Tutorial T7: Physically Unclonable Function: A Promising Security Primitive for Internet of Things

Abstract

Summary form only given. Internet of Things (IoT) is a network of large number of uniquely identifiable intercommunicating “smart” devices that promise to transform our lives. Lightweight authentication protocols for resource {constrained smart devices should be secure against “physical attacks” such as Side-Channel Attack. Physically Unclonable Functions (PUFs) are a class of novel hardware security primitives that promise a paradigm shift in many security applications and protocols. In essence, a PUF circuit is a partially disordered system that has an instance{speci_c input{output behavior that cannot be replicated by manufacturing (hence \physically unclonable"). The unique features of PUFs avoid explicit key storage, and thus make them immune against many of the existing physical attacks which aim to divulge the secret key of cryptographic algorithms. However, the concept of PUF is not a panacea in the domain of security, and they are still vulnerable to several forms of intelligent attacks, using a combination of concepts borrowed from side-channel analysis and machine learning. In this tutorial, we would explore design challenges, operating principles, attacks and defence strategies for PUF circuits. The tutorial would cover the following topics: Fundamentals of PUF, Lightweight PUF Designs, Security Analysis of PUFs and PUF-based Authentication Protocols.