Abstract
In recent years, low-end embedded devices have been used increasingly in various scenarios, ranging from consumer electronics to industrial equipment. However, this evolution made embedded devices profitable targets for software piracy and software manipulation. Aggravating this situation, low-end embedded devices typically lack secure hardware to effectively protect against such attacks. In this work, we present a novel software protection scheme, which is particularly suited for already deployed low-end embedded devices without secure hardware. Our approach combines techniques based on self-checksumming code with Physically Unclonable Functions (PUFs) to establish a hardware-assisted software protection. In this way, we can tie the execution of a software instance to a specific device and protect its program code against manipulations. We show that our software protection scheme offers a high level of security against static adversaries and demonstrate that dynamic adversaries require considerable resources to perform a successful attack. To explore the feasibility of our solution, we implemented the protection scheme on an ARM-based low-end commodity microcontroller. A further performance evaluation shows that the implemented solution exhibits a fair overhead of ten percent.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Armknecht, F., Maes, R., Sadeghi, A.-R., Sunar, B., Tuyls, P.: Memory leakage-resilient encryption based on physically unclonable functions. In: Sadeghi, A.-R., Naccache, D. (eds.) Towards Hardware-Intrinsic Security. Information Security and Cryptography, pp. 135–164. Springer, Heidelberg (2010)
Atzori, L., Iera, A., Morabito, G.: The internet of things: a survey. Comput. Netw. 54(15), 2787–2805 (2010)
Aucsmith, D.: Tamper resistant software: an implementation. In: Anderson, R. (ed.) Information Hiding, vol. 1174, pp. 317–333. Springer, Heidelberg (1996)
van den Berg, R., Skoric, B., van der Leest, V.: Bias-based modeling and entropy analysis of PUFs. In: ACM Proceedings of the 3rd International Workshop on Trustworthy Embedded Devices TrustED (2013)
Blum, M., Kannan, S.: Designing programs that check their work. J. ACM JACM 42(1), 269–291 (1995)
Bösch, C., Guajardo, J., Sadeghi, A.-R., Shokrollahi, J., Tuyls, P.: Efficient helper data key extractor on FPGAs. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 181–197. Springer, Heidelberg (2008)
Chang, H., Atallah, M.J.: Protecting software code by guards. In: Sander, T. (ed.) DRM 2001. LNCS, vol. 2320, pp. 160–175. Springer, Heidelberg (2002)
Chen, Y., Venkatesan, R., Cary, M., Pang, R., Sinha, S., Jakubowski, M.H.: Oblivious hashing a stealthy software integrity verification primitive. In: Petitcolas, F.A.P. (ed.) Information Hiding. LNCS, vol. 2578, pp. 400–414. Springer, Heidelberg (2003)
Claes, M., van der Leest, V., Braeken, A.: Comparison of SRAM and FF PUF in 65nm technology. In: Laud, P. (ed.) NordSec 2011. LNCS, vol. 7161, pp. 47–64. Springer, Heidelberg (2012)
Clang: A C language family frontend for LLVM. http://www.clang.llvm.org/
Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 523–540. Springer, Heidelberg (2004)
Gora, M.A., Maiti, A., Schaumont, P.: A flexible design flow for software IP binding in commodity FPGA. In: IEEE Symposium on Industrial Embedded Systems IEEE SIES (2009)
van Herrewege, A., Verbauwhede, I.: Software only, extremely compact, keccak-based secure PRNG on ARM Cortex-M. In: ACM Proceedings of the 51st Annual Design Automation Conference (2014)
Herzberg, A., Shulman, H., Saxena, A., Crispo, B.: Towards a theory of white-box security. In: Gritzalis, D., Lopez, J. (eds.) SEC 2009. IFIP AICT, vol. 297, pp. 342–352. Springer, Heidelberg (2009)
Horne, B., Matheson, L., Sheehan, C., Tarjan, R.E.: Dynamic self-checking techniques for improved tamper resistance. In: Sander, T. (ed.) DRM 2001. LNCS, vol. 2320, pp. 141–159. Springer, Heidelberg (2002)
Jacob, M., Jakubowski, M.H., Venkatesan, R.: Towards integral binary execution: implementing oblivious hashing using overlapped instruction encodings. In: ACM Workshop on Multimedia & Security MM&Sec (2007)
KPMG: Managing the Risks of Counterfeiting in the Information Technology Industry. http://www.agmaglobal.org/press_events/press_docs/Counterfeit_WhitePaper_Final.pdf. Accessed 23 June 2015
Larsen, P., Homescu, A., Brunthaler, S., Franz, M.: SoK: automated software diversity. In: IEEE Symposium on Security and Privacy S&P (2014)
Lattner, C., Adve, V.: LLVM: a compilation framework for lifelong program analysis & transformation. In: IEEE Symposium on Code Generation and Optimization (2014)
Lazebnik, F.: On systems of linear diophantine equations. In: Mathematics Magazine (1996)
van der Leest, V., van der Sluis, E., Schrijen, G.-J., Tuyls, P., Handschuh, H.: Efficient implementation of true random number generator based on SRAM PUFs. In: Naccache, D. (ed.) Cryphtography and Security: From Theory to Applications. LNCS, vol. 6805, pp. 300–318. Springer, Heidelberg (2012)
Maes, R., Verbauwhede, I.: Physically unclonable functions: a study on the state of the art and future research directions. In: Sadeghi, A.-R., Naccache, D. (eds.) Towards Hardware-Intrinsic Security, pp. 3–37. Springer, Heidelberg (2010)
Nithyanand, R., Solis, J.: A theoretical analysis: physical unclonable functions and the software protection problem. In: IEEE Symposium on Security and Privacy S&P (2012)
Schaller, A., Arul, T., van der Leest, V., Katzenbeisser, S.: Lightweight anti-counterfeiting solution for low-end commodity hardware using inherent PUFs. In: Holz, T., Ioannidis, S. (eds.) Trust 2014. LNCS, vol. 8564, pp. 83–100. Springer, Heidelberg (2014)
Schneier on Security: Security Risks of Embedded Systems. https://www.schneier.com/blog/archives/2014/01/security_risks_9.html. Accessed 23 June 2015
Wikipedia: DeCSS. http://www.en.wikipedia.org/wiki/DeCSS. Accessed 23 June 2015
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Kohnhäuser, F., Schaller, A., Katzenbeisser, S. (2015). PUF-Based Software Protection for Low-End Embedded Devices. In: Conti, M., Schunter, M., Askoxylakis, I. (eds) Trust and Trustworthy Computing. Trust 2015. Lecture Notes in Computer Science(), vol 9229. Springer, Cham. https://doi.org/10.1007/978-3-319-22846-4_1
Download citation
DOI: https://doi.org/10.1007/978-3-319-22846-4_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-22845-7
Online ISBN: 978-3-319-22846-4
eBook Packages: Computer ScienceComputer Science (R0)