Converse PUF-Based Authentication

Koçabas, Ünal; Andreas, Peter; Katzenbeisser, Stefan; Sadeghi, Ahmad‐Reza

doi:10.1007/978-3-642-30921-2_9

Cited by 38 publications

(22 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Several PUF-based protocols have been proposed, in particular for the subclass of so-called strong PUFs. We review the most prominent proposals: controlled PUFs [4][5][6],Öztürk et al [17], Hammouri et al [8], logically reconfigurable PUFs [11], reverse fuzzy extractors (FEs) [24], slender PUFs [16,20] and the converse protocol [12]. The novelty of our work is threefold.…”

Section: Introductionmentioning

confidence: 99%

Secure Lightweight Entity Authentication with Strong PUFs: Mission Impossible?

Delvaux

Schellekens

et al. 2014

Advanced Information Systems Engineering

View full text Add to dashboard Cite

Physically unclonable functions (PUFs) exploit the unavoidable manufacturing variations of an integrated circuit (IC). Their inputoutput behavior serves as a unique IC 'fingerprint'. Therefore, they have been envisioned as an IC authentication mechanism, in particular for the subclass of so-called strong PUFs. The protocol proposals are typically accompanied with two PUF promises: lightweight and an increased resistance against physical attacks. In this work, we review eight prominent proposals in chronological order: from the original strong PUF proposal to the more complicated converse and slender PUF proposals. The novelty of our work is threefold. First, we employ a unified notation and framework for ease of understanding. Second, we initiate direct comparison between protocols, which has been neglected in each of the proposals. Third, we reveal numerous security and practicality issues. To such an extent, that we cannot support the use of any proposal in its current form. All proposals aim to compensate the lack of cryptographic properties of the strong PUF. However, proper compensation seems to oppose the lightweight objective.

show abstract

Section: Introductionmentioning

confidence: 99%

Secure Lightweight Entity Authentication with Strong PUFs: Mission Impossible?

Delvaux

Schellekens

et al. 2014

Advanced Information Systems Engineering

View full text Add to dashboard Cite

show abstract

“…Rührmair et al presented a modeling attack for several PUF models including arbiter PUFs and ring oscillator PUFs [38]. To eliminate these issues, the converse PUF-based authentication protocol has been proposed in [39], where the verifier is considered a resource-constrained device, and the prover is considered a resource-rich server. A hardware and software co-verification based lightweight IoT authentication scheme is presented in [40].…”

Section: Prior Workmentioning

confidence: 99%

A Robust, Low-Cost and Secure Authentication Scheme for IoT Applications

Mahmod

Guin

2020

Cryptography

View full text Add to dashboard Cite

The edge devices connected to the Internet of Things (IoT) infrastructures are increasingly susceptible to piracy. These pirated edge devices pose a serious threat to security, as an adversary can get access to the private network through these non-authentic devices. It is necessary to authenticate an edge device over an unsecured channel to safeguard the network from being infiltrated through these fake devices. The implementation of security features demands extensive computational power and a large hardware/software overhead, both of which are difficult to satisfy because of inherent resource limitation in the IoT edge devices. This paper presents a low-cost authentication protocol for IoT edge devices that exploits power-up states of built-in SRAM for device fingerprint generations. Unclonable ID generated from the on-chip SRAM could be unreliable, and to circumvent this issue, we propose a novel ID matching scheme that alleviates the need for enhancing the reliability of the IDs generated from on-chip SRAMs. Security and different attack analysis show that the probability of impersonating an edge device by an adversary is insignificant. The protocol is implemented using a commercial microcontroller, which requires a small code overhead. However, no modification of device hardware is necessary.

show abstract

“…A sample database is shown in Figure 2 where the rows store data for each fielded chip and the columns store digitized rising (PNR) and falling (PNF) path delays as n-bit fixed-point numbers, typically ranging in value between 100 and 500. There are several significant benefits to storing PN instead of response bit-strings [18][19][20][21][22][23]. First, the relationship of PN to response bit-strings is one-to-many (i.e., a large number of response bitstrings can be generated from a much smaller set of PN).…”

Section: Enrollment and Regenerationmentioning

confidence: 99%

“…These goals are achieved by using only linear operations to process the stored and regenerated PN into session keys and authentication bit-strings. Other PUFs [1,[18][19][20][21][22][23] can be used instead of HELP to meet these goals as long as they possess the following properties:…”

Section: Enrollment and Regenerationmentioning

confidence: 99%

Physical Unclonable Function (PUF)-Based e-Cash Transaction Protocol (PUF-Cash)

et al. 2019

View full text Add to dashboard Cite

Electronic money (e-money or e-Cash) is the digital representation of physical banknotes augmented by added use cases of online and remote payments. This paper presents a novel, anonymous e-money transaction protocol, built based on physical unclonable functions (PUFs), titled PUF-Cash. PUF-Cash preserves user anonymity while enabling both offline and online transaction capability. The PUF’s privacy-preserving property is leveraged to create blinded tokens for transaction anonymity while its hardware-based challenge–response pair authentication scheme provides a secure solution that is impervious to typical protocol attacks. The scheme is inspired from Chaum’s Digicash work in the 1980s and subsequent improvements. Unlike Chaum’s scheme, which relies on Rivest, Shamir and Adlemans’s (RSA’s) multiplicative homomorphic property to provide anonymity, the anonymity scheme proposed in this paper leverages the random and unique statistical properties of synthesized integrated circuits. PUF-Cash is implemented and demonstrated using a set of Xilinx Zynq Field Programmable Gate Arrays (FPGAs). Experimental results suggest that the hardware footprint of the solution is small, and the transaction rate is suitable for large-scale applications. An in-depth security analysis suggests that the solution possesses excellent statistical qualities in the generated authentication and encryption keys, and it is robust against a variety of attack vectors including model-building, impersonation, and side-channel variants.

show abstract

Converse PUF-Based Authentication

Cited by 38 publications

References 31 publications

Secure Lightweight Entity Authentication with Strong PUFs: Mission Impossible?

Secure Lightweight Entity Authentication with Strong PUFs: Mission Impossible?

A Robust, Low-Cost and Secure Authentication Scheme for IoT Applications

Physical Unclonable Function (PUF)-Based e-Cash Transaction Protocol (PUF-Cash)

Contact Info

Product

Resources

About