Abstract
Deploying a physically unclonable trusted anchor is required for securing software running on embedded systems. Common mechanisms combine secure boot with either stored secret keys or keys extracted from a Physical Unclonable Function (PUF). We propose a new secure boot mechanism that is hardware-based, individual to each device, and keyless to prohibit any unauthorized alteration of the software running on a particular device. Our solution is based on the so-called Secret Unknown Hash (SUH), a self-created random secret unknown hardwired hash function residing as a permanent digital hardware-module in the device’s physical layout. It is initiated in the device in a post-manufacturing, unpredictable single event process in self-reconfigurable non-volatile SoC FPGAs. In this work, we explain the SUH creation process and its integration for a device-specific secure boot. The SUH is shown to be lightweight when implemented in a sample scenario as a DM-PRESENT-based hash function. A security analysis is also presented, highlighting the different proposed sample SUH-class entropies.
Original language | German |
---|---|
Title of host publication | Applied Reconfigurable Computing. Architectures, Tools, and Applications |
Editors | Steven Derrien, Frank Hannig, Pedro C. Diniz, Daniel Chillet |
Publisher | Springer, Cham |
Publication date | 2021 |
ISBN (Print) | 978-3-030-79024-0 |
ISBN (Electronic) | 978-3-030-79025-7 |
DOIs | |
Publication status | Published - 2021 |
Event | 17th International Symposium on Applied Reconfigurable Computing 2021 - Virtual Event Duration: 29.06.2021 → 30.06.2021 https://link.springer.com/book/10.1007/978-3-030-79025-7 |