Lightweight PUF-based Continuous Authentication Protocol

Given the recent rise of the Internet-of-Things (IoT), networked devices are becoming deeply embedded into everyday objects, leading to a need for novel security methods. Physical Unclonable Functions (PUFs) enable the differentiation between instances of the same device and have the potential to replace costly cryptographic operations while providing higher security guarantees, due to their inherent unclonability. We present a pairwise, continuous authentication protocol based on Physical Unclonable Functions (PUFs) and supporting mutual authentication on resource constrained nodes. The unclonability provided by the PUFs is an integral part of the authentication process to continuously prove the existence of the PUF secrets and the proposed protocol is executed periodically to enable the establishment of trust between the participants. This is achieved by refreshing the authentication information in every protocol round, leading to a 'CRP Ratchet' mechanism of renewing the authenticating PUF challenge response pairs (CRPs). We also discuss the security and performance of the protocol in IoT applications with a large number of devices. Since the only operations used in the periodic protocol phase are hashing and exclusive OR, low computation, complexity, and energy consumption overhead is achieved.