1 / 9

Authentication of Electronics for Arms Control

PNNL-SA-141759. Authentication of Electronics for Arms Control. Keith Tolk, Milagro Consulting Jacob Benz, PNNL Jennifer Tanner, PNNL. Authentication vs Certification.

livingston
Download Presentation

Authentication of Electronics for Arms Control

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. PNNL-SA-141759 Authentication of Electronics for Arms Control Keith Tolk, Milagro Consulting Jacob Benz, PNNL Jennifer Tanner, PNNL

  2. Authentication vs Certification • Authentication is performed by the inspecting party to ensure that the equipment being used accurately reflects the conditions being observed. • Certification is performed by the host party to ensure that the equipment meets their rules with respect to data security, safety, etc.

  3. Hidden Switches • Equipment can be built that will give accurate results when testing, but will give bogus results in actual use. • Any interaction with the environment can be used to trigger the switch between these modes. • No amount of functional testing will find all hidden switches.

  4. What I’ve learned in the past 30 years • Authentication is much, much more difficult than certification. • If the host supplies the equipment, it is even harder. • If the host supplies the equipment and it includes programmable devices, authentication is almost impossible.

  5. Design for Authentication • It is extremely difficult to add authentication measures to equipment that already exists. • For authentication, the equipment should be • Simple • Modular • Inspectable • Verifiable

  6. Authentication Steps • Joint design to produce equipment that will be accepted by all parties. (Keep it simple.) • Random selection of components or subassemblies. (Chain of Custody on all parts must start here.) • Private inspection of the selected parts. • Functional testing (Not really an authentication measure, but you do want to be sure it works.) • Verification that the equipment has not been altered.

  7. Verification • Once the equipment is in the facility, you can’t go back and perform all the tests you’d like to do. If it’s seen a nuclear weapon, you might not touch it again. • “Hashing” can be used to verify software integrity. • Conformal coatings can be used to detect tampering if they include a physical unclonable function (PUF).

  8. “Hashing” • “Hashing” is a cryptographic process that allows us to verify that software on an untrusted system matches the software on a trusted system. • It’s a simple process using a private key to and either a hash algorithm or an encryption algorithm to produce a message authentication code. (HMAC or CMAC)

  9. Conformal Coating • Reflective particle patterns can be used to detect tampering attempts. • Verification requires a camera and a simple fixture with multiple lights.

More Related