-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsummary.tex
53 lines (44 loc) · 4.06 KB
/
summary.tex
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
%
% summary.tex 2007-02-06 Mark Senn http://www.ecn.purdue.edu/~mark
%
\chapter{Summary}
\label{chapter:conclusion}
Systems that interact with the physical world are not only becoming more pervasive, but also more powerful
from a computing perspective. It is helpful to classify these systems into groups of standalone, deployed, and
peripheral physical systems. The distinction lies in how they communicate with other systems,
such as the ones connected over the internet.
There are many different security issues facing physical systems. Not only must they compensate for threats similar
to those faced in software, such as impersonations, man-in-the-middles, and replay attacks, they must also
contend with threats specific to a system that exists in the physical world. These include power analysis attacks,
which can glean information from power consumption, signal injection attacks, which can alter system behavior by
bombarding the system with wireless signals, and simple tampering, such as breaking components or attaching logic
probes.
The technology of Physically Unclonable Function (PUF) was presented, which allows strong guarantees of device authenticity
to be made by leveraging the challenge-response properties of PUF. These devices are able to offer these guarantees
since they cannot be duplicated using a manufacturing process, so the responses they give to given challenges are
always distinct from other PUFs. PUFs require a certain amount of support circuitry to deal with bit errors that occasionally
occur, but this is acceptable and solvable using existing error correction techniques.
It is possible to utilize PUF devices in conjunction with certain cryptographic protocols, such as zero knowledge proof
of knowledge (ZKPK) proofs, to implement interesting applications. Several different applications were presented, each of
which demonstrated the use of PUF in a different context.
The PUF ROK application leveraged a PUF device to create keys that, once used, are unrecoverable. This was done by
giving the PUF an initial ``seed" value and then creating a feedback loop with the PUF. When the PUF generated a response,
it would overwrite the previously stored value. Since PUFs are one-way functions, there is no way to go backwards and
recover the value that was previously used. These ROKs could then be used to create ``self-destructing" documents
or for an authority to give a delegate a limited number of a higher privilege level.
The PEAR application used PUFs in a way to uniquely and securely identify devices, despite insecure communication
channels. In addition to a PUF, a ZKPK protocol was used to provide this benefit. The PUF as well as an external keypad
make up a PEAR device so that data can be entered securely. The initial goal was to allow users to be able to log in
to websites securely, even if a hardware key logger was attached to the keyboard. This is possible, but PEAR also
allows this capability in the presence of software threats on the PC, since all traffic is encrypted.
Finally, the smart grid project utilized PUFs to provide strong guarantees of smart meters' identity. This is critical
because if the utility company was not sure of meters it was communicating with, catastrophic attacks would be possible,
such as overloading of power handling circuits. The PUF was again used in conjunction with ZKPK proofs to
protect information in transit between the two parties. Additionally, since the utility company is required to maintain
a large database, storing ZKPK commitments, rather than secrets directly, is a much more secure approach. Another
interesting point of this application was that the PUF generated and maintained a master key internally,
but derived keys were used in all steps of the protocol. This protects the long term security of the device, even in the
event of certain security compromises.
These different applications show the versatility of PUF technology in helping to secure physical systems.
Depending on which cryptographic tools and protocols they are used in conjunction with, PUFs can be used
in a variety of different ways, as was demonstrated.