Copyright AIM INFRAROT-MODULE GmbH AIM AIM INFRAROT-MODULE GmbH Security SVGA Image Sensor VISION...
-
Upload
melissa-harvey -
Category
Documents
-
view
218 -
download
0
Transcript of Copyright AIM INFRAROT-MODULE GmbH AIM AIM INFRAROT-MODULE GmbH Security SVGA Image Sensor VISION...
Copyright AIM INFRAROT-MODULE GmbH
AIM
AIM INFRAROT-MODULE GmbHAIM INFRAROT-MODULE GmbH
Security SVGA Image Sensor
VISION 2005, Dr. P. Stifter
SPIE 2005, 26,09.05Copyright AIM INFRAROT-MODULE GmbH
AIM
INTRODUCTION
SYSTEM DESIGN
MIXED SIGNAL
AUTHENTICATION
Transition Real World Virtual World
Some of our real world aspects are mapped into a digital representation and stored in large databases. The digital identity has to be protected !
FR
Software
SPIE 2005, 26,09.05Copyright AIM INFRAROT-MODULE GmbH
AIM
INTRODUCTION
SYSTEM DESIGN
MIXED SIGNAL
AUTHENTICATION
Application Scenario of optical Sensors
Ethernet
Video Surveillance
SecVGA-1
Face Recognition
SecVGA-3
Video Surveillance
SecVGA-2
Biometric Server Video Server
Ethernet based physical layer with TCP/IP as a transport and routing layer.
Sensors capture images, generate sensitive data and transfer data packets over an open and insecure channel to dedicated servers
SPIE 2005, 26,09.05Copyright AIM INFRAROT-MODULE GmbH
AIM
INTRODUCTION
SYSTEM DESIGN
MIXED SIGNAL
AUTHENTICATION
Secure Sensor Design
Requirements:
• Data Authentication
Authentication ProtocolCryptographic Checksum (MAC)Cryptographic hardware modules
• Usage of publicly known and proven algorithms
• Secret Unique Identifier
Key storage
Key programming
SPIE 2005, 26,09.05Copyright AIM INFRAROT-MODULE GmbH
AIM
INTRODUCTION
SYSTEM DESIGN
MIXED SIGNAL
AUTHENTICATION
System Design
large and busy digital core
Active Pixel Array
Column Decoder
Ro
w D
eco
de
r
Column Sample & Hold
Amplifier / ADC
SystemBus
TimingGenerator
CryptoUnit MainControl
RAM I2C
EEPROM
da
ta[9
:0]
SCL
SDA
dataOut[9:0]
PCLK
LSync
FSync
dataB
addrB
SPIE 2005, 26,09.05Copyright AIM INFRAROT-MODULE GmbH
AIM
INTRODUCTION
SYSTEM DESIGN
MIXED SIGNAL
AUTHENTICATION
Floorplan
Problem: CMOS imager is susceptible to various noise sources.
Noise level is increased by the activity of the digital core.
SPIE 2005, 26,09.05Copyright AIM INFRAROT-MODULE GmbH
AIM
INTRODUCTION
SYSTEM DESIGN
MIXED SIGNAL
AUTHENTICATION
Mixed Signal Design
• Most prominent noise: FPN
• Modules on the same substrate
Use CDS
Separation with multiple guard rings
Differential signal lines
Large blocking capacitors
• Signal integrity
• Stable reference voltages
SPIE 2005, 26,09.05Copyright AIM INFRAROT-MODULE GmbH
AIM
INTRODUCTION
SYSTEM DESIGN
MIXED SIGNAL
AUTHENTICATION
Key Storage
Selection between Polysilicon fuses or EEPROM cells
D-Matrix Pro
Poly
silicon
EEPROM
cells
Con
Simple interface External programming voltage
Not buried under metal layers
Burn-through process may damage pixel
Buried under shielded metal layer
No external access, on-chip charge pump
Encapsulation
Hardware overhead: controller
SPIE 2005, 26,09.05Copyright AIM INFRAROT-MODULE GmbH
AIM
INTRODUCTION
SYSTEM DESIGN
MIXED SIGNAL
AUTHENTICATION
ChecksumAuthentication
Operational Flow
Start
Send Challenge
))(()~
( fEE KK
Read Response
))~
(()'( 1 fEE KK
Read Image x
)(xCCK
Recalculate Checksum
)(' xCCK
'Set Alarm
y
n
Stop
)()( ' xCCxCC KK
y
n
Accept Image
IndicateManipulation
SPIE 2005, 26,09.05Copyright AIM INFRAROT-MODULE GmbH
AIM
INTRODUCTION
SYSTEM DESIGN
MIXED SIGNAL
AUTHENTICATION
Data Protection
Data transfer with TCP/IP can be easily manipulated in the context of raw sockets. Application of cryptographic methods (MAC) protects against bit manipulations and faked identities
nEkK
nx
nc
Block cipher E of length n encrypt the message x to the cipher text c with key K of length k.
SPIE 2005, 26,09.05Copyright AIM INFRAROT-MODULE GmbH
AIM
INTRODUCTION
SYSTEM DESIGN
MIXED SIGNAL
AUTHENTICATION
Data Protection
Data transfer with TCP/IP can be easily manipulated in the context of raw sockets. Application of cryptographic methods (MAC) protects against bit manipulations and faked identities
MacDES
(1) Padding
(2) Splitting
E
E
1K
)( 2K (3) Initial Transformation
E E
1x tx
1K 1K
1H 2H 1tH
(4) Iteration
E2K
),(21 , xMAC KK
(5) Output Transformation
SPIE 2005, 26,09.05Copyright AIM INFRAROT-MODULE GmbH
AIM
INTRODUCTION
SYSTEM DESIGN
MIXED SIGNAL
AUTHENTICATION
Conclusion
• One can obtain real end-point security on open and insecure data channels.
• On-chip cryptographic module provide real-time encryption and secure key storage.
• Challenge/Response method give any host in possession of the secret key the assurance of the data origin.
• Even a single bit manipulation is detectable.
• On-chip integration provides a high protection level against key recovery attacks.