Copyright AIM INFRAROT-MODULE GmbH AIM AIM INFRAROT-MODULE GmbH Security SVGA Image Sensor VISION 2005, Dr. P. Stifter.

Slides:

Advertisements

Similar presentations

Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998.

Advertisements

ECE454/CS594 Computer and Network Security

Internet Security CSCE 813 IPsec

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

SSL Protocol By Oana Dini. Overview Introduction to SSL SSL Architecture SSL Limitations.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication Security Security Secure Sockets Layer Secure.

Information Hiding: Watermarking and Steganography

Computer and Network Security Mini Lecture by Milica Barjaktarovic.

IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.

Digital Signatures and Hash Functions. Digital Signatures.

Security at the Network Layer: IPSec

Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.

ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.

Crypto – chapter 16 - noack Introduction to network stcurity Chapter 16 - Stallings.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.

Block Ciphers 1 Block Ciphers Block Ciphers 2 Block Ciphers  Modern version of a codebook cipher  In effect, a block cipher algorithm yields a huge.

1ISM - © 2010 Houman Younessi Lecture 5 Convener: Houman Younessi Information Systems Spring 2011.

Cryptography Basic (cont)

Sec final project A Preposition Secret Sharing Scheme for Message Authentication in Broadcast Networks 王怡君.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

EE 4272Spring, 2003 Protocols & Architecture A Protocol Architecture is the layered structure of hardware & software that supports the exchange of data.

1 Pertemuan 11 IPSec dan SSL Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

TinySec: Link Layer Security Chris Karlof, Naveen Sastry, David Wagner University of California, Berkeley Presenter: Todd Fielder.

Applied Cryptography for Network Security

Chapter 20: Network Security Business Data Communications, 4e.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

SSH Secure Login Connections over the Internet

SYSTEM ADMINISTRATION Chapter 13 Security Protocols.

32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.

What is a Protocol A set of definitions and rules defining the method by which data is transferred between two or more entities or systems. The key elements.

Cryptography and Network Security (CS435)

Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester ITGD 2202 University of Palestine.

Hash Functions A hash function H accepts a variable-length block of data M as input and produces a fixed-size hash value h = H(M) Principal object is.

Internet Addresses. Universal Identifiers Universal Communication Service - Communication system which allows any host to communicate with any other host.

Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

WEP Protocol Weaknesses and Vulnerabilities

Information Security By:-H.M.Patel. Information security There are three aspects of information security Security service Security mechanism Security.

1 SSL - Secure Sockets Layer The Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL.

Tunneling and Securing TCP Services Nathan Green.

Network Security David Lazăr.

11.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 11 Message Integrity and Message Authentication.

IPsec Introduction 18.2 Security associations 18.3 Internet Security Association and Key Management Protocol (ISAKMP) 18.4 Internet Key Exchange.

Chapter 11 Message Authentication and Hash Functions.

IP Security: Security Across the Protocol Stack. IP Security There are some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS.

Cryptographic Hash Functions Prepared by Dr. Lamiaa Elshenawy

Cryptography and Network Security (CS435) Part Nine (Message Authentication)

Chapter 40 Network Security (Access Control, Encryption, Firewalls)

Network and Internet Security Prepared by Dr. Lamiaa Elshenawy

CS426Fall 2010/Lecture 51 Computer Security CS 426 Lecture 5 Cryptography: Cryptographic Hash Function.

SSL(HandShake) Protocol By J.STEPHY GRAFF IIM.SC(C.S)

Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.

IPSec is a suite of protocols defined by the Internet Engineering Task Force (IETF) to provide security services at the network layer. standard protocol.

Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.

What is a Protocol A set of definitions and rules defining the method by which data is transferred between two or more entities or systems. The key elements.

Cryptographic Hash Functions

Cryptographic Hash Function

Cryptographic Hash Functions

Cryptographic Protocols

Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls

Security Of Wireless Sensor Networks

Presentation transcript:

Copyright AIM INFRAROT-MODULE GmbH AIM AIM INFRAROT-MODULE GmbH Security SVGA Image Sensor VISION 2005, Dr. P. Stifter

Copyright AIM INFRAROT-MODULE GmbH AIM I NTRODUCTION S YSTEM D ESIGN M IXED S IGNAL A UTHENTICATION SPIE 2005, 26,09.05 T ransition Real World Virtual World Some of our real world aspects are mapped into a digital representation and stored in large databases. The digital identity has to be protected ! FR Software

Copyright AIM INFRAROT-MODULE GmbH AIM I NTRODUCTION S YSTEM D ESIGN M IXED S IGNAL A UTHENTICATION SPIE 2005, 26,09.05 A pplication Scenario of optical Sensors Ethernet based physical layer with TCP/IP as a transport and routing layer. Sensors capture images, generate sensitive data and transfer data packets over an open and insecure channel to dedicated servers

Copyright AIM INFRAROT-MODULE GmbH AIM I NTRODUCTION S YSTEM D ESIGN M IXED S IGNAL A UTHENTICATION SPIE 2005, 26,09.05 S ecure Sensor Design Requirements: Data Authentication Authentication Protocol Cryptographic Checksum (MAC) Cryptographic hardware modules Usage of publicly known and proven algorithms Secret Unique Identifier Key storage Key programming

Copyright AIM INFRAROT-MODULE GmbH AIM I NTRODUCTION S YSTEM D ESIGN M IXED S IGNAL A UTHENTICATION SPIE 2005, 26,09.05 S ystem Design large and busy digital core

Copyright AIM INFRAROT-MODULE GmbH AIM I NTRODUCTION S YSTEM D ESIGN M IXED S IGNAL A UTHENTICATION SPIE 2005, 26,09.05 F loorplan Problem: CMOS imager is susceptible to various noise sources. Noise level is increased by the activity of the digital core.

Copyright AIM INFRAROT-MODULE GmbH AIM I NTRODUCTION S YSTEM D ESIGN M IXED S IGNAL A UTHENTICATION SPIE 2005, 26,09.05 M ixed Signal Design Most prominent noise: FPN Modules on the same substrate Use CDS Separation with multiple guard rings Differential signal lines Large blocking capacitors Signal integrity Stable reference voltages

Copyright AIM INFRAROT-MODULE GmbH AIM I NTRODUCTION S YSTEM D ESIGN M IXED S IGNAL A UTHENTICATION SPIE 2005, 26,09.05 K ey Storage Selection between Polysilicon fuses or EEPROM cells D-MatrixPro Poly silicon EEPROM cells Con Simple interfaceExternal programming voltage Not buried under metal layers Burn-through process may damage pixel Buried under shielded metal layer No external access, on- chip charge pump Encapsulation Hardware overhead: controller

Copyright AIM INFRAROT-MODULE GmbH AIM I NTRODUCTION S YSTEM D ESIGN M IXED S IGNAL A UTHENTICATION SPIE 2005, 26,09.05 Checksum Authentication O perational Flow

Copyright AIM INFRAROT-MODULE GmbH AIM I NTRODUCTION S YSTEM D ESIGN M IXED S IGNAL A UTHENTICATION SPIE 2005, 26,09.05 D ata Protection Data transfer with TCP/IP can be easily manipulated in the context of raw sockets. Application of cryptographic methods (MAC) protects against bit manipulations and faked identities Block cipher E of length n encrypt the message x to the cipher text c with key K of length k.

Copyright AIM INFRAROT-MODULE GmbH AIM I NTRODUCTION S YSTEM D ESIGN M IXED S IGNAL A UTHENTICATION SPIE 2005, 26,09.05 D ata Protection Data transfer with TCP/IP can be easily manipulated in the context of raw sockets. Application of cryptographic methods (MAC) protects against bit manipulations and faked identities MacDES (1) Padding (2) Splitting (3) Initial Transformation (4) Iteration (5) Output Transformation

Copyright AIM INFRAROT-MODULE GmbH AIM I NTRODUCTION S YSTEM D ESIGN M IXED S IGNAL A UTHENTICATION SPIE 2005, 26,09.05 C onclusion One can obtain real end-point security on open and insecure data channels. On-chip cryptographic module provide real-time encryption and secure key storage. Challenge/Response method give any host in possession of the secret key the assurance of the data origin. Even a single bit manipulation is detectable. On-chip integration provides a high protection level against key recovery attacks.