Binding software to specific native hardware in a VM environment: the puf challenge and opportunity

Authors:
Mikhail J. Atallah;Eric D. Bryant;John T. Korb;John R. Rice
Affiliations:
Arxan Technologies, Inc. and Purdue University, West Lafayette, IN, USA;Arxan Technologies, Inc., Huntsville, AL, USA;Arxan Technologies, Inc. and Purdue University, West Lafayette, IN, USA;Arxan Technologies, Inc. and Purdue University, West Lafayette, IN, USA
Venue:
Proceedings of the 1st ACM workshop on Virtual machine security
Year:
2008

Citing 5
Cited 7

Applied cryptography (2nd ed.): protocols, algorithms, and source code in C

Applied cryptography (2nd ed.): protocols, algorithms, and source code in C
Watermarking, tamper-proffing, and obfuscation: tools for software protection

IEEE Transactions on Software Engineering
DES is not a Group

CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Physical unclonable functions for device authentication and secret key generation

Proceedings of the 44th annual Design Automation Conference
Offline hardware/software authentication for reconfigurable platforms

CHES'06 Proceedings of the 8th international conference on Cryptographic Hardware and Embedded Systems

Physically restricted authentication with trusted hardware

Proceedings of the 2009 ACM workshop on Scalable trusted computing
PUF ROKs: generating read-once keys from physically unclonable functions

Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
The PUF promise

TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
FPGA time-bounded unclonable authentication

IH'10 Proceedings of the 12th international conference on Information hiding
Enforcing physically restricted access control for remote data

Proceedings of the first ACM conference on Data and application security and privacy
PUF ROKs: a hardware approach to read-once keys

Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Poster: making the case for intrinsic personal physical unclonable functions (IP-PUFs)

Proceedings of the 18th ACM conference on Computer and communications security

Quantified Score

Hi-index	0.00

Visualization

Abstract

There are many practical situations in which, by policy, software is supposed to run on a specific hardware instance. This is not only useful to combat piracy, but also in national security situations, such as a battlefield loss of critical technology, where it is paramount that an enemy be unable to rehost the system on a different set of (possibly counterfeit) hardware. To achieve this binding, software vendors use techniques that can easily be foiled through virtualization: Whatever the software expected from the legitimate hardware, can instead be provided by a virtualization layer to fool the software into believing it is running on legitimate hardware. The recently demonstrated feasibility of physically unclonable functions (PUFs) make this attack somewhat harder, in that it is no longer possible to simulate the presence of the hardware in software. If PUF technology is used, carrying out this attack would require modification of the internals of the software to be fooled, a harder task but still possible with moderate effort. We present a way of using PUFs in a manner that makes it significantly harder for the attacker to carry out the attack. We also review the challenges and opportunities for virtualization that PUFs bring.