Ponencias (Instituto de Microelectrónica de Sevilla (IMSE-CNM))
URI permanente para esta colecciónhttps://hdl.handle.net/11441/10971
Examinar
Envíos recientes
Ponencia An Educational Innovation Project Focused on the Implementation of Biometrics in Portable Devices(Institute of Electrical and Electronics Engineers, 2024-08-01) Arjona, Rosario; López González, Paula; Arcenegui Almenara, Javier; Baturone Castillo, María Iluminada; Universidad de Sevilla. Departamento de Electrónica y Electromagnetismo; Ministerio de Ciencia, Innovación y Universidades (MICIU). EspañaThis work describes an educational project that explains how to extract biometric features from biometric samples acquired with microelectronic sensors suitable for portable devices (wearables and mobile phones) by satisfying low cost and reduced size. Specifically, fingerprints, ECG (electrocardiogram) and pulse signals, faces and veins are considered as biometric traits. Acquisition methods associated with this are fingerprint sensors, ECG electrodes and pulse sensors for wearables (in this work, a Raspberry Pi), and cameras for the acquisition of faces and veins in mobile phones. Then, it is explained how features are extracted and compared using biometric recognition algorithms selected to be implemented in portable devices: the feature QFingerMap16 (QFM16) for fingerprints, ECG and pulse waves, FaceNet embeddings for faces, and SIFT (Scale Invariant Feature Transform) for veins. Finally, it is explained how the features extracted are extensively evaluated by using public databases that contain samples acquired with sensors suitable for portable devices. Theoretical and experimental material for this research line and application field are distributed in four sessions lasting 4 hours and 30 minutesPonencia Exploring Vein Biometrics on Ordinary Smartphones Using CNNs and Transfer Learning with Open and Closed Sets(Institute of Electrical and Electronics Engineers, 2024-12-11) López González, Paula; Arjona, Rosario; Baturone Castillo, María Iluminada; Universidad de Sevilla. Departamento de Electrónica y Electromagnetismo; Ministerio de Ciencia, Innovación y Universidades (MICIU). EspañaThis paper explores the feasibility of using vein recognition for biometric authentication on ordinary smartphones. A new dataset, USE-V2, consisting of 6600 vein images from dorsal hands and wrists, was collected under three different ambient conditions. Instead of designing a Convolutional Neural Network (CNN) from scratch, we used transfer learning with a pre-trained FaceNet model for extracting vein features and evaluated its performance in both open-set and closed-set scenarios with USE-V2 dataset. The recognition performance is acceptable when an open-set scenario with selection of ambient condition is considered (average EER of 5.18% for dorsal hands and 5.88% for wrists), and quite competitive for a closed-set scenario (average EER of 0.6% for dorsal hands and 0.75% for wrists). This approach paves the way for an efficient multimodal system integrating facial and vein recognition on smartphones, sharing most of the CNN layers.
Ponencia Post-quantum Secure Communication with IoT Devices Using Kyber and SRAM Behavioral and Physical Unclonable Functions (Extended Abstract)(Springer nature, 2022-12-11) Román Hajderek, Roberto; Arjona, Rosario; Baturone Castillo, María Iluminada; Universidad de Sevilla. Departamento de Electrónica y Electromagnetismo; Ministerio de Ciencia e Innovación (MICIN). EspañaFor a secure Internet-of-Things (IoT) ecosystem, not only the establishment of secure communication channels but also the authentication of devices is crucial. Authenticated key exchange protocols establish shared cryptographic keys between the parties and, in addition, authenticate their identities. Usually, the identities are based on a pair of private and public keys. Physical Unclonable Functions (PUFs) are widely used recently to bind physically the private key to a device. However, since PUFs are vulnerable to attacks, even non-invasive attacks without accessing the device, this paper proposes the use of Behavioral and Physical Unclonable Functions (BPUFs), which allow multimodal authentication and are more difficult to be virtually or physically cloned. In order to resist attacks from classic and quantum computers, this paper considers a Kyber key exchange protocol. Recently, Kyber has been selected by the Post-Quantum Cryptography standardization process of the National Institute of Standards and Technology (NIST) for key establishment protocols. In this work, we propose to strengthen a Kyber key exchange protocol with BPUFs extracted from SRAMs included in IoT devices. Experimental results prove the feasibility of the proposal in WiPy boards.Ponencia A Quantum-Resistant and Fast Secure Boot for IoT Devices Using Hash-Based Signatures and SRAM PUFs(Springer Nature, 2022-06-12) Román Hajderek, Roberto; Baturone Castillo, María Iluminada; Universidad de Sevilla. Departamento de Electrónica y Electromagnetismo; Agencia Estatal de Investigación. España; Junta de AndalucíaSecure boot is a key security feature of trusted IoT devices. In this paper, a two-stage secure boot is proposed with two benefits: quantum-resistance and fast execution. In the verification of the first stage, an HMAC is used with a secret key reconstructed from an on-chip SRAM Physical Unclonable Function (PUF) and non-sensitive Helper Data (HD). Since the SRAM cells are classified conveniently in a registration phase, a simple repetition error correcting code is employed along with small-sized Helper Data. In the second-stage verification, the IoT device verifies the application firmware with a Winternitz One-Time Signature (WOTS+), which forms part of an eXtended Merkle Signature Scheme (XMSS). The full XMSS signature can be verified externally by the user of the device. Simple instances of tweakable hash functions proposed in SPHINCS+ are used for WOTS+ and XMSS schemes. The proposal is evaluated on the ESP32 microcontroller taking advantage of its available SHA accelerator. Working at 160 MHz, the first-stage verification takes only 6.04 ms. Excluding the message hashing, the second-stage verification takes from 5.12 to 25.83 ms depending on signature parameters. Compared with the XMSS RFC8391 reference implementation, from 304 to 608 bytes are not needed to be stored in the device. For a security of 128 bits, the proposal is from 17.25 to 39.77 times faster in cycles than the Elliptic Curve Digital Signature Algorithm (ECDSA) and saves 2992 bytes of flash memory.Ponencia Sealed storage for low-cost IoT Devices: An approach using SRAM PUFs and post-quantum cryptography(Association for Computing Machinery, 2021-11-22) Román Hajderek, Roberto; Baturone Castillo, María Iluminada; Universidad de Sevilla. Departamento de Electrónica y Electromagnetismo; Agencia Estatal de Investigación. España; Junta de AndalucíaThe number of Internet of Things (IoT) devices is increasing since they can solve many problems, such as those found in healthcare or power grid. Since they are susceptible to be attacked, solutions must be explored to make them more trustworthy and, thus, increment the confidence of their users. It is common that trusted devices use secret keys to achieve confidentiality of data stored in non-volatile memory, data in transit, and to authenticate themselves to other parties. However, these keys can be compromised if an attacker takes control of the platform by exploiting some vulnerability. In this work, we propose to seal the secret keys to the platform and to a specific state, mainly associated with the memory content and determined in a development stage. The secret keys are encrypted with a Sealing Secret Key that is not stored in the device, but obfuscated with an SRAM PUF, making it more secure. When a secret key has to be sealed or unsealed, functions called seal() and unseal() are employed. They have atomic execution and are stored in a ROM memory. Their goal is to measure the state of the platform and recuperate the sealing secret key only if the measurement matches a valid one signed by the application developer. As quantum computers are emerging and future IoT devices must be resistant to attacks performed by them, we choose Dilithium and Saturnin as cryptographic primitives. Benchmarking results taken in an ESP32 microcontroller show the suitability of the proposal for an IoT device.Ponencia Rule Simplification Method Based on Covering Indexes for Fuzzy Classifiers(Institute of Electrical and Electronics Engineers Inc., 2021-08-05) Gersnoviez, Andrés; Baturone Castillo, María Iluminada; Universidad de Sevilla. Departamento de Electrónica y Electromagnetismo; Agencia Estatal de Investigación. España; Junta de AndalucíaA large number of rules increases the complexity of fuzzy classifiers and reduces the linguistic interpretability of the classification. A tabular rule simplification method that extends the Quine-McCluskey algorithm of Boolean design to fuzzy logic is analyzed in detail in this paper. The method obtains a few compound rules from many initial atomic rules. The influence of membership functions as well as t-norms and s-norms operands, which can be even null if many atomic rules are used, becomes apparent in the classification regions (decision boundaries) induced by the compound rules. Since the compound rules can be ordered according to the covering indexes that measure the number of atomic rules covered, more or less generic classification rules and rules with particular indexes can be further identified, which could ease subsequent classification or decision-making.Ponencia Auto-calibrated ring oscillator TRNG based on jitter accumulation(Institute of Electrical and Electronics Engineers, 2020-09-28) Prada Delgado, Miguel Ángel; Martínez Gómez, Cristina; Baturone Castillo, María Iluminada; Universidad de Sevilla. Departamento de Electrónica y Electromagnetismo; Agencia Estatal de Investigación. EspañaThis paper provides a mathematical model that describes how deterministic and Gaussian jitter of an oscillating signal accumulated during a time interval are related to the bits of the binary-coded count value of the oscillations. The model is employed to propose a robust TRNG that has a simple interface (an initialization signal as input and the random bits as output) and that features auto-calibration to certify high entropy of the raw bits provided as well as to work at the highest throughput allowed by the available local Gaussian noise. The mathematical analysis is confirmed with experimental results of ring oscillator (RO) TRNGs described in VHDL and implemented in the programmable logic of Zynq family Xilinx FPGAs, using either another RO or the clock of the FPGA board to control the time interval of oscillations.Ponencia Calibration of Ring Oscillator PUF and TRNG(Institute of Electrical and Electronics Engineers, 2020-10-09) Martínez Gómez, Cristina; Baturone Castillo, María Iluminada; Universidad de Sevilla. Departamento de Electrónica y Electromagnetismo; Junta de Andalucía; Agencia Estatal de Investigación. EspañaThis paper describes a circuit structure named RO-PUF-TRNG based on ring oscillators (ROs), which is able to be calibrated to perform as a physically unclonable function (PUF) and a true random number generator (TRNG) with high uniqueness, entropy, and throughput. The calibration is based on a mathematical model that describes how the PUF and TRNG response bits are related to the intrinsic variations of the fabrication process and bitstream generation (in the case of FPGAs) as well as to the Gaussian noise. The results obtained with the proposed calibration are illustrated with the large dataset of RO frequencies from 90-nm FPGAs provided in [1].Ponencia How to implement a fingerprint recognition algorithm into a wearable device(Institute of Electrical and Electronics Engineers, 2020-08-11) Arjona, Rosario; Arcenegui Almenara, Javier; Baturone Castillo, María Iluminada; Universidad de Sevilla. Departamento de Electrónica y Electromagnetismo; Agencia Estatal de Investigación. España; Junta de AndalucíaThis work describes how to implement a fingerprint recognition algorithm into an ARM Cortex-M3 microcontroller included in a Texas Instruments LaunchPad CC2650 evaluation kit. The application context is the realization of a wearable device for biometrics security. On the one hand, the students become familiar with wearable devices whose basic component is a low power microcontroller. On the other hand, the students learn about a security application based on fingerprint recognition, which employs typical operations of image processing.Ponencia Using simulink HDL Coder to implement a fingerprint recognition algorithm into an FPGA(Institute of Electrical and Electronics Engineers, 2020-08-11) Arjona, Rosario; Baturone Castillo, María Iluminada; Universidad de Sevilla. Departamento de Electrónica y Electromagnetismo; Agencia Estatal de Investigación. España; Junta de AndalucíaThis work describes a model-based hardware design flow which uses Simulink HDL Coder and Xilinx tools to implement a fingerprint recognition algorithm into a Virtex-6 FPGA. Students can learn how this automated hardware design flow reduces the time to create a prototype since only the high-level description is required. In addition, the fingerprint recognition application allows illustrating how typical processing blocks employed for image processing are used in the context of biometrics security.Ponencia Hierarchical fuzzy controllers for explicit MPC control laws: Adaptive cruise control example(Institute of Electrical and Electronics Engineers, 2020-08-26) Gersnoviez, Andres; Brox Jiménez, María; Baturone Castillo, María Iluminada; Universidad de Sevilla. Departamento de Electrónica y Electromagnetismo; Junta de Andalucía; Agencia Estatal de Investigación. EspañaThis paper presents a methodology to approximate explicit Model Predictive Control (MPC) laws by hierarchical fuzzy systems, particularly piecewise-affine hierarchical (PWAH) systems. These hierarchical controllers provide high operation speed with low cost in computational and memory resources because they are formed only by single-input and single-output (SISO) fuzzy modules connected in cascade. The methodology employs the CAD tools of Xfuzzy environment to describe, adjust, verify, and implement the controllers in a Field Programmable Gate Array (FPGA). The methodology is illustrated with the design and FPGA implementation of a hierarchical controller for a car adaptive cruise control (ACC) system. The resulting controller is better in terms of speed and FPGA resource consumption than other solutions reported in the literature.Ponencia CMOS digital design of a trusted virtual sensor(Institute of Electrical and Electronics Engineers, 2017-11-30) Martínez Rodríguez, Macarena Cristina; Prada Delgado, Miguel Ángel; Brox Jiménez, Piedad; Baturone Castillo, María Iluminada; Universidad de Sevilla. Departamento de Electrónica y Electromagnetismo; Ministerio de Economía y Competitividad (MINECO). España; Consejo Superior de Investigaciones Científicas (CSIC)This work presents the digital design of a trusted virtual sensor. The virtual sensor implements a piecewise-affine (PWA)-based model to estimate the sensed variable. The measurement is authenticated with the keyed-hash message authentication code (HMAC) standard. To ensure the integrity of the sensor, the static random access memory (SRAM) required by the sensor is also used as physical unclonable function (PUF). Implementation results of the design in a 90-nm CMOS technology show that the security blocks occupy 5.1% of the area occupied by the required PWA blocks and consume 15.4% of the power consumed by the required PWA blocks. The sensor is able to provide trusted outputs in 106.3 microseconds when working at 100 MHz.Ponencia Trustworthy firmware update for Internet-of-Thing Devices using physical unclonable functions(Institute of Electrical and Electronics Engineers, 2017-08-24) Prada Delgado, Miguel Ángel; Vázquez Reyes, A.; Baturone Castillo, María Iluminada; Universidad de Sevilla. Departamento de Electrónica y Electromagnetismo; Ministerio de Economía y Competitividad (MINECO). EspañaConnected devices that are part of the so-called Internet of Things (IoT) need to update their firmware over their lifetime. The problem is that updates can be used by attackers to inject malicious code. This work presents a lightweight protocol to update each device in a secure way. The cryptographic keys employed are fresh and are not stored but reconstructed by exploiting the Physical Unclonable Functions (PUFs) of the device hardware. The feasibility of the proposal is illustrated with experimental results of IoT devices that use the SRAM PUFs in their Bluetooth Low Energy (BLE) system on chips.Ponencia Physical unclonable keys for smart lock systems using Bluetooth Low Energy(Institute of Electrical and Electronics Engineers, 2016-12-22) Prada Delgado, Miguel Ángel; Vázquez Reyes, A.; Baturone Castillo, María Iluminada; Universidad de Sevilla. Departamento de Electrónica y Electromagnetismo; Ministerio de Economía y Competitividad (MINECO). EspañaNowadays, several smart lock systems use Bluetooth Low Energy (BLE) to stablish a wireless communication between the physical key (key fob, card, smartphone, etc.) and the lock. Security is based on creating and storing secret digital keys to establish a cryptographically secure communication. The problem is that several attacks can break such security, particularly the copy of the physical key. In order to increase the difficulty of the attacks, the physical keys described in this paper do not store the secret cryptographic keys but reconstruct them when they are needed and remove them when they are not used. Only the trusted physical keys are able to reconstruct the secrets with the public data stored in them. This is possible by using the start-up values of the SRAM in the BLE chip of the physical key, which acts as a physical unclonable function (PUF), so that if the physical key is copied, the lock cannot be opened. The idea has been proven with the development of a smart lock system with key fobs based on the CC2541 BLE system on chip from Texas Instruments. Experimental results are included to illustrate the performance.Ponencia Programmable ASICs for model predictive control(Institute of Electrical and Electronics Engineers, 2015-06-18) Martínez Rodríguez, Macarena Cristina; Brox Jiménez, Piedad; Tena Sánchez, Erica; Acosta Jiménez, Antonio José; Baturone Castillo, María Iluminada; Universidad de Sevilla. Departamento de Electrónica y Electromagnetismo; Universidad de Sevilla. Departamento de Tecnología Electrónica; Ministerio de Economía y Competitividad (MINECO). España; Consejo Superior de Investigaciones Científicas (CSIC)Two configurable and programmable ASICs that implement piecewise-affine (PWA) functions have been designed in TSMC 90-nm technology in response to industry demands for embedded, fast response time, and low power solutions for Model Predictive Control (MPC). An automated model-based design flow can extract the parameters necessary for the configuration and the programming of both ASICs. Two application examples in the automotive field illustrate the design flow and the behavior of the ASICs.Ponencia Combining CRYSTALS-Kyber Homomorphic Encryption with Garbled Circuits for Biometric Authentication(Institute of Electrical and Electronics Engineers, 2024-12-11) Arjona, Rosario; Franco Moreno, Claudia; Román Hajderek, Roberto; Baturone Castillo, María Iluminada; Universidad de Sevilla. Departamento de Electrónica y Electromagnetismo; Agencia Estatal de Investigación. EspañaBiometric data are sensitive according to personal data regulations and ISO/IEC 24745. In a biometric recognition system, biometric data should be protected from their generation to their comparison. In this work, we combine postquantum homomorphic encryption using CRYSTALS-Kyber (the base post-quantum algorithm of the FIPS 203 standard for module-lattice-based key-encapsulation mechanism, recently approved by the NIST) with Garbled Circuits, which allow different parties to compute the result of an operation from private inputs. We propose a protected biometric authentication scheme in which homomorphic encryption with CRYSTALS-Kyber public-key encryption computes the difference between the reference and a query, and a Garbled Circuit (GC) performs the comparison with a threshold. Two GC frameworks, TinyGarble (based on Verilog) and TinyGarble2 (based on C++), are employed to design a privacy-preserving face authentication system with FaceNet embeddings. The two frameworks are compared in terms of design and computation costs. In any case, the authentication takes, approximately, 0.5 seconds.Ponencia Hardware Security for eXtended Merkle Signature Scheme Using SRAM-based PUFs and TRNGs(Institute of Electrical and Electronics Engineers Inc., 2020-12-18) Román Hajderek, Roberto; Arjona, Rosario; Arcenegui Almenara, Javier; Baturone Castillo, María Iluminada; Universidad de Sevilla. Departamento de Electrónica y Electromagnetismo; Agencia Estatal de Investigación. España; Junta de AndalucíaDue to the expansion of the Internet of Things (IoT), there is an increasing number of interconnected devices around us. Integrity, authentication and non-repudiation of data exchanged between them is becoming a must. This can be achieved by means of digital signatures. In recent years, the eXtended Merkle Signature Scheme (XMSS) has gained popularity in embedded systems because of its simple implementation, post-quantum security, and minimal security assumptions. From a hardware point of view, the security of digital signatures strongly depends on how the private keys are generated and stored. In this work, we propose the use of SRAMs as True Random Generators (TRNGs) and Physically Unclonable Functions (PUFs) to generate and reconstruct XMSS keys in a trusted way. We achieve a low-cost solution that only adds lightweight operations to the signature itself, such as repetition decoding and XORing, and does not require additional hardware (like secure non-volatile memories) since the manufacturing variations of the SRAM inside the IoT device are exploited. As a proof of concept, the solution was implemented in an IoT board based on the ESP32 microcontroller.Ponencia Secure management of IoT devices based on blockchain non-fungible tokens and physical unclonable functions(Springer Nature, 2020-10) Arcenegui Almenara, Javier; Arjona, Rosario; Baturone Castillo, María Iluminada; Universidad de Sevilla. Departamento de Electrónica y Electromagnetismo; Agencia Estatal de Investigación. España; Junta de AndalucíaOne of the most extended applications of blockchain technologies for the IoT ecosystem is the traceability of the data and operations generated and performed, respectively, by IoT devices. In this work, we propose a solution for secure management of IoT devices that participate in the blockchain with their own blockchain accounts (BCAs) so that the IoT devices themselves can sign transactions. Any blockchain participant (including IoT devices) can obtain and verify information not only about the actions or data they are taking but also about their manufacturers, managers (owners and approved), and users. Non Fungible Tokens (NFTs) based on the ERC-721 standard are proposed to manage IoT devices as unique and indivisible. The BCA of an IoT device, which is defined as an NFT attribute, is associated with the physical device since the secret seed from which the BCA is generated is not stored anywhere but a Physical Unclonable Function (PUF) inside the hardware of the device reconstructs it. The proposed solution is demonstrated and evaluated with a low-cost IoT device based on a Pycom Wipy 3.0 board, which uses the internal SRAM of the microcontroller ESP-32 as PUF. The operations it performs to reconstruct its BCA in Ethereum and to carry out transactions take a few tens of milliseconds. The smart contract programmed in Solidity and simulated in Remix requires low gas consumption.Ponencia A Dual-Factor Access Control System Based on Device and User Intrinsic Identifiers(IEEE, 2016-12) Arjona, Rosario; Baturone Castillo, María Iluminada; Universidad de Sevilla. Departamento de Electrónica y ElectromagnetismoThis paper proposes an access control system based on the simultaneous authentication of what the user has and who the user is. At enrollment phase, the wearable access device (a smart card, key fob, etc.) stores a template that results from the fusion of the intrinsic device identifier and the user biometric identifier. At verification phase, both the device and user identifiers are extracted and matched with the stored template. The device identifier is generated from the start-up values of the SRAM in the device hardware, which are exploited as a Physically Unclonable Function (PUF). Hence, if the device hardware is cloned, the authentic identifier is not generated. The user identifier is obtained from level-1 fingerprint features (directional image and singular points), which are extracted from the fingerprint images captured by the sensor in the access device. Hence, only genuine users with genuine devices are authorized to access and no sensitive information is stored or travels outside the access device. The proposal has been validated by using 560 fingerprints acquired in live by an optical sensor and 560 SRAM-based identifiers.Ponencia Dedicated Hardware IP Module for Fingerprint Recognition(IEEE, 2015-08-06) Martínez Rodríguez, Macarena Cristina; Arjona, Rosario; Brox Jiménez, Piedad; Baturone Castillo, María Iluminada; Universidad de Sevilla. Departamento de Electrónica y Electromagnetismo; Gobierno de España; European Commission (EC). Fondo Europeo de Desarrollo Regional (FEDER); Universidad de SevillaThis work presents a dedicated hardware IP module for fingerprints recognition based on a feature, named QFingerMap, which is very suitable for VLSI design. FPGA implementation results of the IP module are given. A demonstrator has been developed to evaluate the IP module behavior in a real scenario.