Physically Unclonable Functions In a M2M Authentication context

Physically Unclonable Functions
In a M2M Authentication context
Atos Worldline
dd-mm-yyyy

Transactional services. Powering progress
| 16-11-2011| Cauchie Stéphane
O&D-R&D Team

Summary

ADS+ Consortium

Project definition
j

Hardware Layer
Applicative Layer
Project status & Conclusion

2 | 16-11-2011| Cauchie Stéphane
O&D-R&D Team

Summary

Context : ADS+ Consortium

O&D-R&D Team

ADS+ Consortium

▶ Bank & Industry

O&D-R&D Team

ADS+ Consortium

▶ Bank & Industry

▶ S&M Industries

O&D-R&D Team

ADS+ Consortium

▶ Bank & Industry

▶ S&M Industries

▶ Labs

▶ Funding Agency

O&D-R&D Team

Summary

ADS+ Consortium

Project definition
j

O&D-R&D Team

Context of Project

Needs and requirements bound to the payment card are heavier
Management becomes more and more complex and expensive

to design and validate a new open and
standard POI (Point of Infrastructure)
Architecture for the Distribution of
secure Services
standardization
proposals
(EPAS, ISO)

A Web Major scientific
architecture - a thin client POI
- A server of infrastructure and industrial
- Some ADS+ services impacts

O&D-R&D Team

Kinematics

merchant

secure channel
Merchant
establishment
Authentication

Infrastructure

ADS+ services

O&D-R&D Team

10/10/2010

Kinematics Confidential

merchant

Infrastructure

Customer
ADS+ services

O&D-R&D Team

Technical innovation on the POI

Replace the certificats x.509 in
Composants Authentication
POI

PUF Technology

Low cost No private key to
protect
less complex than PKI

O&D-R&D Team

Summary

ADS+ Consortium

Project definition
j


O&D-R&D Team

PUF Concepts

 Introduced by Pappu (cf Physical One Way Functions 2001)
(cf. One-Way Functions,

 The observation :

Component manufacturing processes induce minor
differences between two objects yet being made under
the same conditions

 The idea :
To exploit these minor differences to generate a secret

O&D-R&D Team

How to generate a secret ?
g

Black
Application challenge Response
Box

Error detect o a d co ect o
o detection and correction Noisy

SRAM PUF
PUF,
Hardware
Optical PUF
Coating PUF
Arbiter PUF

O&D-R&D Team

Categories of PUFs
g

 t-Strong PUF vs Weak PUF

« a Strong t-PUF has a sufficient number of Challenge-response pairs
such that it is difficult for an Attackers, who obtained some challenge-
response p
p pairs during a time t, to p
g , predict a response from a challenge
p g
with a high probability »

Source : Rührmair, Sölter, Selmke On the foundation of Physical Unclonable Functions (2009)

C
Controlled PUF vs U
ll d Uncontrolled PUF
ll d
Controlled PUF

Black
Challenge Response
box

Can forbid Can encrypt and hash

O&D-R&D Team

Summary

ADS+ Consortium

Project definition
j

Hardware Layer

O&D-R&D Team

Optical PUF

Response
Transparent with random
scatterers

Challen
ge

O&D-R&D Team

Coating PUF

random dielectric particles

C a e ge
Challenge
(voltage of a Response
R
certain frequency (a random
and amplitude) capacitan
ce
Metal sensors
Value)

O&D-R&D Team

Arbiter PUF

C1 C2 CN

1 1 1

0 0 0

0 0 0

1 1 1

O&D-R&D Team

SRAM PUF

C1 C1 1 0 0 0 0 0 0 1

C2 0 0 1 0 0 1 0 1
C2
REPONSE
CHALLENGE 1 1 0 1 0 1 1 0

0 0 0 1 0 0 0 1

Cn 0 1 1 1 0 0 0 0

Cn

O&D-R&D Team

Summary

ADS+ Consortium

Project definition
j

Hardware Layer
Applicative Layer

O&D-R&D Team

The PUF response as session key
p y

 Enrollment phase

PUF 1 1 c1 r1

cm rm

DB
n c1 r1
PUF n
cm rm

 Session key establishment
Id id c1 r1
PUF
c1
DB
r1 Black box cm rm

Session Key r1

O&D-R&D Team

The PUF response for Authentication
p

Enrollment phase < gk> a group
Ri = gri where ri is a PUF response to challenge ci

PUF 1 1 c1 R1

cm Rm

BD
n c1 R1

PUF n cm Rm

 PUF authentication
Id
PUF id c1 R1
c1 BD
Black box
r1 cm Rm

Zero–Knowledge proof

Keith B. Frikken, Marina Blanton, Mikhail J. Atallah Robust Authentication using physically unclonable functions (2009) .

O&D-R&D Team

The PUFs to create a secure channel

- PUF uses in key exchange protocol

Data base attacks Impersonate the PUF

- PUF uses in a authentication protocol

No shared secret No session Key

- A secure channel : authentication + session key

A new protocol has been developed : DHZKP protocol

O&D-R&D Team

Summary

ADS+ Consortium

Project definition
j

Hardware Layer
Applicative Layer
Project status & Conclusion

O&D-R&D Team

Conclusion

▶ Physically Unclonable Function
– Use Physical characteristic to extract unique pattern
– Less expensive than a secure element
– Use cases : Anti-Counterfeit, M2M authentication
▶ ADS+
– M2M context
– Replace PKI by a disruptive technology
– Our PUF can be considered strong as we are in a Tamper Resistant Device
g p
▶ Protocol Layer : Our DHZKP
– Scientific Papier about the DHZKP protocol (We are making the security proof)
– RFC about the TLS extension by DHZKP
– Tests in a real situation (POI / server)
– Open source

O&D-R&D Team

Thanks

For more information please contact:
T+ 33 1 98765432
F+
F 33 1 88888888
M+ 33 6 44445678
firstname.lastname@atos.net

Atos (Country and legal form)
( y g )
Address
atos.net post/zip code, location

Atos, the Atos logo, Atos Consulting, Atos Worldline, Atos Sphere, Atos Cloud and Atos WorldGrid
are registered trademarks of Atos SA. October 2011
© 2011 Atos. Confidential information owned by Atos, to be used by the recipient only. This document, or any part of it,
may not be reproduced, copied, circulated and/or distributed nor quoted without prior written approval from Atos.

Transactional services. Powering progress © Confidential
O&D-R&D Team

Physically Unclonable Functions In a M2M Authentication context

Recommended

Recommended

More Related Content

Similar to Physically Unclonable Functions In a M2M Authentication context

Similar to Physically Unclonable Functions In a M2M Authentication context (20)

Recently uploaded

Recently uploaded (20)

Physically Unclonable Functions In a M2M Authentication context