Data to hardware binding with physical unclonable functions
Abstract
The various technologies presented herein relate to binding data (e.g., software) to hardware, wherein the hardware is to utilize the data. The generated binding can be utilized to detect whether at least one of the hardware or the data has been modified between an initial moment (enrollment) and a later moment (authentication). During enrollment, an enrollment value is generated that includes a signature of the data, a first response from a PUF located on the hardware, and a code word. During authentication, a second response from the PUF is utilized to authenticate any of the content in the enrollment value, and based upon the authentication, a determination can be made regarding whether the hardware and/or the data have been modified. If modification is detected then a mitigating operation can be performed, e.g., the hardware is prevented from utilizing the data. If no modification is detected, the data can be utilized.
- Inventors:
- Publication Date:
- Research Org.:
- Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)
- Sponsoring Org.:
- USDOE
- OSTI Identifier:
- 1452911
- Patent Number(s):
- 9,985,792
- Application Number:
- 15/077,590
- Assignee:
- National Technology & Engineering Solutions of Sandia, LLC (Albuquerque, NM)
- DOE Contract Number:
- AC04-94AL85000
- Resource Type:
- Patent
- Resource Relation:
- Patent File Date: 2016 Mar 22
- Country of Publication:
- United States
- Language:
- English
- Subject:
- 97 MATHEMATICS AND COMPUTING
Citation Formats
Hamlet, Jason. Data to hardware binding with physical unclonable functions. United States: N. p., 2018.
Web.
Hamlet, Jason. Data to hardware binding with physical unclonable functions. United States.
Hamlet, Jason. 2018.
"Data to hardware binding with physical unclonable functions". United States. https://www.osti.gov/servlets/purl/1452911.
@article{osti_1452911,
title = {Data to hardware binding with physical unclonable functions},
author = {Hamlet, Jason},
abstractNote = {The various technologies presented herein relate to binding data (e.g., software) to hardware, wherein the hardware is to utilize the data. The generated binding can be utilized to detect whether at least one of the hardware or the data has been modified between an initial moment (enrollment) and a later moment (authentication). During enrollment, an enrollment value is generated that includes a signature of the data, a first response from a PUF located on the hardware, and a code word. During authentication, a second response from the PUF is utilized to authenticate any of the content in the enrollment value, and based upon the authentication, a determination can be made regarding whether the hardware and/or the data have been modified. If modification is detected then a mitigating operation can be performed, e.g., the hardware is prevented from utilizing the data. If no modification is detected, the data can be utilized.},
doi = {},
url = {https://www.osti.gov/biblio/1452911},
journal = {},
number = ,
volume = ,
place = {United States},
year = {Tue May 29 00:00:00 EDT 2018},
month = {Tue May 29 00:00:00 EDT 2018}
}
Works referenced in this record:
Method and apparatus for uniquely and securely loading software to an individual computer
patent, May 2006
- Klemba, Keith; Leyrat, Gilles
- US Patent Document 7,055,040
System and Device Binding Metadata with Hardware Intrinsic Properties
patent-application, November 2015
- Walsh, John J.; Wallrabenstein, John Ross
- US Patent Document 14/704963; 20150318994
Bootstrapping Trust in Commodity Computers
conference, May 2010
- Parno, Bryan; McCune, Jonathan M.; Perrig, Adrian
- 2010 IEEE Symposium on Security and Privacy