TechRxiv
Sood_Aditya_PUF_Final.pdf (1.67 MB)

Physically Unclonable Functions with Confidential Computing for Enhanced Encryption of EHRs

Download (1.67 MB)
preprint
posted on 11.08.2021, 08:26 by Aditya SoodAditya Sood
Continual exploitation of Electronic Health Records (EHRs) has led to increasing amounts of ransomware and identity theft in recent years. Existing cryptosystems protecting these EHRs are weak due to their inherently transparent software that allows adversaries to extract encryption keys with relative ease. I designed a novel cryptosystem that employs Physically Unclonable Functions (PUFs) to securely encrypt user EHRs in a protected SGX enclave. The CPU-attached PUF provides a secret, device-unique value or a ‘digital fingerprint’ which is used to derive a symmetric key for subsequent AES-NI hardware encryption. Since the cryptographic operations, from key derivation to encryption, transpire in a confidential SGX enclave, the keys are always protected from OS-privileged attacks- a capability lacking in most existing systems. I used my system APIs to evaluate the performance of various hash and encryption schemes across multiple EHR block sizes. SHA512 and AES-NI-256-GCM were selected for cryptosystem implementation because they demonstrated high performance without compromising on security.

History

Email Address of Submitting Author

soodadityab@gmail.com

Submitting Author's Institution

No affiliation

Submitting Author's Country

United States of America