TY - JOUR
T1 - A Smart Hardware Security Engine Combining Entropy Sources of ECG, HRV, and SRAM PUF for Authentication and Secret Key Generation
AU - Cherupally, Sai Kiran
AU - Yin, Shihui
AU - Kadetotad, Deepak
AU - Bae, Chisung
AU - Kim, Sang Joon
AU - Seo, Jae Sun
N1 - Funding Information:
Manuscript received February 1, 2020; revised April 21, 2020 and June 28, 2020; accepted July 10, 2020. Date of publication July 29, 2020; date of current version September 24, 2020. This article was approved by Guest Editor Atsushi Kawasumi. This work was supported in part by the NSF under Grant 1652866 and in part by Samsung Electronics. (Corresponding author: Sai Kiran Cherupally.) Sai Kiran Cherupally, Shihui Yin, and Jae-sun Seo are with the School of Electrical, Computer and Energy Engineering, Arizona State University, Tempe, AZ 85287 USA (e-mail: scherupa@asu.edu; jaesun.seo@asu.edu).
Publisher Copyright:
© 1966-2012 IEEE.
PY - 2020/10
Y1 - 2020/10
N2 - Securing personal data in wearable devices is becoming a crucial necessity as wearable devices are being deployed ubiquitously, which inadvertently exposes them to more sophisticated adversarial attacks. Although authentication systems using a single-entropy source, such as fingerprint or iris, are being used widely, successful spoofing attacks have been made, which show such systems' vulnerability. To mitigate these issues, new biometric modalities [e.g., electrocardiogram (ECG) and photoplethysmogram (PPG)], as well as multifactor authentication/security engine designs, are being investigated. In this work, we present a new smart hardware security engine that combines three different sources of entropy, ECG, heart rate variability (HRV), and SRAM-based physical unclonable function (PUF) to perform real-Time authentication and generate unique/random signatures. Such hybrid signatures vary person-To-person, device-To-device, and over time, which significantly reduces the scope of an attack and enables secure personal device authentication as well as secret random key generation. The prototype chip fabricated in 65-nm LP CMOS consumes 4.04\mu \text{W} at 0.6 V for real-Time authentication. Compared with ECG-only authentication, the average equal error rate of multi-source authentication is reduced by 7\times down to 0.2375% for a 741-subject in-house ECG database. The generalization capability of the hardware was also tested by evaluating equal error rate (EER) values using other ECG databases available online. Also, 256-bit keys generated by optimally combining ECG, HRV, and PUF values fully pass nine NIST randomness tests.
AB - Securing personal data in wearable devices is becoming a crucial necessity as wearable devices are being deployed ubiquitously, which inadvertently exposes them to more sophisticated adversarial attacks. Although authentication systems using a single-entropy source, such as fingerprint or iris, are being used widely, successful spoofing attacks have been made, which show such systems' vulnerability. To mitigate these issues, new biometric modalities [e.g., electrocardiogram (ECG) and photoplethysmogram (PPG)], as well as multifactor authentication/security engine designs, are being investigated. In this work, we present a new smart hardware security engine that combines three different sources of entropy, ECG, heart rate variability (HRV), and SRAM-based physical unclonable function (PUF) to perform real-Time authentication and generate unique/random signatures. Such hybrid signatures vary person-To-person, device-To-device, and over time, which significantly reduces the scope of an attack and enables secure personal device authentication as well as secret random key generation. The prototype chip fabricated in 65-nm LP CMOS consumes 4.04\mu \text{W} at 0.6 V for real-Time authentication. Compared with ECG-only authentication, the average equal error rate of multi-source authentication is reduced by 7\times down to 0.2375% for a 741-subject in-house ECG database. The generalization capability of the hardware was also tested by evaluating equal error rate (EER) values using other ECG databases available online. Also, 256-bit keys generated by optimally combining ECG, HRV, and PUF values fully pass nine NIST randomness tests.
KW - Biometric authentication
KW - SRAM
KW - electrocardiogram (ECG)
KW - feature extraction
KW - multi-factor authentication
KW - physical unclonable function (PUF)
KW - secret key generation
UR - http://www.scopus.com/inward/record.url?scp=85089397825&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85089397825&partnerID=8YFLogxK
U2 - 10.1109/JSSC.2020.3010705
DO - 10.1109/JSSC.2020.3010705
M3 - Article
AN - SCOPUS:85089397825
SN - 0018-9200
VL - 55
SP - 2680
EP - 2690
JO - IEEE Journal of Solid-State Circuits
JF - IEEE Journal of Solid-State Circuits
IS - 10
M1 - 9152094
ER -