End-To-End Design of a PUF-Based Privacy Preserving Authentication Protocol

Aysu, Aydın; Gulcan, Ege; Moriyama, Daisuke; Schaumont, Patrick; Yung, Moti

doi:10.1007/978-3-662-48324-4_28

Cited by 81 publications

(96 citation statements)

References 34 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As such, we reveal a fundamental flaw in the reverse fuzzy extractor, proposed by Van Herrewege et al [28] at Financial Crypto 2012. The latter lightweight primitive is gaining momentum and has also been adopted in the CHES 2015 protocol of Aysu et al [1]. We debunk the main security claim that repeated helper data exposure does not result in additional min-entropy loss.…”

Section: Contributionmentioning

confidence: 94%

“…The latter attacks comprehend the modeling of the highly correlated arbiter PUF via repeated helper data exposure; a preemptive fix can be found in the PhD thesis of Maes [19]. The newly revealed flaw is more fundamentally linked to the reverse fuzzy extractor primitive and applies to all existing protocols so far [28,19,1]. Observe in Fig.…”

Section: A Fundamental Security Flaw In Reverse Fuzzy Extractorsmentioning

confidence: 99%

“…The min-entropy of a random variable X is as defined in (1). Consider now a pair of possibly correlated random variables: X and P .…”

Section: Min-entropy Definitionsmentioning

confidence: 99%

“…For c = 1 2 , the latter model corresponds to a uniform distribution. Although spatial correlations are frequently encountered in experimental work, e.g., byte-level dependencies for the SRAM PUFs in [14,1], these are often neglected in information theoretic work due to their complexity. We hope that our results may help turn the tide on this.…”

Section: Distributionsmentioning

confidence: 99%

“…The construction was therefore also adopted in the CHES 2015 protocol of Aysu et al [1]. Instead of a single helper data exposure only, p ← SSGen( x) is regenerated and transferred with each protocol run by a resource-constrained PUF-enabled device.…”

Section: A Fundamental Security Flaw In Reverse Fuzzy Extractorsmentioning

confidence: 99%

See 4 more Smart Citations

Efficient Fuzzy Extraction of PUF-Induced Secrets: Theory and Applications

Delvaux

Verbauwhede

et al. 2016

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. The device-unique response of a physically unclonable function (PUF) can serve as the root of trust in an embedded cryptographic system. Fuzzy extractors transform this noisy non-uniformly distributed secret into a stable high-entropy key. The overall efficiency thereof, typically depending on error-correction with a binary [n, k, d] block code, is determined by the universal and well-known (n − k) bound on the min-entropy loss. We derive new considerably tighter bounds for PUFinduced distributions that suffer from, e.g., bias or spatial correlations. The bounds are easy-to-evaluate and apply to large non-trivial codes, e.g., BCH, Hamming and Reed-Muller codes. Apart from an inherent reduction in implementation footprint, the newly developed theory also facilitates the analysis of state-of-the-art error-correction methods for PUFs. As such, we debunk the reusability claim of the reverse fuzzy extractor. Moreover, we provide proper quantitative motivation for debiasing schemes, as this was missing in the original proposals.

show abstract

Section: Contributionmentioning

confidence: 94%

Section: A Fundamental Security Flaw In Reverse Fuzzy Extractorsmentioning

confidence: 99%

“…The min-entropy of a random variable X is as defined in (1). Consider now a pair of possibly correlated random variables: X and P .…”

Section: Min-entropy Definitionsmentioning

confidence: 99%

Section: Distributionsmentioning

confidence: 99%

Section: A Fundamental Security Flaw In Reverse Fuzzy Extractorsmentioning

confidence: 99%

See 3 more Smart Citations

Efficient Fuzzy Extraction of PUF-Induced Secrets: Theory and Applications

Delvaux

Verbauwhede

et al. 2016

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

Enhancing UAV‐HetNet security through functional encryption framework

Gupta,

Singh

2024

Concurrency and Computation

View full text Add to dashboard Cite

SummaryIn the current landscape, the rapid expansion of the internet has brought about a corresponding surge in the number of data consumers. As user volume and diversity have escalated, the shift from conventional, uniform networks to Heterogeneous Networks (HetNets) has emerged. HetNets are designed with a primary objective: enhancing Quality of Service (QoS) standards for users. In the context of HetNets facilitated by Unmanned Aerial Vehicles (UAVs), a substantial influx of users and devices is observed. Within this multifaceted environment, the potential for malicious intruder nodes to efficiently execute and propagate harmful actions across the network is a distinct concern. Consequently, the entirety of network communication becomes susceptible to a multitude of security threats. To address these vulnerabilities and safeguard communication, the Functional Encryption (FE) technique is employed. FE empowers the protection of data against intrusion attacks. This paper presents a comprehensive methodology for implementing FE within UAV‐integrated HetNets, executed in two sequential phases. The initial phase secures communication between User Equipment (UE) and Micro Base Station (MBS), followed by the second phase, which focuses on securing communication among MBS and UAV. The viability of the proposed approach is substantiated through validation using the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The validation process involves the development of High‐Level Protocol Specification Language (HLPSL) codes. The successful security validation outcome underscores the capacity of the proposed methodology to provide the intended security measures and robustness to the network environment.

show abstract

Provably secure and efficient PUF‐based broadcast authentication schemes for smart grid applications

Ameri

Delavar

Mohajeri

2019

Int J Communication

View full text Add to dashboard Cite

SummaryMany smart grid applications need broadcast communications. Because of the critical role of the broadcasted messages in these applications, their authentication is very important to prevent message forgery attacks. Smart grid consists of plenty of low‐resource devices such as smart meters or phasor measurement units (PMUs) that are located in physically unprotected environments. Therefore, the storage and computational constraints of these devices as well as their security against physical attacks must be considered in designing broadcast authentication schemes. In this paper, we consider two communication models based on the resources of the broadcasters and receivers and propose a physical unclonable function (PUF)–based broadcast authentication scheme for each of them including Broadcast Authentication with High‐Resource Broadcaster (BA‐HRB) and Broadcast Authentication with Low‐Resource Broadcaster (BA‐LRB). We formally prove that both schemes are unforgeable and memory leakage resilient. Moreover, we analyze the performance of our proposed schemes and compare them with related works. The comparison results demonstrate a significant improvement in the storage and computational overhead of our schemes compared with the related works.

show abstract

End-To-End Design of a PUF-Based Privacy Preserving Authentication Protocol

Cited by 81 publications

References 34 publications

Efficient Fuzzy Extraction of PUF-Induced Secrets: Theory and Applications

Efficient Fuzzy Extraction of PUF-Induced Secrets: Theory and Applications

Enhancing UAV‐HetNet security through functional encryption framework

Provably secure and efficient PUF‐based broadcast authentication schemes for smart grid applications

Contact Info

Product

Resources

About