Fortifying Vehicular Security through Low Overhead Physically Unclonable Functions

Within vehicles, the Controller Area Network (CAN) allows efficient communication between the electronic control units (ECUs) responsible for controlling the various subsystems. The CAN protocol was not designed to include much support for secure communication. The fact that so many critical systems can be accessed through an insecure communication network presents a major security concern. Adding security features to CAN is difficult due to the limited resources available to the individual ECUs and the costs that would be associated with adding the necessary hardware to support any additional security operations without overly degrading the performance of standard communication. Replacing the protocol is another option, but it is subject to many of the same problems. The lack of security becomes even more concerning as vehicles continue to adopt smart features. Smart vehicles have a multitude of communication interfaces an attacker could exploit to gain access to the networks. In this work, we propose a security framework that is based on physically unclonable functions (PUFs) and lightweight cryptography (LWC). The framework does not require any modification to the standard CAN protocol while also minimizing the amount of additional message overhead required for its operation. The improvements in our proposed framework result in major reduction in the number of CAN frames that must be sent during operation. For a system with 20 ECUs, for example, our proposed framework only requires 6.5% of the number of CAN frames that is required by the existing approach to successfully authenticate every ECU.

Review of Physically Unclonable Functions (PUFs): Structures, Models, and Algorithms

Physically unclonable functions (PUFs) are now an essential component for strengthening the security of Internet of Things (IoT) edge devices. These devices are an important component in many infrastructure systems such as telehealth, commerce, industry, etc. Traditionally these devices are the weakest link in the security of the system since they have limited storage, processing, and energy resources. Furthermore they are located in unsecured environments and could easily be the target of tampering and various types of attacks. We review in this work the structure of most salient types of PUF systems such as static RAM static random access memory (SRAM), ring oscillator (RO), arbiter PUFs, coating PUFs and dynamic RAM dynamic random access memory (DRAM). We discuss statistical models for the five most common types of PUFs and identify the main parameters defining their performance. We review some of the most recent algorithms that can be used to provide stable authentication and secret key generation without having to use helper data or secure sketch algorithms. Finally we provide results showing the performance of these devices and how they depend on the authentication algorithm used and the main system parameters.

Exploring electrospun nanofibers for physically unclonable functions: a scalable and robust method toward unique identifiers

Optical physical unclonable functions (PUFs) have great potentials in the security identification of Internet of Things. In this work, electrospun nanofibers are proposed as a candidate for a nanoscale, robust, stable and scalable PUF. The dark-field reflectance images of the polymer fibers are quantitatively analyzed by Hough transform. We find that the fiber length and orientation distribution reach an optimal point as the fiber density grows up over 850 in 400 x 400 pixels for a polyvinylpyrrolidone nanofiber based PUF device. Subsequently, we test the robustness and randomness of the PUF pattern by using the fiber amount as an encoding feature, generating a reconstruction success rate over 80% and simultaneously an entropy of 260 bits within a mean size of 4 cm2. A scale-invariant algorithm is adopted to identify the uniqueness of each pattern on a 256-sensor device. Furthermore, thermo-, moisture as well as photostability of the authentication process are systematically investigated by comparing polyacrylonitrile to polyvinylpyrrolidone system.

A Novel Key Generation Method for Group-Based Physically Unclonable Function Designs

In recent years, physically unclonable functions (PUFs) have gained significant attraction in IoT security applications, such as cryptographic key generation and entity authentication. PUFs extract the uncontrollable production characteristics of different devices to generate unique fingerprints for security applications. When generating PUF-based secret keys, the reliability and entropy of the keys are vital factors. This study proposes a novel method for generating PUF-based keys from a set of measurements. Firstly, it formulates the group-based key generation problem as an optimization problem and solves it using integer linear programming (ILP), which guarantees finding the optimum solution. Then, a novel scheme for the extraction of keys from groups is proposed, which we call positioning syndrome coding (PSC). The use of ILP as well as the introduction of PSC facilitates the generation of high-entropy keys with low error correction costs. These new methods have been tested by applying them on the output of a capacitor network PUF. The results confirm the application of ILP and PSC in generating high-quality keys.

Routing Density Analysis of Area-Efficient Ring Oscillator Physically Unclonable Functions

The research into ring oscillator physically unclonable functions (RO-PUF) continues to expand due to its simple structure, ease of generating responses, and its promises of primitive security. However, a substantial study has yet to be carried out in developing designs of the FPGA-based RO-PUF, which effectively balances performance and area efficiency. This work proposes a modified RO-PUF where the ring oscillators are connected directly to the counters. The proposed RO-PUF requires fewer RO than the conventional structure since this work utilizes the direct pulse count method. This work aims to seek the ideal routing density of ROs to improve uniqueness. For this purpose, five logic arrangements of a wide range of routing densities of ROs were tested. Upon implementation onto the FPGA chip, the routing density of ROs are varied significantly in terms of wire utilization (higher than 25%) and routing hotspots (higher than 80%). The best uniqueness attained was 52.71%, while the highest reliability was 99.51%. This study improves the uniqueness by 2% subsequent to the application of scenarios to consider ROs with a narrow range of routing density. The best range of wire utilization and routing hotspots of individual RO in this work is 3–5% and 20–50%, respectively. The performance metrics (uniqueness and reliability) of the proposed RO-PUF are much better than existing works using a similar FPGA platform (Altera), and it is as good as the recent RO-PUFs realized on Xilinx. Additionally, this work estimates the minimum runtimes to reduce error and response bit-flip of RO-PUF.

Twin physically unclonable cryptographic primitives enabled by aligned carbon nanotube arrays

Handling the explosion of massive data not only requires significant improvements in information processing, storage and communication abilities of hardware but also demands higher security in the storage and communication of sensitive information. As a type of hardware-based security primitives, physically unclonable functions (PUFs) represent a promising emerging technology utilizing random imperfections existing in a physical entity, which cannot be predicted or cloned. However, if a PUF is exploited to carry out secure communication, the keys inside it must be written into non-volatile memory and then shared with other participants that do not hold the PUF, which makes the keys vulnerable. Here, we show that identical PUFs, e.g. twin PUFs can be fabricated on the same aligned carbon nanotube arrays and optimized to yield excellent uniformity, uniqueness, randomness, and reliability. The twin PUFs show a good consistency of approximately 95 % and are used to demonstrate secure communication with a bit error rate reduced to one trillion through a fault-tolerant design. As a result, our twin PUFs offering a convenient, low-cost and reliable new technology for guarantee information exchange security.