Secure lightweight entity authentication with strong PUFs: Mission impossible?

被引：45

作者：

Delvaux, Jeroen ^{[1
,2
]}

Gu, Dawu ^{[2
]}

Schellekens, Dries ^{[1
]}

Verbauwhede, Ingrid ^{[1
]}

机构：

[1] ESAT/COSIC and iMinds, KU Leuven, Kasteelpark Arenberg 10, Leuven-Heverlee

[2] CSE/LoCCS, Shanghai Jiao Tong University, 800 Dongchuan Road, Shanghai

来源：

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | 2014年 / 8731卷

关键词：

Entity authentication; Lightweight; Physically unclonable function;

D O I：

10.1007/978-3-662-44709-3_25

中图分类号：

学科分类号：

摘要：

Physically unclonable functions (PUFs) exploit the unavoidable manufacturing variations of an integrated circuit (IC). Their inputoutput behavior serves as a unique IC ‘fingerprint’. Therefore, they have been envisioned as an IC authentication mechanism, in particular for the subclass of so-called strong PUFs. The protocol proposals are typically accompanied with two PUF promises: lightweight and an increased resistance against physical attacks. In this work, we review eight prominent proposals in chronological order: from the original strong PUF proposal to the more complicated converse and slender PUF proposals. The novelty of our work is threefold. First, we employ a unified notation and framework for ease of understanding. Second, we initiate direct comparison between protocols, which has been neglected in each of the proposals. Third, we reveal numerous security and practicality issues. To such an extent, that we cannot support the use of any proposal in its current form. All proposals aim to compensate the lack of cryptographic properties of the strong PUF. However, proper compensation seems to oppose the lightweight objective. © International Association for Cryptologic Research 2014.

引用

页码：451 / 475

页数：24

共 24 条

[1] Das A., Kocabas U., Sadeghi A.-R., Verbauwhede I., PUF-based secure test wrapper design for cryptographic SoC testing, Design, Automation & Test in Europe pp, pp. 866-869, (2012)
[2] Delvaux J., Verbauwhede I., Attacking PUF-Based Pattern Matching Key Generators via Helper Data Manipulation, In: Benaloh, J. (ed.) CT-RSA 2014. LNCS, 8366, pp. 106-131, (2014)
[3] Dodis Y., Ostrovsky R., Reyzin L., Smith A., Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data, SIAM J. Comput, 38, 1, pp. 97-139, (2008)
[4] Gassend B., Clarke D.E., Van Dijk M., Devadas S., Silicon physical random functions, ACM Conference on Computer and Communications Security, CCS, pp. 148-160, (2002)
[5] Gassend B., Clarke D.E., Van Dijk M., Devadas S., Controlled Physical Random Functions, Annual Computer Security Applications Conference, ACSAC, pp. 149-160, (2002)
[6] Gassend B., Van Dijk M., Clarke D.E., Torlak E., Devadas S., Tuyls P., Controlled physical random functions and applications, ACM Trans. Inf. Syst. Secur, 10, 4, (2008)
[7] Guajardo J., Kumar S.S., Schrijen G.-J., Tuyls P., FPGA Intrinsic PUFs and Their Use for IP Protection, CHES 2007. LNCS, vol, 4727, pp. 63-80, (2007)
[8] Hammouri G., Ozturk E., Sunar B., A tamper-proof and lightweight authentication scheme, Journal Pervasive and Mobile Computing, 6, 4, (2008)
[9] Holcomb D.E., Burleson W.P., Fu K., Power-Up SRAM State as an Identifying Fingerprint and Source of True Random Numbers. IEEE Trans, Computers 58(9), (2009)
[10] Hospodar G., Maes R., Verbauwhede I., Machine Learning Attacks on 65nm Arbiter PUFs: Accurate Modeling poses strict Bounds on Usability, IEEE Workshop on Information Forensics and Security (WIFS), pp. 37-42, (2012)

← 1 2 3 →