Protection of trustworthy hardware
Trustworthy hardware in safety-critical areas needs special protection from manipulation. This not only includes the classical high-security systems like ATMs or server systems, but also distributed control units in industrial environments, mobile devices in sensitive medical applications as well as electronics in automobiles. Wherever devices are worthwhile targets for cyberattacks, or the secure origin of individual components is decisive of the whole system security, the application of special protective mechanisms is important. The techniques can also be applied for the detection of product piracy and for the defense against reverse engineering attempts.
The goal of the Fraunhofer in-house research program “COPYCAT” was to develop solutions for the protection of electronic systems from unauthorized changes, reproduction and reverse engineering.
In this project approaches for the generation of cryptographic key materials on the basis of Physical Unclonable Functions (PUFs) have been pursued to realize secure key memory and electronically evaluable tamper evident foil with integrated PUF functionality has been developed.
For silicon-based PUFs for the integration in customer-specific circuits, different standard components of a CMOS technology have been adapted and the influence of production-based fluctuations on these components has been examined. The examined components in this case have been simple nMOS transistors and polysilicon resistors. Both structures exhibit good features regarding their unique nature (inter-hamming distance) and reproducibility (intra-hamming distance). They are therefore excellently suited for the clear identification of ICs as well as the generation of cryptographic keys.
Within the framework of MAVO COPYCAT a complete system for the protection of electronic circuits has been developed for high security modules (HSMs). This system consists of a protective film, a read out IC as well as an “Embedded Key Management Systems”.
The protective film developed at Fraunhofer EMFT is completely wrapped around the protected system and their integrity is evaluated with an embedded electrical circuit of Fraunhofer IMS, the film IC. The protective film contains a close network of tracks. These tracks are tested for breaks and short circuits (integrity test) and the production fluctuations of the capacities between the individual tracks are measured. From the measured data for the scattering capacity value a system key is generated with which a coupling to the covered system and the corresponding firmware to the individually manufactured protective film is achieved. This project has been supported by the Fraunhofer-Gesellschaft as an internal project with the number MAVO 828 432.