Top

Published in:

2018 | OriginalPaper | Chapter

Secure Code Updates for Smart Embedded Devices Based on PUFs

Authors : Wei Feng, Yu Qin, Shijun Zhao, Ziwen Liu, Xiaobo Chu, Dengguo Feng

Published in: Cryptology and Network Security

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Code update is a very useful tool commonly used in low-end embedded devices to improve the existing functionalities or patch discovered bugs or vulnerabilities. If the update protocol itself is not secure, it will only bring new threats to embedded systems. Thus, a secure code update mechanism is required. However, existing solutions either rely on strong security assumptions, or result in considerable storage and computation consumption, which are not practical for resource-constrained embedded devices (e.g., in the context of Internet of Things). In this work, we first propose to use intrinsic device characteristics (i.e., Physically Unclonable Functions or PUF) to design a practical and lightweight secure code update scheme. Our scheme can not only ensure the freshness, integrity, confidentiality and authenticity of code update, but also verify that the update is installed correctly on a specific device without any malicious software. Cloned or counterfeit devices can be excluded as the code update is bound to the unpredictable physical properties of underlying hardware. Legitimate devices in an untrustworthy software state can be restored by filling suspect memory with PUF-derived random numbers. After update installation, the initiator of the code update is able to obtain the verifiable software state from device, and the device can maintain a sustainable post-update secure check by enforcing a secure call sequence. To demonstrate the practicality and feasibility, we also implement the proposed scheme on a low-end MCU platform (TI MSP430) by using onboard SRAM and Flash resources.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Towards a Smart Contract-Based, Decentralized, Public-Key Infrastructure

next chapter A Privacy-Preserving Device Tracking System Using a Low-Power Wide-Area Network

https://en.wikipedia.org/wiki/2016_Dyn_cyberattack.

https://github.com/vonwaist/PUFRNG.

http://www.eccpage.com/.

http://www.ti.com/ww/en/embedded/security/index.shtml.

https://tls.mbed.org/.

Abera, T., et al.: Invited: things, trouble, trust: on building trust in IoT systems. In: 53nd ACM/EDAC/IEEE Design Automation Conference (DAC), pp. 1–6 (2016)

Ambrosin, M., Anzanpour, A., Conti, M., Dargahi, T., Moosavi, S.R., Rahmani, A.M., Liljeberg, P.: On the feasibility of attribute-based encryption on internet of things devices. IEEE Micro 36(6), 25–35 (2016)CrossRef

Ambrosin, M., Conti, M., Ibrahim, A., Neven, G., Sadeghi, A.-R., Schunter, M.: SANA: secure and scalable aggregate network attestation. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS 2016, pp. 731–742. ACM, New York (2016)

Anagnostopoulos, N.A., Katzenbeisser, S., Rosenstihl, M., Schaller, A., Gabmeyer, S., Arul, T.: Low-temperature data remanence attacks against intrinsic SRAM PUFs. Cryptology ePrint Archive, Report 2016/769 (2016). http://eprint.iacr.org/2016/769

Anati, I., Gueron, S., Johnson, S.P., Scarlata, V.R.: Innovative technology for CPU based attestation and sealing. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, vol. 13 (2013)

ARM. Arm security technology: Building a secure system using trustzone technology. Technical report, ARM Technical White Paper (2009)

Armknecht, F., Sadeghi, A.-R., Schulz, S., Wachsmann, C.: A security framework for the analysis and design of software attestation. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS 2013, pp. 1–12. ACM, New York (2013)

Arthur, W., Challener, D.: A Practical Guide to TPM 2.0: Using the Trusted Platform Module in the New Age of Security. Apress, Berkely (2015)CrossRef

Asokan, N., et al.: SEDA: scalable embedded device attestation. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2015, NY, USA, pp. 964–975 (2015)

10.

Aysu, A., Gulcan, E., Moriyama, D., Schaumont, P., Yung, M.: End-to-end design of a PUF-based privacy preserving authentication protocol. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 556–576. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48324-4_28CrossRef

11.

Bhm, C., Hofer, M.: Physical Unclonable Functions in Theory and Practice. Springer, Heidelberg (2012). https://doi.org/10.1007/978-1-4614-5040-5CrossRef

12.

Bohm, C., Hofer, M., Pribyl, W.: A microcontroller SRAM-PUF. In: 5th International Conference on Network and System Security (NSS), pp. 269–273, September 2011

13.

Brasser, F., El Mahjoub, B., Sadeghi, A.-R., Wachsmann, C., Koeberl, P.: TyTAN: tiny trust anchor for tiny devices. In: Proceedings of the 52nd Annual Design Automation Conference, DAC 2015, pp. 34:1–34:6. ACM, New York (2015)

14.

Bratus, S., D’Cunha, N., Sparks, E., Smith, S.W.: TOCTOU, traps, and trusted computing. In: Lipp, P., Sadeghi, A.-R., Koch, K.-M. (eds.) Trust 2008. LNCS, vol. 4968, pp. 14–32. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-68979-9_2CrossRef

15.

Canetti, R., Fuller, B., Paneth, O., Reyzin, L., Smith, A.: Reusable fuzzy extractors for low-entropy distributions. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 117–146. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49890-3_5CrossRef

16.

Dziembowski, S., Kazana, T., Wichs, D.: One-time computable self-erasing functions. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 125–143. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19571-6_9CrossRef

17.

Eldefrawy, K., Francillon, A., Perito, D., Tsudik, G.: SMART: secure and minimal architecture for (establishing a dynamic) root of trust. In: 19th Annual Network and Distributed System Security Symposium, NDSS 2012, San Diego, USA, 5–8 February (2012)

18.

Feng, W., Qin, Y., Zhao, S., Feng, D.: Secure code updates for smart embedded devices based on PUFs. Cryptology ePrint Archive, Report 2017/991 (2017). http://eprint.iacr.org/2017/991

19.

Gassend, B., Edward Suh, G., Clarke, D., van Dijk, M., Devadas, S.: Caches and hash trees for efficient memory integrity verification. In: Proceedings of the 9th International Symposium on High-Performance Computer Architecture, HPCA 2003, Washington, DC, USA, p. 295 (2003)

20.

Guajardo, J., Kumar, S.S., Schrijen, G.-J., Tuyls, P.: FPGA intrinsic PUFs and their use for IP protection. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 63–80. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74735-2_5CrossRef

21.

Guillen, O., Nisarga, B., Reynoso, L., Brederlow, R.: Crypto-bootloader secure in-field firmware updates for ultra-low power MCUs. Texas Instruments Incorporated (2015)

22.

Helfmeier, C., Boit, C., Nedospasov, D., Seifert, J.P.: Cloning physically unclonable functions. In: 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp. 1–6, June 2013

23.

Van Herrewege, A.: Reverse fuzzy extractors: enabling lightweight mutual authentication for PUF-enabled RFIDs. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 374–389. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32946-3_27CrossRef

24.

Holcomb, D.E., Burleson, W.P., Fu, K.: Initial SRAM state as a fingerprint and source of true random numbers for RFID tags. In: Proceedings of the Conference on RFID Security, vol. 7 (2007)

25.

Holcomb, D.E., Burleson, W.P., Fu, K.: Power-up SRAM state as an identifying fingerprint and source of true random numbers. IEEE Trans. Comput. 58(9), 1198–1210 (2009)MathSciNetCrossRef

26.

Horsch, J., Wessel, S., Stumpf, F., Eckert, C.: SobTra: a software-based trust anchor for ARM cortex application processors. In: Proceedings of the 4th ACM Conference on Data and Application Security and Privacy, pp. 273–280. ACM (2014)

27.

Ibrahim, A., Sadeghi, A.-R., Tsudik, G., Zeitouni, S.: DARPA: device attestation resilient to physical attacks. In: Proceedings of the 9th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2016, pp. 171–182. ACM, New York (2016)

28.

Texas Instruments Incorporated. C implementation of cryptographic algorithms, SLAA547A-July 2013 (2013)

29.

Texas Instruments Incorporated. MSP430x2xx family user’s guide, SLAU144J-December 2004, Revised July 2013

30.

Texas Instruments Incorporated. Crypto-bootloader (CryptoBSL) for MSP430FR59xx and MSP430FR69xx MCUs, user’s guide, SLAU657-November 2015 (2015)

31.

Texas Instruments Incorporated. Secure in-field firmware updates for MSP MCUs, application report, SLAA682-November 2015 (2015)

32.

Karame, G.O., Li, W.: Secure erasure and code update in legacy sensors. In: Conti, M., Schunter, M., Askoxylakis, I. (eds.) Trust 2015. LNCS, vol. 9229, pp. 283–299. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-22846-4_17CrossRef

33.

Karvelas, N.P., Kiayias, A.: Efficient proofs of secure erasure. In: Abdalla, M., De Prisco, R. (eds.) SCN 2014. LNCS, vol. 8642, pp. 520–537. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-10879-7_30CrossRef

34.

Koeberl, P., Schulz, S., Sadeghi, A.-R., Varadharajan, V.: TrustLite: a security architecture for tiny embedded devices. In: Proceedings of the Ninth European Conference on Computer Systems, EuroSys 2014, pp. 10:1–10:14. ACM, New York (2014)

35.

Kohnhäuser, F., Katzenbeisser, S.: Secure code updates for mesh networked commodity low-end embedded devices. In: Askoxylakis, I., Ioannidis, S., Katsikas, S., Meadows, C. (eds.) ESORICS 2016. LNCS, vol. 9879, pp. 320–338. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-45741-3_17CrossRef

36.

Kong, J., Koushanfar, F., Pendyala, P.K., Sadeghi, A.-R., Wachsmann, C.: PUFatt: embedded platform attestation based on novel processor-based PUFs. In: Proceedings of the 51st Annual Design Automation Conference, DAC 2014, pp. 109:1–109:6. ACM, New York (2014)

37.

Liu, Z., Seo, H., Hu, Z., Hunag, X., Grosschadl, J.: Efficient implementation of ECDH key exchange for MSP430-based wireless sensor networks. In: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2015, pp. 145–153. ACM, New York (2015)

38.

Maes, R., Tuyls, P., Verbauwhede, I.: Low-overhead implementation of a soft decision helper data algorithm for SRAM PUFs. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 332–347. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04138-9_24CrossRef

39.

Maes, R., Van Herrewege, A., Verbauwhede, I.: PUFKY: a fully functional PUF-based cryptographic key generator. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 302–319. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-33027-8_18CrossRef

40.

Noorman, J., et al.: Sancus: low-cost trustworthy extensible networked devices with a zero-software trusted computing base. In: Proceedings of the 22nd USENIX Conference on Security, SEC 2013, Berkeley, CA, USA, pp. 479–494 (2013)

41.

Parno, B., McCune, J.M., Perrig, A.: Bootstrapping trust in commodity computers. In: 2010 IEEE Symposium on Security and Privacy, SP 2010, pp. 414–429. IEEE Computer Society, May 2010

42.

Perito, D., Tsudik, G.: Secure code update for embedded devices via proofs of secure erasure. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 643–662. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-15497-3_39CrossRef

43.

Schrijen, G.-J., van der Leest, V.: Comparative analysis of SRAM memories used as PUF primitives. In: Proceedings of the Conference on Design, Automation and Test in Europe, DATE 2012, pp. 1319–1324. EDA Consortium, San Jose (2012)

44.

Schulz, S., Sadeghi, A.-R., Wachsmann, C.: Short paper: lightweight remote attestation using physical functions. In: Proceedings of the Fourth ACM Conference on Wireless Network Security, WiSec 2011, pp. 109–114. ACM, New York (2011)

45.

Sehr, D., et al.: Adapting software fault isolation to contemporary CPU architectures. In: Proceedings of the 19th USENIX Conference on Security, USENIX Security 2010, p. 1. USENIX Association, Berkeley (2010)

46.

Seshadri, A., Perrig, A., van Doorn, L., Khosla, P.: SWATT: software-based attestation for embedded devices. In: Proceedings of 2004 IEEE Symposium on Security and Privacy, pp. 272–282, May 2004

47.

Seshadri, A., Luk, M., Perrig, A., van Doorn, L., Khosla, P.: SCUBA: secure code update by attestation in sensor networks. In: Proceedings of the 5th ACM Workshop on Wireless Security, WiSe 2006, pp. 85–94. ACM, New York (2006)

48.

Seshadri, A., Luk, M., Shi, E., Perrig, A., van Doorn, L., Khosla, P.: Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems. In: Proceedings of the Twentieth ACM Symposium on Operating Systems Principles, SOSP 2005, pp. 1–16. ACM, New York (2005)

49.

van der Leest, V., van der Sluis, E., Schrijen, G.-J., Tuyls, P., Handschuh, H.: Efficient implementation of true random number generator based on SRAM PUFs. In: Naccache, D. (ed.) Cryptography and Security: From Theory to Applications. LNCS, vol. 6805, pp. 300–318. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-28368-0_20CrossRef

50.

Wang, Y., Yu, W., Wu, S., Malysa, G., Edward Suh, G., Kan, E.C.: Flash memory for ubiquitous hardware security functions: true random number generation and device fingerprints. In: Proceedings of the 2012 IEEE Symposium on Security and Privacy, SP 2012, pp. 33–47. IEEE Computer Society, Washington (2012)

51.

Yang, Y., Wang, X., Zhu, S., Cao, G.: Distributed software-based attestation for node compromise detection in sensor networks. In: 26th IEEE International Symposium on Reliable Distributed Systems, SRDS 2007, pp. 219–230, October 2007

52.

Yiu, J.: White paper: ARMv8-M architecture technical overview (2015)CrossRef

53.

Zhao, S., Zhang, Q., Hu, G., Qin, Y., Feng, D.: Providing root of trust for arm trustzone using on-chip SRAM. In: Proceedings of the 4th International Workshop on Trustworthy Embedded Devices, TrustED 2014, pp. 25–36. ACM, New York (2014)

Title: Secure Code Updates for Smart Embedded Devices Based on PUFs
Authors: Wei Feng
Yu Qin
Shijun Zhao
Ziwen Liu
Xiaobo Chu
Dengguo Feng
Publisher: Springer International Publishing
Book: Cryptology and Network Security
Print ISBN: 978-3-030-02640-0

Electronic ISBN: 978-3-030-02641-7

Copyright Year: 2018
DOI: https://doi.org/10.1007/978-3-030-02641-7_15

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner