The Community for Technology Leaders
Green Image
Issue No. 03 - May-June (2017 vol. 14)
ISSN: 1545-5971
pp: 265-278
Ujjwal Guin , Department of Electrical and Computer Engineering, Auburn University, Auburn, AL
Swarup Bhunia , Department of Electrical and Computer Engineering, University of Florida, Gainesville, FL
Domenic Forte , Department of Electrical and Computer Engineering, University of Florida, Gainesville, FL
Mark M. Tehranipoor , Department of Electrical and Computer Engineering, University of Florida, Gainesville, FL
ABSTRACT
Due to the enhanced capability of adversaries, electronic systems are now increasingly vulnerable to counterfeiting and piracy. The majority of counterfeit systems today are of cloned type, which have been on the rise in the recent years. Ensuring the security of such systems is of great concern as an adversary can create a backdoor or insert a malware to bypass security modules. The reliability of such systems could also be questionable as the components used in these systems may be counterfeit and/or of inferior quality. It is of prime importance to develop solutions that can prevent an adversary from creating these non-authentic systems. In this paper, we present a novel system-level mutual authentication approach for both the hardware and firmware. The hardware authenticates the firmware by verifying the checksum during the power-up. On the other hand, firmware verifies the identity of the hardware and cannot produce correct results unless it receives a unique hardware fingerprint, which we call as system ID. We propose two secure protocols, TIDP and TIDS, to construct the system ID and authenticate the system by using this unique ID. We show that our approach is resistant to various known attacks.
INDEX TERMS
Hardware, Authentication, Integrated circuits, Microprogramming, Supply chains, Cloning
CITATION

U. Guin, S. Bhunia, D. Forte and M. M. Tehranipoor, "SMA: A System-Level Mutual Authentication for Protecting Electronic Hardware and Firmware," in IEEE Transactions on Dependable and Secure Computing, vol. 14, no. 3, pp. 265-278, 2017.
doi:10.1109/TDSC.2016.2615609
235 ms
(Ver 3.3 (11022016))