In the era of Internet-of-Things (IoTs), millions of smart devices are interconnected and communicated through networks. To guarantee the security and reliability of data transmission in IoT, the underlying hardware of these devices must first be secure and trusted. However, due to the inherent mobility nature of current embedded devices, IoT hardware could be vulnerable to diverse security threats from multiple malicious participants. Among them, device theft is becoming one of the most challenging security issues that have incurred a serious impact on copyright. To effectively alleviate this threat, silicon physical unclonable function (PUF) has been presented and considered to be a reliable anti-piracy solution to complete the device authentication and key storage. However, current PUF solutions are mostly focused on chip-level verification and cannot provide systematic identification and authentication. To this end, this article proposes a unified identity verification framework which can provide fine-grained protection for embedded devices against theft attacks from the system level. This framework is established on a series of PUF circuits that have been implanted into each individual chip of the devices. We first improve the configurable ring oscillator (CRO) PUFs with the latch structure. Therefore, a unique sub-digital signature of each chip can be generated by performing the challenge-response strategy. We then reassemble all the sub-digital signatures and encode them to acquire the unique fingerprint of each embedded device, so as to achieve system-level device identification and authentication. Any substitution of an individual or all chips in the devices will result in the inconsistencies of the system-level fingerprint. We implement and verify the proposed scheme on the field programmable gate array (FPGA) platforms. Experimental results illustrate that the proposed framework can uniquely and accurately identify any or all of the thefts to the embedded system hardware at low silicon overhead.
This is a preview of subscription content, log in to check access.
Buy single article
Instant access to the full article PDF.
Price includes VAT for USA
Subscribe to journal
Immediate online access to all issues from 2019. Subscription will auto renew annually.
This is the net price. Taxes to be calculated in checkout.
Anderson, J.H.: A PUF design for secure FPGA-based embedded systems. In: ASP-DAC, pp 1–6 (2010)
Bai, C., Zou, X., Dai, K.: A novel Thyristor-based silicon physical unclonable function. IEEE Trans. Very Large Scale Integr. VLSI Syst. 24(1), 290–300 (2016)
Basak, A., Bhunia, S., Tkacik, T., Ray, S.: Security assurance for system-on-chip designs with untrusted IPs. IEEE Trans. Inf. Forensics Secur. 12(7), 1515–1528 (2017)
Cao, Y., Liu, C.Q., Chang, C.H.: A low power diode-clamped inverter-based strong physical unclonable function for robust and lightweight authentication. IEEE Trans. Circuits Syst. I, Reg. Papers. https://doi.org/10.1109/TCSI.2018.2855061 (2018)
Chatterjee, B., Das, D., Maity, S., Sen, S.: RF-PUF: enhancing IoT security through authentication of wireless nodes using in-situ machine learning, IEEE Internet of Things Journal, to be published. https://doi.org/10.1109/JIOT.2018.2849324 (2018)
Gassend, B., Clarke, D., Dijk, M.V., Devadas, S.: Silicon physical random. In: CCS. functions, pp 148–160 (2002)
Helinski, R., Acharyya, D., Plusquellic, J.: A physical unclonable function deflned using power distribution system equivalent resistance variations. In: DAC, pp 676–681 (2009)
Holcomb, D.E., Burleson, W.P., Fu, K.: Power-up SRAM state as an identifying flngerprint and source of true random numbers. IEEE Trans. Comput. 58(9), 1198–1210 (2009)
Hussain, S.U., Majzoobi, M., Koushanfar, F.: A built-in-self-test scheme for online evaluation of physical unclonable functions and true random number generators. IEEE Trans. Multi-Scale Comput. Syst. 2(1), 2–16 (2016)
Jin, F., Chen, Z.: Combinatorial coding theory and its applications, vol. 7-10. Shanghai Scientific and Technical Publisher, Shanghai (1995)
Johnson, A.P., Chakraborty, R.S., Mukhopadhyay, D.: A PUF-enabled secure architecture for FPGA-based IoT applications. IEEE Trans. Multi-Scale Comput. Syst. 1(2), 110–122 (2015)
Kodytek, F., Lorencz, R.: A ring oscillator based PUF proposal on FPGA. In: PAD, pp 23–32 (2016)
Kumar, S.S., Guajardo, J., Maes, R.: Extended abstract: the butterfly PUF protecting IP on every FPGA. In: HOST, pp 67–70 (2008)
Lin, L., Dan, H., Krishnappa, D.K., Shabadi, P., Burleson, W.: Low-power sub-threshold design of secure physical unclonable functions. In: ISLPED, pp 43–48 (2010)
Lin, L., Srivathsa, S., Krishnappa, D.K., Shabadi, P., Burleson, W.: Design and validation of Arbiter-based PUFs for sub-45-nm low-power security applications. IEEE Trans. Inf. Forensics Secur. 7(4), 1394–1403 (2012)
Lipps, C., Krummacker, D., Fischer, C., Schotten, H.D.: Proof of concept for IoT device authentication based on SRAM PUFs using ATMEGA 2560-MCU. In: ISDIS, pp 1–7 (2018)
Liu, N., Hanson, S., Sylvester, D., Blaauw, D.: OxID: on-chip one-time random ID generation using oxide breakdown. In: VLSIC, pp 231–232 (2010)
Liu, Y.H.: Introduction to internet of things, pp 283–288. Science China Press, Peking (2011)
Maiti, A., Schaumont, P.: Improved ring oscillator PUF: an FPGA-friendly secure primitive. J. Cryptol. 24(2), 375–397 (2011)
Maiti, A., Kim, I., Schaumont, P.: A robust physical unclonable function with enhanced challenge-response set. IEEE Trans. Inf. Forensics Secur. 7(1), 333–345 (2012)
Majzoobi, M., Koushanfar, F., Devadas, S.: FPGA PUF using programmable delay lines. In: WIFS, pp 1–6 (2011)
Mathew, S.K., Satpathy, S.K., Anders, M.A., Kaul, H., Hsu, S., Agawal, A., Chen, G.K., Parker, R.J., Krishnamurthy, R.K., De, V.: A 0.19pJ/b PVTVariation-tolerant hybrid physically unclonable function circuit for 100% stable secure key generation in 22Nm CMOS. In: ISSCC, pp 278–279 (2014)
Morozov, S., Maiti, A., Schaumont, P.: An analysis of delay based PUF implementations on FPGA. In: ARC, pp 382–394 (2010)
Mustapa, M., Niamat, M., Alam, M., Killian, T.: Frequency uniqueness in ring oscillator physical unclonable functions on FPGAs. In: MWSCAS, pp 465–468 (2013)
Rk, E., Hammouri, G., Sunar, B.: Towards robust low cost authentication for pervasive devices. In: Percom, pp 170–178 (2008)
Satheesh, N., Mahapatra, A., Sudeendra, K.K., Sahoo, S., Mahapatra, K.K.: A modified RO-PUF with improved security metrics on FPGA. In: INIS, pp 178–181 (2017)
Sengupta, A., Kundu, S.: Securing IoT hardware: threat models and reliable, low-power design solutions. IEEE Trans. Very Large Scale Integr. VLSI Syst. 25(12), 3265–3267 (2017)
Skoric, B., Maubach, S., Kevenaar, T., Tuyls, P.: Information theoretic analysis of capacitive physical unclonable functions. J. Appl. Phys. 100(2), 14–155 (2006)
Sudeendra, K.K., Sahoo, S., Mahapatra, A., Swain, A.K.: Security enhancements to system on chip devices for IoT perception layer. In: INIS, pp 151–156 (2017)
Suh, G.E., Devadas, S.: Physical unclonable functions for device authentication and secret key generation. In: DAC, pp 9–14 (2007)
Sun, X., Li, M., Wang, H., Plank, A.: An efficient hash-based algorithm for minimal k-anonymity. In: ACSC, pp 101–107 (2008)
Sutar, S., Raha, A., Kulkarni, D.M., Raghunathan, V.: D-PUF: an intrinsically reconfigurable DRAM PUF for device authentication and random number generation. IEEE Trans. Embed. Comput. Syst. 17(1), 1–31 (2017)
Wang, X.M., Zheng, Y., Basak, A., Bhunia, S.: IIPS: infrastructure IP for secure SoC design. IEEE Trans. Comput. 64(8), 2226–2238 (2015)
Xin, X., Kaps, J.P., Gaj, K.: A configurable ring-oscillator-based PUF for Xilinx FPGAs. In: DSD, pp 651–657 (2011)
Yin, C.E., Qu, G.: Improving PUF security with regression-based distiller. In: DAC, pp 1–6 (2013)
Yu, H., Leong, P.H.W., Xu, Q.: An FPGA chip identification generator using configurable ring oscillators. IEEE Trans. Very Large Scale Integr. VLSI Syst. 20(12), 2198–2207 (2012)
Zhang, J.R., Xue, J.F.: A new physical unclonable functions based on measuring power distribution system resistance variations. In: ICASID, pp 1–3 (2012)
Zhang, J.L., Qu, G., Lv, Y.Q., Zhou, Q.: A survey on silicon PUFs and recent advances in ring oscillator PUFs. J. Comput. Sci. Technol. 29(4), 664–678 (2014)
Zhang, J., Tao, X., Wang, H.: Outlier detection from large distributed databases. World Wide Web Int. Web Inf. Syst. 17(4), 539–568 (2014)
Zhang, J.L., Wu, Q., Ding, Y.P.: Techniques for design and implementation of an FPGA-specific physical unclonable function. J. Comput. Sci. Technol. 31(1), 124–136 (2016)
Zhang, Y., Shen, Y., Wang, H., Yong, J., Jiang, X.: On secure wireless communications for IoT under eavesdropper collusion. IEEE Trans. Autom. Sci. Eng. 13(3), 1281–1293 (2016)
This work was supported by grant the National Natural Science Foundation of China Program (Program ID 61572385, 61702395), and completed under guidance of Professor Quan Wang. Opinions, findings, conclusions and recommendations expressed in this material are those of the authors and may not reflect the view of the funding entities. Professor Quan Wang is the corresponding author.
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
This work is extended on the basic of previous work, a paper which has been accepted by the international conference of NaNA2018.
This article belongs to the Topical Collection: Special Issue on Security and Privacy in Network Computing
Guest Editors: Xiaohong Jiang, Yongzhi Wang, Tarik Taleb, and Hua Wang
About this article
Cite this article
Huang, Z., Wang, Q. A PUF-based unified identity verification framework for secure IoT hardware via device authentication. World Wide Web 23, 1057–1088 (2020). https://doi.org/10.1007/s11280-019-00677-x
- Hardware security
- Embedded systems
- Device authentication