查看文章

As embedded electronics continue to be integrated into our daily lives at such a pace that there are nowadays more cellphones than people on the planet, security is becoming ever more crucial. Unfortunately, this is all too often realized as an afterthought and thus the security implementations in many embedded devices offer little to no practical protection. Security does not require only cryptographic algorithms; two other critical modules in a secure system are a key generation module and a random number generator (RNG). The lack of well thought-out implementations of these modules has been the downfall of the security in many devices, many of them high-profile. In this thesis, we look into ways of constructing secure versions of both of these building blocks in embedded devices. Towards this end, we turn our attention to physically unclonable functions (PUFs). A PUF is a promising, relatively novel primitive that functions as a fingerprint for electronic devices. In our research, we have combined PUFs with custom hardware modules, such as a BCH error correcting code decoder, to create the first" black box" PUF-based key generation module. Our implementation requires very little real estate, proving that very efficient BCH error correcting codes, which are normally written off as being unwieldy and complex, are in fact feasible for use in PUF-based systems. We furthermore investigate the presence of PUFs in commercial off-the-shelf (COTS) microcontrollers. A thorough investigation of the usability of SRAM as PUFs and RNGs in a handful of the most prominent microcontroller families on the market is presented. We discuss the practical use …