Download presentation
Presentation is loading. Please wait.
Published byNorma Rosamond Morrison Modified over 5 years ago
1
Authentication of Electronics for Arms Control
PNNL-SA Authentication of Electronics for Arms Control Keith Tolk, Milagro Consulting Jacob Benz, PNNL Jennifer Tanner, PNNL
2
Authentication vs Certification
Authentication is performed by the inspecting party to ensure that the equipment being used accurately reflects the conditions being observed. Certification is performed by the host party to ensure that the equipment meets their rules with respect to data security, safety, etc.
3
Hidden Switches Equipment can be built that will give accurate results when testing, but will give bogus results in actual use. Any interaction with the environment can be used to trigger the switch between these modes. No amount of functional testing will find all hidden switches.
4
What I’ve learned in the past 30 years
Authentication is much, much more difficult than certification. If the host supplies the equipment, it is even harder. If the host supplies the equipment and it includes programmable devices, authentication is almost impossible.
5
Design for Authentication
It is extremely difficult to add authentication measures to equipment that already exists. For authentication, the equipment should be Simple Modular Inspectable Verifiable
6
Authentication Steps Joint design to produce equipment that will be accepted by all parties. (Keep it simple.) Random selection of components or subassemblies. (Chain of Custody on all parts must start here.) Private inspection of the selected parts. Functional testing (Not really an authentication measure, but you do want to be sure it works.) Verification that the equipment has not been altered.
7
Verification Once the equipment is in the facility, you can’t go back and perform all the tests you’d like to do. If it’s seen a nuclear weapon, you might not touch it again. “Hashing” can be used to verify software integrity. Conformal coatings can be used to detect tampering if they include a physical unclonable function (PUF).
8
“Hashing” “Hashing” is a cryptographic process that allows us to verify that software on an untrusted system matches the software on a trusted system. It’s a simple process using a private key to and either a hash algorithm or an encryption algorithm to produce a message authentication code. (HMAC or CMAC)
9
Conformal Coating Reflective particle patterns can be used to detect tampering attempts. Verification requires a camera and a simple fixture with multiple lights.
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.