C3Subtitles: 35c3: Enclosure-PUF
back

Enclosure-PUF

Tamper Proofing Commodity Hardware and other Applications

If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!

Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.

Video duration
01:01:20
Language
English
Abstract
We are presenting an innovative technology, which allows verifying the authenticity, integrity and/or the physical state of an item by employing the propagation behaviour of electromagnetic waves. In particular, it enables to check for any tamper attempts for larger structures, such as off-the-shelf computers and their periphery. The technology extends existing tamper proof approaches from the chip/PCB to a system level and is easily retrofittable.
In this presentation, we are demonstrating exemplary tamper proofing in order to protect secret information without an attack-detection or data-deletion circuit (!), which is a known difficult problem and an imperfect undertaking. Therefore, we demonstrate the simplicity and effectiveness using a very cheap self-made testbed (using alumium foil) to protect standard hardware against invasive attacks, such as needle probing through the case.

Cyber-physical systems are ubiquitous and are often located in non-trustworthy environments, in which data is processed that is both sensitive and worth protecting. Despite employed protection, measures such as secured communication an extraction of data and/or manipulation of it are often easily feasible if physical access to the components of the system is given. Or with the words of Brian Gladman: “It is relatively easy to build an encryption system that is secure if it is working as intended and is used correctly but it is still very hard to build a system that does not compromise its security in situations in which it is either misused or one or more of its sub-components fails (or is ’encouraged’ to misbehave) ... this is now the only area where the closed world is still a long way ahead of the open world and the many failures we see in commercial cryptographic systems provide some evidence for this.”
Our technology is aiming to verify the integrity of such systems in order to detect attempts of an attack and activate appropriate countermeasures. The propagation behaviour of electromagnetic waves allows for an extension of the protection from individual small components to the entire periphery of a system (or even object). This allows detecting attacks, like spudding/drilling into cash terminals.
By deriving cryptographic key material based on physical disorder and unclonable complexity of an environment, it is possible to create a protection, which protects secret information without an attack-detection or data-deletion circuit. Due to its generic nature it is possible to flexibly use this protection concerning size and application.

Talk ID
9611
Event:
35c3
Day
3
Room
Eliza
Start
4:10 p.m.
Duration
01:00:00
Track
Security
Type of
lecture
Speaker
Lars Steinschulte
David Holin
Christian Zenger
0.0% Checking done0.0%
0.0% Syncing done0.0%
0.0% Transcribing done0.0%
100.0% Nothing done yet100.0%

English: Transcribed until

Last revision: unknown