Surbhi Chhabra,Kusum Lata

DOI: https://doi.org/10.1002/spy2.233

2022-04-06

Security and Privacy

Abstract:The global market of developing Internet of Things (IoT) devices increases rapidly with improved design goals like cost, energy efficiency, and performance. Unfortunately, the above design goals often come at the expense of security. Illegal access to the network, malicious device control, compromised sensitive information, and theft of personal data are main threats to these devices. As a result, the Advanced Encryption Standard (AES) is sometimes employed to ensure safe transmission and processing of data in IoT Systems. However, tampering, cloning, and reverse engineering are main concerns that impair the computational complexity of the 128‐bit AES at the hardware level. Recently hardware obfuscation‐based AES has emerged as a comprehensive hardware security approach for reducing threat impacts. The hardware obfuscation schemes efficiently introduce obfuscation keys for AES to conceal its functionality. The Xilinx Vivado 2016.2 software and BASYS‐3 FPGA have been used to implement obfuscated AES approaches in this work. The proposed methods have low resource usage in terms of area and power overhead while providing a high level of security in terms of Hamming Distance of 50% and Avalanche Effect of 40% for each obfuscation method. We have also analyzed the probability of success for brute‐force attacks for proposed methodologies.

Yansong Gao,Yang Su,Wei Yang,Shiping Chen,Surya Nepal,Damith C. Ranasinghe

DOI: https://doi.org/10.48550/arXiv.1902.03031

2019-02-08

Abstract:A securely maintained key is the premise upon which data stored and transmitted by ubiquitously deployed resource limited devices, such as those in the Internet of Things (IoT), are protected. However, many of these devices lack a secure non-volatile memory (NVM) for storing keys because of cost constraints. Silicon physical unclonable functions (PUFs) offering unique device specific secrets to electronic commodities are a low-cost alternative to secure NVM. As a physical hardware security primitive, reliability of a PUF is affected by thermal noise and changes in environmental conditions; consequently, PUF responses cannot be directly employed as cryptographic keys. A fuzzy extractor can turn noisy PUF responses into usable cryptographic keys. However, a fuzzy extractor is not immediately mountable on (highly) resource constrained devices due to its implementation overhead. We present a methodology for constructing a lightweight and secure PUF key generator for resource limited devices. In particular, we focus on PUFs constructed from pervasively embedded SRAM in modern microcontroller units and use a batteryless computational radio frequency identification (CRFID) device as a representative resource constrained IoT device in a case study.

Cryptography and Security

Ashwija Reddy Korenda,Fatemeh Afghah,Bertrand Cambou,Christopher Philabaum

DOI: https://doi.org/10.48550/arXiv.1907.12144

2019-07-28

Cryptography and Security

Abstract:This paper provides a proof of concept for using SRAM based Physically Unclonable Functions (PUFs) to generate private keys for IoT devices. PUFs are utilized, as there is inadequate protection for secret keys stored in the memory of the IoT devices. We utilize a custom-made Arduino mega shield to extract the fingerprint from SRAM chip on demand. We utilize the concepts of ternary states to exclude the cells which are easily prone to flip, allowing us to extract stable bits from the fingerprint of the SRAM. Using the custom-made software for our SRAM device, we can control the error rate of the PUF to achieve an adjustable memory-based PUF for key generation. We utilize several fuzzy extractor techniques based on using different error correction coding methods to generate secret keys from the SRAM PUF, and study the trade-off between the false authentication rate and false rejection rate of the PUF.

Qian Wang,Mingze Gao,Gang Qu

DOI: https://doi.org/10.1109/isqed.2019.8697540

2019-01-01

Abstract:Authentications and encryptions are urgently needed by the growing number of hardware devices for security applications of the Internet of Things (IoT). However, the existing cryptographic solutions may not be applicable to IoT devices because of the strict timing and power requirements of the devices. As a result, Physical Unclonable Function (PUF) is a promising hardware primitive to provide security in existing and future IoT applications due to it is lower hardware cost and energy efficient. In this paper, we propose an innovated application of PUF as an entropy pump to improve the entropy. Furthermore, we apply the PUF-based entropy pump in a password enhancement application for embedded IoT devices. We confirmed that an overall 48% significant improvement on the entropy of the human-generated passwords. The proposed design is demonstrated on the Nexys 4 DDR FPGA board with low hardware overhead, which ensures the feasibility for IoT applications.

Haji Akhundov,Erik van der Sluis,Said Hamdioui,Mottaqiallah Taouil

DOI: https://doi.org/10.5121/csit.2019.91328

2020-02-04

Abstract:Nowadays, Internet of Things (IoT) is a trending topic in the computing world. Notably, IoT devices have strict design requirements and are often referred to as constrained devices. Therefore, security techniques and primitives that are lightweight are more suitable for such devices, e.g., Static Random-Access Memory (SRAM) Physical Unclonable Functions (PUFs) and Elliptic Curve Cryptography (ECC). SRAM PUF is an intrinsic security primitive that is seeing widespread adoption in the IoT segment. ECC is a public-key algorithm technique that has been gaining popularity among constrained IoT devices. The popularity is due to using significantly smaller operands when compared to other public-key techniques such as RSA (Rivest Shamir Adleman). This paper shows the design, development, and evaluation of an application-specific secure communication architecture based on SRAM PUF technology and ECC for constrained IoT devices. More specifically, it introduces an Elliptic Curve Diffie-Hellman (ECDH) public-key based cryptographic protocol that utilizes PUF-derived keys as the root-of-trust for silicon authentication. Also, it proposes a design of a modular hardware architecture that supports the protocol. Finally, to analyze the practicality as well as the feasibility of the proposed protocol, we demonstrate the solution by prototyping and verifying a protocol variant on the commercial Xilinx Zynq-7000 APSoC device.

Cryptography and Security

Pengpeng Ren,Yongkang Xue,Linglin Jing,Lining Zhang,Runsheng Wang,Zhigang Ji

DOI: https://doi.org/10.1007/s11432-022-3722-8

2023-01-01

Science China Information Sciences

Abstract:The physical unclonable functions (PUFs) are novel cryptographic primitives in modern hardware security systems. Compared with traditional alternatives based on digital keys and non-volatile memory (NVM), the PUF system shows great unclonability, high efficiency, and physical attack resilience. However, the conventional PUF design suffers from weak machine learning immunity, high storage overhead, and unreliability, making it difficult to implement in the Internet of Things (IoT) and edge computing applications. This paper presents a new PUF design that could solve the proposed obstacles. By utilizing the emission probability of traps commonly found in nano-scaled transistors, a model-based PUF system with strong machine learning resistance could be achieved. This PUF design, called Prob-PUF, needs fewer challenge-response pairs (CRPs) space and reveals superior resistance to modeling attacks due to the mixture of stable/random bits in its output response. Moreover, the Prob-PUF system could reach a high level of uniqueness and robustness, making it a potential candidate for future cryptographically secured protocols within the IoT.

Shuming Guo,Yinyin Lin,Hao Wang,Yao Li,Chongyan Gu,Weiqiang Liu,Yijun Cui

DOI: https://doi.org/10.1109/tvlsi.2024.3496735

2024-01-01

IEEE Transactions on Very Large Scale Integration (VLSI) Systems

Abstract:The Internet of Things (IoT) allows devices to interact for real-time data transfer and remote control. However, IoT hardware devices have been shown security vulnerabilities. Edge device authentications, as a crucial process for IoT systems, generate and use unique IDs for secure data transmissions. Conventional authentication techniques, computational and heavyweight, are challenging and infeasible in IoT due to limited resources in IoTs. Physical unclonable functions (PUFs), a lightweight hardware-based security primitive, were proposed for resource-constrained applications. We propose a new PUF design for resource-constrained IoT devices based on low-cost logic-compatible multiple-time programmable (MTP) memory cells. The structure includes an array of MTP differential memory cells and a PUF extraction circuit. The extraction method uses the random distribution of BL current after programming each memory cell in logic-compatible MTP memory as the entropy source of PUF. Responses are obtained by comparing the current values of two memory cells under a certain address by challenge, forming challenge–response pairs (CRPs). This scheme does not increase hardware consumption and circuit differences on edge devices and is intrinsic PUF. Finally, 200 PUF chips were fabricated by CSMC based on the 0.153- $\mu$ m MCU single-gate CMOS process. The performance of the logic-compatible MTP memory cell and its PUF was evaluated. A logic-compatible MTP cell has good programming erase efficiency and good durability and retention. The uniqueness of the proposed PUF is 50.29%, the uniformity is 51.82%, and the reliability is 93.61%.

Jiliang Zhang,Gang Qu

DOI: https://doi.org/10.48550/arXiv.1807.10884

2019-08-21

Abstract:In many Industry Internet of Things (IIoT) applications, resources like CPU, memory, and battery power are limited and cannot afford the classic cryptographic security solutions. Silicon Physical Unclonable Function (PUF) is a lightweight security primitive that exploits manufacturing variations during the chip fabrication process for key generation and/or device authentication. However, traditional weak PUFs such as Ring Oscillator (RO) PUF generate chip-unique key for each device, which restricts their application in security protocols where the same key is required to be shared in resource-constrained devices. In order to address this issue, we propose a PUF-based key sharing method for the first time. The basic idea is to implement one-to-one input-output mapping with Lookup Table (LUT)-based interstage crossing structures in each level of inverters of RO PUF. Individual customization on configuration bits of interstage crossing structure and different RO selections with challenges bring high flexibility. Therefore, with the flexible configuration of interstage crossing structures and challenges, CRO PUF can generate the same shared key for resource-constrained devices, which enables a new application for lightweight key sharing protocols.

Cryptography and Security

Alireza Shamsoshoara,Ashwija Korenda,Fatemeh Afghah,Sherali Zeadally

DOI: https://doi.org/10.1016/j.comnet.2020.107593

IF: 5.493

2020-12-01

Computer Networks

Abstract:<p>The vast areas of applications for IoTs in future smart cities, smart transportation systems, and so on represent a thriving surface for several security attacks with economic, environmental and societal impacts. This survey paper presents a review of the security challenges of emerging IoT networks and discusses some of the attacks and their countermeasures based on different domains in IoT networks. Most conventional solutions for IoT networks are adopted from communication networks while noting the particular characteristics of IoT networks such as the nodes quantity, heterogeneity, and the limited resources of the nodes, these conventional security methods are not adequate. One challenge toward utilizing common secret key-based cryptographic methods in large-scale IoTs is the problem of secret key generation, distribution, and storage and protecting these secret keys from physical attacks. Physically unclonable functions (PUFs) can be utilized as a possible hardware remedy for identification and authentication in IoTs. Since PUFs extract the unique hardware characteristics, they potentially offer an affordable and practical solution for secret key generation. However, several barriers limit the PUFs' applications for key generation purposes. We discuss the advantages of PUF-based key generation methods, and we present a survey of state-of-the-art techniques in this domain. We also present a proof-of-concept PUF-based solution for secret key generation using resistive random-access memories (ReRAM) embedded in IoTs.</p>

computer science, information systems,telecommunications,engineering, electrical & electronic, hardware & architecture

Abdulaziz Al-Meer,Saif Al-Kuwari

DOI: https://doi.org/10.1145/3591464

IF: 16.6

2023-04-08

ACM Computing Surveys

Abstract:Physical Unclonable Function (PUF) has recently attracted interest from both industry and academia as a potential alternative approach to secure Internet of Things (IoT) devices from the more traditional computational-based approach using conventional cryptography. PUF is a promising solution for lightweight security, where the manufacturing fluctuation process of IC is used to improve the security of IoT as it provides low complexity design and preserves secrecy. PUF provides a low-cost low-power solution and can be implemented in both Field Programmable Gate Arrays (FPGA) and Application-Specific Integrated Circuits (ASICs). In this survey, we provide a comprehensive review of the state-of-the-art of PUF, its architectures, protocols and security for IoT.

computer science, theory & methods

Urbi Chatterjee,Vidya Govindan,Rajat Sadhukhan,Debdeep Mukhopadhyay,Rajat Subhra Chakraborty,Debashis Mahata,Mukesh M. Prabhu

DOI: https://doi.org/10.1109/tdsc.2018.2832201

2019-05-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Physically Unclonable Functions (PUFs) promise to be a critical hardware primitive to provide unique identities to billions of connected devices in Internet of Things (IoTs). In traditional authentication protocols a user presents a set of credentials with an accompanying proof such as password or digital certificate. However, IoTs need more evolved methods as these classical techniques suffer from the pressing problems of password dependency and inability to bind access requests to the “things” from which they originate. Additionally, the protocols need to be lightweight and heterogeneous. Although PUFs seem promising to develop such mechanism, it puts forward an open problem of how to develop such mechanism without needing to store the secret challenge-response pair (CRP) explicitly at the verifier end. In this paper, we develop an authentication and key exchange protocol by combining the ideas of Identity based Encryption (IBE), PUFs and Key-ed Hash Function to show that this combination can help to do away with this requirement. The security of the protocol is proved formally under the Session Key Security and the Universal Composability Framework. A prototype of the protocol has been implemented to realize a secured video surveillance camera using a combination of an Intel Edison board, with a Digilent Nexys-4 FPGA board consisting of an Artix-7 FPGA, together serving as the IoT node. We show, though the stand-alone video camera can be subjected to man-in-the-middle attack via IP-spoofing using standard network penetration tools, the camera augmented with the proposed protocol resists such attacks and it suits aptly in an IoT infrastructure making the protocol deployable for the industry.

computer science, information systems, software engineering, hardware & architecture

Santiago Sánchez-Solano,Piedad Brox,Luis F. Rojas-Muñoz,Macarena C. Martínez-Rodríguez

DOI: https://doi.org/10.3390/s23084070

IF: 3.9

2023-04-19

Sensors

Abstract:The proliferation of devices for the Internet of Things (IoT) and their implication in many activities of our lives have led to a considerable increase in concern about the security of these devices, posing a double challenge for designers and developers of products. On the one hand, the design of new security primitives, suitable for resource-limited devices, can facilitate the inclusion of mechanisms and protocols to ensure the integrity and privacy of the data exchanged over the Internet. On the other hand, the development of techniques and tools to evaluate the quality of the proposed solutions as a step prior to their deployment, as well as to monitor their behavior once in operation against possible changes in operating conditions arising naturally or as a consequence of a stress situation forced by an attacker. To address these challenges, this paper first describes the design of a security primitive that plays an important role as a component of a hardware-based root of trust, as it can act as a source of entropy for True Random Number Generation (TRNG) or as a Physical Unclonable Function (PUF) to facilitate the generation of identifiers linked to the device on which it is implemented. The work also illustrates different software components that allow carrying out a self-assessment strategy to characterize and validate the performance of this primitive in its dual functionality, as well as to monitor possible changes in security levels that may occur during operation as a result of device aging and variations in power supply or operating temperature. The designed PUF/TRNG is provided as a configurable IP module, which takes advantage of the internal architecture of the Xilinx Series-7 and Zynq-7000 programmable devices and incorporates an AXI4-based standard interface to facilitate its interaction with soft- and hard-core processing systems. Several test systems that contain different instances of the IP have been implemented and subjected to an exhaustive set of on-line tests to obtain the metrics that determine its quality in terms of uniqueness, reliability, and entropy characteristics. The results obtained prove that the proposed module is a suitable candidate for various security applications. As an example, an implementation that uses less than 5% of the resources of a low-cost programmable device is capable of obfuscating and recovering 512-bit cryptographic keys with virtually zero error rate.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Paul Chin,Yuan Cao,Xiaojin Zhao,Leilei Zhang,Fan Zhang

DOI: https://doi.org/10.1109/AsianHOST47458.2019.9006716

2019-01-01

Abstract:Physical Unclonable Functions (PUFs) are considered as an attractive low-cost security anchor. The unique features of PUFs are dependent on the Nanoscale variations introduced during the manufacturing variations. Most PUFs exhibit an unreliability problem due to aging and inherent sensitivity to the environmental conditions. As a remedy to the reliability issue, helper data algorithms are used in practice. A helper data algorithm generates and stores the helper data in the enrollment phase in a secure environment. The generated helper data are used then for error correction, which can transform the unique feature of PUFs into a reproducible key. The key can be used to encrypt secret data in the security scheme. In contrast, this work shows that the fuzzy PUFs can be used to secret important data directly by an error-tolerant protocol without the enrollment phase and error-correction algorithm. In our proposal, the secret data is locked in a vault leveraging the unique fuzzy pattern of PUF. Although the noise exists, the data can then be released only by this unique PUF. The evaluation was performed on the most prominent intrinsic PUF - DRAM PUF. The test results demonstrate that our proposal can reach an acceptable reconstruction rate in various environment. Finally, the security analysis of the new proposal is discussed.

Gaoxiang Li,Khalid T. Mursi,Yu Zhuang

DOI: https://doi.org/10.48550/arXiv.2210.01749

2022-10-05

Abstract:Physical Unclonable Functions (PUFs) are promising security primitives for resource-constrained IoT devices. And the XOR Arbiter PUF (XOR-PUF) is one of the most studied PUFs, out of an effort to improve the resistance against machine learning attacks of probably the most lightweight delay-based PUFs - the Arbiter PUFs. However, recent attack studies reveal that even XOR-PUFs with large XOR sizes are still not safe against machine learning attacks. Increasing PUF stages or components and using different challenges for different components are two ways to improve the security of APUF-based PUFs, but more stages or components lead to more hardware cost and higher operation power, and different challenges for different components require the transmission of more bits during operations, which also leads to higher power consumption. In this paper, we present a strategy that combines the choice of XOR Arbiter PUF (XOR-PUF) architecture parameters with the way XOR-PUFs are used to achieve lightweights in hardware cost and energy consumption as well as security against machine learning attacks. Experimental evaluations show that with the proposed strategy, highly lightweight component-differentially challenged XOR-PUFs can withstand the most powerful machine learning attacks developed so far and maintain excellent intra-device and inter-device performance, rendering this strategy a potential blueprint for the fabrication and use of XOR-PUFs for resource-constrained IoT applications.

Cryptography and Security,Machine Learning

Saeed Abdolinezhad,Vladimir Stavrov,Lukas Zimmermann,Axel Sikora

DOI: https://doi.org/10.1109/jsen.2024.3367735

IF: 4.3

2024-01-01

IEEE Sensors Journal

Abstract:With the expansion of Internet-of-Things (IoT) devices in many aspects of our life, the security of such systems has become an important challenge. Unlike conventional computer systems, any IoT security solution should consider the constraints of these systems such as computational capability, memory, connectivity, and energy consumption limitations. Physical unclonable functions (PUFs) with their special characteristics were introduced as hardware-based solutions to satisfy the security needs while respecting the mentioned constraints. They exploit the uncontrollable and reproducible variations of the underlying components for security applications such as identification, authentication, and secure boot. Since IoT devices are typically low cost, it is important to reuse existing elements in their hardware (for instance, sensors, analog-to-digital converters (ADCs), etc.) instead of adding extra costs for the PUF hardware. Micro-electromechanical system (MEMS) devices are widely used in IoT systems as sensors and actuators. In this work, for the first time, a lightweight MEMS-based circuit with a piezoresistive bridge is introduced as a weak PUF. The piezoresistive PUF leverages the uncontrollable variations in the parameters of the circuit elements to derive secure keys for cryptographic applications. The experimental results show that our proposed piezoresistive PUF is capable of generating enough entropy for a complex key generation, while its responses show stability in different environmental conditions. The manufactured piezoresistive PUF shows a uniqueness of 47.73% and a reliability of 94.19%. Moreover, the generated secret keys passed the National Institute of Standards and Technology (NIST) test suite for randomness.

engineering, electrical & electronic,instruments & instrumentation,physics, applied

Gaoxiang Li,Yu Zhuang

2024-09-26

Abstract:The rapid expansion of Internet of Things (IoT) devices demands robust and resource-efficient security solutions. Physically Unclonable Functions (PUFs), which generate unique cryptographic keys from inherent hardware variations, offer a promising approach. However, traditional PUFs like Arbiter PUFs (APUFs) and XOR Arbiter PUFs (XOR-PUFs) are susceptible to machine learning (ML) and reliability-based attacks. In this study, we investigate Component-Differentially Challenged XOR-PUFs (CDC-XPUFs), a less explored variant, to address these vulnerabilities. We propose an optimized CDC-XPUF design that incorporates a pre-selection strategy to enhance reliability and introduces a novel lightweight architecture to reduce hardware overhead. Rigorous testing demonstrates that our design significantly lowers resource consumption, maintains strong resistance to ML attacks, and improves reliability, effectively mitigating reliability-based attacks. These results highlight the potential of CDC-XPUFs as a secure and efficient candidate for widespread deployment in resource-constrained IoT systems.

Cryptography and Security,Machine Learning

Shubhra Deb Paul,Aritra Dasgupta,Swarup Bhunia

DOI: https://doi.org/10.1109/tcad.2024.3447211

IF: 2.9

2024-11-09

IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems

Abstract:Counterfeiting, overproduction, and cloning of integrated circuits (ICs) and associated hardware have emerged as major security concerns in the modern globalized microelectronics supply chain. One way to combat these issues effectively is to deploy hardware authentication techniques that utilize physical unclonable functions (PUFs). PUFs utilize intrinsic variations in hardware that occur during the manufacturing and fabrication process to generate device-specific fingerprints or immutable signatures that cannot be replicated by counterfeits and clones. However, unavoidable factors like environmental noise and harmonics can significantly deteriorate the quality of the PUF signature. Besides, conventional PUF solutions are generally not amenable to in-field authentication of hardware, which has emerged as a critical need for Internet of Things (IoT) edge devices to detect physical attacks on them. In this article, we introduce frequency-domain PUF or FDPUF, a novel PUF that analyzes time-domain current waveforms in the frequency domain to create high-quality authentication signatures that are suitable for in-field authentication. FDPUF decomposes electrical signals into their spectral coefficients, filters out unnecessary low-energy components, reconstructs the waveforms, and generates high-quality digital fingerprints for device authentication purposes. Compared to the existing authentication mechanisms, the higher quality of the signatures through the frequency-domain analysis makes the proposed FDPUF more suitable for protecting the integrity of the edge computing hardware. We perform experimental measurements on FPGA and analyze FDPUF properties using the National Institute of Standards and Technology test suite to demonstrate that the FDPUF provides better uniqueness and robustness than its time-domain counterpart while being attractive for in-field authentication.

engineering, electrical & electronic,computer science, interdisciplinary applications, hardware & architecture

Yi Zhang,Min Zhu,Bohan Yang,Leibo Liu

DOI: https://doi.org/10.1088/1742-6596/1619/1/012003

2020-01-01

Journal of Physics Conference Series

Abstract:Physical unclonable function (PUF) generates unique secret keys from unavoidable IC manufacturing variations, which can eliminate high computation expense and additional key storage. The inherent flexibility and lower time-to-market have made field programmable gate array (FPGA) the platform of choice for faster implementation. However, logic elements on FPGA are predefined while some types of PUFs need strictly mirrored symmetric routing. This paper presents a robust and FPGA friendly PUF based on oscillator collapse (OC-PUF) with million number of challenge-response pairs (CRPs). Mirrored routes are obtained with a novel delay cell design and a signal path configuration technique. In the meanwhile, the response bias issues on FPGA is effectively resolved. Measured on Altera DE2-115, the average interchip hamming distance (inter-chip HD) of the proposed OC-PUF is 46.7%. After applying dynamic threshold with a value 255, intra-chip hamming distance (intra-chip HD) dropped to 5.46E-06 at nominal conditions.

Chandranshu Gupta,Gaurav Varshney

2023-11-07

Abstract:The Internet of Things (IoT) has improved people's lives by seamlessly integrating into many facets of modern life and facilitating information sharing across platforms. Device Authentication and Key exchange are major challenges for the IoT. High computational resource requirements for cryptographic primitives and message transmission during Authentication make the existing methods like PKI and IBE not suitable for these resource constrained devices. PUF appears to offer a practical and economical security mechanism in place of typically sophisticated cryptosystems like PKI and IBE. PUF provides an unclonable and tamper sensitive unique signature based on the PUF chip by using manufacturing process variability. Therefore, in this study, we use lightweight bitwise XOR, hash function, and PUF to Authenticate IoT devices. Despite several studies employing the PUF to authenticate communication between IoT devices, to the authors' knowledge, existing solutions require intermediary gateway and internet capabilities by the IoT device to directly interact with a Server for Authentication and hence, are not scalable when the IoT device works on different technologies like BLE, Zigbee, etc. To address the aforementioned issue, we present a system in which the IoT device does not require a continuous active internet connection to communicate with the server in order to Authenticate itself. The results of a thorough security study are validated against adversarial attacks and PUF modeling attacks. For formal security validation, the AVISPA verification tool is also used. Performance study recommends this protocol's lightweight characteristics. The proposed protocol's acceptability and defenses against adversarial assaults are supported by a prototype developed with ESP32.

Cryptography and Security

Ling Yang,Long Cheng,Yi Li,Haoyang Li,Jiancong Li,Ting‐Chang Chang,Xiangshui Miao

DOI: https://doi.org/10.1002/aelm.202001182

IF: 6.2

2021-01-25

Advanced Electronic Materials

Abstract:<p>The problem of hardware security is exacerbating in the artificial intelligence &amp; Internet of Things era. Physical unclonable function (PUF) is a promising security primitive that exploits the intrinsic random variations in electronic hardware to produce digital keys. Here, it is shown for the first time that the subthreshold slope (S.S) variations of the transistors can be utilized as the entropy source of the PUF to generate the physical keys. By combining this S.S PUF with a memristor‐based XOR logic function, an in situ encryption/decryption scheme is proposed in a compact one‐transistor‐one‐resistor (1T1R) architecture. It is experimentally demonstrated that the S.S PUF shows great reproducibility, uniqueness, and uniformity. Using the S.S PUF keys, encryption and decryption are successfully implemented for three 16‐bit binary sequences in 1T1R devices. The results demonstrate that the unique features of 1T1R can enlighten functional design at the device level against hardware security threats, and the security, memory, and computing can be realized on the same device.</p>

materials science, multidisciplinary,physics, applied,nanoscience & nanotechnology