Evaluating SRAM as Source for Fingerprints and Randomness on Automotive Grade Controllers

Bogdan Groza, Pal-Stefan Murvay, Tudor Andreica

Abstract

It is well known that the state of uninitialized SRAM provides a unique pattern on each device due to physical imperfections. Both the affinity toward some fixed state as well as the deviation from it can be successfully exploited in security mechanisms. Fixed values provide an efficient mechanism for physical identification and for extracting cryptographic keys while the randomness of bits that flip can be exploited as input for PRNGs that are vital for the generation of ephemeral keys. In this work we try to give an assessment of these two capabilities on several state-of-the art automotive grade embedded platforms. The security of embedded devices inside vehicles has gained serious attention in the past years due to the impact of emerging technologies, e.g., self-driving cars, vehicle-to-vehicle communication, which are futile in the absence of the appropriate security mechanisms. Our examination of several state-of-the-art automotive grade controllers shows that SRAM can offer sufficient entropy and patterns for identification but careful testing is needed as some models fail to provide the expected results

References

  1. Biham, E., Dunkelman, O., Indesteege, S., Keller, N., and Preneel, B. (2008). How to steal cars-a practical attack on keeloq. In EUROCRYPT, pages 1-18.
  2. Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S., Koscher, K., Czeskis, A., Roesner, F., Kohno, T., et al. (2011). Comprehensive experimental analyses of automotive attack surfaces. In USENIX Security Symposium. San Francisco.
  3. Francillon, A., Danev, B., Capkun, S., Capkun, S., and Capkun, S. (2011). Relay attacks on passive keyless entry and start systems in modern cars. In NDSS.
  4. Guajardo, J., Kumar, S. S., Schrijen, G.-J., and Tuyls, P. (2007a). FPGA intrinsic PUFs and their use for IP protection. Springer.
  5. Guajardo, J., Kumar, S. S., Schrijen, G.-J., and Tuyls, P. (2007b). Physical unclonable functions and publickey crypto for fpga ip protection. In Field Programmable Logic and Applications, 2007. FPL 2007. International Conference on, pages 189-195. IEEE.
  6. Holcomb, D. E., Burleson, W. P., and Fu, K. (2009). Powerup sram state as an identifying fingerprint and source of true random numbers. Computers, IEEE Transactions on, 58(9):1198-1210.
  7. Holcomb, D. E., Burleson, W. P., Fu, K., et al. (2007). Initial sram state as a fingerprint and source of true random numbers for rfid tags. In Proceedings of the Conference on RFID Security, volume 7.
  8. Ishtiaq Roufa, R. M., Mustafaa, H., Travis Taylora, S. O., Xua, W., Gruteserb, M., Trappeb, W., and Seskarb, I. (2010). Security and privacy vulnerabilities of incar wireless networks: A tire pressure monitoring system case study. In 19th USENIX Security Symposium, Washington DC, pages 11-13.
  9. Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., et al. (2010). Experimental security analysis of a modern automobile. In Security and Privacy (SP), 2010 IEEE Symposium on, pages 447-462. IEEE.
  10. Krhovjak, J., Matyas, V., and Zizkovsky, J. (2009). Generating random and pseudorandom sequences in mobile devices. In Security and Privacy in Mobile Information and Communication Systems, pages 122-133. Springer.
  11. Maes, R. and Verbauwhede, I. (2010). Physically unclonable functions: A study on the state of the art and future research directions. In Towards HardwareIntrinsic Security, pages 3-37. Springer.
  12. Miller, C. and Valasek, C. (2014). A survey of remote automotive attack surfaces. Black Hat USA.
  13. Rührmair, U. and Holcomb, D. E. (2014). Pufs at a glance. In Proceedings of the conference on Design, Automation & Test in Europe, page 347. European Design and Automation Association.
  14. Shoukry, Y., Martin, P., Tabuada, P., and Srivastava, M. (2013). Non-invasive spoofing attacks for antilock braking systems. In Cryptographic Hardware and Embedded Systems-CHES 2013, pages 55-72. Springer.
  15. Solomon, C. and Groza, B. (2015). Limon - lightweight authentication for tire pressure monitoring sensors. In 1st Workshop on the Security of Cyber-Physical Systems (affiliated to ESORICS 2015).
  16. Studnia, I., Nicomette, V., Alata, E., Deswarte, Y., Kaâniche, M., and Laarouchi, Y. (2013). Survey on security threats and protection mechanisms in embedded automotive networks. In Dependable Systems and Networks Workshop (DSN-W), 2013 43rd Annual IEEE/IFIP Conference on, pages 1-12. IEEE.
  17. Tillich, S. and Wójcik, M. (2012). Security analysis of an open car immobilizer protocol stack. In Trusted Systems, pages 83-94. Springer.
  18. Toth, A. (2014). Method and system for monitoring a parameter of a tire of a vehicle. EP Patent App. EP20,120,464,019.
  19. Verdult, R., Garcia, F. D., and Balasch, J. (2012). Gone in 360 seconds: Hijacking with hitag2. In Proceedings of the 21st USENIX conference on Security symposium, pages 37-37. USENIX Association.
  20. Wetzels, J. (2014). Broken keys to the kingdom: Security and privacy aspects of rfid-based car keys. arXiv preprint arXiv:1405.7424.
  21. Xu, M., Xu, W., Walker, J., and Moore, B. (2013). Lightweight secure communication protocols for invehicle sensor networks. In Proceedings of the 2013 ACM workshop on Security, privacy & dependability for cyber vehicles, pages 19-30. ACM.
Download


Paper Citation


in Harvard Style

Groza B., Murvay P. and Andreica T. (2016). Evaluating SRAM as Source for Fingerprints and Randomness on Automotive Grade Controllers . In Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016) ISBN 978-989-758-196-0, pages 109-120. DOI: 10.5220/0005966401090120


in Bibtex Style

@conference{secrypt16,
author={Bogdan Groza and Pal-Stefan Murvay and Tudor Andreica},
title={Evaluating SRAM as Source for Fingerprints and Randomness on Automotive Grade Controllers},
booktitle={Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016)},
year={2016},
pages={109-120},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005966401090120},
isbn={978-989-758-196-0},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016)
TI - Evaluating SRAM as Source for Fingerprints and Randomness on Automotive Grade Controllers
SN - 978-989-758-196-0
AU - Groza B.
AU - Murvay P.
AU - Andreica T.
PY - 2016
SP - 109
EP - 120
DO - 10.5220/0005966401090120