Loading…
On-Line Evaluation and Monitoring of Security Features of an RO-Based PUF/TRNG for IoT Devices
The proliferation of devices for the Internet of Things (IoT) and their implication in many activities of our lives have led to a considerable increase in concern about the security of these devices, posing a double challenge for designers and developers of products. On the one hand, the design of n...
Saved in:
| Published in: | Sensors (Basel, Switzerland) Switzerland), 2023-04, Vol.23 (8), p.4070 |
|---|---|
| Main Authors: | , , , |
| Format: | Article |
| Language: | English |
| Subjects: | |
| Citations: | Items that this one cites |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| cited_by | |
|---|---|
| cites | cdi_FETCH-LOGICAL-c469t-bbc8f88165a631299db5f398f969c2cee49c606f9d7070e0c38a1769cf1de3a83 |
| container_end_page | |
| container_issue | 8 |
| container_start_page | 4070 |
| container_title | Sensors (Basel, Switzerland) |
| container_volume | 23 |
| creator | Rojas-Muñoz, Luis F Sánchez-Solano, Santiago Martínez-Rodríguez, Macarena C Brox, Piedad |
| description | The proliferation of devices for the Internet of Things (IoT) and their implication in many activities of our lives have led to a considerable increase in concern about the security of these devices, posing a double challenge for designers and developers of products. On the one hand, the design of new security primitives, suitable for resource-limited devices, can facilitate the inclusion of mechanisms and protocols to ensure the integrity and privacy of the data exchanged over the Internet. On the other hand, the development of techniques and tools to evaluate the quality of the proposed solutions as a step prior to their deployment, as well as to monitor their behavior once in operation against possible changes in operating conditions arising naturally or as a consequence of a stress situation forced by an attacker. To address these challenges, this paper first describes the design of a security primitive that plays an important role as a component of a hardware-based root of trust, as it can act as a source of entropy for True Random Number Generation (TRNG) or as a Physical Unclonable Function (PUF) to facilitate the generation of identifiers linked to the device on which it is implemented. The work also illustrates different software components that allow carrying out a self-assessment strategy to characterize and validate the performance of this primitive in its dual functionality, as well as to monitor possible changes in security levels that may occur during operation as a result of device aging and variations in power supply or operating temperature. The designed PUF/TRNG is provided as a configurable IP module, which takes advantage of the internal architecture of the Xilinx Series-7 and Zynq-7000 programmable devices and incorporates an AXI4-based standard interface to facilitate its interaction with soft- and hard-core processing systems. Several test systems that contain different instances of the IP have been implemented and subjected to an exhaustive set of on-line tests to obtain the metrics that determine its quality in terms of uniqueness, reliability, and entropy characteristics. The results obtained prove that the proposed module is a suitable candidate for various security applications. As an example, an implementation that uses less than 5% of the resources of a low-cost programmable device is capable of obfuscating and recovering 512-bit cryptographic keys with virtually zero error rate. |
| doi_str_mv | 10.3390/s23084070 |
| format | article |
| fullrecord | <record><control><sourceid>gale_doaj_</sourceid><recordid>TN_cdi_doaj_primary_oai_doaj_org_article_a74cfffe937844c8acb42321a51cb441</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><galeid>A747539715</galeid><doaj_id>oai_doaj_org_article_a74cfffe937844c8acb42321a51cb441</doaj_id><sourcerecordid>A747539715</sourcerecordid><originalsourceid>FETCH-LOGICAL-c469t-bbc8f88165a631299db5f398f969c2cee49c606f9d7070e0c38a1769cf1de3a83</originalsourceid><addsrcrecordid>eNpdkk1vEzEQhlcIREvhwB9AlrjAYVt_7do-oVKaEikQVNIrluMdB0cbu7V3I_Xf45AStcgHj9555h2PNVX1luBTxhQ-y5RhybHAz6pjwimvJaX4-aP4qHqV8xpjyhiTL6sjJgihnNDj6tc81DMfAF1uTT-awceATOjQtxj8EJMPKxQd-gl2TH64RxMww5gg70QT0PW8_mwydOjHzeRscf39CrmY0DQu0BfYegv5dfXCmT7Dm4f7pLqZXC4uvtaz-dX04nxWW96qoV4urXRSkrYxLSNUqW7ZOKakU62y1AJwZVvcOtWJMiVgy6QhouQc6YAZyU6q6d63i2atb5PfmHSvo_H6rxDTSps0eNuDNoJb5xwoJiTnVhq75JRRYhpSIk6K16e91-243EBnIQzJ9E9Mn2aC_61XcasJJpw3DBeHDw8OKd6NkAe98dlC35sAccyaSiwUVkq2BX3_H7qOYwrlr3ZU26hC7qjTPbUyZQIfXCyNbTkdbLyNAZwv-rngomFKkKYUfNwX2BRzTuAOzydY73ZGH3amsO8ez3sg_y0J-wNBHrlH</addsrcrecordid><sourcetype>Open Website</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2806590796</pqid></control><display><type>article</type><title>On-Line Evaluation and Monitoring of Security Features of an RO-Based PUF/TRNG for IoT Devices</title><source>Open Access: PubMed Central</source><source>Publicly Available Content Database</source><creator>Rojas-Muñoz, Luis F ; Sánchez-Solano, Santiago ; Martínez-Rodríguez, Macarena C ; Brox, Piedad</creator><creatorcontrib>Rojas-Muñoz, Luis F ; Sánchez-Solano, Santiago ; Martínez-Rodríguez, Macarena C ; Brox, Piedad</creatorcontrib><description>The proliferation of devices for the Internet of Things (IoT) and their implication in many activities of our lives have led to a considerable increase in concern about the security of these devices, posing a double challenge for designers and developers of products. On the one hand, the design of new security primitives, suitable for resource-limited devices, can facilitate the inclusion of mechanisms and protocols to ensure the integrity and privacy of the data exchanged over the Internet. On the other hand, the development of techniques and tools to evaluate the quality of the proposed solutions as a step prior to their deployment, as well as to monitor their behavior once in operation against possible changes in operating conditions arising naturally or as a consequence of a stress situation forced by an attacker. To address these challenges, this paper first describes the design of a security primitive that plays an important role as a component of a hardware-based root of trust, as it can act as a source of entropy for True Random Number Generation (TRNG) or as a Physical Unclonable Function (PUF) to facilitate the generation of identifiers linked to the device on which it is implemented. The work also illustrates different software components that allow carrying out a self-assessment strategy to characterize and validate the performance of this primitive in its dual functionality, as well as to monitor possible changes in security levels that may occur during operation as a result of device aging and variations in power supply or operating temperature. The designed PUF/TRNG is provided as a configurable IP module, which takes advantage of the internal architecture of the Xilinx Series-7 and Zynq-7000 programmable devices and incorporates an AXI4-based standard interface to facilitate its interaction with soft- and hard-core processing systems. Several test systems that contain different instances of the IP have been implemented and subjected to an exhaustive set of on-line tests to obtain the metrics that determine its quality in terms of uniqueness, reliability, and entropy characteristics. The results obtained prove that the proposed module is a suitable candidate for various security applications. As an example, an implementation that uses less than 5% of the resources of a low-cost programmable device is capable of obfuscating and recovering 512-bit cryptographic keys with virtually zero error rate.</description><identifier>ISSN: 1424-8220</identifier><identifier>EISSN: 1424-8220</identifier><identifier>DOI: 10.3390/s23084070</identifier><identifier>PMID: 37112412</identifier><language>eng</language><publisher>Switzerland: MDPI AG</publisher><subject>Automation ; Design ; Embedded systems ; Entropy ; Field programmable gate arrays ; hardware security ; Internet of Things ; key generation ; Operating temperature ; physical unclonable functions ; Random numbers ; reconfigurable devices ; Self assessment ; Self evaluation ; Semiconductor industry ; Software ; Test systems ; true-random number generator</subject><ispartof>Sensors (Basel, Switzerland), 2023-04, Vol.23 (8), p.4070</ispartof><rights>COPYRIGHT 2023 MDPI AG</rights><rights>2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.</rights><rights>2023 by the authors. 2023</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><cites>FETCH-LOGICAL-c469t-bbc8f88165a631299db5f398f969c2cee49c606f9d7070e0c38a1769cf1de3a83</cites><orcidid>0000-0003-1059-5338 ; 0000-0002-0700-0447 ; 0000-0003-3025-5736 ; 0000-0002-5568-1136</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://www.proquest.com/docview/2806590796/fulltextPDF?pq-origsite=primo$$EPDF$$P50$$Gproquest$$Hfree_for_read</linktopdf><linktohtml>$$Uhttps://www.proquest.com/docview/2806590796?pq-origsite=primo$$EHTML$$P50$$Gproquest$$Hfree_for_read</linktohtml><link.rule.ids>230,314,727,780,784,885,25753,27924,27925,37012,37013,44590,53791,53793,75126</link.rule.ids><backlink>$$Uhttps://www.ncbi.nlm.nih.gov/pubmed/37112412$$D View this record in MEDLINE/PubMed$$Hfree_for_read</backlink></links><search><creatorcontrib>Rojas-Muñoz, Luis F</creatorcontrib><creatorcontrib>Sánchez-Solano, Santiago</creatorcontrib><creatorcontrib>Martínez-Rodríguez, Macarena C</creatorcontrib><creatorcontrib>Brox, Piedad</creatorcontrib><title>On-Line Evaluation and Monitoring of Security Features of an RO-Based PUF/TRNG for IoT Devices</title><title>Sensors (Basel, Switzerland)</title><addtitle>Sensors (Basel)</addtitle><description>The proliferation of devices for the Internet of Things (IoT) and their implication in many activities of our lives have led to a considerable increase in concern about the security of these devices, posing a double challenge for designers and developers of products. On the one hand, the design of new security primitives, suitable for resource-limited devices, can facilitate the inclusion of mechanisms and protocols to ensure the integrity and privacy of the data exchanged over the Internet. On the other hand, the development of techniques and tools to evaluate the quality of the proposed solutions as a step prior to their deployment, as well as to monitor their behavior once in operation against possible changes in operating conditions arising naturally or as a consequence of a stress situation forced by an attacker. To address these challenges, this paper first describes the design of a security primitive that plays an important role as a component of a hardware-based root of trust, as it can act as a source of entropy for True Random Number Generation (TRNG) or as a Physical Unclonable Function (PUF) to facilitate the generation of identifiers linked to the device on which it is implemented. The work also illustrates different software components that allow carrying out a self-assessment strategy to characterize and validate the performance of this primitive in its dual functionality, as well as to monitor possible changes in security levels that may occur during operation as a result of device aging and variations in power supply or operating temperature. The designed PUF/TRNG is provided as a configurable IP module, which takes advantage of the internal architecture of the Xilinx Series-7 and Zynq-7000 programmable devices and incorporates an AXI4-based standard interface to facilitate its interaction with soft- and hard-core processing systems. Several test systems that contain different instances of the IP have been implemented and subjected to an exhaustive set of on-line tests to obtain the metrics that determine its quality in terms of uniqueness, reliability, and entropy characteristics. The results obtained prove that the proposed module is a suitable candidate for various security applications. As an example, an implementation that uses less than 5% of the resources of a low-cost programmable device is capable of obfuscating and recovering 512-bit cryptographic keys with virtually zero error rate.</description><subject>Automation</subject><subject>Design</subject><subject>Embedded systems</subject><subject>Entropy</subject><subject>Field programmable gate arrays</subject><subject>hardware security</subject><subject>Internet of Things</subject><subject>key generation</subject><subject>Operating temperature</subject><subject>physical unclonable functions</subject><subject>Random numbers</subject><subject>reconfigurable devices</subject><subject>Self assessment</subject><subject>Self evaluation</subject><subject>Semiconductor industry</subject><subject>Software</subject><subject>Test systems</subject><subject>true-random number generator</subject><issn>1424-8220</issn><issn>1424-8220</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2023</creationdate><recordtype>article</recordtype><sourceid>PIMPY</sourceid><sourceid>DOA</sourceid><recordid>eNpdkk1vEzEQhlcIREvhwB9AlrjAYVt_7do-oVKaEikQVNIrluMdB0cbu7V3I_Xf45AStcgHj9555h2PNVX1luBTxhQ-y5RhybHAz6pjwimvJaX4-aP4qHqV8xpjyhiTL6sjJgihnNDj6tc81DMfAF1uTT-awceATOjQtxj8EJMPKxQd-gl2TH64RxMww5gg70QT0PW8_mwydOjHzeRscf39CrmY0DQu0BfYegv5dfXCmT7Dm4f7pLqZXC4uvtaz-dX04nxWW96qoV4urXRSkrYxLSNUqW7ZOKakU62y1AJwZVvcOtWJMiVgy6QhouQc6YAZyU6q6d63i2atb5PfmHSvo_H6rxDTSps0eNuDNoJb5xwoJiTnVhq75JRRYhpSIk6K16e91-243EBnIQzJ9E9Mn2aC_61XcasJJpw3DBeHDw8OKd6NkAe98dlC35sAccyaSiwUVkq2BX3_H7qOYwrlr3ZU26hC7qjTPbUyZQIfXCyNbTkdbLyNAZwv-rngomFKkKYUfNwX2BRzTuAOzydY73ZGH3amsO8ez3sg_y0J-wNBHrlH</recordid><startdate>20230418</startdate><enddate>20230418</enddate><creator>Rojas-Muñoz, Luis F</creator><creator>Sánchez-Solano, Santiago</creator><creator>Martínez-Rodríguez, Macarena C</creator><creator>Brox, Piedad</creator><general>MDPI AG</general><general>MDPI</general><scope>NPM</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>3V.</scope><scope>7X7</scope><scope>7XB</scope><scope>88E</scope><scope>8FI</scope><scope>8FJ</scope><scope>8FK</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>FYUFA</scope><scope>GHDGH</scope><scope>K9.</scope><scope>M0S</scope><scope>M1P</scope><scope>PIMPY</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>7X8</scope><scope>5PM</scope><scope>DOA</scope><orcidid>https://orcid.org/0000-0003-1059-5338</orcidid><orcidid>https://orcid.org/0000-0002-0700-0447</orcidid><orcidid>https://orcid.org/0000-0003-3025-5736</orcidid><orcidid>https://orcid.org/0000-0002-5568-1136</orcidid></search><sort><creationdate>20230418</creationdate><title>On-Line Evaluation and Monitoring of Security Features of an RO-Based PUF/TRNG for IoT Devices</title><author>Rojas-Muñoz, Luis F ; Sánchez-Solano, Santiago ; Martínez-Rodríguez, Macarena C ; Brox, Piedad</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c469t-bbc8f88165a631299db5f398f969c2cee49c606f9d7070e0c38a1769cf1de3a83</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2023</creationdate><topic>Automation</topic><topic>Design</topic><topic>Embedded systems</topic><topic>Entropy</topic><topic>Field programmable gate arrays</topic><topic>hardware security</topic><topic>Internet of Things</topic><topic>key generation</topic><topic>Operating temperature</topic><topic>physical unclonable functions</topic><topic>Random numbers</topic><topic>reconfigurable devices</topic><topic>Self assessment</topic><topic>Self evaluation</topic><topic>Semiconductor industry</topic><topic>Software</topic><topic>Test systems</topic><topic>true-random number generator</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Rojas-Muñoz, Luis F</creatorcontrib><creatorcontrib>Sánchez-Solano, Santiago</creatorcontrib><creatorcontrib>Martínez-Rodríguez, Macarena C</creatorcontrib><creatorcontrib>Brox, Piedad</creatorcontrib><collection>PubMed</collection><collection>CrossRef</collection><collection>ProQuest Central (Corporate)</collection><collection>Health & Medical Collection</collection><collection>ProQuest Central (purchase pre-March 2016)</collection><collection>Medical Database (Alumni Edition)</collection><collection>Hospital Premium Collection</collection><collection>Hospital Premium Collection (Alumni Edition)</collection><collection>ProQuest Central (Alumni) (purchase pre-March 2016)</collection><collection>ProQuest Central (Alumni)</collection><collection>ProQuest Central</collection><collection>ProQuest Central Essentials</collection><collection>AUTh Library subscriptions: ProQuest Central</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>Health Research Premium Collection</collection><collection>Health Research Premium Collection (Alumni)</collection><collection>ProQuest Health & Medical Complete (Alumni)</collection><collection>Health & Medical Collection (Alumni Edition)</collection><collection>Medical Database</collection><collection>Publicly Available Content Database</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>MEDLINE - Academic</collection><collection>PubMed Central (Full Participant titles)</collection><collection>Open Access: DOAJ - Directory of Open Access Journals</collection><jtitle>Sensors (Basel, Switzerland)</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Rojas-Muñoz, Luis F</au><au>Sánchez-Solano, Santiago</au><au>Martínez-Rodríguez, Macarena C</au><au>Brox, Piedad</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>On-Line Evaluation and Monitoring of Security Features of an RO-Based PUF/TRNG for IoT Devices</atitle><jtitle>Sensors (Basel, Switzerland)</jtitle><addtitle>Sensors (Basel)</addtitle><date>2023-04-18</date><risdate>2023</risdate><volume>23</volume><issue>8</issue><spage>4070</spage><pages>4070-</pages><issn>1424-8220</issn><eissn>1424-8220</eissn><abstract>The proliferation of devices for the Internet of Things (IoT) and their implication in many activities of our lives have led to a considerable increase in concern about the security of these devices, posing a double challenge for designers and developers of products. On the one hand, the design of new security primitives, suitable for resource-limited devices, can facilitate the inclusion of mechanisms and protocols to ensure the integrity and privacy of the data exchanged over the Internet. On the other hand, the development of techniques and tools to evaluate the quality of the proposed solutions as a step prior to their deployment, as well as to monitor their behavior once in operation against possible changes in operating conditions arising naturally or as a consequence of a stress situation forced by an attacker. To address these challenges, this paper first describes the design of a security primitive that plays an important role as a component of a hardware-based root of trust, as it can act as a source of entropy for True Random Number Generation (TRNG) or as a Physical Unclonable Function (PUF) to facilitate the generation of identifiers linked to the device on which it is implemented. The work also illustrates different software components that allow carrying out a self-assessment strategy to characterize and validate the performance of this primitive in its dual functionality, as well as to monitor possible changes in security levels that may occur during operation as a result of device aging and variations in power supply or operating temperature. The designed PUF/TRNG is provided as a configurable IP module, which takes advantage of the internal architecture of the Xilinx Series-7 and Zynq-7000 programmable devices and incorporates an AXI4-based standard interface to facilitate its interaction with soft- and hard-core processing systems. Several test systems that contain different instances of the IP have been implemented and subjected to an exhaustive set of on-line tests to obtain the metrics that determine its quality in terms of uniqueness, reliability, and entropy characteristics. The results obtained prove that the proposed module is a suitable candidate for various security applications. As an example, an implementation that uses less than 5% of the resources of a low-cost programmable device is capable of obfuscating and recovering 512-bit cryptographic keys with virtually zero error rate.</abstract><cop>Switzerland</cop><pub>MDPI AG</pub><pmid>37112412</pmid><doi>10.3390/s23084070</doi><orcidid>https://orcid.org/0000-0003-1059-5338</orcidid><orcidid>https://orcid.org/0000-0002-0700-0447</orcidid><orcidid>https://orcid.org/0000-0003-3025-5736</orcidid><orcidid>https://orcid.org/0000-0002-5568-1136</orcidid><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 1424-8220 |
| ispartof | Sensors (Basel, Switzerland), 2023-04, Vol.23 (8), p.4070 |
| issn | 1424-8220 1424-8220 |
| language | eng |
| recordid | cdi_doaj_primary_oai_doaj_org_article_a74cfffe937844c8acb42321a51cb441 |
| source | Open Access: PubMed Central; Publicly Available Content Database |
| subjects | Automation Design Embedded systems Entropy Field programmable gate arrays hardware security Internet of Things key generation Operating temperature physical unclonable functions Random numbers reconfigurable devices Self assessment Self evaluation Semiconductor industry Software Test systems true-random number generator |
| title | On-Line Evaluation and Monitoring of Security Features of an RO-Based PUF/TRNG for IoT Devices |
| url | http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-26T22%3A29%3A44IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-gale_doaj_&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=On-Line%20Evaluation%20and%20Monitoring%20of%20Security%20Features%20of%20an%20RO-Based%20PUF/TRNG%20for%20IoT%20Devices&rft.jtitle=Sensors%20(Basel,%20Switzerland)&rft.au=Rojas-Mu%C3%B1oz,%20Luis%20F&rft.date=2023-04-18&rft.volume=23&rft.issue=8&rft.spage=4070&rft.pages=4070-&rft.issn=1424-8220&rft.eissn=1424-8220&rft_id=info:doi/10.3390/s23084070&rft_dat=%3Cgale_doaj_%3EA747539715%3C/gale_doaj_%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c469t-bbc8f88165a631299db5f398f969c2cee49c606f9d7070e0c38a1769cf1de3a83%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=2806590796&rft_id=info:pmid/37112412&rft_galeid=A747539715&rfr_iscdi=true |