Some of the main challenges towards utilizing conventional cryptographic techniques in Internet of Things (IoT) include the need for generating secret keys for such a large-scale network, distributing the generated keys to all the devices, key storage as well as the vulnerability to security attacks when an adversary gets physical access to the devices. In this paper, a novel secret key generation method is proposed for IoTs that utilize the intrinsic randomness embedded in the devices' memories introduced in the manufacturing process. A fuzzy extractor structure using serially concatenated BCH-Polar codes is proposed to generate reproducible keys from a ReRAM-based ternary-state Physical Unclonable Functions (PUFs) for device authentication and secret key generation. The main concern in deploying PUF-based key generation methods is the leakage of information about the secret keys from the publicly available helper data. The fuzzy extractor proposed in this paper ensures much less mutual information between the generated keys and the helper data. The experimental results show that our proposed scheme is capable of generating notably stronger keys compared to existing techniques, while utilizing a significantly lower number of helper data bits. The failure probability when a low complex Successive Cancellation decoder is implemented in the proposed fuzzy extractor structure is 10 −8 which was further increased to 10 −10 when a complex iterative belief propagation decoder was used. 1
This paper provides a proof of concept for using SRAM based Physically Unclonable Functions (PUFs) to generate private keys for IoT devices. PUFs are utilized, as there is inadequate protection for secret keys stored in the memory of the IoT devices. We utilize a custom-made Arduino mega shield to extract the fingerprint from SRAM chip on demand. We utilize the concepts of ternary states to exclude the cells which are easily prone to flip, allowing us to extract stable bits from the fingerprint of the SRAM. Using the custom-made software for our SRAM device, we can control the error rate of the PUF to achieve an adjustable memory-based PUF for key generation. We utilize several fuzzy extractor techniques based on using different error correction coding methods to generate secret keys from the SRAM PUF, and study the trade-off between the false authentication rate and false rejection rate of the PUF.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.