Advanced PRivacy of IOT Devices through Robust Hardware Implementations – APRIORI
In the increasingly interconnected world of the Internet of Things (IoT), small and strongly resource-constrained devices collect and process highly sensitive data. Sensitive data are sent and received over wireless connection to servers or shared with other eligible devices. In parallel, IoT devices are frequently accessible to potential attackers, which enables attacks at protocol level but also malicious tampering with the hardware (HW).
APRIORI (Advanced PRivacy of IOT Devices through Robust Hardware Implementations) aims to support privacy by design in this scenario. Since many IoT devices are resource constrained and cannot use a fully blown trusted platform module, APRIORI will develop a secure system: we will enhance the DICE (Device Identifier Composition Engine) concept by coupling it to the HW and enable a high level of security and privacy at low cost. Key material in our system will be stored by a Physical Unclonable Function (PUF). This enables an affordable implementation in resource constrained devices and simple methods to enroll device individual keys, which are intrinsically connected to HW. Since the IoT devices are potentially accessible for attackers, we identified Fault Injection Attacks (FIA) as a critical and challenging attack vector, which might break the security and privacy of a specific device as well as - due to the high connectivity - of a complete network. APRIORI will focus on today hardly explored FIA on the key derivation from PUFs, on corresponding countermeasures, and on sensors to detect FIA. HW extensions to a microcontroller (MC) will be suggested to drive the system into a secure state preserving privacy and confidentiality of data in case of a FIA. In APRIORI we develop a proof-of-concept IoT device based on an MC with the RISC-V ISA. Application software developers of IoT devices require an interface towards these HW secure features that is usable without having severe security knowledge. We will define and develop a simplified Trust Anchor API for IoT devices, capable of handling all required secure functionalities.
As a forecast on the 10 years after the project starts, we expect the simplified Trust Anchor API to influence a standardization for secure IoT devices and to become used in practice. Furthermore, future devices will have to consider FIA as a potential attack vector, which is currently intensively under research. Sensors to protect against FIA will be common and if a PUF is used as a key storage solution, it will be necessary to protect it against such attacks. Concluding, the research carried out in APRIORI is of crucial importance to ensure the security and privacy of IoT devices in the future. The project especially benefits from the contribution of the different partners from France and Germany: IMT and TUM complement each other in the domain of FIA and PUFs, where IMT has significant experience with laser FIA, sensors and PUF primitives and TUM contributes knowledge regarding key derivation from PUFs and EM based FIA; AISEC, IMT, and TUM share knowledge on RISC-V, where AISEC especially contributes through background regarding the DICE concept. HW related tasks are supported from industry through Secure-IC; to not end up with an isolated piece of HW, Siemens will provide use cases and drive the development of a Trust Anchor API, while Mixed Mode will implement security functionality on the IoT device. Overall, only the formed consortium as a whole is able to reach the ambitious goals of APRIORI.
Project coordination
Jean Max Dutertre (Institut Mines Télécom - Telecom Paris)
The author of this summary is the project coordinator, who is responsible for the content of this summary. The ANR declines any responsibility as for its contents.
Partner
AISEC Fraunhofer Institute for Applied and Integrated Security
Mixed Mode Mixed Mode
Siemens Siemens
LTCI Institut Mines Télécom - Telecom Paris
SIC Secure-IC S.A.S.
TUM Technische Universität München
Help of the ANR 405,857 euros
Beginning and duration of the scientific project:
May 2021
- 36 Months