Abstract
Physical unclonable function (PUF)-based authentication protocols have been proposed as a strong challenge-response form of authentication for internet of things (IoT) and embedded applications. A special class of so called strong PUFs are best suited for authentication because they are able to generate an exponential number of challenge-response-pairs (CRPs). However, strong PUFs must also be resilient to model-building attacks. Model-building utilizes machine learning algorithms and a small set of CRPs to build a model that is able to predict the responses of a fielded chip, thereby compromising the security of chip-server interactions. In this paper, response bitstrings are eliminated in the message exchanges between chips and the server during authentication, and therefore, it is no longer possible to carry out model-building attacks in the traditional manner. Instead, the chip transmits a Helper Data bitstring to the server and this information is used for authentication instead. The server constructs Helper Data bitstrings using enrollment data that it stores for all valid chips in a secure database and computes correlation coefficients (CCs) between the chip’s Helper Data bitstring and each of the server-generated Helper Data bitstrings. The server authenticates (and identifies) the chip if a CC is found that exceeds a threshold, which is determined during characterization. The technique is demonstrated using data from a set of 500 Xilinx Zynq 7020 FPGAs, subjected to industrial-level temperature and voltage variations.
Highlights
Robust authentication and key generation are critically important to defining a root of trust and to providing data integrity and confidentiality in communications between internet-of-things (IoT) devices
One set of challenges and Path-Select-Masks are used for the varying only the parameters. This represents only a small subset of the entire CRP space, analysis carried out in this paper and instead we focus on analyzing Helper Data bitstrings produced our results show that the Cobra technique works well across a statistically significant sample
A privacy-preserving, mutual Physical unclonable function (PUF)-based authentication protocol called Cobra is described in this paper
Summary
Robust authentication and key generation are critically important to defining a root of trust and to providing data integrity and confidentiality in communications between internet-of-things (IoT) devices. We propose a PUF-based, privacy-preserving, mutual authentication protocol with unprotected interfaces that is resilient to model-building attacks. The authentication protocol that we propose uses soft data and the corresponding Helper Data bitstrings that are produced by the PUF architecture, as input to a correlation technique. The results presented in this paper show that by correlating Helper Data bitstrings, a server can correctly and securely authenticate a fielded chip. The significance of this claim is that there is no need to reveal the response bitstrings in the message exchanges between the chip and server and the traditional approach of applying machine-learning algorithms to the challenge-response-pairs (CRPs) is no longer possible.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
