KYoT: Self-sovereign IoT Identification with a Physically Unclonable Function

The integration of Internet-of-Things (IoT) and Blockchains (BC) for trusted and decentralized approaches enabled modern use cases, such as supply chain tracing, smart cities, and IoT data marketplaces. For these it is essential to identify reliably IoT devices, since the producer-consumer trust is not guaranteed by a Trusted Third Party (TTP). Therefore, this work proposes a Know Your IoT device platform (KYoT), which enables the self-sovereign identification of IoT devices on the Ethereum BC. KYoT permits manufacturers and device owners to register and verify IoT devices in a self-sovereign fashion, while data storage security is ensured. KYoT deploys an SRAM-based (Static Random Access Memory) Physically Unclonable Function (PUF), which takes advantage of the manufacturing variability of devices' SRAM chips to derive a unique identifying key for each IoT device. The self-sovereign identification mechanism introduced is based on the ERC 734 and ERC 735 Ethereum identity standards.

[1]  Daniel E. Holcomb,et al.  Power-Up SRAM State as an Identifying Fingerprint and Source of True Random Numbers , 2009, IEEE Transactions on Computers.

[2]  Armin Babaei,et al.  Physical Unclonable Functions in the Internet of Things: State of the Art and Open Challenges , 2019, Sensors.

[3]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[4]  Biplab Sikdar,et al.  BlockPro: Blockchain based Data Provenance and Integrity for Secure IoT Environments , 2018, BlockSys@SenSys.

[5]  Debdeep Mukhopadhyay,et al.  A PUF-Based Secure Communication Protocol for IoT , 2017, IACR Cryptol. ePrint Arch..

[6]  Stefan Katzenbeisser,et al.  Employing Blockchain and Physical Unclonable Functions for Counterfeit IoT Devices Detection , 2019, COINS.

[7]  Srinivas Devadas,et al.  Silicon physical random functions , 2002, CCS '02.

[8]  Hiroshi Watanabe,et al.  Can Blockchain Protect Internet-of-Things? , 2018, ArXiv.

[9]  Fuzzy Extractor , 2009, Encyclopedia of Biometrics.

[10]  Róbert Lórencz,et al.  Using Power-Up SRAM State of Atmel ATmega1284P Microcontrollers as Physical Unclonable Function for Key Generation and Chip Identification , 2013, Inf. Secur. J. A Glob. Perspect..

[11]  Pinchen Cui,et al.  Ensuring Proof-of-Authenticity of IoT Edge Devices Using Blockchain Technology , 2018, 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[12]  B. Stiller,et al.  Smart Contracts – Blockchains in the Wings , 2018 .