Refine
Year of publication
- 2020 (3) (remove)
Document Type
- Doctoral Thesis (3) (remove)
Language
- English (3) (remove)
Is part of the Bibliography
- yes (3)
Keywords
- Data privacy (1)
- Hardware Security (1)
- Internet der Dinge (1)
- Physically Unclonable Function (1)
- Printed Electronics (1)
- bloom filters (1)
- data malleability (1)
- data processing (1)
- homomorphic encryption (1)
- wireless sensor network (1)
Institute
Open Access
- Open Access (2)
- Closed Access (1)
In the work at hand, we state that privacy and malleability of data are two aspects highly desired but not easy to associate. On the one hand, we are trying to shape data to make them usable and editable in an intelligible way, namely without losing their initial information. On the other hand, we are looking for effective privacy on data such that no external or non-authorized party could learn about their content. In such a way, we get overlapping requirements by pursuing different goals; it is trivial to be malleable without being secure, and vice versa. We propose four “real-world” use cases identified as scenarios where these two contradictory features are required and taking place in distinct environments. These considered backgrounds consist of firstly, cloud security auditing, then privacy of mobile network users and industry 4.0 and finally, privacy of COVID-19 tracing app users. After presenting useful background material, we propose to employ multiple approaches to design solutions to solve the use cases. We combine homomorphic encryption with searchable encryption and private information retrieval protocol to build an effective construction for the could auditing use case. As a second step, we develop an algorithm to generate the appropriate parameters to use the somewhat homomorphic encryption scheme by considering correctness, performance and security of the respective application. Finally, we propose an alternative use of Bloom filter data structure by adding an HMAC function to allow an outsourced third party to perform set relations in a private manner. By analyzing the overlapping bits occurring on Bloom filters while testing the inclusiveness or disjointness of the sets, we show how these functions maintain privacy and allow operations directly computed on the data structure. Then, we show how these constructions could be applied to the four selected use cases. Our obtained solutions have been implemented and we provide promising results that validate their efficiency and thus relevancy.
Modern society is more than ever striving for digital connectivity -- everywhere and at any time, giving rise to megatrends such as the Internet of Things (IoT). Already today, 'things' communicate and interact autonomously with each other and are managed in networks. In the future, people, data, and things will be interlinked, which is also referred to as the Internet of Everything (IoE). Billions of devices will be ubiquitously present in our everyday environment and are being connected over the Internet.
As an emerging technology, printed electronics (PE) is a key enabler for the IoE offering novel device types with free form factors, new materials, and a wide range of substrates that can be flexible, transparent, as well as biodegradable. Furthermore, PE enables new degrees of freedom in circuit customizability, cost-efficiency as well as large-area fabrication at the point of use.
These unique features of PE complement conventional silicon-based technologies. Additive manufacturing processes enable the realization of many envisioned applications such as smart objects, flexible displays, wearables in health care, green electronics, to name but a few.
From the perspective of the IoE, interconnecting billions of heterogeneous devices and systems is one of the major challenges to be solved. Complex high-performance devices interact with highly specialized lightweight electronic devices, such as e.g. smartphones and smart sensors. Data is often measured, stored, and shared continuously with neighboring devices or in the cloud. Thereby, the abundance of data being collected and processed raises privacy and security concerns.
Conventional cryptographic operations are typically based on deterministic algorithms requiring high circuit and system complexity, which makes them unsuitable for lightweight devices.
Many applications do exist, where strong cryptographic operations are not required, such as e.g. in device identification and authentication. Thereby, the security level mainly depends on the quality of the entropy source and the trustworthiness of the derived keys. Statistical properties such as the uniqueness of the keys are of great importance to precisely distinguish between single entities.
In the past decades, hardware-intrinsic security, particularly physically unclonable functions (PUFs), gained a lot of attraction to provide security features for IoT devices. PUFs use their inherent variations to derive device-specific unique identifiers, comparable to fingerprints in biometry.
The potentials of this technology include the use of a true source of randomness, on demand key derivation, as well as inherent key storage.
Combining these potentials with the unique features of PE technology opens up new opportunities to bring security to lightweight electronic devices and systems. Although PE is still far from being matured and from being as reliable as silicon technology, in this thesis we show that PE-based PUFs are promising candidates to provide key derivation suitable for device identification in the IoE.
Thereby, this thesis is primarily concerned with the development, investigation, and assessment of PE-based PUFs to provide security functionalities to resource constrained printed devices and systems.
As a first contribution of this thesis, we introduce the scalable PE-based Differential Circuit PUF (DiffC-PUF) design to provide secure keys to be used in security applications for resource constrained printed devices. The DiffC-PUF is designed as a hybrid system architecture incorporating silicon-based and inkjet-printed components. We develop an embedded PUF platform to enable large-scale characterization of silicon and printed PUF cores.
In the second contribution of this thesis, we fabricate silicon PUF cores based on discrete components and perform statistical tests under realistic operating conditions. A comprehensive experimental analysis on the PUF security metrics is carried out. The results show that the silicon-based DiffC-PUF exhibits nearly ideal values for the uniqueness and reliability metrics. Furthermore, the identification capabilities of the DiffC-PUF are investigated and it is shown that additional post-processing can further improve the quality of the identification system.
In the third contribution of this thesis, we firstly introduce an evaluation workflow to simulate PE-based DiffC-PUFs, also called hybrid PUFs. Hereof, we introduce a Python-based simulation environment to investigate the characteristics and variations of printed PUF cores based on Monte Carlo (MC) simulations. The simulation results show, that the security metrics to be expected from the fabricated devices are close to ideal at the best operating point.
Secondly, we employ fabricated printed PUF cores for statistical tests under varying operating conditions including variations in ambient temperature, relative humidity, and supply voltage. The evaluations of the uniqueness, bit aliasing, and uniformity metrics are in good agreement with the simulation results. The experimentally determined mean reliability value is relatively low, which can be explained by the missing passivation and encapsulation of the printed transistors. The investigation of the identification capabilities based on the raw PUF responses shows that the pure hybrid PUF is not suitable for cryptographic applications, but qualifies for device identification tasks.
The final contribution is to switch to the perspective of an attacker. To judge on the security capabilities of the hybrid PUF, a comprehensive security analysis in the manner of a cryptanalysis is performed. The analysis of the entropy of the hybrid PUF shows that its vulnerability against model-based attacks mainly depends on the selected challenge building method. Furthermore, an attack methodology is introduced to assess the performances of different mathematical cloning attacks on the basis of eavesdropped challenge-response pairs (CRPs). To clone the hybrid PUF, a sorting algorithm is introduced and compared with commonly used supervised machine learning (ML) classifiers including logistic regression (LR), random forest (RF), as well as multi-layer perceptron (MLP).
The results show that the hybrid PUF is vulnerable against model-based attacks. The sorting algorithm benefits from shorter training times compared to the ML algorithms. If the eavesdropped CRPs are erroneous, the ML algorithms outperform the sorting algorithm.
The evolution of cellular networks from its first generation (1G) to its fourth generation (4G) was driven by the demand of user-centric downlink capacity also technically called Mobile Broad-Band (MBB). With its fifth generation (5G), Machine Type Communication (MTC) has been added into the target use cases and the upcoming generation of cellular networks is expected to support them. However, such support requires improvements in the existing technologies in terms of latency, reliability, energy efficiency, data rate, scalability, and capacity.
Originally, MTC was designed for low-bandwidth high-latency applications such as, environmental sensing, smart dustbin, etc. Nowadays there is an additional demand around applications with low-latency requirements. Among other well-known challenges for recent cellular networks such as data rate energy efficiency, reliability etc., latency is also not suitable for mission-critical applications such as real-time control of machines, autonomous driving, tactile Internet etc. Therefore, in the currently deployed cellular networks, there is a necessity to reduce the latency and increase the reliability offered by the networks to support use cases such as, cooperative autonomous driving or factory automation, that are grouped under the denomination Ultra-Reliable Low-Latency Communication (URLLC).
This thesis is primarily concerned with the latency into the Universal Terrestrial Radio Access Network (UTRAN) of cellular networks. The overall work is divided into five parts. The first part presents the state of the art for cellular networks. The second part contains a detailed overview of URLLC use cases and the requirements that must be fulfilled by the cellular networks to support them. The work in this thesis is done as part of a collaboration project between IRIMAS lab in Université de Haute-Alsace, France and Institute for Reliable Embedded Systems and Communication Electronics (ivESK) in Offenburg University of Applied Sciences, Germany. The selected use cases of URLLC are part of the research interests of both partner institutes. The third part presents a detailed study and evaluation of user- and control-plane latency mechanisms in current generation of cellular networks. The evaluation and analysis of these latencies, performed with the open-source ns-3 simulator, were conducted by exploring a broad range of parameters that include among others, traffic models, channel access parameters, realistic propagation models, and a broad set of cellular network protocol stack parameters. These simulations were performed with low-power, low-cost, and wide-range devices, commonly called IoT devices, and standardized for cellular networks. These devices use either LTE-M or Narrowband-IoT (NB-IoT) technologies that are designed for connected things. They differ mainly by the provided bandwidth and other additional characteristics such as coding scheme, device complexity, and so on.
The fourth part of this thesis shows a study, an implementation, and an evaluation of latency reduction techniques that target the different layers of the currently used Long Term Evolution (LTE) network protocol stack. These techniques based on Transmission Time Interval (TTI) reduction and Semi-Persistent Scheduling (SPS) methods are implemented into the ns-3 simulator and are evaluated through realistic simulations performed for a variety of low-latency use cases focused on industry automation and vehicular networking. For testing the proposed latency reduction techniques in cellular networks, since ns-3 does not support NB-IoT in its current release, an NB-IoT extension for LTE module was developed. This makes it possible to explore deployment limitations and issues.
In the last part of this thesis, a flexible deployment framework called Hybrid Scheduling and Flexible TTI for the proposed latency reduction techniques is presented, implemented and evaluated through realistic simulations. With help of the simulation evaluation, it is shown that the improved LTE network proposed and implemented in the simulator can support low-latency applications with low cost, higher range, and narrow bandwidth devices. The work in this thesis points out the potential improvement techniques, their deployment issues and paves the way towards the support for URLLC applications with upcoming cellular networks.