物聯網(Internet of Things, IoTs)裝置近年來被廣泛地使用，裝置數量上升導致安全漏洞成為不可避免的問題。在傳統的物聯網裝置中會使用嵌入式非揮發性記憶體來儲存金鑰，但是嵌入式非揮發性記憶體有成本昂貴、面積過大且容易受到物理攻擊的缺點，相對的，強物理不可複製函數具有相對便宜與面積小的優點，且具有大量的挑戰響應對(challenge response pairs, CRPs)，物理不可複製函數成為一個適合取代嵌入式非揮發性記憶體的選項。但是少量的挑戰響應對洩漏會導致強物理不可複製函數被模型攻擊，最近也發展出幾種混和旁路攻擊和模型攻擊的方式，在未取得響應值的狀況下來建立強物理不可複製函數的模型，所以建立物理不可複製函數的保護機制是很重要的。
本論文提出一個具硬體和韌體安全性的RISC-V系統，使用進階加密標準伽羅瓦/計數器模式與物理不可複製函數建立裝置的信任根，並提出一個使用信任鏈的開機流程來保護韌體和針對駭客竊取金鑰攻擊模型的對策。根據實驗結果，反旁路攻擊可以使模型準確率有28.85%的降低幅度，並且讓響應值與功耗值的相關係數降低85.7%。

Devices of Internet of Things (IoTs) are used worldwide in recent years. The increasing number of the devices makes the security vulnerability an unavoidable issue. Conventional devices of IoTs have used embedded Non-Volatile Memories (eNVMs) to store cryptographic keys. However, eNVMs are expensive, large and prone to physical attacks. In contrast, strong physical unclonable functions (PUFs) are relatively cheap and small with a large number of challenge and response pairs (CRPs). PUFs are suitable replacements of eNVMs for resource-limited IoT devices. Therefore, it is important to establish protection mechanism for PUFs. It will lead to model attack when a small number of CRPs leak. Recently, several hybrid-side channel (SC) and model attacks are proposed. Even if no responses are leaked, the adversary still can successfully build the strong PUF model.
We proposed a hardware and firmware secured RISC-V system. It used advanced encryption standard with Galois/Counter Mode (AES-GCM) and PUF to establish the Root of Trust (RoT). We also proposed a boot flow using Chain of Trust (CoT) as well as countermeasures against key extraction. According to the experimental results, the anti-SC attack would reduce accuracy of the PUF model attack by 28.85%. The correlation between model responses and power consumption is also reduced by 85.7%.

[1] J. Gubbi, R. Buyya, S. Marusic, and M. Palaniswami, “Internet of Things (IoT): A Vision, Architectural Elements, and Future Directions,” Future Generation Computer Systems, vol. 29, no. 7, pp. 1645–1660, Sep. 2013.
[2] P. Newman, “The Internet of Things 2020: Here’s What Over 400 IoT Decision-Makers Say About the Future of Enterprise Connectivity and How IoT Companies Can Use It to Grow Revenue,” Business Insider. https://www.businessinsider.com/internet-of-things-report (accessed Jun. 10, 2020).
[3] “The Ultimate List of Cyber Security Statistics for 2019,” Purplesec. https://purplesec.us/resources/cyber-security-statistics (accessed Jun. 09, 2020).
[4] A. Waqas, “Mirai Botnet Linked to Massive DDoS Attacks on Dyn DNS,” HackRead. https://www.hackread.com/mirai-botnet-linked-to-dyn-dns-ddos-attacks (accessed Jun. 10, 2020).
[5] M. Fagan, K. N. Megas, K. Scarfone, and M. Smith, “IoT Device Cybersecurity Capability Core Baseline,” National Institute of Standards and Technology, NIST Internal Report 8259A, 2020. [Online]. Available: https://nvlpubs.nist.gov/nistpubs/ir/2020/NIST.IR.8259.pdf.
[6] S. P. Skorobogatov, “Semi-Invasive Attacks - a New Approach to Hardware Security Analysis,” Computer Laboratory, University of Cambridge, Technical Report UCAM-CL-TR-630, 2005.
[7] U. Rührmair, F. Sehnke, J. Sölter, G. Dror, S. Devadas, and J. Schmidhuber, “Modeling Attacks on Physical Unclonable Functions,” in Proc. 17th ACM Conference on Computer and Communications Security, 2010, pp. 237–249.
[8] X. Xu and W. Burleson, “Hybrid Side-Channel/Machine-Learning Attacks on PUFs: A New Threat?,” in Proc. 2014 Design, Automation & Test in Europe Conference & Exhibition, Apr. 2014, pp. 1–6.
[9] A. Regenscheid, “Platform Firmware Resiliency Guidelines,” National Institute of Standards and Technology, NIST Special Publication 800–193, 2018. [Online]. Available: http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-193.pdf.
[10] “TrustZone for Cortex-A,” ARM. https://developer.arm.com/ip-products/security-ip/trustzone/trustzone-for-cortex-a (accessed Jun. 11, 2020).
[11] “Secure Technology,” AMD. https://www.amd.com/en/technologies/security (accessed Jun. 11, 2020).
[12] “New Microarchitecture for 4th Gen Intel® CoreTM Processor Platforms,” Intel, 2013. [Online]. Available: https://www.intel.com/content/dam/www/public/us/en/documents/product-briefs/4th-gen-core-family-mobile-brief.pdf.
[13] J. Delvaux, R. Peeters, D. Gu, and I. Verbauwhede, “A Survey on Lightweight Entity Authentication with Strong PUFs,” ACM Computing Surveys, vol. 48, no. 2, pp. 26:1-26:42, 2015.
[14] D. E. Holcomb, W. P. Burleson, and K. Fu, “Power-Up SRAM State as an Identifying Fingerprint and Source of True Random Numbers,” IEEE Transactions on Computers, vol. 58, no. 9, pp. 1198–1210, 2009.
[15] G. E. Suh and S. Devadas, “Physical Unclonable Functions for Device Authentication and Secret Key Generation,” in Proc. 2007 44th ACM/IEEE Design Automation Conference, 2007, pp. 9–14.
[16] J. W. Lee, D. Lim, B. Gassend, G. E. Suh, M. van Dijk, and S. Devadas, “A Technique to Build a Secret Key in Integrated Circuits for Identification and Authentication Applications,” in Proc. 2004 Symposium on VLSI Circuits, 2004, pp. 176–179.
[17] G. T. Becker, “The Gap Between Promise and Reality: On the Insecurity of XOR Arbiter PUFs,” in Proc. International Workshop on Cryptographic Hardware and Embedded Systems, 2015, vol. 9293, pp. 535–555.
[18] M. Majzoobi, F. Koushanfar, and M. Potkonjak, “Lightweight Secure PUFs,” in Proc. IEEE/ACM International Conference on Computer-Aided Design, 2008, pp. 1–4.
[19] U. Rührmair et al., “Power and Timing Side Channels for PUFs and Their Efficient Exploitation,” IACR Cryptology ePrint Archive, 2013. [Online]. Available: https://eprint.iacr.org/2013/851.pdf.
[20] B. Gassend, D. Lim, D. Clarke, M. van Dijk, and S. Devadas, “Identification and Authentication of Integrated Circuits,” Concurrency and Computation: Practice and Experience, vol. 16, no. 11, pp. 1077–1098, Sep. 2004.
[21] Q. Tang, W. H. Choi, L. Everson, K. K. Parhi, and C. H. Kim, “A Physical Unclonable Function Based on Capacitor Mismatch in a Charge-Redistribution SAR-ADC,” in Proc. 2018 IEEE International Symposium on Circuits and Systems, 2018, pp. 1–5.
[22] F. Rosenblatt, “The Perceptron, a Perceiving and Recognizing Automaton (Project Para),” Cornell Aeronautical Laboratory, Report 85-460–1, 1957.
[23] J. Sölter, “Cryptanalysis of Electrical PUFs via Machine Learning Algorithms,” M.S. thesis, Department of Informatics, Technical University of Munich, Munich , Bavaria, Germany, 2009.
[24] “History of Support Vector Machines,” SVM Learning. https://www.svms.org/history.html (accessed Jun. 22, 2020).
[25] C. Cortes and V. Vapnik, “Support-Vector Networks,” Machine Learning, vol. 20, no. 3, pp. 273–297, 1995.
[26] B. Gassend, D. Clarke, M. van Dijk, and S. Devadas, “Controlled Physical Random Functions,” in Proc. 18th Annual Computer Security Applications Conference, 2002, pp. 149–160.
[27] G. T. Becker and R. Kumar, “Active and Passive Side-Channel Attacks on Delay Based PUF Designs,” IACR Cryptology ePrint Archive, 2014. [Online]. Available: http://eprint.iacr.org/2014/287.pdf.
[28] C. Bösch, J. Guajardo, A. R. Sadeghi, J. Shokrollahi, and P. Tuyls, “Efficient Helper Data Key Extractor on FPGAs,” in Proc. 10th International Workshop on Cryptographic Hardware and Embedded Systems, 2008, pp. 181–197.
[29] J. Delvaux and I. Verbauwhede, “Attacking PUF-Based Pattern Matching Key Generators via Helper Data Manipulation,” in Proc. Cryptographer’s Track at the RSA Conference 2014, 2014, pp. 106–131.
[30] G. T. Becker, “On the Pitfalls of Using Arbiter-PUFs as Building Blocks,” IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, vol. 34, no. 8, pp. 1295–1307, Aug. 2015.
[31] D. Nedospasov, J.-P. Seifert, C. Helfmeier, and C. Boit, “Invasive PUF Analysis,” in Proc. 10th Workshop on Fault Diagnosis and Tolerance in Cryptography, 2013, pp. 30–38.
[32] S. Tajik et al., “Photonic Side-Channel Analysis of Arbiter PUFs,” Journal of Cryptology, vol. 30, no. 2, pp. 550–571, Apr. 2017.
[33] D. Merli, D. Schuster, F. Stumpf, and G. Sigl, “Semi-Invasive EM Attack on FPGA RO PUFs and Countermeasures,” in Proc. Workshop on Embedded Systems Security, 2011, pp. 1–9.
[34] “Advanced Encryption Standard (AES),” National Institute of Standards and Technology, Federal Information Processing Standards Publication 197, 2001. [Online]. Available: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf.
[35] “Brute-Force Attack,” Wikipedia. https://en.wikipedia.org/wiki/Brute-force_attack (accessed Jun. 25, 2020).
[36] M. Dworkin, “Recommendation for Block Cipher Modes of Operation: Methods and Techniques,” National Institute of Standards and Technology, NIST Special Publication 800–38A, 2001. [Online]. Available: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf.
[37] M. Dworkin, “Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC,” National Institute of Standards and Technology, NIST Special Publication 800–38D, 2007. [Online]. Available: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf.
[38] D. A. McGrew and J. Viega, “The Security and Performance of the Galois/Counter Mode (GCM) of Operation,” in Proc. 5th International Conference on Cryptology in India, 2004, pp. 343–355.
[39] G. Pocklassery, W. Che, F. Saqib, M. Areno, and J. Plusquellic, “Self-Authenticating Secure Boot for FPGAs,” in Proc. 2018 IEEE International Symposium on Hardware Oriented Security and Trust, 2018, pp. 221–226.
[40] J. Aarestad, P. Ortiz, J. Plusquellic, and D. Acharyya, “HELP: A Hardware-Embedded Delay PUF,” IEEE Design and Test, vol. 30, no. 2, pp. 17–25, 2013.
[41] J. Haj-Yahya, M. M. Wong, V. Pudi, S. Bhasin, and A. Chattopadhyay, “Lightweight Secure-Boot Architecture for RISC-V System-on-Chip,” in Proc. 20th International Symposium on Quality Electronic Design, 2019, pp. 216–223.
[42] “SCR1 Microcontroller Core,” Syntacore. https://syntacore.com/page/products/processor-ip/scr1 (accessed Jul. 02, 2020).
[43] “SCR1 External Architecture Specification,” Syntacore, 2019. [Online]. Available: https://github.com/syntacore/scr1/blob/master/docs/scr1_eas.pdf.
[44] A. Mahmoud, U. Rührmair, M. Majzoobi, and F. Koushanfar, “Combined Modeling and Side Channel Attacks on Strong PUFs,” IACR Cryptology ePrint Archive, 2013. [Online]. Available: https://eprint.iacr.org/2013/632.pdf.
[45] N. Hansen, Y. Akimoto, and P. Baudis, “CMA-ES/pycma,” Zenodo. https://doi.org/10.5281/zenodo.2559634 (accessed Jun. 19, 2020).
[46] G. T. Becker, “Robust Fuzzy Extractors and Helper Data Manipulation Attacks Revisited: Theory vs Practice,” IEEE Transactions on Dependable and Secure Computing, vol. 16, no. 5, pp. 783–795, 2019.