Klonlanamaz Fonksiyonlar Ve Yardımcı Bilgiler Kullanılarak Patent Hakları Korunması, Özgün Algoritma Ve Donanımın Güvenliğinin Sağlanması
Klonlanamaz Fonksiyonlar Ve Yardımcı Bilgiler Kullanılarak Patent Hakları Korunması, Özgün Algoritma Ve Donanımın Güvenliğinin Sağlanması
Dosyalar
Tarih
Yazarlar
Gövem, Burak
Süreli Yayın başlığı
Süreli Yayın ISSN
Cilt Başlığı
Yayınevi
Fen Bilimleri Enstitüsü
Institute of Science and Technology
Institute of Science and Technology
Özet
Sahtecilik, günümüzde tekstilden eczacılık ve elektroniğe, gıda sektöründen marka isimlerine kadar endüstrinin hemen her alanında rastlanılan bir vaka haline gelmiştir. Bu durum şirketleri milyonlarca dolar zararlara uğratmakta ve birçok önemli markanın güvenilirliğini ve saygınlığını sarsmaktadır. Elektronik sektöründe sahtecilik olgusu daha vahim boyutlara ulaşmıştır. Sahte elektronik parça ve yongalara artık hayati önem taşıyan askeri, uzay elektroniği ve tıp elektroniği sektörlerinde bile rastlanmaktadır. Sahtecilik olaylarının bu boyutlara erişmesi sahte elektronik yongalarının tespit edilmesini sağlayacak ekonomik yöntem araştırmalarının hız kazanmasına yol açmaktadır. Elektronik yonga klonlama yöntemlerinden bazıları, istek fazlası üretim, kopyalama ve tersine mühendislik gibi yöntemlerdir. Günümüzde birçok elektronik tasarım ve üretim şirketleri tasarımlarını diğer üretim yapan şirketlere sipariş verebilmekte veya tasarımlarını IP olarak satabilmektedir. Bu türdeki pazar ve üretim gereksinimleri nedeniyle firmalar tasarımlarını paylaşmak durumunda kalmaktadır. Çalıntı tasarımlar bu şekilde ele geçirilebilmektedir. Elektronik tasarımların çalınmasını önlemeye yönelik olarak akla gelebilecek ilk yöntemlerden birisi tasarımların şifrelenerek saklanması olabilir. Şifreleme yöntemi bu tür bir probleme çözüm olabilir ancak şifreleme sistemlerinin anahtar yönetimi etraflıca düşünülmeli ve gizli şifreleme anahtarlarının çalınması riski de ortadan kaldırılmalıdır. Son yıllarda ortaya çıkan fiziksel klonlanamaz fonksiyonlar (PUF) teknolojisi şifreleme anahtarı yönetimi problemine çözüm sunabilmektedir. Üretildiği ortama özgü karakteristik özelliklere bağlı olan PUF verisinin kopyalanması önceden öngörülemeyen ortam parametrelerine bağlı olduğu için pratik olarak mümkün değildir. Elektronik yongalar üzerinde çalışan PUF devrelerinden elde edilen veriler de yongaların üretim süreçlerindeki engellenemeyen idealsizliklere bağlı olarak yongaya özgü klonlanamaz bilgiler olacaktır. PUF verisinin yonga üzerinde elde ediliyor olması şifreleme anahtarının taşınması sorununu da çözecektir. PUF verisi yongaya özgü üretim parametrelerine bağlı olduğu gibi çalışılan ortam değişkenlerine de bağlıdır. Devrenin çalıştığı ortamın sıcaklık, gerilim ve radyasyon miktarı gibi fiziksel şartlarındaki değişimler PUF verisinin değişmesine yol açabilmektedir. Bu nedenle PUF verisinin değişmeden tekrar tekrar elde edilebilmesi için ham PUF verisi üzerinde hata düzeltme işlemleri yapılmalıdır. Esnek tasarım imkanı sunmaları nedeniyle gün geçtikçe daha çok kullanım alanı bulan sahada programlanabilir kapı dizileri (FPGA) bu çalışmada da tercih edilmiştir. FPGA ların son yıllarda sahip oldukları özelliklerden birkaçı, otomatik yeniden yapılandırma ve kısmi yapılandırmadır (PR). Bu çalışmada PR özelliği, gerçeklenmek istenen güvenlik sisteminin otomatik olarak çalıştırılıp üretim süreçlerine uygun bir tasarım olması amacıyla kullanılmıştır. Literatürde bulunan PUF çeşitlerinden, FPGA ortamı için uygun bulunan halka osilatör (RO) tabanlı PUF bu çalışmada şifreleme algoritmasının anahtar verisini üretmek için kullanılmıştır. Şifreleme algoritması olarak, sıkça kullanılan bir standart haline gelmiş Gelişmiş Şifreleme Standardı (AES) tercih edilmiştir. Bu algoritmanın çalışma kipi olarak da paralelleştirmeye uygun olan ve kimlik doğrulama algoritması olarak da işlev gören Galois Sayaç Kipi (GCM) kullanılmıştır.
Counterfeiting is encountered among almost every branch of industry, from pharmacy to electronics, from food to brand names. The increasing trend in counterfeiting damages many company economically and reduce their reliability and status. The current state in counterfeiting is more destructive nowadays. Counterfeit electronic components and chips can be found at even military and space electronics and medical electronics industry. These serious advance of counterfeiting accelerate the research in the field of detecting counterfeit products economically. Some methods of counterfeiting electronic chips are overproduction, cloning and reverse engineering. Todays, many fabless electronic design companies make their products to other companies or many of them sell their designs as electronic IPs to other electronic design companies. In such cases, companies can be obliged to share their designs with other companies. Counterfeit designs emerge in such a way. The basic solution against counterfeiting in electronics industry is ciphering electronic IP designs. However, key management is another problem that is to be handled and the risk of the key to be stolen must be eliminated. Physical Unclonable Functions (PUF) technology that has been developing in recent years can solve the key storage problem of cryptographic systems. PUF data depends on the static environment parameters that is unavoidable and non-deterministic. As a result, PUF data cannot be cloned practically. PUF circuits on chips rely on the non-ideal nature of process technology (doping differences etc.). Such as, mathematically equivalent timing delay paths on the chip, actually are not equivalent, have a slight difference. These slight differences can be gathered and result in a measurable delay. These delay differences are expected to vary for identical chips and then each chip has its own characteristic PUF data. Extracting PUF data on chip also solves the key transmission problem. In the literature, several PUF circuit types are available, for example Anderson, butterfly, arbiter and ring oscillator (RO) PUFs are well-known. RO-PUF is used in this work. RO-PUF is suitable for FPGA implementations. RO-PUF consists of RO pairs. One bit PUF output is the sign of the difference of the frequency of these two identical ROs. RO pairs must have identical path delays. So the difference is controlled with the characteristics of the chip. On the other hand, PUF circuits are affected by environmental conditions. For instance, voltage and temperature fluctuations, radiation can change PUF output result from measurement to measurement. This fact causes unreliable PUF outputs and this means cryptographic key cannot be extracted truly on every creation. The reliability problem have to be solved to get a consistent cryptographic key. Error correction codes can be used to stabilize fluctuating PUF data. These error correction codes are generally collect statistical data of PUF output, then raw PUF output is post-processed according to the calculation results of statistical data. In this manner, an error correction code called labeling technique is used in this work. Labeling technique needs to collect statistical data about PUF outputs for different environmental conditions and for different chips. According to statistical data, each PUF circuit is labeled with a binary number and PUF output is evaluated after measurement according to label. Also, this label does not reveal PUF output. FPGAs are ubiquitous for especially last decade thanks to their flexibility. In this work, FPGAs are used especially for their reconfigurability utilities. FPGAs are known as further behind the performance of ASIC designs. However depending on the developments in IC design and production technology FPGAs are closing the performance gaps between their ASIC rivals. FPGAs also have many new features in those days, partial reconfiguration is an example of these features. Partial reconfiguration (PR) utility is going to be a common standard for new generation FPGAs. Xilinx Virtex series and new 7 series FPGAs have this PR feature. PR enables exchanging hardware designs in the time domain. In dynamic partial reconfiguration (DPR), rest of the FPGA continues to work, when partial region is reconfiguring. As a result, area and power can be reduced dramatically with programming separately working designs partially. PR is necessary for this work to automate authentication process. In every power-up of FPGA, before loading actual design, authentication check design deciphers ciphered bitstream of the actual design and if it passes authentication check then deciphered bitstream is loaded on the FPGA otherwise authentication fails and deciphered data is erased, it is not loaded on the FPGA. In this work, Advanced Encryption Standard (AES) which is a common encryption standard is used as crypto algorithm. AES is used with Galois Counter Mode (GCM) of operation. GCM is a highly parallelable mode of operation which is very suitable for hardware implementations. GCM provides both message confidentiality and authenticity. FPGA bitstream is very sensitive to bit errors, even one bit error can destroy reconfiguration, and also FPGA can be damaged. Therefore, some kind of checksum algorithm have to be used to ensure the error-free bitstream. Authentication feature of GCM also fulfills the checksum task. Non-volatile memory is used to store bitstreams of the FPGA designs. A BPI PROM on Xilinx ML 505 board is used as non-volatile memory. PROM contains a full bitstream with authentication check design and a partial encrypted bitstream contains ciphered actual design. Full bitstream also called golden design contains a PROM reader module to get partial ciphered bitstream into FPGA. Partial bitstream is deciphered and also authentication check is calculated in parallel. Deciphered bitstream have to be stored in FPGA due to authentication check lasts till the end of deciphering process. At the end of the authentication check, deciphered bitstream is needed if it passes the authentication check for loading on the FPGA. FPGA has limited internal buffer. All partial bitstream cannot be stored on the FPGA. Therefore, partial bitstream is deciphered as constant size of blocks (2048 block for this application). Every block has its own authentication check and authentication tag stored on BPI PROM. If calculated tag in the FPGA matches the retrieved tag from PROM block passes authentication check and buffered bitstream is sent to reconfiguration controller module to load it through Internal Configuration Access Port (ICAP). Reconfiguration process is handled with ICAP primitive on FPGA. Reconfiguration process is controlled with user logic called reconfiguration controller module. Since functionality of the PR is important for this work, simple partial modules are used to test the designed system. Switches are used as input and leds are used for output of the PRMs. Input signals are given to EXOR or AND logic gates depending on a select input signal at one PRM, other PRM uses EXNOR or OR logic operations depending on the select input. Piezo audio transducer is also used in the static design to check the operability of the static modules during PR process. During reconfiguration piezo transducer continues playing beep and after a short PR process time output leds are driven by second PRM.
Counterfeiting is encountered among almost every branch of industry, from pharmacy to electronics, from food to brand names. The increasing trend in counterfeiting damages many company economically and reduce their reliability and status. The current state in counterfeiting is more destructive nowadays. Counterfeit electronic components and chips can be found at even military and space electronics and medical electronics industry. These serious advance of counterfeiting accelerate the research in the field of detecting counterfeit products economically. Some methods of counterfeiting electronic chips are overproduction, cloning and reverse engineering. Todays, many fabless electronic design companies make their products to other companies or many of them sell their designs as electronic IPs to other electronic design companies. In such cases, companies can be obliged to share their designs with other companies. Counterfeit designs emerge in such a way. The basic solution against counterfeiting in electronics industry is ciphering electronic IP designs. However, key management is another problem that is to be handled and the risk of the key to be stolen must be eliminated. Physical Unclonable Functions (PUF) technology that has been developing in recent years can solve the key storage problem of cryptographic systems. PUF data depends on the static environment parameters that is unavoidable and non-deterministic. As a result, PUF data cannot be cloned practically. PUF circuits on chips rely on the non-ideal nature of process technology (doping differences etc.). Such as, mathematically equivalent timing delay paths on the chip, actually are not equivalent, have a slight difference. These slight differences can be gathered and result in a measurable delay. These delay differences are expected to vary for identical chips and then each chip has its own characteristic PUF data. Extracting PUF data on chip also solves the key transmission problem. In the literature, several PUF circuit types are available, for example Anderson, butterfly, arbiter and ring oscillator (RO) PUFs are well-known. RO-PUF is used in this work. RO-PUF is suitable for FPGA implementations. RO-PUF consists of RO pairs. One bit PUF output is the sign of the difference of the frequency of these two identical ROs. RO pairs must have identical path delays. So the difference is controlled with the characteristics of the chip. On the other hand, PUF circuits are affected by environmental conditions. For instance, voltage and temperature fluctuations, radiation can change PUF output result from measurement to measurement. This fact causes unreliable PUF outputs and this means cryptographic key cannot be extracted truly on every creation. The reliability problem have to be solved to get a consistent cryptographic key. Error correction codes can be used to stabilize fluctuating PUF data. These error correction codes are generally collect statistical data of PUF output, then raw PUF output is post-processed according to the calculation results of statistical data. In this manner, an error correction code called labeling technique is used in this work. Labeling technique needs to collect statistical data about PUF outputs for different environmental conditions and for different chips. According to statistical data, each PUF circuit is labeled with a binary number and PUF output is evaluated after measurement according to label. Also, this label does not reveal PUF output. FPGAs are ubiquitous for especially last decade thanks to their flexibility. In this work, FPGAs are used especially for their reconfigurability utilities. FPGAs are known as further behind the performance of ASIC designs. However depending on the developments in IC design and production technology FPGAs are closing the performance gaps between their ASIC rivals. FPGAs also have many new features in those days, partial reconfiguration is an example of these features. Partial reconfiguration (PR) utility is going to be a common standard for new generation FPGAs. Xilinx Virtex series and new 7 series FPGAs have this PR feature. PR enables exchanging hardware designs in the time domain. In dynamic partial reconfiguration (DPR), rest of the FPGA continues to work, when partial region is reconfiguring. As a result, area and power can be reduced dramatically with programming separately working designs partially. PR is necessary for this work to automate authentication process. In every power-up of FPGA, before loading actual design, authentication check design deciphers ciphered bitstream of the actual design and if it passes authentication check then deciphered bitstream is loaded on the FPGA otherwise authentication fails and deciphered data is erased, it is not loaded on the FPGA. In this work, Advanced Encryption Standard (AES) which is a common encryption standard is used as crypto algorithm. AES is used with Galois Counter Mode (GCM) of operation. GCM is a highly parallelable mode of operation which is very suitable for hardware implementations. GCM provides both message confidentiality and authenticity. FPGA bitstream is very sensitive to bit errors, even one bit error can destroy reconfiguration, and also FPGA can be damaged. Therefore, some kind of checksum algorithm have to be used to ensure the error-free bitstream. Authentication feature of GCM also fulfills the checksum task. Non-volatile memory is used to store bitstreams of the FPGA designs. A BPI PROM on Xilinx ML 505 board is used as non-volatile memory. PROM contains a full bitstream with authentication check design and a partial encrypted bitstream contains ciphered actual design. Full bitstream also called golden design contains a PROM reader module to get partial ciphered bitstream into FPGA. Partial bitstream is deciphered and also authentication check is calculated in parallel. Deciphered bitstream have to be stored in FPGA due to authentication check lasts till the end of deciphering process. At the end of the authentication check, deciphered bitstream is needed if it passes the authentication check for loading on the FPGA. FPGA has limited internal buffer. All partial bitstream cannot be stored on the FPGA. Therefore, partial bitstream is deciphered as constant size of blocks (2048 block for this application). Every block has its own authentication check and authentication tag stored on BPI PROM. If calculated tag in the FPGA matches the retrieved tag from PROM block passes authentication check and buffered bitstream is sent to reconfiguration controller module to load it through Internal Configuration Access Port (ICAP). Reconfiguration process is handled with ICAP primitive on FPGA. Reconfiguration process is controlled with user logic called reconfiguration controller module. Since functionality of the PR is important for this work, simple partial modules are used to test the designed system. Switches are used as input and leds are used for output of the PRMs. Input signals are given to EXOR or AND logic gates depending on a select input signal at one PRM, other PRM uses EXNOR or OR logic operations depending on the select input. Piezo audio transducer is also used in the static design to check the operability of the static modules during PR process. During reconfiguration piezo transducer continues playing beep and after a short PR process time output leds are driven by second PRM.
Açıklama
Tez (Yüksek Lisans) -- İstanbul Teknik Üniversitesi, Fen Bilimleri Enstitüsü, 2013
Thesis (M.Sc.) -- İstanbul Technical University, Institute of Science and Technology, 2013
Thesis (M.Sc.) -- İstanbul Technical University, Institute of Science and Technology, 2013
Anahtar kelimeler
FPGA, fiziksel klonlanamaz fonksiyon, dinamik kısmi yeniden yapılandırma, AES-GCM,
FPGA,
physical unclonable function,
dynamic partial reconfiguration,
AES-GCM