Physically Unclonable Functions In a M2M Authentication context

1,426 views

Published on

Physically Unclonable Functions In a M2M Authentication context presentation presented at Cartes & IDentification 2011 by Stéphane Cauchie

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,426
On SlideShare
0
From Embeds
0
Number of Embeds
7
Actions
Shares
0
Downloads
28
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Physically Unclonable Functions In a M2M Authentication context

  1. 1. Physically Unclonable Functions In a M2M Authentication context Atos Worldline dd-mm-yyyyTransactional services. Powering progress | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  2. 2. Summary ADS+ Consortium Project definition j Physically Unclonable Functions Hardware Layer Applicative Layer Project status & Conclusion2 | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  3. 3. Summary Context : ADS+ Consortium3 | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  4. 4. ADS+ Consortium▶ Bank & Industry | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  5. 5. ADS+ Consortium▶ Bank & Industry▶ S&M Industries | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  6. 6. ADS+ Consortium▶ Bank & Industry▶ S&M Industries▶ Labs▶ Funding Agency | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  7. 7. ADS+ Consortium▶ Bank & Industry▶ S&M Industries▶ Labs▶ Funding Agency | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  8. 8. ADS+ Consortium▶ Bank & Industry▶ S&M Industries▶ Labs▶ Funding Agency | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  9. 9. ADS+ Consortium▶ Bank & Industry▶ S&M Industries▶ Labs▶ Funding Agency | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  10. 10. Summary ADS+ Consortium Project definition j10 | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  11. 11. Context of Project Needs and requirements bound to the payment card are heavier Management becomes more and more complex and expensive to design and validate a new open and standard POI (Point of Infrastructure) Architecture for the Distribution of secure Services standardization proposals (EPAS, ISO) A Web Major scientific architecture - a thin client POI - A server of infrastructure and industrial - Some ADS+ services impacts | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  12. 12. Kinematics merchant secure channel Merchant establishment Authentication Infrastructure ADS+ services | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  13. 13. 10/10/2010 Kinematics Confidential merchant Infrastructure Customer ADS+ services | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  14. 14. Technical innovation on the POI Replace the certificats x.509 in Composants Authentication POI PUF Technology Low cost No private key to protect less complex than PKI | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  15. 15. Summary ADS+ Consortium Project definition j Physically Unclonable Functions15 | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  16. 16. PUF Concepts  Introduced by Pappu (cf Physical One Way Functions 2001) (cf. One-Way Functions,  The observation : Component manufacturing processes induce minor  differences between two objects yet being made under  the same conditions  The idea : To exploit these minor differences to generate a secret | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  17. 17. How to generate a secret ? g Black Application challenge Response Box Error detect o a d co ect o o detection and correction Noisy SRAM PUF PUF, Hardware Optical PUF Coating PUF Arbiter PUF | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  18. 18. Categories of PUFs g  t-Strong PUF vs Weak PUF « a Strong t-PUF has a sufficient number of Challenge-response pairs such that it is difficult for an Attackers, who obtained some challenge- response p p pairs during a time t, to p g , predict a response from a challenge p g with a high probability » Source : Rührmair, Sölter, Selmke On the foundation of Physical Unclonable Functions (2009) C Controlled PUF vs U ll d Uncontrolled PUF ll d Controlled PUF Black Challenge Response box Can forbid Can encrypt and hash | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  19. 19. Summary ADS+ Consortium Project definition j Physically Unclonable Functions Hardware Layer19 | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  20. 20. Optical PUF Response Transparent with random scatterers Challen ge20 | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  21. 21. Coating PUF random dielectric particlesC a e geChallenge(voltage of a Response Rcertain frequency (a randomand amplitude) capacitan ce Metal sensors Value)21 | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  22. 22. Arbiter PUF C1 C2 CN 1 1 1 0 0 0 0 0 0 1 1 122 | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  23. 23. SRAM PUF C1 C1 1 0 0 0 0 0 0 1 C2 0 0 1 0 0 1 0 1 C2 REPONSE CHALLENGE 1 1 0 1 0 1 1 0 0 0 0 1 0 0 0 1 Cn 0 1 1 1 0 0 0 0 Cn23 | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  24. 24. Summary ADS+ Consortium Project definition j Physically Unclonable Functions Hardware Layer Applicative Layer24 | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  25. 25. The PUF response as session key p y  Enrollment phase PUF 1 1 c1 r1 cm rm DB n c1 r1 PUF n cm rm  Session key establishment Id id c1 r1 PUF c1 DB r1 Black box cm rm Session Key r1 | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  26. 26. The PUF response for Authentication p Enrollment phase < gk> a group Ri = gri where ri is a PUF response to challenge ci PUF 1 1 c1 R1 cm Rm BD n c1 R1 PUF n cm Rm  PUF authentication Id PUF id c1 R1 c1 BD Black box r1 cm Rm Zero–Knowledge proofKeith B. Frikken, Marina Blanton, Mikhail J. Atallah Robust Authentication using physically unclonable functions (2009) . | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  27. 27. The PUFs to create a secure channel - PUF uses in key exchange protocol Data base attacks Impersonate the PUF - PUF uses in a authentication protocol No shared secret No session Key - A secure channel : authentication + session key A new protocol has been developed : DHZKP protocol | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  28. 28. Summary ADS+ Consortium Project definition j Physically Unclonable Functions Hardware Layer Applicative Layer Project status & Conclusion28 | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  29. 29. Conclusion▶ Physically Unclonable Function – Use Physical characteristic to extract unique pattern – Less expensive than a secure element – Use cases : Anti-Counterfeit, M2M authentication▶ ADS+ – M2M context – Replace PKI by a disruptive technology – Our PUF can be considered strong as we are in a Tamper Resistant Device g p▶ Protocol Layer : Our DHZKP – Scientific Papier about the DHZKP protocol (We are making the security proof) – RFC about the TLS extension by DHZKP – Tests in a real situation (POI / server) – Open source29 | 16-11-2011| Cauchie StéphaneO&D-R&D Team
  30. 30. Thanks For more information please contact: T+ 33 1 98765432 F+ F 33 1 88888888 M+ 33 6 44445678 firstname.lastname@atos.net Atos (Country and legal form) ( y g ) Address atos.net post/zip code, locationAtos, the Atos logo, Atos Consulting, Atos Worldline, Atos Sphere, Atos Cloud and Atos WorldGridare registered trademarks of Atos SA. October 2011© 2011 Atos. Confidential information owned by Atos, to be used by the recipient only. This document, or any part of it,may not be reproduced, copied, circulated and/or distributed nor quoted without prior written approval from Atos.Transactional services. Powering progress © Confidential | 16-11-2011| Cauchie StéphaneO&D-R&D Team

×