Artículos (Instituto de Microelectrónica de Sevilla (IMSE-CNM))

URI permanente para esta colecciónhttps://hdl.handle.net/11441/10969

Examinar

Examinando Artículos (Instituto de Microelectrónica de Sevilla (IMSE-CNM)) por Autor "Arjona, Rosario"

Seleccione resultados tecleando las primeras letras
Mostrando 1 - 8 de 8
  • Miniatura
    Acceso AbiertoArtículo
    A quantum-safe authentication scheme for IoT devices using homomorphic encryption and weak physical unclonable functions with no helper data
    (Elsevier, 2024-12) Román Hajderek, Roberto; Arjona, Rosario; Baturone Castillo, María Iluminada; Universidad de Sevilla. Departamento de Electrónica y Electromagnetismo; Ministerio de Ciencia e Innovación (MICIN). España; European Union (UE); Ministerio de Transformacion Digital y Función Pública. España
    Physical Unclonable Functions (PUFs) are widely used to authenticate electronic devices because they take advantage of random variations in the manufacturing process that are unique to each device and cannot be cloned. Therefore, each device can be uniquely identified and counterfeit devices can be detected. Weak PUFs, which support a relatively small number of challenge-response pairs (CRPs), are simple and easy to construct. Device authentication with weak PUFs typically uses helper data to obfuscate and recover a cryptographic key that is then required by a cryptographic authentication scheme. However, these schemes are vulnerable to helper-data attacks and many of them do not protect conveniently the PUF responses, which are sensitive data, as well as are not resistant to attacks performed by quantum computers. This paper proposes an authentication scheme that avoids the aforementioned weaknesses by not using helper data, protecting the PUF response with a quantum-safe homomorphic encryption, and by using a two-server setup. Specifically, the CRYSTALS-Kyber public key cryptographic algorithm is used for its quantum resistance and suitability for resource-constrained Internet-of-Things (IoT) devices. The practicality of the proposal was tested on an ESP32 microcontroller using its internal SRAM as a SRAM PUF. For PUF responses of 512 bits, the encryption execution time ranges from 16.41 ms to 41.08 ms, depending on the desired level of security. In terms of memory, the device only needs to store between 800 and 1,568 bytes. This makes the solution post-quantum secure, lightweight and affordable for IoT devices with limited computing, memory, and power resources.
  • Miniatura
    Acceso AbiertoPonencia
    Demonstrator of a fingerprint recognition algorithm into a low-power microcontroller
    (IEEE, 2017-11) Arcenegui Almenara, Javier; Arjona, Rosario; Baturone Castillo, María Iluminada; Universidad de Sevilla. Departamento de Electrónica y Electromagnetismo
    A demonstrator has been developed to illustrate the performance of a lightweight fingerprint recognition algorithm based on the feature QFingerMap16, which is extracted from a window of the directional image centered at the convex core of the fingerprint. The algorithm has been implemented into a lowpower ARM Cortex-M3 microcontroller included in a Texas Instruments LaunchPad CC2650 evaluation kit. It has been also implemented in a Raspberry Pi 2 so as to show the results obtained at the successive steps of the recognition process with the aid of a Graphical User Interface (GUI). The algorithm offers a good tradeoff between power consumption and recognition accuracy, being suitable for authentication on wearables.
  • Miniatura
    Acceso AbiertoArtículo
    Evaluation of a Vein Biometric Recognition System on an Ordinary Smartphone
    (MDPI, 2022) López González, Paula; Baturone Castillo, María Iluminada; Hinojosa, Mercedes; Arjona, Rosario; Universidad de Sevilla. Departamento de Electrónica y Electromagnetismo; Ministerio de Ciencia e Innovación (MICIN). España; European Commission (EC). Fondo Europeo de Desarrollo Regional (FEDER); Consejería de Transformación Económica, Industria, Conocimiento y Universidades de la Junta de Andalucía
    Nowadays, biometrics based on vein patterns as a trait is a promising technique. Vein patterns satisfy universality, distinctiveness, permanence, performance, and protection against circumvention. However, collectability and acceptability are not completely satisfied. These two properties are directly related to acquisition methods. The acquisition of vein images is usually based on the absorption of near-infrared (NIR) light by the hemoglobin inside the veins, which is higher than in the surrounding tissues. Typically, specific devices are designed to improve the quality of the vein images. However, such devices increase collectability costs and reduce acceptability. This paper focuses on using commercial smartphones with ordinary cameras as potential devices to improve collectability and acceptability. In particular, we use smartphone applications (apps), mainly employed for medical purposes, to acquire images with the smartphone camera and improve the contrast of superficial veins, as if using infrared LEDs. A recognition system has been developed that employs the free IRVeinViewer App to acquire images from wrists and dorsal hands and a feature extraction algorithm based on SIFT (scale-invariant feature transform) with adequate pre- and post-processing stages. The recognition performance has been evaluated with a database composed of 1000 vein images associated to five samples from 20 wrists and 20 dorsal hands, acquired at different times of day, from people of different ages and genders, under five different environmental conditions: day outdoor, indoor with natural light, indoor with natural light and dark homogeneous background, indoor with artificial light, and darkness. The variability of the images acquired in different sessions and under different ambient conditions has a large influence on the recognition rates, such that our results are similar to other systems from the literature that employ specific smartphones and additional light sources. Since reported quality assessment algorithms do not help to reject poorly acquired images, we have evaluated a solution at enrollment and matching that acquires several images subsequently, computes their similarity, and accepts only the samples whose similarity is greater than a threshold. This improves the recognition, and it is practical since our implemented system in Android works in real-time and the usability of the acquisition app is high.
  • Miniatura
    Acceso AbiertoArtículo
    Non-Fungible Tokens Based on ERC-4519 for the Rental of Smart Homes
    (Multidisciplinary Digital Publishing Institute (MDPI), 2023) Arcenegui Almenara, Javier; Arjona, Rosario; Baturone Castillo, María Iluminada; Universidad de Sevilla. Departamento de Electrónica y Electromagnetismo; Ministerio de Ciencia e Innovación (MICIN). España
    The rental of houses is a common economic activity. However, there are many inconveniences that arise when renting a property. The lack of trust between the landlord and the tenant due to fraud or squatters makes it necessary to involve third parties to minimize risk. A blockchain (such as Ethereum) provides an ideal solution to act as a low-cost intermediary. This paper proposes the use of non-fungible tokens (NFTs) based on ERC-4519 for smart home tokenization. The ERC-4519 is an Ethereum standard for describing NFTs tied to physical assets, allowing smart homes (assets) to be linked to NFTs so that the smart homes can interact with the blockchain and perform transactions, know their landlord (owner) and assigned tenant (user), whether they are authenticated or not, and know their operating mode (NFT state). The payments associated with the rental process are made using the NFT, eliminating the need for additional fungible tokens and simplifying the process. The entire rental process is described and illustrated with a proof of concept using a Pycom Wipy 3.0 as a smart home gateway and a smart contract programmed in Solidity, which is deployed on the Goerli Testnet for Ethereum. Experimental results show that the smart home gateway takes a few tens of milliseconds to complete a transaction, and the transaction costs of the relevant functions of the smart contract are quite affordable.
  • Miniatura
    Acceso AbiertoArtículo
    Post-quantum biometric authentication based on homomorphic encryption and classic McEliece
    (MDPI, 2023-01) Arjona, Rosario; López González, Paula; Román Hajderek, Roberto; Baturone Castillo, María Iluminada; Universidad de Sevilla. Departamento de Electrónica y Electromagnetismo; Ministerio de Ciencia e Innovación (MICIN). España; Agencia Estatal de Investigación. España; European Union (UE)
    Homomorphic encryption is a powerful mechanism that allows sensitive data, such as biometric data, to be compared in a protected way, revealing only the comparison result when the private key is known. This is very useful for non-device-centric authentication architectures with clients that provide protected data and external servers that authenticate them. While many reported solutions do not follow standards and are not resistant to quantum computer attacks, this work proposes a secure biometric authentication scheme that applies homomorphic encryption based on the Classic McEliece public-key encryption algorithm, which is a round 4 candidate of the NIST post-quantum standardization process. The scheme applies specific steps to transform the features extracted from biometric samples. Its use is proposed in a non-device-centric biometric authentication architecture that ensures user privacy. Irreversibility, revocability and unlinkability are satisfied and the scheme is robust to stolen-device, False-Acceptance Rate (FAR) and similarity-based attacks as well as to honest-but-curious servers. In addition to the security achieved by the McEliece system, which remains stable over 40 years of attacks, the proposal allows for very reduced storage and communication overheads as well as low computational cost. A practical implementation of a non-device-centric facial authentication system is illustrated based on the generation and comparison of protected FaceNet embeddings. Experimental results with public databases show that the proposed scheme improves the accuracy and the False-Acceptance Rate of the unprotected scheme, maintaining the False-Rejection Rate, allows real-time execution in clients and servers for Classic McEliece security parameter sets of 128 and 256 bits (mceliece348864 and mceliece6688128, respectively), and reduces storage requirements in more than 90.5% compared to the most reduced-size homomorphic encryption-based schemes with post-quantum security reported in the literature. © 2023 by the authors.
  • Miniatura
    Acceso AbiertoArtículo
    Secure combination of iot and blockchain by physically binding iot devices to smart non-fungible tokens using pufs
    (Multidisciplinary Digital Publishing Institute (MDPI), 2021) Arcenegui Almenara, Javier; Arjona, Rosario; Román Hajderek, Roberto; Baturone Castillo, María Iluminada; Universidad de Sevilla. Departamento de Electrónica y Electromagnetismo
    Non-fungible tokens (NFTs) are widely used in blockchain to represent unique and non-interchangeable assets. Current NFTs allow representing assets by a unique identifier, as a possession of an owner. The novelty introduced in this paper is the proposal of smart NFTs to represent IoT devices, which are physical smart assets. Hence, they are also identified as the utility of a user, they have a blockchain account (BCA) address to participate actively in the blockchain transactions, they can establish secure communication channels with owners and users, and they operate dynamically with several modes associated with their token states. A smart NFT is physically bound to its IoT device thanks to the use of a physical unclonable function (PUF) that allows recovering its private key and, then, its BCA address. The link between tokens and devices is difficult to break and can be traced during their lifetime, because devices execute a secure boot and carry out mutual authentication processes with new owners and users that could add new software. Hence, devices prove their trusted hardware and software. A whole demonstration of the proposal developed with ESP32-based IoT devices and Ethereum blockchain is presented, using the SRAM of the ESP32 microcontroller as the PUF.
  • Miniatura
    Acceso AbiertoPonencia
    Securing Minutia Cylinder Codes for Fingerprints through Physically Unclonable Functions: An Exploratory Study
    (IEEE, 2018-07-16) Arjona, Rosario; Prada Delgado, Miguel Ángel; Baturone Castillo, María Iluminada; Ross, Arun; Ministerio de Economía y Competitividad (MINECO). España; European Commission (EC). Fondo Europeo de Desarrollo Regional (FEDER); Consejo Superior de Investigaciones Científicas (CSIC); National Science Foundation (NSF). United States; Universidad de Sevilla
    A number of personal devices, such as smartphones, have incorporated fingerprint recognition solutions for user authentication purposes. This work proposes a dual-factor fingerprint matching scheme based on P-MCCs (Protected Minutia Cylinder-Codes) generated from fingerprint images and PUFs (Physically Unclonable Functions) generated from device SRAMs (Static Random Access Memories). Combining the fingerprint identifier with the device identifier results in a secure template satisfying the discriminability, irreversibility, revocability, and unlinkability properties, which are strongly desired for data privacy and security. Experiments convey the benefits of the proposed dual-factor authentication mechanism in enhancing the security of personal devices that utilize biometric authentication schemes.
  • Miniatura
    Acceso AbiertoArtículo
    Trusted Cameras on Mobile Devices Based on SRAM Physically Unclonable Functions
    (MDPI, 2018) Arjona, Rosario; Prada Delgado, Miguel Ángel; Arcenegui Almenara, Javier; Baturone Castillo, María Iluminada; Universidad de Sevilla. Departamento de Electrónica y Electromagnetismo; Ministerio de Ciencia e Innovación (MICIN). España
    Nowadays, there is an increasing number of cameras placed on mobile devices connected to the Internet. Since these cameras acquire and process sensitive and vulnerable data in applications such as surveillance or monitoring, security is essential to avoid cyberattacks. However, cameras on mobile devices have constraints in size, computation and power consumption, so that lightweight security techniques should be considered. Camera identification techniques guarantee the origin of the data. Among the camera identification techniques, Physically Unclonable Functions (PUFs) allow generating unique, distinctive and unpredictable identifiers from the hardware of a device. PUFs are also very suitable to obfuscate secret keys (by binding them to the hardware of the device) and generate random sequences (employed as nonces). In this work, we propose a trusted camera based on PUFs and standard cryptographic algorithms. In addition, a protocol is proposed to protect the communication with the trusted camera, which satisfies authentication, confidentiality, integrity and freshness in the data communication. This is particularly interesting to carry out camera control actions and firmware updates. PUFs from Static Random Access Memories (SRAMs) are selected because cameras typically include SRAMs in its hardware. Therefore, additional hardware is not required and security techniques can be implemented at low cost. Experimental results are shown to prove how the proposed solution can be implemented with the SRAM of commercial Bluetooth Low Energy (BLE) chips included in the communication module of the camera. A proof of concept shows that the proposed solution can be implemented in low-cost cameras.