Lightweight Fuzzy Extractor Based on LPN for Device and Biometric Authentication in IoT

User and device biometrics are proven to be a reliable source for authentication, especially for the Internet-of-Things (IoT) applications. One of the methods to employ biometric data in authentication are fuzzy extractors (FE) that can extract cryptographically secure and reproducible keys from noisy biometric sources with some entropy loss. It has been shown that one can reliably build an FE based on the learning parity with noise (LPN) problem with higher error-tolerance than previous FE schemes. However, the only available LPN-based FE implementation suffers from extreme resource demands that are not practical for IoT devices. This article proposes a lightweight hardware/software (HW/SW) co-design for implementing LPN-based FE. We provide different optimizations on architecture to decrease the resource requirements of the scheme. The proposed architecture is resistant against simple side-channel analysis and improves area and area-time product (AT) by more than 89% and 83%, respectively, compared to previous work. Our experimental results indicate that the proposed architecture can be implemented on off-the-shelf resource-constrained SoC-FPGA boards from different vendors such as Xilinx, Digilent, and Trenz. Moreover, we provide the first implementation results of LPN-based FE on an application-specific integrated circuit (ASIC) platform using HW/SW co-design.

[1]  Srdjan Capkun,et al.  Software Grand Exposure: SGX Cache Attacks Are Practical , 2017, WOOT.

[2]  Jorge Guajardo,et al.  Extended abstract: The butterfly PUF protecting IP on every FPGA , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[3]  Srinivas Devadas,et al.  Secure and robust error correction for physical unclonable functions , 2010, IEEE Design & Test of Computers.

[4]  Patrick Schaumont,et al.  Compact and low-power ASIP design for lightweight PUF-based authentication protocols , 2016, IET Inf. Secur..

[5]  Takafumi Aoki,et al.  Efficient Fuzzy Extractors Based on Ternary Debiasing Method for Biased Physically Unclonable Functions , 2019, IEEE Transactions on Circuits and Systems I: Regular Papers.

[6]  Robert K. Cunningham,et al.  Iris Biometric Security Challenges and Possible Solutions: For your eyes only?Using the iris as a key , 2015, IEEE Signal Processing Magazine.

[7]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[8]  Srinivas Devadas,et al.  Trapdoor Computational Fuzzy Extractors and Stateless Cryptographically-Secure Physical Unclonable Functions , 2017, IEEE Transactions on Dependable and Secure Computing.

[9]  Yingjie Lao,et al.  Efficient fuzzy extractor implementations for PUF based authentication , 2017, 2017 12th International Conference on Malicious and Unwanted Software (MALWARE).

[10]  Siavash Bayat-Sarmadi,et al.  Lightweight and Fault-Resilient Implementations of Binary Ring-LWE for IoT Devices , 2020, IEEE Internet of Things Journal.

[11]  Jorge Guajardo,et al.  FPGA Intrinsic PUFs and Their Use for IP Protection , 2007, CHES.

[12]  Leonid Reyzin,et al.  Computational Fuzzy Extractors , 2013, ASIACRYPT.

[13]  Kang G. Shin,et al.  Fault Injection Techniques and Tools , 1997, Computer.

[14]  Chao Gao,et al.  Security Vulnerabilities of Internet of Things: A Case Study of the Smart Plug System , 2017, IEEE Internet of Things Journal.

[15]  Pankaj Rohatgi,et al.  Introduction to differential power analysis , 2011, Journal of Cryptographic Engineering.

[16]  Patrick Schaumont,et al.  The Role of Energy in the Lightweight Cryptographic Profile , 2016 .

[17]  Oded Regev,et al.  On lattices, learning with errors, random linear codes, and cryptography , 2005, STOC '05.

[18]  Matthias Hiller,et al.  Complementary IBS: Application specific error correction for PUFs , 2012, 2012 IEEE International Symposium on Hardware-Oriented Security and Trust.

[19]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[20]  Michael Orshansky,et al.  Binary Ring-LWE hardware with power side-channel countermeasures , 2018, 2018 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[21]  Siavash Bayat-Sarmadi,et al.  Lightweight and DPA-Resistant Post-Quantum Cryptoprocessor based on Binary Ring-LWE , 2020, 2020 20th International Symposium on Computer Architecture and Digital Systems (CADS).

[22]  Srinivas Devadas,et al.  FPGA Implementation of a Cryptographically-Secure PUF Based on Learning Parity with Noise , 2017, Cryptogr..

[23]  Michael Weiner,et al.  Breaking through fixed PUF block limitations with differential sequence coding and convolutional codes , 2013, TrustED '13.

[24]  Stefan Mangard,et al.  Rowhammer.js: A Remote Software-Induced Fault Attack in JavaScript , 2015, DIMVA.

[25]  Timothy C. Green,et al.  Energy Harvesting From Human and Machine Motion for Wireless Electronic Devices , 2008, Proceedings of the IEEE.

[26]  Manuel Blum,et al.  Secure Human Identification Protocols , 2001, ASIACRYPT.

[27]  Michael Hamburg,et al.  Spectre Attacks: Exploiting Speculative Execution , 2018, 2019 IEEE Symposium on Security and Privacy (SP).