Sensors in a networked environment which are used for security applications could be jeopardized by man-in-the-middle or address spoofing attacks. By authentication and secure data transmission of the sensor's data stream, this can be thwart by fusing the image sensor with the necessary digital encryption and authentication circuit, which fulfils the three standard requirements of cryptography: data integrity, confidentiality and non-repudiation. This paper presents the development done by AIM, which led to the unique sensor SECVGA, a high performance monochrome (B/W) CMOS active pixel image sensor. The device captures still and motion images with a resolution of 800x600 active pixels and converts them into a digital data stream. Additional to a standard imaging sensor there is the capability of the on-chip cryptographic engine to provide the authentication of the sensor to the host, based on a one-way challenge/response protocol. The protocol that has been realized uses the exchange of a session key to secure the following video data transmission. To achieve this, we calculate a cryptographic checksum derived from a message authentication code (MAC) for a complete image frame. The imager is equipped with an EEPROM to give it the capability to personalize it with a unique and unchangeable identity. A two-wire <i>I<sup>2</sup>C</i> compatible serial interface allows to program the functions of the imager, i.e. various operating modes, including the authentication procedure, the control of the integration time, sub-frames and the frame rate.
Security applications of sensors in a networking environment has a
strong demand of sensor authentication and secure data transmission
due to the possibility of man-in-the-middle and address spoofing
attacks. Therefore a secure sensor system should fulfil the three
standard requirements of cryptography, namely data integrity,
authentication and non-repudiation. This paper is intended to
present the unique sensor development by AIM, the so called SecVGA,
which is a high performance, monochrome (B/W) CMOS active pixel
image sensor. The device is capable of capturing still and motion
images with a resolution of 800x600 active pixels and converting the
image into a digital data stream. The distinguishing feature of this development in comparison to standard imaging sensors is the on-chip cryptographic engine which provides the sensor authentication, based on a one-way challenge/response protocol. The implemented protocol results in the exchange of a session-key which will secure the following video data transmission. This is achieved by calculating a cryptographic checksum derived from a stateful hash value of the complete image frame. Every sensor contains an EEPROM memory cell for the non-volatile storage of a unique identifier. The imager is
programmable via a two-wire <i>I<sup>2</sup>C</i> compatible interface which controls the integration time, the active window size of the pixel array, the frame rate and various operating modes including the authentication procedure.