Secure Combination of IoT and Blockchain by Physically Binding IoT Devices to Smart Non-Fungible Tokens Using PUFs

Non-fungible tokens (NFTs) are widely used in blockchain to represent unique and non-interchangeable assets. Current NFTs allow representing assets by a unique identifier, as a possession of an owner. The novelty introduced in this paper is the proposal of smart NFTs to represent IoT devices, which are physical smart assets. Hence, they are also identified as the utility of a user, they have a blockchain account (BCA) address to participate actively in the blockchain transactions, they can establish secure communication channels with owners and users, and they operate dynamically with several modes associated with their token states. A smart NFT is physically bound to its IoT device thanks to the use of a physical unclonable function (PUF) that allows recovering its private key and, then, its BCA address. The link between tokens and devices is difficult to break and can be traced during their lifetime, because devices execute a secure boot and carry out mutual authentication processes with new owners and users that could add new software. Hence, devices prove their trusted hardware and software. A whole demonstration of the proposal developed with ESP32-based IoT devices and Ethereum blockchain is presented, using the SRAM of the ESP32 microcontroller as the PUF.

Increasing Hardware-Software Platforms Trust Levels to Prevent Exploiting BIOS Vulnerabilities

in this publicaton, a technique to increase trust levels of foreign and domestic-made hardware-software platforms, which are used to create specialised devices and computing facilities, which are meeting safety requirements and protected from BIOS vulnerabilities, to work with classified information, was made. Problems, which developer might encounter, were listed; methods of troubleshooting were proposed, and conclusions were made. The purpose of research is to investigate an ability of designing trusted foreign and domestic-made hardwaresoftware platforms, protected from exploiting BIOS vulnerabilities. Research methods: in order to achieve the purpose of research, an analysis of Russian’s industrial-grade PC modules was made in order to choose PC module that will be used for designing trusted hardware-software platform, an analysis of known BIOS vulnerabilities was made; proprietary BIOS replacement in a form of domestic-made Horizon bootloader, which includes unauthorised access to information protection measures, was made and possibilty of practical use of trusted hardware-software platform with Horizon bootloader was overviewed. Obtained result: PC module for trusted hardware-software platform was selected, proprietary BIOS replacement in a form of domestic-made Horizon bootloader, which includes unauthorized access to information protection measures, was made; technique to increase trust levels of foreign and domestic-made hardware-software platforms, which are used to create specialized devices and computing facilities, which are meeting safety requirements and protected from BIOS vulnerabilities, to work with classified information, was made; an approach to create trusted hardware-software platform design requirements and conditions was made; needs to exclude potentially dangerous Intel Management Engine controller’s functionality were justified and proposal to use trusted hardware-software platform with Horizon bootloader was made.

A physical unclonable neutron sensor for nuclear arms control inspections

Classical sensor security relies on cryptographic algorithms executed on trusted hardware. This approach has significant shortcomings, however. Hardware can be manipulated, including below transistor level, and cryptographic keys are at risk of extraction attacks. A further weakness is that sensor media themselves are assumed to be trusted, and any authentication and encryption is done ex situ and a posteriori. Here we propose and demonstrate a different approach to sensor security that does not rely on classical cryptography and trusted electronics. We designed passive sensor media that inherently produce secure and trustworthy data, and whose honest and non-malicious nature can be easily established. As a proof-of-concept, we manufactured and characterized the properties of non-electronic, physical unclonable, optically complex media sensitive to neutrons for use in a high-security scenario: the inspection of a military facility to confirm the absence or presence of nuclear weapons and fissile materials.