SRAM-PUF-Based Entities Authentication Scheme for Resource-Constrained IoT Devices

With the development of the cloud-based Internet of Things (IoT), people and things can request services, access data, or control actuators located thousands of miles away. The entity authentication of the remotely accessed devices is an essential part of the security systems. In this vein, Physical Unclonable Functions (PUFs) are a hot research topic, especially for generating random, stable, and tamper-resistant fingerprints. This paper proposes a lightweight, robust SRAM-PUF based entity authentication scheme to guarantee that the accessed end devices are trustable. The proposed scheme uses ChallengeResponse Pairs (CRPs) represented by re-ordered memory addresses as challenges and the corresponding SRAM cells’ startup values as responses. The experimental results show that our scheme can efficiently authenticate resources-constrained IoT devices with a low computation overhead and small memory capacity. Furthermore, we analyze the SRAM-PUF by testing the PUF output under different environmental conditions, including temperature and magnetic field, in addition to exploring the effect of writing different values to the SRAM cells on the stability of their startup values.

[1]  Hannes Tschofenig,et al.  Securing the Internet of Things: A Standardization Perspective , 2014, IEEE Internet of Things Journal.

[2]  John Ross Wallrabenstein Practical and Secure IoT Device Authentication Using Physical Unclonable Functions , 2016, 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud).

[3]  Colin Boyd,et al.  Authentication and Key Transport Using Public Key Cryptography , 2003 .

[4]  Roel Maes,et al.  Long-term Continuous Assessment of SRAM PUF and Source of Random Numbers , 2020, 2020 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[5]  Craig Gentry,et al.  Fully Key-Homomorphic Encryption, Arithmetic Circuit ABE and Compact Garbled Circuits , 2014, EUROCRYPT.

[6]  An Braeken,et al.  PUF Based Authentication Protocol for IoT , 2018, Symmetry.

[7]  Jiguo Yu,et al.  Edge Computing Security: State of the Art and Challenges , 2019, Proceedings of the IEEE.

[8]  Nima Karimian,et al.  DRAM-Based Intrinsic Physically Unclonable Functions for System-Level Security and Authentication , 2017, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[9]  James F. Plusquellic,et al.  A Privacy-Preserving, Mutual PUF-Based Authentication Protocol , 2017, Cryptogr..

[10]  Jorge Guajardo,et al.  FPGA Intrinsic PUFs and Their Use for IP Protection , 2007, CHES.

[11]  Biplab Sikdar,et al.  Mutual Authentication in IoT Systems Using Physical Unclonable Functions , 2017, IEEE Internet of Things Journal.

[12]  Sherali Zeadally,et al.  Certificateless Public Key Authenticated Encryption With Keyword Search for Industrial Internet of Things , 2018, IEEE Transactions on Industrial Informatics.

[13]  Qinghua Zheng,et al.  Towards Efficient Fine-Grained Access Control and Trustworthy Data Processing for Remote Monitoring Services in IoT , 2019, IEEE Transactions on Information Forensics and Security.

[14]  Boris Skoric,et al.  Anti-counterfeiting, key distribution, and key storage in an ambient world via physical unclonable functions , 2009, Inf. Syst. Frontiers.

[15]  G. Edward Suh,et al.  Extracting Device Fingerprints from Flash Memory by Exploiting Physical Variations , 2011, TRUST.

[16]  Joan Daniel Prades,et al.  The Power of Models: Modeling Power Consumption for IoT Devices , 2015, IEEE Sensors Journal.

[17]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[18]  Gang Qu,et al.  A Silicon PUF Based Entropy Pump , 2019, IEEE Transactions on Dependable and Secure Computing.

[19]  Dawu Gu,et al.  Helper Data Algorithms for PUF-Based Key Generation: Overview and Analysis , 2015, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[20]  Vinod Vaikuntanathan,et al.  Attribute-based encryption for circuits , 2013, STOC '13.

[21]  Daniel E. Holcomb,et al.  Initial SRAM State as a Fingerprint and Source of True Random Numbers for RFID Tags , 2007 .

[22]  Derek Abbott,et al.  Obfuscated challenge-response: A secure lightweight authentication mechanism for PUF-based pervasive devices , 2016, 2016 IEEE International Conference on Pervasive Computing and Communication Workshops (PerCom Workshops).

[23]  Hong Liu,et al.  Physical unclonable functions based secret keys scheme for securing big data infrastructure communication , 2019, Inf. Sci..

[24]  Ashok Kumar Das,et al.  Lightweight and Physically Secure Anonymous Mutual Authentication Protocol for Real-Time Data Access in Industrial Wireless Sensor Networks , 2019, IEEE Transactions on Industrial Informatics.

[25]  Chris Peikert,et al.  A Decade of Lattice Cryptography , 2016, Found. Trends Theor. Comput. Sci..

[26]  Huansheng Ning,et al.  Physical unclonable function: architectures, applications and challenges for dependable security , 2020, IET Circuits Devices Syst..

[27]  Ying Su,et al.  A Digital 1.6 pJ/bit Chip Identification Circuit Using Process Variations , 2008, IEEE Journal of Solid-State Circuits.

[28]  Roel Maes,et al.  Countering the effects of silicon aging on SRAM PUFs , 2014, 2014 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[29]  Daniel E. Holcomb,et al.  Power-Up SRAM State as an Identifying Fingerprint and Source of True Random Numbers , 2009, IEEE Transactions on Computers.