A Survey on Lightweight Entity Authentication with Strong PUFs

Physically unclonable functions (PUFs) exploit the unavoidable manufacturing variations of an Integrated Circuit (IC). Their input-output behavior serves as a unique IC “fingerprint.” Therefore, they have been envisioned as an IC authentication mechanism, in particular the subclass of so-called strong PUFs. The protocol proposals are typically accompanied with two PUF promises: lightweight and an increased resistance against physical attacks. In this work, we review 19 proposals in chronological order: from the original strong PUF proposal (2001) to the more complicated noise bifurcation and system of PUF proposals (2014). The assessment is aided by a unified notation and a transparent framework of PUF protocol requirements.

[1]  Lejla Batina,et al.  RFID-Tags for Anti-counterfeiting , 2006, CT-RSA.

[2]  Roel Maes,et al.  Physically Unclonable Functions , 2013, Springer Berlin Heidelberg.

[3]  Yuanzhong Xu,et al.  Design of a Security Protocol for Low-Cost RFID , 2012, 2012 8th International Conference on Wireless Communications, Networking and Mobile Computing.

[4]  Arenberg Doctoral,et al.  Physically Unclonable Functions: Constructions, Properties and Applications , 2012 .

[5]  Sergei Skorobogatov,et al.  Semi-invasive attacks: a new approach to hardware security analysis , 2005 .

[6]  Miodrag Potkonjak,et al.  Testing Techniques for Hardware Security , 2008, 2008 IEEE International Test Conference.

[7]  Srinivas Devadas,et al.  Controlled physical random functions and applications , 2008, TSEC.

[8]  Zhong Chen,et al.  PUF-Based RFID Authentication Protocol against Secret Key Leakage , 2012, APWeb.

[9]  D. Engels,et al.  Security and Privacy : Modest Proposals for Low-Cost RFID Systems # , 2004 .

[10]  Marten van Dijk,et al.  A technique to build a secret key in integrated circuits for identification and authentication applications , 2004, 2004 Symposium on VLSI Circuits. Digest of Technical Papers (IEEE Cat. No.04CH37525).

[11]  Rafail Ostrovsky,et al.  Secure Remote Authentication Using Biometric Data , 2005, EUROCRYPT.

[12]  Roel Maes,et al.  An Accurate Probabilistic Reliability Model for Silicon PUFs , 2013, CHES.

[13]  D.W. Engels,et al.  Security and privacy solutions for low-cost RFID systems , 2004, Proceedings of the 2004 Intelligent Sensors, Sensor Networks and Information Processing Conference, 2004..

[14]  S. Devadas,et al.  Design and Implementation of PUF-Based "Unclonable" RFID ICs for Anti-Counterfeiting and Security Applications , 2008, 2008 IEEE International Conference on RFID.

[15]  Jean-Pierre Seifert,et al.  Cloning Physically Unclonable Functions , 2013, 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[16]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[17]  Yong Guan,et al.  Lightweight Mutual Authentication and Ownership Transfer for RFID Systems , 2010, 2010 Proceedings IEEE INFOCOM.

[18]  Jean-Pierre Seifert,et al.  Physical Characterization of Arbiter PUFs , 2014, IACR Cryptol. ePrint Arch..

[19]  Berk Sunar,et al.  Differential template attacks on PUF enabled cryptographic devices , 2010, 2010 IEEE International Workshop on Information Forensics and Security.

[20]  Hugo Krawczyk,et al.  Keying Hash Functions for Message Authentication , 1996, CRYPTO.

[21]  Maurizio Pizzonia,et al.  Efficient and practical authentication of PUF-based RFID tags in supply chains , 2010, 2010 IEEE International Conference on RFID-Technology and Applications.

[22]  Ling Zou,et al.  High-Efficient RFID Authentication Protocol Based on Physical Unclonable Function , 2012, 2012 8th International Conference on Wireless Communications, Networking and Mobile Computing.

[23]  Albert Levi,et al.  PUF-enhanced offline RFID security and privacy , 2012, J. Netw. Comput. Appl..

[24]  Srinivas Devadas,et al.  Controlled physical random functions , 2002, 18th Annual Computer Security Applications Conference, 2002. Proceedings..

[25]  Srinivas Devadas,et al.  A noise bifurcation architecture for linear additive physical functions , 2014, 2014 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[26]  Georg Sigl,et al.  Semi-invasive EM attack on FPGA RO PUFs and countermeasures , 2011 .

[27]  R. Pappu,et al.  Physical One-Way Functions , 2002, Science.

[28]  Srinivas Devadas,et al.  Reliable and efficient PUF-based key generation using pattern matching , 2011, 2011 IEEE International Symposium on Hardware-Oriented Security and Trust.

[29]  Ahmad-Reza Sadeghi,et al.  Recyclable PUFs: logically reconfigurable PUFs , 2011, Journal of Cryptographic Engineering.

[30]  共立出版株式会社 コンピュータ・サイエンス : ACM computing surveys , 1978 .

[31]  Young-Sil Lee,et al.  Mutual Authentication Protocol for Enhanced RFID Security and Anti-counterfeiting , 2012, 2012 26th International Conference on Advanced Information Networking and Applications Workshops.

[32]  Jorge Guajardo,et al.  FPGA Intrinsic PUFs and Their Use for IP Protection , 2007, CHES.

[33]  Mete Akgün,et al.  Cryptanalysis of Lightweight Mutual Authentication and Ownership Transfer for RFID Systems , 2011, 2011 Workshop on Lightweight Security & Privacy: Devices, Protocols, and Applications.

[34]  Roel Peeters,et al.  IBIHOP: Proper Privacy Preserving Mutual RFID Authentication , 2013, RFIDSec Asia.

[35]  Blaise L. P. Gassend,et al.  Physical random functions , 2003 .

[36]  Young-Sil Lee,et al.  Mutual authentication in wireless body sensor networks (WBSN) based on Physical Unclonable Function (PUF) , 2013, 2013 9th International Wireless Communications and Mobile Computing Conference (IWCMC).

[37]  Ahmad-Reza Sadeghi,et al.  Enhancing RFID Security and Privacy by Physically Unclonable Functions , 2009, Towards Hardware-Intrinsic Security.

[38]  Masoumeh Safkhani,et al.  Security Analysis of a PUF based RFID Authentication Protocol , 2011, IACR Cryptol. ePrint Arch..

[39]  Berk Sunar,et al.  Towards Robust Low Cost Authentication for Pervasive Devices , 2008, 2008 Sixth Annual IEEE International Conference on Pervasive Computing and Communications (PerCom).

[40]  Stefan Katzenbeisser,et al.  Reverse Fuzzy Extractors: Enabling Lightweight Mutual Authentication for PUF-Enabled RFIDs , 2012, Financial Cryptography.

[41]  Souhwan Jung,et al.  HRP: A HMAC-based RFID mutual authentication protocol using PUF , 2013, The International Conference on Information Networking 2013 (ICOIN).

[42]  Dawu Gu,et al.  Helper Data Algorithms for PUF-Based Key Generation: Overview and Analysis , 2015, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[43]  Ayman I. Kayssi,et al.  A PUF-based ultra-lightweight mutual-authentication RFID protocol , 2011, 2011 International Conference for Internet Technology and Secured Transactions.

[44]  Georg T. Becker,et al.  Active and Passive Side-Channel Attacks on Delay Based PUF Designs , 2014, IACR Cryptol. ePrint Arch..

[45]  Georg Sigl,et al.  Side-Channel Analysis of PUFs and Fuzzy Extractors , 2011, TRUST.

[46]  Srinivas Devadas,et al.  Silicon physical random functions , 2002, CCS '02.

[47]  Srinivas Devadas,et al.  PUF Modeling Attacks on Simulated and Silicon Data , 2013, IEEE Transactions on Information Forensics and Security.

[48]  Srinivas Devadas,et al.  Slender PUF Protocol: A Lightweight, Robust, and Secure Authentication by Substring Matching , 2012, 2012 IEEE Symposium on Security and Privacy Workshops.

[49]  Stefan Katzenbeisser,et al.  Converse PUF-Based Authentication , 2012, TRUST.

[50]  Srinivas Devadas,et al.  Robust and Reverse-Engineering Resilient PUF Authentication and Key-Exchange by Substring Matching , 2014, IEEE Transactions on Emerging Topics in Computing.

[51]  Martin D. F. Wong,et al.  System-of-PUFs: Multilevel security for embedded systems , 2014, 2014 International Conference on Hardware/Software Codesign and System Synthesis (CODES+ISSS).

[52]  Georg T. Becker,et al.  On the Pitfalls of Using Arbiter-PUFs as Building Blocks , 2015, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[53]  Jeroen Delvaux,et al.  Attacking PUF-Based Pattern Matching Key Generators via Helper Data Manipulation , 2014, CT-RSA.

[54]  Leonid Bolotnyy,et al.  Physically Unclonable Function-Based Security and Privacy in RFID Systems , 2007, Fifth Annual IEEE International Conference on Pervasive Computing and Communications (PerCom'07).

[55]  G. Edward Suh,et al.  Physical Unclonable Functions for Device Authentication and Secret Key Generation , 2007, 2007 44th ACM/IEEE Design Automation Conference.

[56]  Berk Sunar,et al.  A tamper-proof and lightweight authentication scheme , 2008, Pervasive Mob. Comput..

[57]  Ahmad-Reza Sadeghi,et al.  PUF-based secure test wrapper design for cryptographic SoC testing , 2012, 2012 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[58]  Jan Sölter,et al.  Efficient Power and Timing Side Channels for Physical Unclonable Functions , 2014, CHES.

[59]  Ron Steinfeld,et al.  Breaking NLM-MAC Generator , 2013, IACR Cryptol. ePrint Arch..

[60]  Srinivas Devadas,et al.  Modeling attacks on physical unclonable functions , 2010, CCS '10.

[61]  Hugo Krawczyk,et al.  HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[62]  Stephen A. Benton,et al.  Physical one-way functions , 2001 .

[63]  Daniel E. Holcomb,et al.  Power-Up SRAM State as an Identifying Fingerprint and Source of True Random Numbers , 2009, IEEE Transactions on Computers.