Lead Institution: University of Massachusetts Amherst

Project Leader: Wayne Burleson

Research Progress

• Abstract
  The project deals with security and privacy issues in emerging biosensors. This also involves developing the possible threat models and the countermeasures. The various hardware security primitives that can be a part of an implantable biosensor such as True Random Number Generators (TRNG) and Physically Unclonable Functions (PUFs) have been explored in detail using system and circuit-level techniques. In particular, the performance and security vulnerabilities have been addressed.

• Focus of the research/Market need for this project
  Biosensors are one of the major sources of health care data and hence they present unique vulnerabilities. Most of the available biosensors have been shown to be vulnerable to attacks and privacy breach. Hence, there exists a challenging need to develop unique, secure and reliable solution to address the security and privacy issues imposed by the biosensors.

• Project Aims/Goals
  The main aim of this project is to model the threats and develop security and privacy mechanisms for emerging biosensors used in implantable and disposable applications and to develop a prototype that addresses the needs.

• Key Conclusions/Significant Findings/Milestones reached/Deliverables

  • Secure Hash Function KECCAK in collaboration with Univ. of Bochum, Germany was prototyped, as a part of the Biosensor module designed at EPFL.
  • Cost-effective techniques for providing security in Biosensors using low-level primitives such as TRNG and PUFs have been explored and a prototype chip in 32nm CMOS SOI technology is currently under fabrication. The test chip is expected back in July 2014.
  • Various threat models have been developed including hardware Trojans, side-channel attacks, and fault-based attacks on TRNG, PUFs and block ciphers. A prototype demonstrating the hardware Trojan based fault injection in block ciphers is currently under progress in collaboration with ETH Zurich and is expected to be taped out in July 2014.
  • Various techniques to break the PUFs using Machine Learning and Side-channel attacks have been developed and published.

• Materials Available for Other Investigators/interested parties
  The publications that have stemmed from this task is available for public access through our website http://vcsg.ecs.umass.edu/publications.html.

• Market entry strategies
  We are working with several biomedical firms emphasizing the importance of security and privacy in their current and future devices. We have worked with Medtronic, Boston Scientific and Menarini (Italy) in our various panels and outreach efforts.

Bibliography
On Design of a Highly Secure PUF based on Non-linear Current Mirrors
Raghavan Kumar and Wayne Burleson
IEEE Symposium on Hardware Oriented Security and Trust, May 2014

Balancing Security and Utility in Medical Devices?
Masoud Rostami, Wayne Burleson, Farinaz Koushanfar, and Ari Juels.
Design Automation Conference, 2013

Stealthy Dopant-Level Hardware Trojans
Georg T. Becker, Francesco Regazzoni, Christof Paar and Wayne Burleson
Workshop on Cryptographic Hardware and Embedded Systems (CHES) Santa Barbara, USA, 2013

On-chip Lightweight Implementation of Reduced NIST Randomness Test Suite
Vikram Suresh, Daniele Antonioli, and Wayne Burleson
IEEE Symposium on Hardware-Oriented Security and Trust, 2013

Efficient E-cash in Practice: NFC-based Payments for Public Transportation Systems
Gesine Hinterwälder, Christian T. Zenger, Foteini Baldimtsi, Anna Lysyanskaya, Christof Paar, and Wayne Burleson
Privacy Enhancing Technologies Symposium (PETS), Bloomington, USA, 2013

PUF Modeling Attacks on Simulated and Silicon Data
Ulrich Rührmair, Jan Sölter, Frank Sehnke, Xiaolin Xu, Ahmed Mahmoud, Vera Stoyanova, Gideon Dror, Jürgen Schmidhuber, Wayne Burleson, and Srinivas Devadas
IEEE Trans. On Information Forensics and Security, 2013

Design Challenges for Secure Implantable Medical Devices
Benjamin Ransford, Shane Clark, Denis Foo Kune, Kevin Fu, and Wayne Burleson
S. Carrara, W. Burleson (eds.), Springer, 2013

Litho-Aware and Low Power Design of a Secure Current-Based Physically Unclonable Function
Raghavan Kumar and Wayne Burleson
IEEE Symposium on Low Power Electronics Design, 2013

PHAP: Password based Hardware Authentication using PUFs
Raghavan Kumar and Wayne Burleson
MICRO Workshops, 2012