Advertisement

Journal of Hardware and Systems Security

, Volume 2, Issue 4, pp 289–296 | Cite as

The Past, Present, and Future of Physical Security Enclosures: From Battery-Backed Monitoring to PUF-Based Inherent Security and Beyond

  • Johannes ObermaierEmail author
  • Vincent Immler
Article
  • 231 Downloads

Abstract

Withstanding physical attacks in a hostile environment is of utmost importance for nowadays electronics. However, due to the long and costly development of integrated circuits (ICs), IC-level countermeasures are typically only included in varying degree and not in every chip of a device. Therefore, multiple-chip modules requiring higher levels of security are additionally protected against tampering by a physical security enclosure, e.g., by an envelope that completely encloses the device. For decades, these physical boundaries on a device-level were monitored using battery-backed mechanisms to enable detection of an attempted physical intrusion even if the underlying system is powered off. However, the battery affects the system’s robustness, weight, prevents extended storage, and also leads to difficulties with the security mechanism while shipping the device. In this position paper, we present our assessment of various battery-backed tamper-respondent solutions and argue that while offering the intriguing benefit of instantaneous detection and response, the low-power nature of battery-backup contradicts a tamper-sensitive measurement, among other problems. We are therefore of the opinion that more effort should be spent towards enclosures that are based on tamper-evident physical unclonable functions (PUFs), as they are designated to provide a high level of security on the one hand and do not require a battery on the other hand. To further substantiate our argument, we summarize the work in this domain to also facilitate future research.

Keywords

HSM FIPS 140-2 Physical security enclosure Reverse engineering Tamper-resistance Anti-tamper Higher-order alphabet physical unclonable function (HOA PUF) 

Notes

Funding Information

This work was supported by the Fraunhofer Internal Programs under Grant No. MAVO 828 432.

References

  1. 1.
    National Institute of Standards and Technology (NIST) (2002) FIPS PUB 140-2: security requirements for cryptographic modules. NIST, GaithersburgGoogle Scholar
  2. 2.
    Killmann W, Lemke-Rust K (2008) Common criteria protection profile - cryptographic modules security level “enhanced”Google Scholar
  3. 3.
    Weingart SH (2000) Physical security devices for computer subsystems: a survey of attacks and defenses. In: Cryptographic hardware and embedded systems — CHES 2000. Springer, Berlin, pp 302–317Google Scholar
  4. 4.
    Isaacs P, Morris T Jr, Fisher MJ, Cuthbert K (2013) Tamper proof, tamper evident encryption technology. In: Pan pacific symposium (SMTA)Google Scholar
  5. 5.
    Eren H, Sandor L (2005) Fringe-effect capacitive proximity sensors for tamper proof enclosures. In: Sensors for Industry ConferenceGoogle Scholar
  6. 6.
    Skorobogatov SP (2005) Semi-invasive attacks – a new approach to hardware security analysis. University of Cambridge, Computer Laboratory, Tech. Rep. UCAM-CL-TR-630Google Scholar
  7. 7.
    W.L. GORE & Associates Inc. (2007) Gore tamper respondent surface enclosure (commercial brochure). W.L. GORE & Associates Inc., NewarkGoogle Scholar
  8. 8.
    Gassend B, Clarke D, Dijk MV, Devadas S (2002) Silicon physical random functions. In: ACM CCSGoogle Scholar
  9. 9.
    Herder C, Yu M, Koushanfar F, Devadas S (2014) Physical unclonable functions and applications. In: Proceedings of the IEEE, vol 102. IEEE, PiscatawayGoogle Scholar
  10. 10.
    Helfmeier C, Nedospasov D, Tarnovsky C, Krissler J S, Boit C, Seifert JP (2013) Breaking and entering through the silicon. In: ACM Conference on Computer and Communications Security (CCS)Google Scholar
  11. 11.
    Vai M, Nahill B, Kramer J, Geis M, Utin D, Whelihan D, Khazan R (2015) Secure architecture for embedded systems. In: IEEE High Performance Extreme Computing Conference (HPEC)Google Scholar
  12. 12.
    Immler V, Obermaier J, König M, Hiller M, Sigl G (2018) B-TREPID: batteryless tamper-resistant envelope with a PUF and integrity detection. In: 2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)Google Scholar
  13. 13.
    BOURNS INC. (2007) Application note – security housing. http://application-notes.digchip.com/176/176-48205.pdf
  14. 14.
    Burke R, Queen C (2004) A security housing for a circuit. European Patent Office, Munich. WO Patent App. PCT/IE2004/000,043Google Scholar
  15. 15.
  16. 16.
    Payment Card Industry Security Standards Council (2013) Payment Card Industry PIN Transaction Security (PTS) v4.0. PCI, WakefieldGoogle Scholar
  17. 17.
    IBM (2012) IBM 4765 cryptographic coprocessor security module security policy (compliant to FIPS 140-2 level 4). December 2012, https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1505.pdf
  18. 18.
    Seales W B, Parker C S, Segal M, Tov E, Shor P, Porath Y (2016) From damage to discovery via virtual unwrapping: reading the scroll from En-Gedi. Sci Adv 2(9).  https://doi.org/10.1126/sciadv.1601247
  19. 19.
    Pappu R, Recht B, Taylor J, Gershenfeld N (2002) Physical one-way functions. Science 297:2026–2030CrossRefGoogle Scholar
  20. 20.
    Tuyls P, Schrijen G J, Skoric B, van Geloven J, Verhaegh N, Wolters R (2006) Read-proof hardware from protective coatings. In: Goubin L, Matsui M (eds) Workshop on Cryptographic Hardware and Embedded Systems (CHES), ser. LNCS, vol 4249. Springer, Berlin Heidelberg, pp 369–383Google Scholar
  21. 21.
    Esbach T, Fumy W, Kulikovska O, Merli D, Schuster D, Stumpf F (2012) A new security architecture for smartcards utilizing PUFs. In: ISSE ConferenceGoogle Scholar
  22. 22.
    Spain M, Fuller B, Ingols K, Cunningham R (2014) Robust keys from physical unclonable functions. In: IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp 88–92Google Scholar
  23. 23.
    Immler V, Hiller M, Liu Q, Lenz A, Wachter-Zeh A (2017) Variable length bit mapping and error-correcting codes for higher-order alphabet pufs. In: Security, Privacy, and Applied Cryptography Engineering (SPACE)Google Scholar
  24. 24.
    Immler V, Hennig M, Kürzinger L, Sigl G (2016) Practical aspects of quantization and tamper-sensitivity for physically obfuscated keys. In: Workshop on Cryptography and Security in Computing Systems (CS2). ACM, p 1318Google Scholar
  25. 25.
    Obermaier J, Immler V, Hiller M, Sigl G (2018) A measurement system for capacitive PUF-based security enclosures. In: 55th ACM/EDAC/IEEE Design Automation Conference (DAC)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2018
corrected publication September/2018

Authors and Affiliations

  1. 1.Fraunhofer Institute for Applied and Integrated SecurityGarching b. MünchenGermany

Personalised recommendations