As a lightweight hardware security primitive, PUFs can provide reliable identity authentication for devices of Internet of things (IoTs) with limited resources. However, the delay-based PUF structures in authentication protocols have static responding behaviors, which make them vulnerable to modeling attacks. To address this issue, many complex PUF designs have been designed to increase the nonlinearity of their models. However, most of them can still be broken by modeling-based machine learning (ML) attacks. In this paper, a dynamic responding mechanism for PUF designs to generate dynamic responses is proposed. Different from the concept of logically reconfigurable PUFs, the proposed mechanism does not rely on external inputs to provide reconfiguration signals. And different from the conventional PUF authentication protocols that use large-size LFSR to extend the master challenge, the proposed scheme uses internally generated dynamic signals to obfuscate the master challenge to generate multiple sub-challenges. These sub-challenges are then input to the underlying strong PUF to generate multi-bit dynamic responses. It can prevent an attacker from obtaining valid challenge-response pairs (CRPs) for the underlying PUF. A security authentication protocol is also proposed, the special authentication bit-string design can resist both conventional ML attacks and the latest covariance matrix adaptation evolution strategies (CMA-ES) variant.