Hanguang Luo,Tao Zou,Chunming Wu,Dan Li,Shunbin Li,Chu

DOI: https://doi.org/10.32604/cmc.2022.027118

2022-01-01

Abstract:In the emerging Industrial Internet of Things (IIoT), authentication problems have become an urgent issue for massive resource-constrained devices because traditional costly security mechanisms are not suitable for them. The security protocol designed for resource-constrained systems should not only be secure but also efficient in terms of usage of energy, storage, and processing. Although recently many lightweight schemes have been proposed, to the best of our knowledge, they are unable to address the problem of privacy preservation with the resistance of Denial of Service (DoS) attacks in a practical way. In this paper, we propose a lightweight authentication protocol based on the Physically Unclonable Function (PUF) to overcome the limitations of existing schemes. The protocol provides an ingenious authentication and synchronization mechanism to solve the contradictions amount forward secrecy, DoS attacks, and resource-constrained. The performance analysis and comparison show that the proposed scheme can better improve the authentication security and efficiency for resource-constrained systems in IIoT.

Liang Kou,Yiqi Shi,Liguo Zhang,Duo Liu,Qing Yang

DOI: https://doi.org/10.32604/cmc.2019.03760

2019-01-01

Abstract:With the development of computer hardware technology and network technology, the Internet of Things as the extension and expansion of traditional computing network has played an increasingly important role in all professions and trades and has had a tremendous impact on people lifestyle. The information perception of the Internet of Things plays a key role as a link between the computer world and the real world. However, there are potential security threats in the Perceptual Layer Network applied for information perception because Perceptual Layer Network consists of a large number of sensor nodes with weak computing power, limited power supply, and open communication links. We proposed a novel lightweight authentication protocol based on password, smart card and biometric identification that achieves mutual authentication among User, GWN and sensor node. Biometric identification can increase the non-repudiation feature that increases security. After security analysis and logical proof, the proposed protocol is proven to have a higher reliability and practicality.

Premkumar, N.,Kumar, B. Santhosh

DOI: https://doi.org/10.1007/s11277-024-11596-0

IF: 2.017

2024-11-06

Wireless Personal Communications

Abstract:Recently, Fog computing become a hot research area with the fast development of Internet of Things (IoT) which cannot be handled efficiently by the traditional cloud computing. The essence of Fog computing is to place some datacenters at the edge of the network called as Edge DataCenters (EDCs) or fog nodes with limited storage and processing capabilities, which is closer to the location of data sources, and located between cloud datacenter and the data source. This EDCs serve as a storage and processing point in the network and act as a middle layer between cloud datacenter and IoT in the fog hierarchy. Since most of the EDCs are positioned in isolated environments, the need for secure authentication is of major importance. Thus, ensuring that only legitimate EDCs are allowed in the environment become an attractive research problem. There are few techniques have been proposed in the past for authenticating EDCs to discover legitimate EDCs and permit secure communication. Unfortunately, such techniques involved memory intensive and complex calculations which pay no attention to the resource limitation nature of the EDCs. Thus, to address these challenges, a lightweight strong authentication algorithm has been proposed to ensure safe communication between EDCs. The computation costs of the proposed scheme is low compared to other solutions, thus it has been proved lightweight and can be a suitable solution for resource constrained devices.

telecommunications

Yu Zhuang,Gaoxiang Li

2024-05-22

Abstract:Lightweight authentication is essential for resource-constrained Internet-of-Things (IoT). Implementable with low resource and operable with low power, Physical Unclonable Functions (PUFs) have the potential as hardware primitives for implementing lightweight authentication protocols. The arbiter PUF (APUF) is probably the most lightweight strong PUF capable of generating exponentially many challenge-response pairs (CRPs), a desirable property for authentication protocols, but APUF is severely weak against modeling attacks. Efforts on PUF design have led to many PUFs of higher resistance to modeling attacks and also higher area overhead. There are also substantial efforts on protocol development, some leverage PUFs' strength in fighting modeling attacks, and some others employ carefully designed protocol techniques to obfuscate either the challenges or the responses with modest increase of area overhead for some or increased operations for some others. To attain both low resource footprint and high modeling attack resistance, in this paper we propose a co-design of PUF and protocol, where the PUF consists of an APUF and a zero-transistor interface that obfuscates the true challenge bits fed to the PUF. The obfuscated PUF possesses rigorously proven potential and experimentally supported performance against modeling attacks when a condition is met, and the protocol provides the condition required by the PUF and leverages the PUF's modeling resistance to arrive at low resource overhead and high operational simplicity, enabling lightweight authentications while resisting modeling attacks.

Cryptography and Security

Shuai Chen,Bing Li,Ziheng Chen,Yan Zhang,Caicai Wang,Cheng Tao

DOI: https://doi.org/10.1109/jiot.2021.3065836

IF: 10.6

2021-01-01

IEEE Internet of Things Journal

Abstract:Physical unclonable function (PUF) has emerged as an attractive hardware primitive for lightweight authentication in the Internet of Things (IoT). However, strong-PUF-based authentication schemes are threatened by powerful machine learning attacks. Therefore, dedicated lightweight protocols are required to preserve the privacy of the embedded strong PUF. In this article, we show that the "availability" and "reliability" features of Shamir's secret sharing (SSS) can be applied to address the security issue. In protocol A, the mappings between challenges and responses are randomly shuffled to resist the machine learning attacks. Leveraging the "availability" feature of SSS, the verification process is unaffected by the randomized challenge–response pairs (CRPs) at the server end. Moreover, the "reliability" feature of SSS provides the error-tolerant characteristic in our protocol, which is suitable for the noisy PUFs. Protocol A also presented a method to securely store the CRPs at the server side. The improved protocol A optimizes protocol A by eliminating the response storage and matching process at the server end. In protocol B, we present a mutual authentication protocol, where no response is exposed to the adversary. Protocol B can be classified as the lightweight protocol because it can avoid the use of cryptographic algorithms and error-correcting codes. We rigorously analyze and prove the security of our protocols with formal security proofs, informal security analysis, and several selected machine learning techniques, including logistic regression (LR), the deep neural network (DNN), approximate attack, AutoGluon-Tabular, and a new brute-force machine learning attack. Furthermore, we present an efficient implementation of our protocols on FPGA. The experimental results sh-w the feasibility and practicability of our protocols under different parameters.

computer science, information systems,telecommunications,engineering, electrical & electronic

Pengpeng Ren,Yongkang Xue,Linglin Jing,Lining Zhang,Runsheng Wang,Zhigang Ji

DOI: https://doi.org/10.1007/s11432-022-3722-8

2023-01-01

Science China Information Sciences

Abstract:The physical unclonable functions (PUFs) are novel cryptographic primitives in modern hardware security systems. Compared with traditional alternatives based on digital keys and non-volatile memory (NVM), the PUF system shows great unclonability, high efficiency, and physical attack resilience. However, the conventional PUF design suffers from weak machine learning immunity, high storage overhead, and unreliability, making it difficult to implement in the Internet of Things (IoT) and edge computing applications. This paper presents a new PUF design that could solve the proposed obstacles. By utilizing the emission probability of traps commonly found in nano-scaled transistors, a model-based PUF system with strong machine learning resistance could be achieved. This PUF design, called Prob-PUF, needs fewer challenge-response pairs (CRPs) space and reveals superior resistance to modeling attacks due to the mixture of stable/random bits in its output response. Moreover, the Prob-PUF system could reach a high level of uniqueness and robustness, making it a potential candidate for future cryptographically secured protocols within the IoT.

Yao Wang,Xue Mei,Zhengtai Chang,Wenbing Fan,Benqing Guo,Zhi Quan,Deepak Kumar Jain

DOI: https://doi.org/10.1109/jiot.2023.3314058

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:Simple authentication protocols based on conventional physical unclonable functions (PUF) are vulnerable to modeling attacks and other security threats. This paper proposes an arbiter PUF based on a linear feedback shift register (LFSR-APUF). Different from the previously reported linear feedback shift register for challenge extension, the proposed scheme feeds the external random challenges into the LFSR module to obfuscate the linear mapping relationship between the challenge and response. It can prevent attackers from obtaining valid challenge-response pairs (CRPs), increasing its resistance to modeling attacks significantly. A 64-stage LFSR-APUF has been implemented on a field programmable gate array (FPGA) board. The experimental results reveal that the proposed design can effectively resist various modeling attacks such as logistic regression (LR), evolutionary strategy (ES), Artificial Neuro Network (ANN), and support vector machine (SVM) with a prediction rate of 51.79% and a slight effect on the randomness, reliability, and uniqueness. Further, a lightweight authentication protocol is established based on the proposed LFSR-APUF. The protocol incorporates a low-overhead, ultra-lightweight, novel private bit conversion Cover function that is uniquely bound to each device in the authentication network. The proposed authentication protocol not only resists spoofing attacks, physical attacks, and modeling attacks effectively, but also ensures the security of the entire authentication network by transferring important information in encrypted form from the server to the database even when the attacker completely controls the server.

computer science, information systems,telecommunications,engineering, electrical & electronic

Baokui Zhu,Xiaowen Jiang,Kai Huang,Miao Yu

DOI: https://doi.org/10.3390/s24010093

IF: 3.9

2024-01-01

Sensors

Abstract:Physical Unclonable Functions (PUFs) are significant in building lightweight Internet of Things (IoT) authentication protocols. However, PUFs are susceptible to attacks such as Machine-Learning(ML) modeling and statistical attacks. Researchers have conducted extensive research on the security of PUFs; however, existing PUFs do not always possess good statistical characteristics and few of them can achieve a balance between security and reliability. This article proposes a strong response-feedback PUF based on the Linear Feedback Shift Register (LFSR) and the Arbiter PUF (APUF). This structure not only resists existing ML modeling attacks but also exhibits good Strict Avalanche Criterion (SAC) and Generalized Strict Avalanche Criterion (GSAC). Additionally, we introduce a Two-Level Reliability Improvement (TLRI) method that achieves 95% reliability with less than 35% of the voting times and single-response generation cycles compared to the traditional pure majority voting method.

Sensen Li,Yicai Huang,Bin Yu

DOI: https://doi.org/10.1016/j.comnet.2024.110426

IF: 5.493

2024-05-09

Computer Networks

Abstract:With the explosive development of the Internet of Things (IoT), its security has become a critical concern. As a lightweight hardware primitive, Physical Unclonable Function (PUF) provides a promising solution for IoT security. Nevertheless, as per the knowledge of the authors, most of the existing PUF-based anonymous authentication protocols for IoT are not suitable for end-to-end IoT applications due to their flexibility or security. Specifically, there are two main issues with existing related protocols: (1) the end-to-end anonymous authentication between IoT devices requires the participation of a trusted third party, which seriously affects the flexibility of interaction; (2) most related protocols provide weak anonymity, that is, they are anonymous against only eavesdroppers. To solve these problems, a new PUF-based end-to-end anonymous authentication protocol is proposed. Without needing the real-time participation of the third party, the proposed protocol realizes end-to-end direct mutual authentication and session key agreement while maintaining strong anonymity. It also provides an online dynamic updating mechanism for security parameters. The security analysis shows that the proposed protocol has perfect forward secrecy while resisting various known attacks including physical attacks and modeling attacks. Meanwhile, it outperforms related protocols in terms of protocol rounds and communication costs.

computer science, information systems,telecommunications,engineering, electrical & electronic, hardware & architecture

Xianji Jin,Na Lin,Zhongwei Li,Wenqi Jiang,Yuge Jia,Qingyang Li

DOI: https://doi.org/10.1109/access.2024.3413853

IF: 3.9

2024-06-21

IEEE Access

Abstract:With the wide application of IoT technologies in the power sector, power IoT faces serious security challenges, which can be severely affected by malicious attacks and unauthorised access. Meanwhile, devices in power IoT are usually resource-constrained and deployed in a decentralised manner, making them vulnerable to physical attacks. Therefore, a robust and reliable lightweight authentication scheme needs to be constructed to guarantee its information security. A lightweight authentication scheme for the power IoT based on Physical Unclonable Function (PUF) and Chebyshev chaotic map is proposed in this paper, which achieves two-way authentication and session key negotiation between gateways and terminal devices. Comparing with traditional authentication schemes, the PUF and Chebyshev chaotic map used in this scheme have high security and lower resource overhead. PUF is used to generate Challenge and Response Pairs (CRPs) for two-way authentication and key negotiation without storing any secret information about authentication in the device memory. At the same time, Chebyshev chaotic map is used to protect the transmission of secret information such as CRPs in insecure channels. The solution is therefore resistant to attacks such as physical, machine learning modelling and impersonation, ensuring the information security of the authentication process. The proposed scheme is analyzed and verified using the formal verification tool ProVerif and improved BAN logic along with informal methods. The verification results show that the scheme satisfies 12 security properties such as two-way authentication and user anonymity. Comparative analysis with existing related authentication schemes shows that the proposed scheme has low computation and communication costs while guaranteeing security, thus rendering it suitable for resource-constrained terminal devices in the power IoT.

computer science, information systems,telecommunications,engineering, electrical & electronic

Jianhua Li,Jiong Jin,Lingjuan Lyu,Dong Yuan,Yingying Yang,Longxiang Gao,Chao Shen

DOI: https://doi.org/10.48550/arXiv.2011.06325

2020-11-12

Abstract:Numerous resource-limited smart objects (SOs) such as sensors and actuators have been widely deployed in smart environments, opening new attack surfaces to intruders. The severe security flaw discourages the adoption of the Internet of things in smart living. In this paper, we leverage fog computing and microservice to push certificate authority (CA) functions to the proximity of data sources. Through which, we can minimize attack surfaces and authentication latency, and result in a fast and scalable scheme in authenticating a large volume of resource-limited devices. Then, we design lightweight protocols to implement the scheme, where both a high level of security and low computation workloads on SO (no bilinear pairing requirement on the client-side) is accomplished. Evaluations demonstrate the efficiency and effectiveness of our scheme in handling authentication and registration for a large number of nodes, meanwhile protecting them against various threats to smart living. Finally, we showcase the success of computing intelligence movement towards data sources in handling complicated services.

Cryptography and Security,Networking and Internet Architecture

Mohammad Wazid,Ashok Kumar Das,Neeraj Kumar,Athanasios V. Vasilakos

DOI: https://doi.org/10.1016/j.future.2018.09.017

IF: 7.307

2019-02-01

Future Generation Computer Systems

Abstract:Fog computing (fog networking) is known as a decentralized computing infrastructure in which data, applications, compute as well as data storage are scattered in the most logical and efficient place among the data source (i.e., smart devices) and the cloud. It gives better services than cloud computing because it has better performance with reasonably low cost. Since the cloud computing has security and privacy issues, and fog computing is an extension of cloud computing, it is therefore obvious that fog computing will inherit those security and privacy issues from cloud computing. In this paper, we design a new secure key management and user authentication scheme for fog computing environment, called SAKA-FC. SAKA-FC is efficient as it only uses the lightweight operations, such as one-way cryptographic hash function and bitwise exclusive-OR (XOR), for the smart devices as they are resource-constrained in nature. SAKA-FC is shown to be secure with the help of the formal security analysis using the broadly accepted Real-Or-Random (ROR) model, the formal security verification using the widely-used Automated Validation of Internet Security Protocols and Applications (AVISPA) tool and also the informal security analysis. In addition, SAKA-FC is implemented for practical demonstration using the widely-used NS2 simulator.

Fahem Zerrouki,Samir Ouchani,Hafida Bouarfa

DOI: https://doi.org/10.1007/s12652-022-04321-x

IF: 3.662

2022-08-07

Journal of Ambient Intelligence and Humanized Computing

Abstract:The Internet of things (IoT) is an indispensable part of our daily lives, bringing us many conveniences, including e-commerce and m-commerce services. Unfortunately, IoT networks suffer from several security issues, such as privacy, access control, and authentication. However, due to the limited computation resources, remote authentication between IoT devices and servers is vulnerable to being attacked over an insecure communication channel. Many authentication schemes have been proposed, but generally, they are based on traditional cryptographic techniques. Unfortunately, most of them are vulnerable to physical attacks since they rely mainly on a stored secret key in the device's local memory. However, recently Physically unclonable functions (PUFs) have been classified as solid security primitives that could guarantee the three pillars of security (confidentiality, authenticity, and privacy) of sent or received information by IoT devices. PUFs extract unique information from the physical characteristics of the IoT device. Nevertheless, a Fuzzy extractor (FE) should be considered to extract correct and reproducible cryptographic keys from a noisy source. This paper proposes a mutual authentication and a session key establishment protocol for IoT devices based on Silicon PUFs using Arbiter chips. We also validate our developed protocol regarding its resistance to attack scenarios. By relying on formal verification using VerifPal, we found that the proposed authentication mechanism is secure and suitable for resource-constrained IoT devices. Furthermore, our scheme is more efficient than the existing ones in terms of attack robustness. Finally, the experiments have been validated on an Arbiter PUF dataset.

computer science, information systems,telecommunications, artificial intelligence

Chandranshu Gupta,Gaurav Varshney

2023-11-07

Abstract:The Internet of Things (IoT) has improved people's lives by seamlessly integrating into many facets of modern life and facilitating information sharing across platforms. Device Authentication and Key exchange are major challenges for the IoT. High computational resource requirements for cryptographic primitives and message transmission during Authentication make the existing methods like PKI and IBE not suitable for these resource constrained devices. PUF appears to offer a practical and economical security mechanism in place of typically sophisticated cryptosystems like PKI and IBE. PUF provides an unclonable and tamper sensitive unique signature based on the PUF chip by using manufacturing process variability. Therefore, in this study, we use lightweight bitwise XOR, hash function, and PUF to Authenticate IoT devices. Despite several studies employing the PUF to authenticate communication between IoT devices, to the authors' knowledge, existing solutions require intermediary gateway and internet capabilities by the IoT device to directly interact with a Server for Authentication and hence, are not scalable when the IoT device works on different technologies like BLE, Zigbee, etc. To address the aforementioned issue, we present a system in which the IoT device does not require a continuous active internet connection to communicate with the server in order to Authenticate itself. The results of a thorough security study are validated against adversarial attacks and PUF modeling attacks. For formal security validation, the AVISPA verification tool is also used. Performance study recommends this protocol's lightweight characteristics. The proposed protocol's acceptability and defenses against adversarial assaults are supported by a prototype developed with ESP32.

Cryptography and Security

Feifei Liu,Yu Yan,Yu Sun,Jianwei Liu,Dawei Li,Zhenyu Guan

DOI: https://doi.org/10.1155/2022/9774853

IF: 1.968

2022-12-01

Security and Communication Networks

Abstract:Smart grid is gradually replacing traditional grid with two-way communication and improved management. Besides the efficiency and reliability it brings, the smart grid is inevitably fraught with rampant physical and cyber-attack. Although several physical unclonable function (PUF)-based schemes have been proposed, they are unsuited to the end-edge-cloud hierarchical smart grid. This paper proposes a PUF-based batch authentication and key agreement protocol, which protects both meters and gateways and provides end-to-end authentication between meters and the server. By offloading heavy operations from field devices to the server, the computation overhead is reduced substantially. Moreover, we innovatively devolve batch authentication and access control to the gateway, which additionally decreases downlink communication and signaling cost, and is superior to most recent schemes. Our protocol is proved by Tamarin under extended Dolev–Yao adversary and the Real-or-Random model and is evaluated to be secure against various attacks. Using extremely lightweight operations, our protocol is implemented on the MSP430FR5969 microcontroller.

computer science, information systems,telecommunications

Thankaraja Raja Sree,R. Harish,T. Veni

DOI: https://doi.org/10.1002/cpe.8054

2024-03-02

Concurrency and Computation Practice and Experience

Abstract:Summary As opposed to cloud servers, fog servers, and fog users may be malicious, so developing a mutual identity‐preserving authentication mechanism between them is a crucial and difficult problem in fog computing. Such a technique must conceal the user's true identity from the adversary; otherwise, the adversary will be able to determine which fog user and fog server are in communication. This article suggests a secure and reliable anonymous mutual authentication system for use at the network's edge between fog users and fog servers. With the aid of the registration authority (RA) in our system, they can verify one another and decide on a new session key that will be used to encrypt messages throughout the session. Fog users don't need to re‐register with RA to wander freely over the network and authenticate to any fog server that is within their range. The proposed technique only needs a small number of symmetric encryption/decryption and one‐way hash functions, making it easy to implement for fog‐user devices with limited resources. The new scheme's performance is evaluated in comparison to the existing one, showing that it is more resilient to various types of assaults (such as known plaintext attacks, man‐in‐the‐middle attacks, session hijacking, etc.). The widely used Automated Validation of Internet Security Protocols and Applications tool is used to verify the proposed system. The outcomes demonstrate that our approach can safely withstand different attacks and accomplish the desired outcomes. Additionally, the proposed method is tested in real‐world scenarios with the NS3 simulator.

computer science, theory & methods, software engineering

Zhao Huang,Liang Li,Yin Chen,Zeyu Li,Quan Wang,Xiaohong Jiang

DOI: https://doi.org/10.3390/electronics10233039

IF: 2.9

2021-01-01

Electronics

Abstract:With the advancement of the Internet of Things (IoTs) technology, security issues have received an increasing amount of attention. Since IoT devices are typically resource-limited, conventional security solutions, such as classical cryptography, are no longer applicable. A physically unclonable function (PUF) is a hardware-based, low-cost alternative solution to provide security for IoT devices. It utilizes the inherent nature of hardware to generate a random and unpredictable fingerprint to uniquely identify an IoT device. However, despite existing PUFs having exhibited a good performance, they are not suitable for effective application on resource-constrained IoT devices due to the limited number of challenge-response pairs (CRPs) generated per unit area and the large hardware resources overhead. To solve these problems, this article presents an ultra-lightweight reconfigurable PUF solution, which is named RPPUF. Our method is built on pico-PUF (PPUF). By incorporating configurable logics, one single RPPUF can be instantiated into multiple samples through configurable information K. We implement and verify our design on the Xilinx Spartan-6 field programmable gate array (FPGA) microboards. The experimental results demonstrate that, compared to previous work, our method increases the uniqueness, reliability and uniformity by up to 4.13%, 16.98% and 10.5%, respectively, while dramatically reducing the hardware resource overhead by 98.16% when a 128-bit PUF response is generated. Moreover, the bit per cost (BPC) metric of our proposed RPPUF increased by up to 28.5 and 53.37 times than that of PPUF and the improved butterfly PUF, respectively. This confirms that the proposed RPPUF is ultra-lightweight with a good performance, making it more appropriate and efficient to apply in FPGA-based IoT devices with constrained resources.

Yi Chen,Ai-dong Xu,Hong Wen,Yi-xin Jiang,Teng-yue Zhang

DOI: https://doi.org/10.12783/dteees/icepe2019/28912

2019-01-01

Abstract:Because of heavy cost, using of the traditional Public Key Infrastructure (PKI) authentication schemes is limited for the energy-constrained intelligent devices such as the power edge computing system, in which lightweight secure authentication schemes are urgent needed. In this paper, we propose a lightweight mutual authentication scheme supported by the edge computing, which is a novel cross-layer secure authentication program with asymmetric resources. The novel scheme combines lightweight symmetric cipher and physical-layer Channel State Information (CSI) to provide two-way authentication between terminals and edge devices. Experimental results show that the proposed scheme can significantly reduce the access authentication latency compared with the traditional PKI authentication scheme.

Gaoxiang Li,Yu Zhuang

2024-09-26

Abstract:The rapid expansion of Internet of Things (IoT) devices demands robust and resource-efficient security solutions. Physically Unclonable Functions (PUFs), which generate unique cryptographic keys from inherent hardware variations, offer a promising approach. However, traditional PUFs like Arbiter PUFs (APUFs) and XOR Arbiter PUFs (XOR-PUFs) are susceptible to machine learning (ML) and reliability-based attacks. In this study, we investigate Component-Differentially Challenged XOR-PUFs (CDC-XPUFs), a less explored variant, to address these vulnerabilities. We propose an optimized CDC-XPUF design that incorporates a pre-selection strategy to enhance reliability and introduces a novel lightweight architecture to reduce hardware overhead. Rigorous testing demonstrates that our design significantly lowers resource consumption, maintains strong resistance to ML attacks, and improves reliability, effectively mitigating reliability-based attacks. These results highlight the potential of CDC-XPUFs as a secure and efficient candidate for widespread deployment in resource-constrained IoT systems.

Cryptography and Security,Machine Learning

Mateusz Korona,Radosław Giermakowski,Mateusz Biernacki,Mariusz Rawski

DOI: https://doi.org/10.3390/electronics13020351

IF: 2.9

2024-01-15

Electronics

Abstract:Physical Unclonable Functions are security primitives that exploit the variation in integrated circuits' manufacturing process, and, as a result, each instance processes applied stimuli differently. This feature can be used to provide a unique fingerprint of the electronic device, or as an interesting alternative to classic key storage methods. Due to their nature, they are often considered an element of the Internet of Things nodes. However, their application heavily depends on resource consumption. Lightweight architectures are proposed in the literature but are technology-dependent or still introduce significant hardware overhead. This paper presents a lightweight, Strong PUF based on ring oscillator architecture, which offers small hardware overhead and sufficient security levels for resource-constrained Internet of Things devices. The PUF design utilizes a Linear Feedback Shift Register-based scramble module to generate many challenge–response pairs from a small number of ring oscillators and a control module to manage the response generation process. The proposed PUF can be used as a Weak PUF for key generation or a Strong PUF for device authentication.

engineering, electrical & electronic,computer science, information systems,physics, applied