll d PUF U ll d PUF

p p g , p p gwith a high probability »

Source : Rührmair, Sölter, Selmke On the foundation of Physical Unclonable Functions (2009)

Controlled PUF vs Uncontrolled PUF

Black

Controlled PUF

Challenge ResponseBlack box

Can forbid Can encrypt and hash


Can forbid Can encrypt and hash

SummarySummary

ADS+ Consortium

Project definitionj


Hardware Layer


Optical PUFOptical PUF

Transparent with randomscatterers

Response

Challengege


Coating PUFCoating PUF

random dielectric particles

ChallengeR

C a e ge(voltage of a certain frequency and amplitude)

Response(a randomcapacitance

Metal sensorsceValue)


Arbiter PUFArbiter PUF

C1 C2 CN

1

0

1

0

1

0

0 0 0

1 1 1


SRAM PUFSRAM PUF

0 0 0 0 0 101C1C1 0 0 0 0 0 10

1

1

0100100

C1

C2

C1

C2REPONSE

0 1 0 0 0 100

0 1 0 1 1 011CHALLENGEREPONSE

1 1 0 0 0 010Cn

Cn


SummarySummary

ADS+ Consortium

Project definitionj


Hardware Layer



The PUF response as session keyp y

Enrollment phase

PUF 1 c1 r1

cm rm

1

DB

PUF n c1 r1n

cm rm

Session key establishment

c1 r1idId

Session Key r1

c1

c1 r1

cm rm

id

DBId

Black box

PUFr1


The PUF response for Authenticationp

Enrollment phase < gk> a groupR = gri where r is a PUF response to challenge c

PUF 1 c1 R1

cm Rm

1

Ri = gri where ri is a PUF response to challenge ci

BD

PUF n c1 R1n

cm Rm

PUF authentication

cc1 R1id

BDIdPUF

cm m

c1cm Rm

BD Black boxr1

Zero–Knowledge proof


Keith B. Frikken, Marina Blanton, Mikhail J. Atallah Robust Authentication using physically unclonable functions (2009) .

The PUFs to create a secure channel

- PUF uses in key exchange protocolPUF uses in key exchange protocol

Data base attacks Impersonate the PUF

- PUF uses in a authentication protocol

No shared secret No session KeyNo shared secret No session Key

- A secure channel : authentication + session keyA secure channel : authentication + session key

A new protocol has been developed : DHZKP protocol


SummarySummary

ADS+ Consortium

Project definitionj


Hardware Layer


Project status & Conclusion


ConclusionConclusion

▶ Physically Unclonable Function– Use Physical characteristic to extract unique pattern– Less expensive than a secure element– Use cases : Anti-Counterfeit, M2M authentication

▶ ADS+▶ ADS+– M2M context– Replace PKI by a disruptive technology– Our PUF can be considered strong as we are in a Tamper Resistant Deviceg p

▶ Protocol Layer : Our DHZKP– Scientific Papier about the DHZKP protocol (We are making the security proof)– RFC about the TLS extension by DHZKP– Tests in a real situation (POI / server)– Open source


ThanksThanks

For more information please contact:T+ 33 1 98765432F 33 1 88888888F+ 33 1 88888888M+ 33 6 [email protected]

Atos (Country and legal form)

atos.net

Atos, the Atos logo, Atos Consulting, Atos Worldline, Atos Sphere, Atos Cloud and Atos WorldGridare registered trademarks of Atos SA. October 2011

( y g )Addresspost/zip code, location


Transactional services. Powering progress

© 2011 Atos. Confidential information owned by Atos, to be used by the recipient only. This document, or any part of it, may not be reproduced, copied, circulated and/or distributed nor quoted without prior written approval from Atos.

© Confidential

Physically Unclonable Functions In a M2M Authentication context

Technology

Transcript of Physically Unclonable Functions In a M2M Authentication context