CRII: SaTC: Hardware based Authentication and Trusted Platform Module functions (HAT) for IoTs

CRII：SaTC：用于物联网的基于硬件的身份验证和可信平台模块功能 (HAT)

• 批准号: 1819687
• 负责人: Fareena Saqib
• 金额: $ 13.72万
• 依托单位: University of North Carolina at Charlotte
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2017
• 资助国家: 美国
• 起止时间: 2017-08-05 至 2022-05-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1819687&HistoricalAwards=false
• 关键词: CRII; SaTC; Hardware; based; Authentication

Crucial and critical needs of security and trust requirements are growing in all classes of applications such as in automobiles and for wearable devices. Traditional cryptographic primitives are computation-intensive and rely on secrecy of shared or session keys, applicable on large systems like servers and secure databases. This is unsuitable for embedded devices with fewer resources for realizing sufficiently strong security. This research addresses new hardware-oriented capabilities and mechanisms for protecting Internet of Things (IoT) devices. This research has the potential to significantly enhance the security capability of today and emerging applications, particularly those that can benefit from reliable authentication using hardware features. The project concerns a hardware-based authentication framework using strong physical unclonable functions (PUFs) for enhanced security for Internet of Things (IOT) devices. It focuses on new authentication techniques, incorporating lightweight cryptographic primitives with PUFs, and novel pre-boot authentication and storage encryption functions for trusted platform modules (TPM). The project will evaluate the proposed techniques against a threat model, including model-building, replay, and probing attacks.

在汽车和可穿戴设备等所有类型的应用中，安全和信任要求的关键和关键需求都在增长。传统的密码原语是计算密集型的，依赖于共享或会话密钥的保密性，适用于大型系统，如服务器和安全数据库。这不适合于具有较少资源以实现足够强的安全性的嵌入式设备。 这项研究旨在解决保护物联网（IoT）设备的新的面向硬件的功能和机制。这项研究有可能显着提高当今和新兴应用的安全能力，特别是那些可以从使用硬件功能的可靠身份验证中受益的应用。该项目涉及一个基于硬件的认证框架，使用强大的物理不可克隆功能（PUF）来增强物联网（IOT）设备的安全性。 它专注于新的身份验证技术，将轻量级加密原语与PUF相结合，以及用于可信平台模块（TPM）的新型预引导身份验证和存储加密功能。该项目将针对威胁模型评估所提出的技术，包括模型构建，重放和探测攻击。