Remote Sensor Security Through Encoded Computation and Cryptographic Signatures

Files
HUTTO-DISSERTATION-2024.pdf (23.09 MB)
Author(s)
Hutto, Kevin
Advisor(s)
Editor(s)
Associated Organization(s)
Organizational Unit
Organizational Unit
Series
Series
Collections
Theses and Dissertations
Supplementary to:
Permanent Link
https://hdl.handle.net/1853/75289
Abstract
Physically vulnerable devices have additional security concerns due to an attacker's potential ability to obtain memory contents from a device which they would not be able to do with software-only attacks. An adversary may be able to extract all data including volatile run-time memory. Commonly utilized software protections such as encryption may not secure data received from Analog-to-Digital Converters (ADCs) placed into buffer memories, and storage of data in an encrypted format may preclude the ability to perform computation on the data. To address the vulnerabilities of the remote devices, this dissertation presents three mechanisms used to improve security of these physically vulnerable remote devices. The first mechanism protects analog sensed data through the construction of a novel ADC architecture which creates data in an encoded format uninterpretable by an observer. Our approach can be utilized for various base ADC architectures, and never stores unencoded data in any memory location on the device. We present architectures targeting three different types of ADCs and show synthesis results and security analyses for all three. The second mechanism provides the capability for a remote device to perform computations on encoded data produced by our novel ADC architecture via the development of a privacy homomorphism. Detailed examples of how the privacy homomorphism functions are provided as well as real-world examples of computations performed on imagery. Synthesis and simulation results show the possibility of performing computations such as edge detection on encoded data in real-time on remote devices. The third and last mechanism utilizes a Physical Unclonable Function (PUF) to enforce a two-factor authentication scheme, securing the software and firmware update mechanisms for the device. We utilize public-private keys split between multiple organizations as well as a PUF integrated with the deployed device to ensure a high level of trust between the remote device and a connected server. The three contributions when utilized together provide a robust framework enhancing the security of physically-vulnerable remote sensor devices.
Sponsor
Date
2024-04-29
Extent
Resource Type
Text
Resource Subtype
Dissertation
Rights Statement
Rights URI