A PUF-Based Modeling-Attack Resilient Authentication Protocol for IoT Devices

Ebrahimabadi, Mohammad; Younis, Mohamed; Karimi, Naghmeh

doi:10.1109/jiot.2021.3098496

Cited by 44 publications

(12 citation statements)

References 75 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Looking from the LSB to the MSB, the first bit that fails the tests in the Dataset90nm is the 11 th MSB (equivalently the 8 th LSB). Since the percentage of passed tests by this bit is relatively low, the value of 𝑁 𝑟𝑒𝑓 is selected as ⌊ 𝑁 𝑡𝑜𝑝 2 8−3 ⁄ ⌋, that is, 𝑁 𝑟𝑒𝑓 = 8027 = ⌊ 256866 2 5 ⌋, which reduces the resolution of the counters from 18 to 13 bits and increases the throughput of the multibit-RO-PU-TRNG in 2 5 . Looking from the LSB to the MSB, the first bit that fails the tests in the Dataset28nm is the 14 th MSB (equivalently the 9 th LSB).…”

Section: A Results On Calibration and Trng Responsesmentioning

confidence: 99%

“…Among the electronic PUFs studied in greater depth, those that predominate in IoT devices are delay-based PUFs and memory-based PUFs. The first ones, such as arbiters and PUFs based on ring oscillators (RO PUFs), are more popular in IoT devices with FPGAs [5]. The second ones, such as PUFs based on static random access memories (SRAM PUFs), are more suitable for IoT devices with microcontrollers whose embedded memories are not initialized [6]- [7].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A Unified Multibit PUF and TRNG Based on Ring Oscillators for Secure IoT Devices

Baturone

Román

Corbacho

2023

IEEE Internet Things J.

View full text Add to dashboard Cite

Physically Unclonable Functions (PUFs) and True Random Number Generators (TRNGs) are cryptographic primitives very well suited for secure IoT devices. This paper proposes a circuit, named multibit-RO-PUF-TRNG, which offers the advantages of unifying PUF and TRNG in the same design. It is based on counting the oscillations of pairs of ring oscillators (ROs), one of them acting as reference. Once the counter of the reference oscillator reaches a fixed value, the count value of the other RO is employed to provide the TRNG and the multibit PUF response. A mathematical model is presented that supports not only the circuit foundations but also a novel and simple calibration procedure that allows optimizing the selection of the design parameters. Experimental results are illustrated with large datasets from two families of FPGAs with different process nodes (90 nm and 28 nm). These results confirm that the proposed calibration provides TRNG and PUF responses with high quality. The raw TRNG bits do not need post-processing and the PUF bits (even 6 bits per RO) show very small aliasing. In the application context of obfuscating and reconstructing secrets generated by the TRNG, the multibit PUF response, together with the proposal of using error-correcting codes and RO selection adapted to each bit, provide savings of at least 79.38% of the ROs compared to using a unibit PUF without RO selection. The proposal has been implemented as an APB peripheral of a VexRiscv RV32I core to illustrate its use in a secure FPGA-based IoT device.

show abstract

Section: A Results On Calibration and Trng Responsesmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

A Unified Multibit PUF and TRNG Based on Ring Oscillators for Secure IoT Devices

Baturone

Román

Corbacho

2023

IEEE Internet Things J.

View full text Add to dashboard Cite

show abstract

“…However, some disadvantages, mainly including high computational and hardware overhead or inability to resist some Neural Networks, are discovered thereafter. Recently, a new novel scheme is proposed by the authors in [44]. Their opinion of protecting CRP is to split challenge message into several partitions, which can prevent the whole challenge message from being intercepted by the attacker.…”

Section: Discussion and Limitationsmentioning

confidence: 99%

A Novel Moving Target Defense Scheme With Physical Unclonable Functions-Based Authentication

Liu

2022

IEEE Access

View full text Add to dashboard Cite

Recent studies have discovered possible security issues on Supervisory Control and Data Acquisition systems (SCADA) in the critical architecture and focus on developing protection mechanisms on this system. Moving Target Mobile IPv6 Defense II is one of these schemes, in which the node in SCADA system employs the moving target's mobile IPv6 mechanism to solve the possible security problem the attacker targeting the specific node and launching attacks. However, the node in this novel scheme still should need to send update binding message with its new IP address to other nodes, which still possibly causes IP leakage security problem. Hence, in our study, we propose a moving target defense scheme with Physical Unclonable Functions (PUF) based authentication in SCADA system. In our scheme, PUF based authentication scheme ensures the security of the whole IP updating process. Once the nodes finish authentication process, they can perform IP generation mechanism based on unique parameter resulting from PUF outputs. Hence, our proposed scheme can ensure the unique characteristic of our generated IP address and no packet loss in the duration of IP rotation. Compared with other MTD-based schemes, our performance evaluation also shows that our proposed scheme can achieve good security performance in SCADA systems.INDEX TERMS Moving target defense, Physical Unclonable Functions, SCADA.

show abstract

“…An arbiter-PUF consists of a pair of delay chains; when queried with a challenge bit-stream, it generates one response bit [21]. PUFs operate based on variations in the microelectronics manufacturing process; in the case of Arbiter-PUF these variations introduce a race between two identical paths (top and bottom paths shown in Fig.…”

Section: System Model and Preliminaries A Arbiter-puf Architecturementioning

confidence: 99%

SWeeT: Security Protocol for Wearables Embedded Devices’ Data Transmission

Ebrahimabadi

Younis

Lalouani

et al. 2022

2022 IEEE International Conference on E-Health Networking, Application &Amp; Services (HealthCom)

Self Cite

View full text Add to dashboard Cite

Motivated by the quest for decreased healthcare costs and further fueled by the COVID pandemic, wearable devices have gained major attention in recent years. Yet, their secure usage and patients' privacy continue to be concerning. To address these issues, the paper presents SWeeT, a novel lightweight protocol for allowing flexible and secure access to the collected data by multiple caregivers while sustaining the patient's privacy. Particularly, SWeeT deploys Physically Unclonabale Functions (PUFs) to generate encryption keys to safeguard the patients' data during transmission. The computation overhead is significantly reduced by applying very simple encryption operations while enabling frequent change of the keys to sustain robustness. SWeeT is shown to counter impersonation, Sybil, man-in-the-middle, and forgery attacks. SweeT is validated through experiments using implementation on an Artix7 FPGA and through formal security analysis. 6

show abstract

A PUF-Based Modeling-Attack Resilient Authentication Protocol for IoT Devices

Cited by 44 publications

References 75 publications

A Unified Multibit PUF and TRNG Based on Ring Oscillators for Secure IoT Devices

A Unified Multibit PUF and TRNG Based on Ring Oscillators for Secure IoT Devices

A Novel Moving Target Defense Scheme With Physical Unclonable Functions-Based Authentication

SWeeT: Security Protocol for Wearables Embedded Devices’ Data Transmission

Contact Info

Product

Resources

About