Interview with Pim Tuyls, President and CEO of Intrinsic-ID
Gabe Moretti, Senior Editor
After the article on security published last week, I continued the conversation with more corporations. The Apple vs. FBI case showed that the stakes are high and the debate is heated. Privacy is important, not only for guarding sensitive information but for also ensuring functionality in our digital world.
I asked Pim Tuyls his impressions on security in electronics systems.
“Often, privacy is equated with security. However, ‘integrity’, is often the more important issue. This is especially true with the Internet of Things (IoT) and autonomous systems, which rely on the inputs they receive to operate effectively. If these inputs are not secure, how can they be trusted? Researchers have already tricked sensors of semi-autonomous cars with imaginary objects on the road, triggering emergency braking actions. Counterfeit sensors are already on the market.
Engineers have built in redundancy and ‘common-sense’ rules to help ensure input integrity. However, such mechanisms were built primarily for reliability, not for security. So something else is needed. Looking at the data itself is not enough. Integrity needs to be built into sensors and, more generally, all end-points.”
Chip Design: Are there ways you think could be effective in increasing security?
“One way to do this is to append a Message Authentication Code (MAC) to each piece of data. This is essentially a short piece of information that authenticates a message or confirms that the message came from the claimed sender (its authenticity) and has not been changed in transit (its integrity). To protect against replay attacks the message is augmented with a timestamp or counter before the MAC is calculated. Another approach to implement a MAC is based on hash functions (HMAC or Hash-based message authentication code). Hash functions such as the SHA-2 family are well-known and widely supported cryptographic primitives with efficient and compact implementation.”
Chip Design: These approaches sound easy but there are reasons they are not widely adopted?
“First, even though an algorithm like HMAC is efficient and compact, it may still be too high of a burden on the tiny microcontrollers and sensors that are the nerves of a complex system. Authenticating every piece of data naturally takes up resources such as processing, memory and power. In some cases, like in-vitro medical sensors, any reduction in battery life is not acceptable. Tiny sensor modules often do not have any processing capabilities. In automotive, due to the sheer number of sensors and controllers, costs cannot be increased.”
Chip Design: It is true that many IoT devices are very cost sensitive, I said, however, over recent years there is an increasing use of more powerful, 32-bit, often ARM- based microcontrollers. Many of these now come with basic security features like crypto accelerators and memory management. So some of the issues that prevent adoption of security are quickly being eroded.
“A second obstacle relates to the complex logistics of configuring such a system. HMAC relies on a secret key that is shared between the sensor and the host. Ensuring that each sensor has a unique key and that the key is kept secret via a centralized approach creates a single point of failure and introduces large liabilities for the party that manages the keys.”
Chip Design: What could be a cost-effective solution?
“A new solution to all these issues is based on SRAM Physical Unclonable Functions (PUFs). An SRAM PUF can reliably extract a unique key from a standard SRAM circuit on a standard microcontroller or smart sensor. The key is determined by tiny manufacturing differences unique to each chip. There is no central point of failure and no liability for key loss at the manufacturer. Furthermore, as nothing is programmed into the chip, the key cannot even be extracted through reverse engineering or other chip-level attacks.
Of course adapting a new security paradigm is not something that should be done overnight. OEMs and their suppliers are rightly taking a cautious approach. After all, the vehicle that is now being designed will still be on the road in 25 years. For industrial and medical systems, the lifecycle of a product may even be longer.
Still, with technologies like SRAM PUF the ingredients are in place to introduce the next level of security and integrity, and pave the road for fully autonomous systems. Using such technologies will not only help to enhance privacy but will also ensure a higher level of information integrity.”
This brought me back to the article where a solution using PUF was mentioned.