System Bits: May 5

Fighting counterfeiting with fingerprints; FPGA security; beating the gamers.


Fight counterfeiting with fingerprint chips
Given that no two human fingerprints are exactly alike, an MIT spinout uses random variations in silicon chips as authentication identifiers for consumer products.

Silicon chips are similar as manufacturing processes cause microscopic variations in chips that are unpredictable, permanent, and effectively impossible to clone.

MIT spinout Verayo is using these unclonable variations to “fingerprint” silicon chips used in consumer-product tags — which can then be scanned via mobile device and authenticated — to aid in the fight against worldwide counterfeiting.

Srini Devadas, the Edwin Sibley Webster Professor in MIT’s Department of Electrical Engineering and Computer Science, and Verayo’s co-founder and chief scientist said this is low-cost authentication using ‘silicon biometrics.’

One of Devadas's early PUF-enabled circuits, labeled with the name “Harold." When this circuit was scanned with a custom reader, its name would pop up on a computer screen. (Source: MIT)

One of Devadas’s early PUF-enabled circuits, labeled with the name “Harold.” When this circuit was scanned with a custom reader, its name would pop up on a computer screen. (Source: MIT)

The technology is based on Devadas’ research into these variations within silicon chips, called “physical unclonable functions” (PUFs), which cause minute speed differences in a chip’s response to electrical signals. It assigns manufactured chips sets of 128-bit numbers — based on these speed differences — that are stored in a database in the cloud. Integrated into radio frequency identification (RFID) tags, the chips can be scanned by a mobile device or reader that will query the database to determine if the tag is authentic. A different 128-bit number is used for each authentication.

FPGA security
Georgia Tech Research Institute (GTRI) researchers are studying a range of security challenges involving programmable logic devices – in particular, field programmable gate arrays (FPGAs).

While FPGAs bring benefits because of their ability to be reconfigured, they do come with potential vulnerabilities in that the very configurability of an FPGA can be used to compromise its security. The slightest tweak, accidental or malicious, to the internal configuration of a programmable device can drastically affect its functionality. Conversely, when security and trust assurances can be established for these devices, they can provide increased, higher-performance resilience against cyber attacks than difficult-to-assure software-based protections.

The Georgia Tech researchers have identified multiple issues that could become serious threats as these devices become increasingly common. One is that because they are programmable and tightly couple software and hardware interfaces, there’s concern they may introduce a whole new class of vulnerabilities compared to other microelectronic devices. This opens the possibility of entirely new attack vectors to consider, ones that lie outside the traditional computer security mindset since conventional protections like software or network-based security measures could be undermined by altering the logic of a system utilizing programmable devices.

To provide assurance in programmable logic designs, the team is developing multiple techniques, such as:
• Innovative visualization methods that enable displaying/identifying/navigating patterns in massive logic designs that could include hundreds of thousands of nodes and connections;
• Applications of high-level formal analysis tools, which aid the validation and verification process;
• System-level computer simulations focused on emulating how heterogeneous microelectronics like FPGAs function alongside other system components.

They are also engaged in other areas of research that support design security analysis, including exact- and fuzzy-pattern matching, graph analytics, machine learning / emergent behavior, logic reduction, waveform simulation, and large graph visualization, among other activities.

Beating gamers’ super-quick motions
In a successful example of collaboration between research and industry, an EPFL post-doctoral researcher at Logitech has developed an algorithm that gives a computer mouse a nearly-unlimited tracking speed.

The technology is based on the combining of an optical sensor with a system based on accelerometers and gyroscopes.

From the outside, this powerful device looks like a conventional mouse, and while it responds like a normal mouse, it can track the user movements – up to at least five times the rate tolerated by its competitors. This ‘supermouse’ is designed for amateur gamers and champions of professional e-sports alike. Caught up in the action, gamers could actually perform very rapid movements with frequent direction changes — pushing an optical mouse to its limits.

(Source: EPFL)

(Source: EPFL)

The designer of this competitive mouse, Arash Salarian, worked in 2010 at the Laboratory of Movement Analysis and Measurement (LMAM) developing an all-terrain mouse that would work as effectively on a mousepad as on glass or any other surface.

Further, while gamers appreciate a substantial difference in the fluidity of action when using this type of equipment, it is very likely that it supports an even greater speed, Salarian said, who now works at Logitech. “The limit we measured only corresponds to the upper limit of test instruments.”

Interestingly, the measurement tools traditionally used to calibrate the mouse are insufficient for measuring such high speeds: another EPFL lab (LASA) that certified the test equipment specifically developed by Logitech.