Holistic Approaches for Integrity of ICT-Systems

The security of modern ICT (Information and Communication Technologies) systems relies fundamentally on the integrity of hardware components. This is the case for user identification and authentication as in smartcards, e-Id, e-Passports, e-health devices or for the integrity checking of computers and mobile systems as in trusted computing and TPMs. But it is also the case for telecommunication infrastructure as e.g. for servers or routers to support cloud computing.Unfortunately attacks on hardware devices keep on improving. Physical attacks, giving access to internal information, side channel attacks, using passive observations of execution time, power consumption or electro-magnetic radiations, or fault injection attacks using power glitches, light, laser and electro-magnetic perturbations are 'proven' ways of retrieving secrets. Today security circuits are protected to a certain level against these attacks, but an absolute protection (Tamper resistance) is unrealistic and the need of extra barriers arises.New security challenges arise: counterfeiting of hardware components is dramatically increasing (some studies indicate from 5 to 20 % of counterfeited components on the market) and the threat of Trojans or hidden functions in Integrated Circuits is moving from theoretical to real.The HINT project addresses these new challenges by proposing the development of novel integrity technologies to guarantee that a system is a genuine, non-modified one including the hardware components. Innovative hardware authentication and integrity checking technologies, based on PUF (Physically Unclonable Functions) and on Physical measurements (Side Channel Analysis) will be developed to offer an extra security barrier based on paradigms complementary to cryptography. The approach is related to the Trusted Computing one, but the major difference is the addition of hardware authentication and hardware integrity checking features to the software integrity checking chain.