Glitter PUF: A Passive Physical Anti-Tamper PUF Based On Images Of Glitter Reflections

Abstract

The importance of cybersecurity is ever more increasing. And with that, the importance of anti-tamper technologies. Physical anti-tamper technologies have existed for a while, but passive (battery-less) approaches are lacking. Some solutions exists ([1], [2] and [3]). But are sparse, complex, expensive and only cover a small portion of the device. The subject of this research is that of Glitter Physical Unclonable Function (PUF). A passive physical anti-tamper technology that protects the whole device, and is technology independent. It works as follows:

The secure component (a Printable Circuit Board (PCB)) is placed in an empty box. A camera and Light Emitting Diode (LED)s are added to the center of the PCB. Then a mixture of glitter and transparent resin is poured into the device (including the camera and lights). The resin hardens and the box is closed (being light tight). Enrolment: A picture is taken with the camera inside the box with the LEDs turned on. The light bounces throughout all the glitters. This picture is used to encrypt the critical data on the PCB. When a tamper has occurred (by pruning the enclosure) the glitters are destroyed or irreversibly moved. Thus the picture taken afterwards is different.
Authentication: Another picture is made. If the picture is within a certain threshold (set in enrolment), being the maximum allowed colour distance for each pixel to the reference picture. Then the picture can be used to decrypt the data. Otherwise, access to the data is lost.

For encryption and error correction several algorithms have been researched and tested. Especially the Error Correcting Code (ECC) used in biometrics are interesting, since they have the same criteria as glitter PUF (using real word data as a key); input data not always being the same. For the protoype Fuzzy Commitment is implemented, being the baseline for biometric encryption. A prototype of the glitter PUF has been made using a Raspberry Pi (RPi) camera and a 3D printed case. This prototype is used to evaluate certain characteristics such as how it behaves in time, temperature difference, ageing and what picture settings are most optimal. These
characterizations are important to know how the device behaves when in operation. As they must deviate from the results gathered when an actual tamper has been taken place.

The ageing and temperature tests show that the sytem is susceptible to temperature cycles, but when the same temperature as the enrolment is reached the difference is lessened. Furthermore, the system seems to stabilize and not increase in error after about 23 cycles. After doing so many cycles it can be calculated which (sub)pixels are the most stable. Choosing only the most stable (sub)pixels for enrolment/authentication will reduce the error introduced by temperature and ageing. Drilling shows a linear increase in (sub)pixel distance from the reference. The drill displays hotspots, whereas the temperature tests (mainly) show noise in the red channel. So an algorithm that considers these differences must be implemented. An implementation using binning for error correction, fuzzy commitment, segmenting the picture in small blocks, using Adaptive Equalization; grey-scaling, and taking only 20% of the most stable (sub)pixels, results in 5% of the original picture data while still containing enough information to reliably detect drilling’s.