Physically Unclonable Functions (PUFs) represent a promising security primitive due to their unclonability, uniqueness and tamper-evident properties, and have been recently exploited for device identification and authentication, and for secret key generation and storage purposes. In this paper, we present PHEMAP (Physical Hardware-Enabled Mutual Authentication Protocol), that allows to achieve mutual authentication in a one-to-many communication scenario, where multiple devices are connected to a sink node. The protocol exploits the recursive invocation of the PUF embedded on the devices to generate sequences (chains) of values that are used to achieve synchronization among communicating parties. We demonstrate that, under reasonable assumptions, PHEMAP is secure and robust against man-in-the-middle attacks and other common physical attacks. We discuss PHEMAP performance in several operation conditions, by measuring the efficiency of the protocol when varying some of the underlying parameters. Finally, we present an implementation of PHEMAP on devices hosting an FPGA belonging to the Xilinx Zynq-7000 family and embedding an Anderson PUF architecture, and show that the computation and hardware overhead introduced by the protocol makes it feasible for commercial mid-range devices. © 2018 Elsevier Inc.
A PUF-based hardware mutual authentication protocol / Barbareschi, Mario; and De Benedictis, M.; and Mazzocca, A.. - In: JOURNAL OF PARALLEL AND DISTRIBUTED COMPUTING. - ISSN 0743-7315. - 119:(2018), pp. 107-120. [10.1016/j.jpdc.2018.04.007]
A PUF-based hardware mutual authentication protocol
Barbareschi;M. and De Benedictis;A. and Mazzocca
2018
Abstract
Physically Unclonable Functions (PUFs) represent a promising security primitive due to their unclonability, uniqueness and tamper-evident properties, and have been recently exploited for device identification and authentication, and for secret key generation and storage purposes. In this paper, we present PHEMAP (Physical Hardware-Enabled Mutual Authentication Protocol), that allows to achieve mutual authentication in a one-to-many communication scenario, where multiple devices are connected to a sink node. The protocol exploits the recursive invocation of the PUF embedded on the devices to generate sequences (chains) of values that are used to achieve synchronization among communicating parties. We demonstrate that, under reasonable assumptions, PHEMAP is secure and robust against man-in-the-middle attacks and other common physical attacks. We discuss PHEMAP performance in several operation conditions, by measuring the efficiency of the protocol when varying some of the underlying parameters. Finally, we present an implementation of PHEMAP on devices hosting an FPGA belonging to the Xilinx Zynq-7000 family and embedding an Anderson PUF architecture, and show that the computation and hardware overhead introduced by the protocol makes it feasible for commercial mid-range devices. © 2018 Elsevier Inc.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
