Robust and Reverse-Engineering Resilient PUF Authentication and Key-Exchange by Substring Matching

Rostami, Masoud; Majzoobi, Mehrdad; Koushanfar, Farinaz; Wallach, Dan S.; Devadas, Srinivas

doi:10.1109/tetc.2014.2300635

Cited by 146 publications

(117 citation statements)

References 34 publications

Supporting

Mentioning

116

Contrasting

Order By: Relevance

“…The main problems were vulnerability for DoS attacks, replay attacks, impersonation attacks, and synchronization problems. In the lightweight category of proposals are the Slender PUF, [14] noise bifurcation [15] and PUF lockdown protocol [16] retained, while in the non-lightweight category only Reference protocol II-A [13] and the protocol proposed by Sadegi et al [17]. The main difference between these protocols [13][14][15][16][17] and our PUF based protocol is that these protocols take noisiness of the PUF into account, while our protocol considers the usage of a strong and controlled PUF.…”

Section: Key Agreement From Iot Device To Servermentioning

confidence: 99%

See 1 more Smart Citation

PUF Based Authentication Protocol for IoT

Braeken

2018

Symmetry

137

View full text Add to dashboard Cite

Key agreement between two constrained Internet of Things (IoT) devices that have not met each other is an essential feature to provide in order to establish trust among its users. Physical Unclonable Functions (PUFs) on a device represent a low cost primitive exploiting the unique random patterns in the device and have been already applied in a multitude of applications for secure key generation and key agreement in order to avoid an attacker to take over the identity of a tampered device, whose key material has been extracted. This paper shows that the key agreement scheme of a recently proposed PUF based protocol, presented by Chatterjee et al., for Internet of Things (IoT) is vulnerable for man-in-the-middle, impersonation, and replay attacks in the Yao-Dolev security model. We propose an alternative scheme, which is able to solve these issues and can provide in addition a more efficient key agreement and subsequently a communication phase between two IoT devices connected to the same authentication server. The scheme also offers identity based authentication and repudiation, when only using elliptic curve multiplications and additions, instead of the compute intensive pairing operations.

show abstract

Section: Key Agreement From Iot Device To Servermentioning

confidence: 99%

“…Moreover, Refs. [14,15] also take countermeasures to offer resistance against machine learning attacks, although they cannot be completely excluded [13]. The proposed protocol in [16] prevents an attacker from querying a token for CRPs that have not yet been disclosed during a prior protocol run.…”

Section: Key Agreement From Iot Device To Servermentioning

confidence: 99%

PUF Based Authentication Protocol for IoT

Braeken

2018

Symmetry

137

View full text Add to dashboard Cite

show abstract

“…For completeness, we note the design to be inspired by the pattern matching key generator [46], which serves as an alternative for a fuzzy extractor. A protocol extension has been proposed in [49]. One presents a fourth countermeasure against modeling.…”

Section: Slender Pufs: Predecessor (May 2012) and Successor (January mentioning

confidence: 99%

A Survey on Lightweight Entity Authentication with Strong PUFs

et al. 2015

View full text Add to dashboard Cite

Abstract. Physically unclonable functions (PUFs) exploit the unavoidable manufacturing variations of an integrated circuit (IC). Their input-output behavior serves as a unique IC 'fingerprint'. Therefore, they have been envisioned as an IC authentication mechanism, in particular the subclass of so-called strong PUFs. The protocol proposals are typically accompanied with two PUF promises: lightweight and an increased resistance against physical attacks. In this work, we review nineteen proposals in chronological order: from the original strong PUF proposal (2001) to the more complicated noise bifurcation and system of PUF proposals (2014). The assessment is aided by a unified notation and a transparent framework of PUF protocol requirements.

show abstract

“…Going beyond this limited number is suggested as a countermeasure by PUF manufacturers, although they have encountered serious problems, namely the increasing number of noisy responses as well as optimization of the silicon area required on the respective chip [93]. Even in this case, physical side-channel attacks, such as photonic emission analysis, can physically characterize XOR Arbiter PUFs regardless of the number of XORs [109].…”

Section: Introductionmentioning

confidence: 99%

On the Learnability of Physically Unclonable Functions

Ganji¹

2018

T-Labs Series in Telecommunication Services

View full text Add to dashboard Cite

Along with the expansion of the application of integrated circuits (ICs), the risk of security vulnerabilities of them has been rising dramatically. Diverse type of successful attacks against ICs have been launched by adversaries taking advantage of those vulnerabilities to expose confidential information, e.g., intellectual property (IP), and customer data. As a remedy for the shortcomings of traditional security measures taken to protect ICs, PUFs appear to be promising candidates that are intended to offer instance-specific functionality. While cryptographic mechanisms enjoying this privilege have been emerging, the vulnerability of PUFs to different types of attacks have been demonstrated. Among these attacks, a great deal of attention has been paid to machine learning (ML) attacks, aiming at modeling the challengeresponse behavior of PUFs. So far the success of ML attacks has relied on trial and error, and consequently, ad hoc attacks and their corresponding countermeasures have been developed.This thesis aims to address this issue by providing the mathematical proofs of the vulnerability of various PUF families, including Arbiter, XOR Arbiter, ring-oscillator, and bistable ring PUFs, to ML attacks. To achieve this goal, for the assessment of these PUFs a generic framework is developed that include two main approaches. First, with regard to the inherent physical characteristics of the PUFs mentioned above, fit-for-purpose mathematical representations of them are established, which adequately reflect the physical behavior of those primitives. To this end, notions and formalizations, being already familiar to the ML theory world, are reintroduced in order to give a better understanding of why, how, and to what extent ML attacks against PUFs can be feasible in practice. Second, polynomial time ML algorithms are explored, which can learn the PUFs under the appropriate representation. More importantly, in contrast to previous ML approaches, not only the accuracy of the model mimicking the behavior of the PUF but also the delivery of such a model is ensured by our framework.Besides off-the-shelf ML algorithms, we apply a set of algorithms originated in property testing field of study that can support the evaluation of the security of PUFs. They serve as a "toolbox", from which PUF designers and manufacturers can choose the indicators being relevant to their requirements. Last but not least, on the basis of learning theory concepts, this thesis explicitly states that the PUF families studied here cannot be considered as an ultimate solution to the problem of insecure ICs. Furthermore, we believe that this thesis can provide an insight into not only the academic research but also the design and manufacturing of PUFs. xi

show abstract

Robust and Reverse-Engineering Resilient PUF Authentication and Key-Exchange by Substring Matching

Cited by 146 publications

References 34 publications

PUF Based Authentication Protocol for IoT

PUF Based Authentication Protocol for IoT

A Survey on Lightweight Entity Authentication with Strong PUFs

On the Learnability of Physically Unclonable Functions

Contact Info

Product

Resources

About