A Keccak-Based Wireless Authentication Tag with per-Query Key Update and Power-Glitch Attack Countermeasures

A Keccak-Based Wireless Authentication Tag with per-Query Key Update and Power-Glitch Attack Countermeasures

Counterfeiting is a major problem plaguing global supply chains. While small low-cost tagging solutions for supply-chain management exist, security in the face of fault-injection [1] and side-channel attacks [2] remains a concern. Power glitch attacks [3] in particular attempt to leak key-bits by in...

Full description

Bibliographic Details
Main Authors: Juvekar, Chiraag Shashikant (Contributor), Lee, Hyung-Min (Contributor), Kwong, Joyce (Author), Chandrakasan, Anantha P. (Contributor)
Other Authors: Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science (Contributor)
Format: Article
Language:English
Published: Institute of Electrical and Electronics Engineers (IEEE), 2016-02-16T14:23:53Z.
Subjects:
Article
Online Access:Get fulltext
Description
Summary:Counterfeiting is a major problem plaguing global supply chains. While small low-cost tagging solutions for supply-chain management exist, security in the face of fault-injection [1] and side-channel attacks [2] remains a concern. Power glitch attacks [3] in particular attempt to leak key-bits by inducing fault conditions during cryptographic operation through the use of over-voltage and under-voltage conditions. This paper presents the design of a secure authentication tag with wireless power and data delivery optimized for compact size and near-field applications. Power-glitch attacks are mitigated through state backup on FeRAM based non-volatile flip-flops (NVDFFs) [4]. The tag uses Keccak [5] (the cryptographic core of SHA3) to update the key before each protocol invocation, limiting side-channel leakage to a single trace per key. Fig. 1 shows the complete system including the tag, reader, and backend server implemented in this work. Tags are seeded at manufacture and this initial seed is stored in the server database before a tag is affixed to an item. A wireless power and data transfer (WPDT) frontend harvests energy from the reader (433 MHz inductive link) and powers the on-chip authentication engine (AE). On startup the AE updates its key using a PRNG (seeded with the old key) and increments the key index. The AE then responds to the subsequent challenge, by encrypting the challenge under the new key. These challenge-response pairs can be validated by a trusted server to authenticate the tag. Additionally, the server can use the key-index to resynchronize with the tag in the event of packet loss.
Denso (Firm)
Texas Instruments Incorporated

Similar Items