PUF-Based Anonymous Authentication Scheme for Hardware Devices and IPs in Edge Computing Environment

With rapid advances in edge computing and the Internet of Things, the security of low-layer hardware devices attract more and more attention. As an ideal hardware solution, field programmable gate array (FPGA) becomes a mainstream technology to design a complex system. The designed modules are named as intellectual property (IP) cores. In this paper, we consider both misappropriation of hardware devices and software IPs in edge computing and propose a PUF-based IP copyright anonymous authentication scheme. The scheme utilizes the double physical unclonable function (PUF) authentication model. Both the parties generate the challenge jointly in authentication to avoid replay attack and modeling attack on PUF circuit. The complexity of authentication is greatly reduced. Besides, the server of FPGA vendor is unnecessary to store all the challenge response pairs (CRPs) of each PUF-based chip due to the use of the double PUF authentication model. It saves the system resource and achieves better security. To protect software IP, IP core vendor inserts copyright information and anonymous buyer identity information into the design before trading. The anonymity of the buyer ensures the benefits of the buyer. With the participation of trustable device vendor, infringement behavior can be traced according to extracted fingerprints. The experiments show that the resource overhead of the proposed scheme is reduced by 61.96% and 31.61% by comparing with 2-1 DAPUF and built-in self-adjustable PUF. Besides, PUF stability is 99.54%. It demonstrates the good performance of the proposed scheme.

[1]  Quan Wang,et al.  A PUF-based unified identity verification framework for secure IoT hardware via device authentication , 2019, World Wide Web.

[2]  Patrick Schaumont,et al.  A flexible design flow for software IP binding in commodity FPGA , 2009, 2009 IEEE International Symposium on Industrial Embedded Systems.

[3]  Chip-Hong Chang,et al.  A Pragmatic Per-Device Licensing Scheme for Hardware IP Cores on SRAM-Based FPGAs , 2014, IEEE Transactions on Information Forensics and Security.

[4]  Máire O'Neill,et al.  A machine learning attack resistant multi-PUF design on FPGA , 2018, 2018 23rd Asia and South Pacific Design Automation Conference (ASP-DAC).

[5]  Anirban Sengupta,et al.  Triple-Phase Watermarking for Reusable IP Core Protection During Architecture Synthesis , 2018, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[6]  Xuecheng Zou,et al.  Hardware IP Protection through Gate-Level Obfuscation , 2015, 2015 14th International Conference on Computer-Aided Design and Computer Graphics (CAD/Graphics).

[7]  Jorge Guajardo,et al.  FPGA Intrinsic PUFs and Their Use for IP Protection , 2007, CHES.

[8]  Yongqiang Lyu,et al.  Binding Hardware IPs to Specific FPGA Device via Inter-twining the PUF Response with the FSM of Sequential Circuits , 2013, 2013 IEEE 21st Annual International Symposium on Field-Programmable Custom Computing Machines.

[9]  Jian Shen,et al.  Efficient Privacy-Aware Authentication Scheme for Mobile Cloud Computing Services , 2018, IEEE Systems Journal.

[10]  Mark Mohammad Tehranipoor,et al.  An Aging-Resistant RO-PUF for Reliable Key Generation , 2016, IEEE Transactions on Emerging Topics in Computing.

[11]  Muhammad Khurram Khan,et al.  Security Analysis of Smartphone and Cloud Computing Authentication Frameworks and Protocols , 2018, IEEE Access.

[12]  Gang Li,et al.  A highly reliable lightweight PUF circuit with temperature and voltage compensated for secure chip identification , 2017, 2017 IEEE 12th International Conference on ASIC (ASICON).

[13]  Ingrid Verbauwhede,et al.  A Pay-per-Use Licensing Scheme for Hardware IP Cores in Recent SRAM-Based FPGAs , 2012, IEEE Transactions on Information Forensics and Security.

[14]  Mitsugu Iwamoto,et al.  Implementation of double arbiter PUF and its performance evaluation on FPGA , 2015, The 20th Asia and South Pacific Design Automation Conference.

[15]  Jorge Guajardo,et al.  Extended abstract: The butterfly PUF protecting IP on every FPGA , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[16]  Yongqiang Lyu,et al.  Design and Implementation of a Delay-Based PUF for FPGA IP Protection , 2013, 2013 International Conference on Computer-Aided Design and Computer Graphics.

[17]  Yongqiang Lyu,et al.  A PUF-FSM Binding Scheme for FPGA IP Protection and Pay-Per-Device Licensing , 2015, IEEE Transactions on Information Forensics and Security.

[18]  Chenhui Feng,et al.  Multiple Frequency Slots Based Physical Unclonable Functions: Multiple Frequency Slots Based Physical Unclonable Functions , 2013 .

[19]  Li Peng,et al.  Study on PUF based secure protection for IC design , 2016, Microprocess. Microsystems.

[20]  Muhammad Khurram Khan,et al.  Communal Acts of IoT Consumers: A Potential Threat to Security and Privacy , 2019, IEEE Transactions on Consumer Electronics.

[21]  Stephen A. Benton,et al.  Physical one-way functions , 2001 .

[22]  Srinivas Devadas,et al.  Slender PUF Protocol: A Lightweight, Robust, and Secure Authentication by Substring Matching , 2012, 2012 IEEE Symposium on Security and Privacy Workshops.

[23]  Yu Hu,et al.  PUF Based Pay-Per-Device Scheme for IP Protection of CNN Model , 2018, 2018 IEEE 27th Asian Test Symposium (ATS).

[24]  Patrick Schaumont,et al.  Offline Hardware/Software Authentication for Reconfigurable Platforms , 2006, CHES.

[25]  G.-J. Schrijen,et al.  Physical Unclonable Functions and Public-Key Crypto for FPGA IP Protection , 2007, 2007 International Conference on Field Programmable Logic and Applications.

[26]  Gang Qu,et al.  Reconfigurable Binding against FPGA Replay Attacks , 2015, TODE.

[27]  Dawu Gu,et al.  A Survey on Lightweight Entity Authentication with Strong PUFs , 2015, ACM Comput. Surv..