Digital banking is growing with an increased number of online transactions that require hardware-based secure authentication technologies. Traditional hardware-based cryptographic key storage technology will be compromised by physical attacks, side-channel attacks, and compromise through the supply chain. A new type of Physical Unclonable Function (PUF) hardware architecture that was developed to address the specific needs of banking hardware in terms of security is presented in this paper. In addition, we are developing and testing three different types of PUFs as examples of these new architectures: a Hybrid SRAM-Ring Oscillator PUF (HSRO-PUF), a Temperature Compensated Arbiter PUF (TCA-PUF), and a Multi-Layer Memristor PUF (MLM-PUF). Each of the PUFs were evaluated using field programmable gate arrays (FPGA) and demonstrated improved results for all three of the following parameters: uniqueness (49.8%), reliability (98.7%), and resilience to machine learning attacks. The three architectures also maintained low bit error rates (less than .05%) during environmental changes, and had sufficient size to integrate into payment terminals, ATMs, and hardware security modules. Additionally, a comprehensive threat model of financial hardware is presented to describe how PUF based authentication can counteract emerging threats such as invasive probing, electromagnetic analysis, and supply chain tampering.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Physical Unclonable Functions for Financial Authentication: Novel Architectures for Secure Key Storage in Banking Hardware

  • Yiyang Annie Peng,
  • Mingyuan Shao,
  • You Fu,
  • Lin Zhong

摘要

Digital banking is growing with an increased number of online transactions that require hardware-based secure authentication technologies. Traditional hardware-based cryptographic key storage technology will be compromised by physical attacks, side-channel attacks, and compromise through the supply chain. A new type of Physical Unclonable Function (PUF) hardware architecture that was developed to address the specific needs of banking hardware in terms of security is presented in this paper. In addition, we are developing and testing three different types of PUFs as examples of these new architectures: a Hybrid SRAM-Ring Oscillator PUF (HSRO-PUF), a Temperature Compensated Arbiter PUF (TCA-PUF), and a Multi-Layer Memristor PUF (MLM-PUF). Each of the PUFs were evaluated using field programmable gate arrays (FPGA) and demonstrated improved results for all three of the following parameters: uniqueness (49.8%), reliability (98.7%), and resilience to machine learning attacks. The three architectures also maintained low bit error rates (less than .05%) during environmental changes, and had sufficient size to integrate into payment terminals, ATMs, and hardware security modules. Additionally, a comprehensive threat model of financial hardware is presented to describe how PUF based authentication can counteract emerging threats such as invasive probing, electromagnetic analysis, and supply chain tampering.