Clone-Resistant Secured Booting Based on Unknown Hashing Created in Self-Reconfigurable Platform

Randa Zarrouk*, Saleh Mulhem, Weal Adi, Mladen Berekovic

*Corresponding author for this work


Deploying a physically unclonable trusted anchor is required for securing software running on embedded systems. Common mechanisms combine secure boot with either stored secret keys or keys extracted from a Physical Unclonable Function (PUF). We propose a new secure boot mechanism that is hardware-based, individual to each device, and keyless to prohibit any unauthorized alteration of the software running on a particular device. Our solution is based on the so-called Secret Unknown Hash (SUH), a self-created random secret unknown hardwired hash function residing as a permanent digital hardware-module in the device’s physical layout. It is initiated in the device in a post-manufacturing, unpredictable single event process in self-reconfigurable non-volatile SoC FPGAs. In this work, we explain the SUH creation process and its integration for a device-specific secure boot. The SUH is shown to be lightweight when implemented in a sample scenario as a DM-PRESENT-based hash function. A security analysis is also presented, highlighting the different proposed sample SUH-class entropies.

Original languageGerman
Title of host publicationApplied Reconfigurable Computing. Architectures, Tools, and Applications
EditorsSteven Derrien, Frank Hannig, Pedro C. Diniz, Daniel Chillet
PublisherSpringer, Cham
Publication date2021
ISBN (Print)978-3-030-79024-0
ISBN (Electronic)978-3-030-79025-7
Publication statusPublished - 2021
Event17th International Symposium on Applied Reconfigurable Computing 2021 - Virtual Event
Duration: 29.06.202130.06.2021

Cite this