Abstract
Several authentication protocols based on Physically Unclonable Functions (PUF) have been proposed to authenticate hardware devices. The preliminary steps of a PUF-based authentication protocol are to obtain and store on a remote server the reference device's secret identifier (known as the PUF response) by the manufacturer. This reference response is compared (accurately or with a small threshold) with the response given by the device during its normal use. However, the responses provided by a PUF are not fully stable over time and with environmental variations. Consequently, correction mechanisms have to be used to increase the PUF responses steadiness. In most of the proposed correction schemes in the literature, the correction mechanisms consume more area than the PUF; hence, these solutions are unfeasible for area cost restricted devices such as consumer items used for IoT applications. This article presents the use of a preliminary PUF noise characterization to perform an ultra-lightweight device authentication. The proposed PUF-based authentication protocol, called restoration protocol, adapts the reference PUF response (stored on the remote server) to the generated PUF response on the device without leaking any information to an adversary. In addition, the restoration protocol is implemented without the need of an expensive hardware system on the device side. The workload is performed only on the server side, which has more resources. The security analysis and the experimental validation results using real PUF responses obtained from TERO-PUF demonstrate the viability of the proposed protocol.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.