Evaluating SRAM as Source for Fingerprints and Randomness on Automotive Grade Controllers
Proceedings of the 13th International Joint Conference on e-Business and Telecommunications
It is well known that the state of uninitialized SRAM provides a unique pattern on each device due to physical imperfections. Both the affinity toward some fixed state as well as the deviation from it can be successfully exploited in security mechanisms. Fixed values provide an efficient mechanism for physical identification and for extracting cryptographic keys while the randomness of bits that flip can be exploited as input for PRNGs that are vital for the generation of ephemeral keys. In
... emeral keys. In this work we try to give an assessment of these two capabilities on several state-of-the art automotive grade embedded platforms. The security of embedded devices inside vehicles has gained serious attention in the past years due to the impact of emerging technologies, e.g., self-driving cars, vehicle-to-vehicle communication, which are futile in the absence of the appropriate security mechanisms. Our examination of several state-of-the-art automotive grade controllers shows that SRAM can offer sufficient entropy and patterns for identification but careful testing is needed as some models fail to provide the expected results.