Towards Trusted IoT Sensing Systems: Implementing PUF as Secure Key Generator for Root of Trust and Message Authentication Code

Workshop on Hardware and Architectural Support for Security and Privacy Pub Date : 2021-10-18 DOI:10.1145/3505253.3505258

Kota Yoshida, K. Suzaki, T. Fujino

{"title":"Towards Trusted IoT Sensing Systems: Implementing PUF as Secure Key Generator for Root of Trust and Message Authentication Code","authors":"Kota Yoshida, K. Suzaki, T. Fujino","doi":"10.1145/3505253.3505258","DOIUrl":null,"url":null,"abstract":"Trustworthy sensor data is important for IoT sensing systems. As such, these systems need to guarantee that the sensor data is acquired by the correct device and has not been tampered with. However, IoT sensing systems can be quite complex and are often composed of multiple components, i.e., a main device and subordinate sensors. The main device is responsible for gathering and processing the data from the subordinate sensor and reports the result to a server. In order to guarantee data correctness, we introduce two types of physically unclonable function (PUF): one for the main device and one for the subordinate sensor. The main device has a trusted execution environment (TEE) for critical processing, and the correctness of the TEE is guaranteed by remote attestation based on a PUF. The subordinate sensor sends the sensor data to the main device with a message authentication code (MAC) based on a PUF. We implemented a trusted IoT sensing system using a RISC-V Keystone with a PRINCE Glitch PUF for the main device and a Raspberry Pi that simulates a CMOS image sensor PUF for the subordinate sensor.","PeriodicalId":342645,"journal":{"name":"Workshop on Hardware and Architectural Support for Security and Privacy","volume":"49 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-10-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Workshop on Hardware and Architectural Support for Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3505253.3505258","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

Trustworthy sensor data is important for IoT sensing systems. As such, these systems need to guarantee that the sensor data is acquired by the correct device and has not been tampered with. However, IoT sensing systems can be quite complex and are often composed of multiple components, i.e., a main device and subordinate sensors. The main device is responsible for gathering and processing the data from the subordinate sensor and reports the result to a server. In order to guarantee data correctness, we introduce two types of physically unclonable function (PUF): one for the main device and one for the subordinate sensor. The main device has a trusted execution environment (TEE) for critical processing, and the correctness of the TEE is guaranteed by remote attestation based on a PUF. The subordinate sensor sends the sensor data to the main device with a message authentication code (MAC) based on a PUF. We implemented a trusted IoT sensing system using a RISC-V Keystone with a PRINCE Glitch PUF for the main device and a Raspberry Pi that simulates a CMOS image sensor PUF for the subordinate sensor.

查看原文本刊更多论文

迈向可信的物联网传感系统:实现PUF作为信任根和消息认证码的安全密钥生成器

值得信赖的传感器数据对于物联网传感系统非常重要。因此，这些系统需要保证传感器数据是由正确的设备获取的，并且没有被篡改。然而，物联网传感系统可能非常复杂，通常由多个组件组成，即主设备和从属传感器。主设备负责从下级传感器收集和处理数据，并将结果报告给服务器。为了保证数据的正确性，我们引入了两种类型的物理不可克隆功能(PUF):一种用于主设备，一种用于从属传感器。主设备具有用于关键处理的可信执行环境(TEE)， TEE的正确性通过基于PUF的远程认证来保证。从属传感器根据PUF将传感器数据与MAC (message authentication code)一起发送给主设备。我们使用RISC-V Keystone实现了一个可信的物联网传感系统，其主设备为PRINCE Glitch PUF，副传感器为模拟CMOS图像传感器PUF的树莓派。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Workshop on Hardware and Architectural Support for Security and Privacy

自引率

0.00%

发文量