Abstract
A physical unclonable function (PUF) is broadly investigated as a secret key generator for internet-of-things (IoT) devices because of its uniqueness and randomness. Security vulnerability may occur in conventional PUF-based schemes if an attacker eavesdrops on the challenge and response pair (CRP) associated with PUF. To mitigate the impact of such key compromise, this study proposes a novel dynamic PUF key generation scheme, where the sensing data-based dynamic features are integrated to a static PUF-based key. The compressive autoencoders (AEs) typically employed for compressing the time-series data can be customized to extract data-based features. The dynamic features are quantized to generate the data-based key, and then combined with the PUF-based key for the dynamic key generation. An attacker finds it difficult to extract the PUF-based key from the synthesized ones; hence, CRPs cannot be estimated, even if the attacker can obtain the dynamic key through eavesdropping. The event signal decomposition algorithm, which disjoins the dominant event signal in the dataset, is proposed to enhance the data-based key diversity. For numerical evaluation, the static random access memory-PUF and the public energy dataset are used for the dynamic key generation. Numerical results show that the AE model can generate a data-based key that prohibits key leakage to the attacker while improving the reconstruction performance. The dynamic key is evaluated for diverse attack models (e.g., replay and modeling attacks), and the attacker cannot estimate the CRP tables.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.