Yuyang Zhou,Jing Guo,Fagen Li

DOI: https://doi.org/10.1016/j.sysarc.2020.101754

IF: 5.836

2020-01-01

Journal of Systems Architecture

Abstract:The Snowden incident shows that powerful attackers can compromise users' machines to steal users' private information. Currently, many encryption schemes that have proven to be secure cannot detect vulnerabilities. These vulnerabilities may reveal users' secrets, e.g., a machine hides some backdoors without a user's awareness, and an attacker can steal the user's private information through these backdoors. In 2015, Mironov and Stephens-Davidowitz proposed a new framework for solving this problem: cryptographic reverse firewall (CRF). However, their protocols can't protect certificateless public key encryption (CL-PKE). In this paper, we design a CRF protocol for CL-PKE, which is a one-round CL-PKE with CRFs (CL-PKE-CRF) deployed on a receiver and a key generating centre (KGC). This protocol is proved to achieve indistinguishability against chosen plaintext attack (IND-CPA). Compared with existing protocol with CRFs and two CL-PKE schemes, our protocol has the least communication cost. Meanwhile, we use JPBC library to implement our one-round CL-PKE-CRF. The experimental results indicate that under high security levels, our protocol has a advantage in the percentage of the running time. Since our protocol can resist exfiltration attacks from internal attackers, it is efficient and practical. Finally, we apply the same method to design a secure and effective one-round certificateless public key signature with a CRF (CL-PKS-CRF). This means that our protocol is not only targeted at a single CL-PKE scheme, but also can inspire the design of other certificateless public key cryptography schemes with CRFs.

Yuyang Zhou,Yuanfeng Guan,Zhiwei Zhang,Fagen Li

DOI: https://doi.org/10.1007/978-981-15-0818-9_3

2019-01-01

Abstract:The Snowden revelations show that powerful attackers can compromise user's machines to steal users' private information. At the same time, many of the encryption schemes that are proven to be secure in Random Oracle Model (ROM) may present undetectable vulnerabilities when implemented, and these vulnerabilities may reveal a users' secrets, e.g., the machine hides some backdoors without the user's awareness, and an attacker can steal the user's private information through these backdoors. Recently, Mironov and Stephens-Davidowitz proposed cryptographic reverse firewall (CRF) to solve this problem. However, there is no CRF for identity-based encryption (IBE) has been proposed. In this paper, we propose two CRF protocols for IBE. One is a one-round encryption protocol with CRF used on the receiver, and the other is a two-round encryption protocol with CRFs deployed on both sender and receiver. We prove that these two protocols can resist the exfiltration of secret information and one is only secure against a chosen plaintext attack (CPA), the other is semantically secure against an adaptive chosen ciphertext attack (IND-ID-CCA). Moreover, we use JPBC to implement our protocols. The experimental results indicate that our protocols have some advantages in communication cost. Under certain computation cost conditions, our protocols are efficient and practical.

Mengdi Ouyang,Ziqing Wang,Fagen Li

DOI: https://doi.org/10.1016/j.sysarc.2021.102029

IF: 5.836

2021-01-01

Journal of Systems Architecture

Abstract:The Snowden’s Prism incident warned people great threats from internal adversaries. Cryptographic Reverse Firewalls (CRFs), one mean to resolve the problem, are increasingly popular on account of its simplicity and convenience. The current related CRFs solutions are applied to encryption or key agreement. However, CRFs have extremely high requirements for re-randomization. Due to the irreversible hash function in the digital signature, it is difficult for signature to apply CRFs. Undoubtedly, as an important field in cryptography, digital signature cannot resist similar internal attacks, hence it is useful to find a way to build CRFs for signature. Therefore, we propose two signature schemes with CRFs. One is based on traditional signature and CRF is built for the signer, the other is based on identity-based signature (IBS) and CRFs are built for the signer and the public key generator (PKG). We also prove that these two schemes can resist exfiltration. One is against existence forgery under passive attacks. The other is against existence forgery under adaptive chosen message attack. Moreover, we use pypbc library to implement our schemes. Compared with signature schemes without CRFs, our schemes can not only use almost similar computational cost but also have advantages in resisting exfiltration.

Yang Zhao,Xing-Yu Ke,Yu-Wei Pang,Hu Xiong,Guo-Bin Zhu,Kuo-Hui Yeh

DOI: https://doi.org/10.1007/978-3-031-52265-9_6

2024-01-01

Abstract:With the prevalence of information sharing, preserving the confidentiality of sensitive data has become paramount. Attribute-based encryption (ABE) has become a viable option to tackle this problem. Using a set of attributes, data owners can encrypt data with ABE, and data is only accessible by users with the required attributes and authorization. However, there are various limitations associated with the traditional CP-ABE scheme, such as embedding user-sensitive information in the access structures without any hidden operations, an inability to effectively address the issue of user attribute changes, and vulnerability to internal attacks from cryptography devices. To address these limitations, researchers have proposed various enhanced ABE schemes. Mironov presented a concept of cryptographic reverse firewall (CRF) in Eurocrypt 2015, which could resist certain compromised machines from leaking secret information. The CRF has been deployed in many cryptographic systems, but its application in the ABE field has been relatively limited. This paper presents a novel attribute-based encryption scheme which incorporates attribute revocation, hidden policy components, and CRF mechanism to prevent attackers from internal attacks on cryptography devices. This scheme is applicable in various applications, such as cloud computing, where secure data sharing is required.

Rongmao Chen,Jinrong Chen,Xinyi Huang,Yi Wang

DOI: https://doi.org/10.1007/s11432-023-3877-9

2024-10-19

Science China Information Sciences

Abstract:The SM9 identity-based encryption (IBE) scheme is a cryptographic standard used in China, and has been incorporated into the ISO/IEC standard in 2021. This work primarily proposes a countermeasure to secure the SM9 IBE scheme if its implementation is tampered with or deviated from the standard specification. Such attacks, known as subversion attacks, are feasible and powerful in real-world cryptographic application scenarios. Our goal is to design a subversion-resilient variant of the SM9 IBE scheme, primarily using the cryptographic reverse firewall (CRF) proposed by Mironov and Stephens-Davidowitz at EUROCRYPT 2015. A CRF can sanitize cryptographic transcripts to eliminate covert channels, necessitating that the underlying primitive be rerandomizable. Unfortunately, the rerandomizability of the SM9 IBE scheme is disabled for ensuring security against chosen ciphertext attack (CCA). Hence, we shift our focus to a relaxed version of CCA security called RCCA security, offering security guarantees comparable to CCA security while allowing for ciphertext rerandomization. For this purpose, we design an efficient and RCCA-secure variant of the SM9 IBE scheme with provable security that can integrate with CRFs to achieve subversion resilience.

computer science, information systems,engineering, electrical & electronic

Shivam Bhasin,Jingyu Pan,Fan Zhang

2018-01-01

Abstract:This works gives an overview of persistent fault attacks on block ciphers, a recently introduced fault analysis technique based on persistent faults. The fault typically targets stored constant of cryptographic algorithms over several encryption calls with a single injection. The underlying analysis technique statistically recovers the secret key and is capable of defeating several popular countermeasures by design.

Kubilay Ahmet Küçük,Andrew Martin

DOI: https://doi.org/10.48550/arXiv.2104.03868

2021-04-08

Cryptography and Security

Abstract:Digital services have been offered through remote systems for decades. The questions of how these systems can be built in a trustworthy manner and how their security properties can be understood are given fresh impetus by recent hardware developments, allowing a fuller, more general, exploration of the possibilities than has previously been seen in the literature. Drawing on and consolidating the disparate strains of research, technologies and methods employed throughout the adaptation of confidential computing, we present a novel, dedicated Confidential Remote Computing (CRC) model. CRC proposes a compact solution for next-generation applications to be built on strong hardware-based security primitives, control of secure software products' trusted computing base, and a way to make correct use of proofs and evidence reports generated by the attestation mechanisms. The CRC model illustrates the trade-offs between decentralisation, task size and transparency overhead. We conclude the paper with six lessons learned from our approach, and suggest two future research directions.

Yang Zhao,Yuwei Pang,Xingyu Ke,Bintao Wang,Guobin Zhu,Mingsheng Cao

DOI: https://doi.org/10.1016/j.future.2023.04.025

IF: 7.307

2023-05-01

Future Generation Computer Systems

Abstract:Metaverse is an immersive, hyperspace virtual reality space. Due to its characteristics of hyperspace and immersive realism, metaverse has a bright future, but ubiquitous user analysis and calculation make it difficult to achieve one-to-multiple data sharing. As an innovative encryption algorithm, ciphertext-policy attribute-based encryption (CP-ABE) can realize one-to-multiple secure file sharing through fine-grained access control. Many evidences show that attackers may add backdoors to internal devices to make encryption algorithms insecure, CP-ABE also faces the above threats. In order to deal with such attacks, researchers put forward the notion of cryptographic reverse firewall (CRF), which has the ability of resistance to insider attack. However, the existing ABE scheme supporting CRF have the problems of low efficiency and no support for malicious user tracking.To improve safety and efficiency, we constructed an efficient CP-ABE scheme supporting CRF protection which has function of outsourcing decryption, offline encryption and black-box tracking.

computer science, theory & methods

Nabeil Eltayieb,Rashad Elhabob,Abdeldime M. S. Abdelgader,Yongjian Liao,Fagen Li,Shijie Zhou

DOI: https://doi.org/10.1016/j.future.2024.08.002

IF: 7.307

2024-01-01

Future Generation Computer Systems

Abstract:Cloud computing has enabled data-sharing to be more convenient than ever before. However, data security is a major concern that prevents cloud computing from being widely adopted. A potential solution to secure data-sharing in cloud computing is proxy re-encryption (PRE), which allows a proxy to transform encrypted data from one key to another without accessing the plaintext. When using PRE, various challenges arise, including the leak of information by a trusted third party, collusion attacks, and issues associated with revocation. To overcome these challenges, this paper proposes a novel Certificateless Proxy Reencryption with Cryptographic Reverse Firewall for Secure Cloud Data Sharing (CLPRE-CRF). The new scheme enables secure distribution of encrypted data from a data owner to users through public clouds. Meanwhile, the CLPRE-CRF scheme can resist exfiltration of secret information and forgery of ciphertext in case the scheme is compromised. In addition, the scheme provides a flexible revocation mechanism to prevent unauthorized access to private data. The security analysis demonstrates that the CLPRE-CRF resists chosen-plaintext attacks and collusion attacks. Moreover, performance evaluation indicates that our scheme achieves a 14% and 22% reduction in computation costs during the encryption and decryption algorithms, respectively. Therefore, the proposed CLPRE-CRF scheme is well-suited for cloud computing environments.

Chao Zhang,Tao Wei,Zhaofeng Chen,Lei Duan,Laszlo Szekeres,Stephen McCamant,Dawn Song,Wei Zou

DOI: https://doi.org/10.1109/sp.2013.44

2013-01-01

Security and Privacy

Abstract:Control Flow Integrity (CFI) provides a strong protection against modern control-flow hijacking attacks. However, performance and compatibility issues limit its adoption. We propose a new practical and realistic protection method called CCFIR (Compact Control Flow Integrity and Randomization), which addresses the main barriers to CFI adoption. CCFIR collects all legal targets of indirect control-transfer instructions, puts them into a dedicated "Springboard section" in a random order, and then limits indirect transfers to flow only to them. Using the Springboard section for targets, CCFIR can validate a target more simply and faster than traditional CFI, and provide support for on-site target-randomization as well as better compatibility. Based on these approaches, CCFIR can stop control-flow hijacking attacks including ROP and return-into-libc. Results show that ROP gadgets are all eliminated. We observe that with the wide deployment of ASLR, Windows/x86 PE executables contain enough information in relocation tables which CCFIR can use to find all legal instructions and jump targets reliably, without source code or symbol information. We evaluate our prototype implementation on common web browsers and the SPEC CPU2000 suite: CCFIR protects large applications such as GCC and Firefox completely automatically, and has low performance overhead of about 3.6%/8.6% (average/max) using SPECint2000. Experiments on real-world exploits also show that CCFIR-hardened versions of IE6, Firefox 3.6 and other applications are protected effectively.

Sen Xu,Xiangjun Lu,Aidong Chen,Haifeng Zhang,Haihua Gu,Dawu Gu,Kaiyu Zhang,Zheng Guo,Junrong Liu

DOI: https://doi.org/10.1109/cc.2018.8543054

2018-01-01

China Communications

Abstract:Public key cryptographic（PKC） algorithms, such as the RSA, elliptic curve digital signature algorithm（ECDSA） etc., are widely used in the secure communication systems, such as OpenSSL, and a variety of information security systems. If designer do not securely implement them, the secret key will be easily extracted by side-channel attacks（SCAs） or combinational SCA thus mitigating the security of the entire communication system. Previous countermeasures of PKC implementations focused on the core part of the algorithms and ignored the modular inversion which is widely used in various PKC schemes. Many researchers believe that instead of straightforward implementation, constant time modular inversion（CTMI） is enough to resist the attack of simple power analysis combined with lattice analysis. However, we find that the CTMI security can be reduced to a hidden t-bit multiplier problem. Based on this feature, we firstly obtain Hamming weight of intermediate data through side-channel leakage. Then, we propose a heuristic algorithm to solve the problem by revealing the secret（partial and full） base of CTMI. Comparing previous nec-essary input message for masking filtering, our procedure need not any information about the secret base of the inversion. To our knowledge, this is the first time for evaluating the practical security of CTMI and experimental results show the fact that CTMI is not enough for high-level secure communication systems.

Sy Huang,Cl Huang,Q Chen,Cs Gao

2004-01-01

Abstract:How to use cryptographic methods to protect agent from malicious host is the key issue in the research of mobile agent security. Recent approaches based on computing with "encrypted functions" are limited to the case where only the agent originator learns the result of the computation and the host running the agent must not notice anything at all, furthermore, the agent can not give the real time response to the executing host. In this paper, a novel approach based on CCF (crypto-computing with feedback) technique is introduced for supporting autonomous agent to accomplish secure computation on the remote hosts. CCF is such a method to accomplish iterative computation of encrypted function, in which the cipher-text output will be feedback and reused as a new input of next round secure computation. For the garbled circuit has the ability to compute the cipher-text form input directly without decrypting them first, so it is adopted as the basic tool in CCF. Our approach makes it possible that agent can roam around remote nodes and accomplish secure computation without interaction with the agent originator and need not the help of the third trust-party, in addition, the agent can give real time response to the executing host according to the current state of agent and current inputs of host.

Hisham Abdalla,Hu Xiong,Abubaker Wahaballa,Ahmed Abdalla Ali,Mohammed Ramadan,Zhiguang Qin

DOI: https://doi.org/10.6633/ijns.201701.19(1).04

2016-01-01

Abstract:The current Digital Rights Management (DRM) systems use attribute-based encryption (ABE) and proxy re-encryption (PRE) to achieve fine-grained access control in cloud computing. However, these schemes have some limitations particularly in terms of security, functionality and also higher decryption time which grows linearly with the complexity of access policies. In this paper, we propose a novel DRM scheme founded on a deterministic finite automata-based functional proxy re-encryption (DFA-based FPRE) scheme which has been proven to be secure against CCA in the standard model. In particular, we leverage the DFA-based FPRE scheme to realize fine-grained access control over encrypted contents among a set of users. Furthermore, a secure content key distribution protocol and efficient revocation mechanism are provided. Moreover, we tackle the critical issue of high computation at the user side, by outsourcing computation into (DFA-based FPRE) scheme for the first time. In comparison, our scheme achieves higher efficiency and smaller computation time against state-of-the-art.

Brandon Broadnax,Alexander Koch,Jeremias Mechler,Tobias Müller,Jörn Müller-Quade,Matthias Nagel

DOI: https://doi.org/10.2478/popets-2021-0072

2021-07-23

Proceedings on Privacy Enhancing Technologies

Abstract:Abstract In practice, there are numerous settings where mutually distrusting parties need to perform distributed computations on their private inputs. For instance, participants in a first-price sealed-bid online auction do not want their bids to be disclosed. This problem can be addressed using secure multi-party computation (MPC), where parties can evaluate a publicly known function on their private inputs by executing a specific protocol that only reveals the correct output, but nothing else about the private inputs. Such distributed computations performed over the Internet are susceptible to remote hacks that may take place during the computation. As a consequence, sensitive data such as private bids may leak. All existing MPC protocols do not provide any protection against the consequences of such remote hacks. We present the first MPC protocols that protect the remotely hacked parties’ inputs and outputs from leaking. More specifically, unless the remote hack takes place before the party received its input or all parties are corrupted, a hacker is unable to learn the parties’ inputs and outputs, and is also unable to modify them. We achieve these strong (privacy) guarantees by utilizing the fact that in practice parties may not be susceptible to remote attacks at every point in time, but only while they are online, i.e. able to receive messages. To this end, we model communication via explicit channels. In particular, we introduce channels with an airgap switch (disconnect-able by the party in control of the switch), and unidirectional data diodes . These channels and their isolation properties, together with very few, similarly simple and plausibly remotely unhackable hardware modules serve as the main ingredient for attaining such strong security guarantees. In order to formalize these strong guarantees, we propose the UC with Fortified Security (UC#) framework, a variant of the Universal Composability (UC) framework.

Leibo Liu,Zhuoquan Zhou,Shaojun Wei,Min Zhu,Shouyi Yin,Shengyang Mao

DOI: https://doi.org/10.1109/tcad.2017.2729340

IF: 2.9

2017-01-01

IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems

Abstract:Coarse grained reconfigurable architectures (CGRA) have been applied to numerous fields of computing- and data-intensive applications, such as computer vision, baseband communication, and cipher processing. A CGRA usually comprises hundreds of reconfigurable computing-cells (RCC), which account for a majority of the die area. As such, RCCs have a higher probability of being attacked by hardware Trojans, which seriously affects CGRA behavior. However, a CGRA can be dynamically and partially reconfigured via configuration contexts at runtime; this property could be utilized as an effective countermeasure against malicious hardware. This particular topic has yet to undergo significant research. This paper proposes a secure mapping approach called dynamic resource management based on security value (DRMaSV) to enhance CGRA capability against hardware Trojans by selectively protecting RCCs. DRMaSV realizes run-time monitoring based on an adapted triple modular redundancy mechanism under hardware resource constraints (i.e., area constraints). First, in order to measure the capability against hardware Trojans, a security capability metric called “security value” (SV) is defined, with measurements categorized as “Influence” and “Unreliability.” Here, both the circuit architecture and the level of Unreliability for modules used in the circuit are considered. Next, a DRM strategy to maximize the SV under hardware resource constraints is introduced. This strategy is described by the dynamic programming model (i.e., 0/1 knapsack problem), which can obtain an optimal solution. Finally, a mapping approach for CGRAs is derived by attaching the DRM strategy to a generic mapping flow. Simulations show that the proposed secure mapping approach ensures a given number of correct outputs, which then allows the number of outputs affected by activated Trojans under any given hardware resource constraint (area constraint) or overhead (area overhead) to be minimized. The results of actual chip design experiments are in agreement with the simulation results, indicating that the proposed secure mapping approach is effective.

Daniel Heinz,Thomas Popelmann

DOI: https://doi.org/10.1109/tc.2022.3197073

IF: 3.183

2023-03-15

IEEE Transactions on Computers

Abstract:The progress on constructing quantum computers and the ongoing standardization of post-quantum cryptography (PQC) have led to the development and refinement of promising new digital signature schemes and key encapsulation mechanisms (KEM). Especially lattice-based schemes have gained some popularity in the research community, presumably due to acceptable key, ciphertext, and signature sizes as well as good performance results and cryptographic strength. However, in some practical applications like smart cards, it is also crucial to secure cryptographic implementations against side-channel and fault attacks. In this work, we analyze the so-called redundant number representation (RNR) that can be used to counter side-channel attacks. We show how to avoid security issues with the RNR due to unexpected de-randomization and we apply it to the Kyber KEM and show that the RNR has a very low overhead. We then verify the RNR methodology by practical experiments, using the non-specific t-test methodology and the ChipWhisperer platform. Furthermore, we present a novel countermeasure against fault attacks based on the Chinese remainder theorem (CRT). On an ARM Cortex-M4, our implementation of the RNR and fault countermeasure offers better performance than masking and redundant calculation. Our methods thus have the potential to expand the toolbox of a defender implementing lattice-based cryptography with protection against two common physical attacks.

engineering, electrical & electronic,computer science, hardware & architecture

Yang, Xiaodong,Wei, Lizhen,Li, Songyu,Wang, Caifen

DOI: https://doi.org/10.1007/s12083-024-01769-w

IF: 3.488

2024-07-26

Peer-to-Peer Networking and Applications

Abstract:To enhance the security of medical data, the government and healthcare institutions must collect and analyze vast amounts of information, enabling the prompt detection of irregular patterns and timely issuance of accurate warnings. This is crucial for preventing and containing potential threats to medical data security. However, securely sharing and converting these data poses a significant challenge, particularly in open wireless access networks within healthcare settings. Proxy re-signature (PRS) offers not only signature conversion capabilities but also anonymity, safeguarding data reliability and authenticity. Nonetheless, current proxy re-signature techniques overlook the potential for algorithm substitution attacks (ASA). Therefore, we introduce a novel proxy re-signature scheme, leveraging cryptographic reverse firewall (CRF) technology, tailored specifically for the medical domain. Furthermore, we conducted rigorous security analysis and simulation experiments to validate the practical effectiveness of our scheme. This approach addresses the need for secure data sharing among various entities, including medical institutions, management centers, and research facilities, ensuring the integrity and confidentiality of critical medical information.

computer science, information systems,telecommunications

Gaoxiang Li,Khalid T. Mursi,Ahmad O. Aseeri,Mohammed S. Alkatheiri,Yu Zhuang

DOI: https://doi.org/10.48550/arXiv.2206.01314

2022-06-03

Abstract:Physical Unclonable Functions (PUFs) are promising security primitives for resource-constrained network nodes. The XOR Arbiter PUF (XOR PUF or XPUF) is an intensively studied PUF invented to improve the security of the Arbiter PUF, probably the most lightweight delay-based PUF. Recently, highly powerful machine learning attack methods were discovered and were able to easily break large-sized XPUFs, which were highly secure against earlier machine learning attack methods. Component-differentially-challenged XPUFs (CDC-XPUFs) are XPUFs with different component PUFs receiving different challenges. Studies showed they were much more secure against machine learning attacks than the conventional XPUFs, whose component PUFs receive the same challenge. But these studies were all based on earlier machine learning attack methods, and hence it is not clear if CDC-XPUFs can remain secure under the recently discovered powerful attack methods. In this paper, the two current most powerful two machine learning methods for attacking XPUFs are adapted by fine-tuning the parameters of the two methods for CDC-XPUFs. Attack experiments using both simulated PUF data and silicon data generated from PUFs implemented on field-programmable gate array (FPGA) were carried out, and the experimental results showed that some previously secure CDC-XPUFs of certain circuit parameter values are no longer secure under the adapted new attack methods, while many more CDC-XPUFs of other circuit parameter values remain secure. Thus, our experimental attack study has re-defined the boundary between the secure region and the insecure region of the PUF circuit parameter space, providing PUF manufacturers and IoT security application developers with valuable information in choosing PUFs with secure parameter values.

Cryptography and Security,Machine Learning

Chen, Lingling

DOI: https://doi.org/10.1007/s40998-023-00617-6

2023-06-25

Abstract:Due to the openness of wireless networks, cooperative spectrum sensing (CSS) is extremely vulnerable to attacks by spectrum sensing data falsification (SSDF) as the core part of cognitive radio. To ensure data security for spectrum sensing, this paper proposes a soft byzantine attack with a variable attack probability (VAP) model, where the attackers change the attack probability continuously according to their trust value through cooperation. In this model, the attackers are classified into primary attackers (PA) and cooperative attackers (CA). The CAs are restricted to passively receiving the attack report of the PAs, thus reducing the attack cost. Under the VAP model, there is a catastrophic blow struck against many of the existing trust defence algorithms when using SSDF for constantly changing the attack parameters and for the cooperating attacks. Therefore, a frequency change rate (FCR) defence algorithm is proposed based on the frequency of change of the trust value in the traditional algorithm. PA and CA can be eliminated by the FCR algorithm, and it can ensure that large quantities of honest users with perceptual errors will not be eliminated. In the system simulation process performed with Python, the model and the defence algorithm are taken into consideration. Compared with the traditional static attack model, the VAP attack model proposed in this study is more destructive to the channel, which renders the traditional trust algorithm invalid. Both the PA and CA are distinctive for their use of the FCR algorithm. Compared with the traditional trust algorithm, the trust value of the attackers is effectively reduced, with the final detection probability improved by approximately 40%. Moreover, the detection probability is improved by approximately 20% when compared with the no-defence algorithm.

engineering, electrical & electronic

Gaoxiang Li,Yu Zhuang

2024-09-26

Abstract:The rapid expansion of Internet of Things (IoT) devices demands robust and resource-efficient security solutions. Physically Unclonable Functions (PUFs), which generate unique cryptographic keys from inherent hardware variations, offer a promising approach. However, traditional PUFs like Arbiter PUFs (APUFs) and XOR Arbiter PUFs (XOR-PUFs) are susceptible to machine learning (ML) and reliability-based attacks. In this study, we investigate Component-Differentially Challenged XOR-PUFs (CDC-XPUFs), a less explored variant, to address these vulnerabilities. We propose an optimized CDC-XPUF design that incorporates a pre-selection strategy to enhance reliability and introduces a novel lightweight architecture to reduce hardware overhead. Rigorous testing demonstrates that our design significantly lowers resource consumption, maintains strong resistance to ML attacks, and improves reliability, effectively mitigating reliability-based attacks. These results highlight the potential of CDC-XPUFs as a secure and efficient candidate for widespread deployment in resource-constrained IoT systems.

Cryptography and Security,Machine Learning