Abstract
Since image recognition systems use image data acquired by image sensors for analysis by AI technology, an important security issue is guaranteeing the authenticity of data transmitted from image sensors to successfully perform inference using AI. There have been reports of physical attacks on image sensor interfaces by tampering with images to cause misclassifications in AI classification results. As a countermeasure against these attacks, it is effective to add authenticity to image data with a message authentication code (MAC). For the implementation of this, it is important to have technologies for generating MAC keys on image sensors and to create an environment for secure MAC verification on the host device. For MAC key generation, we used the CIS-PUF technology, which generates MAC keys from PUF responses and random numbers from CMOS image sensor variations. For the secure MAC verification, we used TEE technology, which executes security-critical processes in an environment isolated from the normal operating system. In this study, we propose and demonstrate an image tampering detection system based on MAC verification with CIS-PUF and OP-TEE in an open portable TEE on an ARM processor. In the experiments, we demonstrated a system that computed and transmitted MAC for captured images using the CIS-PUF key and then performed MAC verification in the secure world of the OP-TEE.