NoisFre: Noise-Tolerant Memory Fingerprints from Commodity Devices for Security Functions

Citation Author(s):
Yang
Su
The University of Adelaide
Yansong
Gao
Nanjing University of Science and Technology
Surya
Nepal
CSIRO Data61
Damith C.
Ranasinghe
The University of Adelaide
Submitted by:
Yang Su
Last updated:
Sun, 10/17/2021 - 06:23
DOI:
10.21227/ktc9-x515
Data Format:
License:
0
0 ratings - Please login to submit your rating.

Abstract 

Device fingerprints are extremely attractive hardware security functions for anti-counterfeiting, device identification and authentication, two-factor authentication and so on. Given the ubiquity of memory in commodity electronic devices, fingerprinting memory is a compelling proposition, especially for low-end Internet of Things (IoT) devices where cryptographic modules are often unavailable. However, fingerprints in security functions are challenged by the inexact reproductions of fingerprints from the same device at different time instances due to various noise sources causing small but unpredictable variations in fingerprints measurements. Our study formulates a novel and pragmatic approach to achieve the elusive goal of affording highly reliable fingerprints from device memories. We investigate the transformation of raw fingerprints into a noise-tolerant space where the generation of fingerprints from memory biometrics is intrinsically highly reliable. Further, we derive formal performance bounds to support practitioners to adopt our methods for practical applications. Subsequently, we demonstrate the expressive power of our formalization by using it to investigate the practicability of extracting noise-tolerant fingerprints from commodity devices. We have employed a set of 38 memory chips including SRAM, Flash and EEPROM ubiquitously embedded in low-end commodity devices from 6 different manufacturers for experimental validations. Our results demonstrate that noise-tolerant fingerprints---achieving a key failure rate less than 10e-6---can always be efficiently afforded from tested memories with a single fingerprint snap-shot enrollment. Further, we employ a low-cost wearable Bluetooth inertial sensor and demonstrate a practical, end-to-end implementation of a remote attestation security function built upon a root key from noise-tolerant SRAM fingerprints generated on demand and at run-time.

Instructions: 

Folder organization

NoisFre_dataset
-<CHIPID>
--<TEMPERATURE>
---TEST_<REPEATS>.bin

Data Collection Description

The bin file contains the start-up states of the whole 64 KiB SRAM block inside the nRF52832 Versatile Bluetooth 5.2 SoC.
An interested reader can find more detail about the evaluated chip in the datasheet in the root folder.
The test was taken at three temperatures -15°C, 25°C and 80°C, with 100 repeats at each temperature.

Reference:
[1] Gao, Y., Su, Y., Nepal, S., & Ranasinghe, D. C. "NoisFre: Noise-Tolerant Memory Fingerprints from Commodity Devices for Security Functions." arXiv preprint arXiv:2109.02942, September 2021.