TPM 2.0-Ready: Top Security with PUFcc
The Tale of TPM The rising security threats endangering our connected world, from the chip to the cloud, are among the biggest challenges facing us today. Microsoft recently addressed some of these concerns by mandating the inclusion of TPM 2.0 (Trusted Platform Module) in all devices running its latest Windows 11 operating system. It’s a significant […]
Securing the IC Supply Chain – Integrating PUF-Based hardware security
The semiconductor supply chain is vulnerable to hacks that threaten valuable intellectual property and the operation of electronic devices that we depend on. This article outlines how a combination of Physical Unclonable Function (PUF) + blockchain + smart contract technology can help safeguard the industry. Semiconductors are vulnerable to non-invasive attacks such as side-channel analysis, […]
Adopting PUF to Implement Zero Trust Architecture
The Executive Order issued by the US White House on May 12, 2021, requires the federal government to modernize its approach to cybersecurity by advancing toward Zero Trust Architecture (ZTA) [1]. A physically unclonable function (PUF) is a key technology that supports the identity-centric policy model of ZTA. A PUF enables inborn ID and self-generated […]
Standardized PUF-based Solution for Device eID
1. Introduction Generally speaking IoT/AIoT networks require strong identification /authentication, secure update, secure boot, secure communication, and data encryption for IoT devices [1]. Typically, the IoT device logs in on its own and sends data on its own. Consequently, authenticating the potentially billions of IoT devices to the server and among themselves becomes a big concern. Thus, securing […]
PUF is a Hardware Solution for the Sunburst Hack
On December 14, 2020, SolarWinds, which provides network monitoring software to the US government and private businesses, reported one of the largest cyberattacks in history, breaching the data of as many as 18,000 organizations and companies. The so-called ‘Sunburst’ attack by a still unknown group probably backed by a foreign government began in March 2020 […]
Build Trust in Silicon: A Myth or a Reality?
Abstract: Currently, there is a strong belief among the cyber security experts that hardware security is imperative since it is more efficient, effective, reliable and tamper-resistant than software security. As a matter of fact, providing trusted execution environment (TEE) and embedding a hardware root of trust (HRoT) as the anchor are necessary to provide a […]
Is Blockchain the Silver Bullet of IoT Security?
Abstract Blockchain has been proposed as a “Trusted Mechanism” for crypto-currency, asset transfer and distributed computing without centralized servers/databases and the needs of trusted intermediaries / third parties. Since IoT devices are typically autonomous, distributed, unsupervised, and physically exposed, therefore it seems logical that Blockchains and IoTs are good matches. However, there is always a price to pay in adopting any new […]
The Promise of Formal Methods to PUF Security Assurance
Abstract Due to the emerging technology nature of PUF as new security primitives and the lack of comprehensive understandings on specific vulnerabilities that PUFs might introduce and the specific attacker models that are germane to PUFs, currently we are facing a situation that not only the methodologies and criteria for testing and assessing the security […]
“To be or not to be?” & “To be what?” those are two big questions for Libra!
Abstract: Facebook has revealed plans to launch its new cryptocurrency Libra in 2020. This breaking news has raised the attention of financial regulators all over the world. As the number of cyberattack incidents targeting different cryptocurrencies surged over the years, Facebook is facing suspicions from specialists and companies and it is not yet clear if […]
The good, the bad and the ugly of hardware security
Abstract Data encryption can be implemented either by hardware or by software. It is generally accepted that software encryption is flexible, more cost-effective as well as easier to develop and to maintain, but it is significantly less secure and slower than its hardware equivalent. Since either hardware-based security or software-based security has its own pros […]