A PUF-based unified identity verification framework for secure IoT hardware via device authentication

Abstract

In the era of Internet-of-Things (IoTs), millions of smart devices are interconnected and communicated through networks. To guarantee the security and reliability of data transmission in IoT, the underlying hardware of these devices must first be secure and trusted. However, due to the inherent mobility nature of current embedded devices, IoT hardware could be vulnerable to diverse security threats from multiple malicious participants. Among them, device theft is becoming one of the most challenging security issues that have incurred a serious impact on copyright. To effectively alleviate this threat, silicon physical unclonable function (PUF) has been presented and considered to be a reliable anti-piracy solution to complete the device authentication and key storage. However, current PUF solutions are mostly focused on chip-level verification and cannot provide systematic identification and authentication. To this end, this article proposes a unified identity verification framework which can provide fine-grained protection for embedded devices against theft attacks from the system level. This framework is established on a series of PUF circuits that have been implanted into each individual chip of the devices. We first improve the configurable ring oscillator (CRO) PUFs with the latch structure. Therefore, a unique sub-digital signature of each chip can be generated by performing the challenge-response strategy. We then reassemble all the sub-digital signatures and encode them to acquire the unique fingerprint of each embedded device, so as to achieve system-level device identification and authentication. Any substitution of an individual or all chips in the devices will result in the inconsistencies of the system-level fingerprint. We implement and verify the proposed scheme on the field programmable gate array (FPGA) platforms. Experimental results illustrate that the proposed framework can uniquely and accurately identify any or all of the thefts to the embedded system hardware at low silicon overhead.

This is a preview of subscription content, log in to check access.

Figure 1
Figure 2
Figure 3
Figure 4
Figure 5
Figure 6
Figure 7
Figure 8
Figure 9
Figure 10
Figure 11
Figure 12
Figure 13
Figure 14
Figure 15
Figure 16
Figure 17
Figure 18
Figure 19
Figure 20
Figure 21
Figure 22
Figure 23
Figure 24
Figure 25
Figure 26
Figure 27
Figure 28

References

  1. 1.

    Anderson, J.H.: A PUF design for secure FPGA-based embedded systems. In: ASP-DAC, pp 1–6 (2010)

  2. 2.

    Bai, C., Zou, X., Dai, K.: A novel Thyristor-based silicon physical unclonable function. IEEE Trans. Very Large Scale Integr. VLSI Syst. 24(1), 290–300 (2016)

    Article  Google Scholar 

  3. 3.

    Basak, A., Bhunia, S., Tkacik, T., Ray, S.: Security assurance for system-on-chip designs with untrusted IPs. IEEE Trans. Inf. Forensics Secur. 12(7), 1515–1528 (2017)

    Article  Google Scholar 

  4. 4.

    Cao, Y., Liu, C.Q., Chang, C.H.: A low power diode-clamped inverter-based strong physical unclonable function for robust and lightweight authentication. IEEE Trans. Circuits Syst. I, Reg. Papers. https://doi.org/10.1109/TCSI.2018.2855061 (2018)

    Article  Google Scholar 

  5. 5.

    Chatterjee, B., Das, D., Maity, S., Sen, S.: RF-PUF: enhancing IoT security through authentication of wireless nodes using in-situ machine learning, IEEE Internet of Things Journal, to be published. https://doi.org/10.1109/JIOT.2018.2849324 (2018)

  6. 6.

    Gassend, B., Clarke, D., Dijk, M.V., Devadas, S.: Silicon physical random. In: CCS. functions, pp 148–160 (2002)

  7. 7.

    Helinski, R., Acharyya, D., Plusquellic, J.: A physical unclonable function deflned using power distribution system equivalent resistance variations. In: DAC, pp 676–681 (2009)

  8. 8.

    Holcomb, D.E., Burleson, W.P., Fu, K.: Power-up SRAM state as an identifying flngerprint and source of true random numbers. IEEE Trans. Comput. 58(9), 1198–1210 (2009)

    MathSciNet  Article  Google Scholar 

  9. 9.

    Hussain, S.U., Majzoobi, M., Koushanfar, F.: A built-in-self-test scheme for online evaluation of physical unclonable functions and true random number generators. IEEE Trans. Multi-Scale Comput. Syst. 2(1), 2–16 (2016)

    Article  Google Scholar 

  10. 10.

    Jin, F., Chen, Z.: Combinatorial coding theory and its applications, vol. 7-10. Shanghai Scientific and Technical Publisher, Shanghai (1995)

    Google Scholar 

  11. 11.

    Johnson, A.P., Chakraborty, R.S., Mukhopadhyay, D.: A PUF-enabled secure architecture for FPGA-based IoT applications. IEEE Trans. Multi-Scale Comput. Syst. 1(2), 110–122 (2015)

    Article  Google Scholar 

  12. 12.

    Kodytek, F., Lorencz, R.: A ring oscillator based PUF proposal on FPGA. In: PAD, pp 23–32 (2016)

  13. 13.

    Kumar, S.S., Guajardo, J., Maes, R.: Extended abstract: the butterfly PUF protecting IP on every FPGA. In: HOST, pp 67–70 (2008)

  14. 14.

    Lin, L., Dan, H., Krishnappa, D.K., Shabadi, P., Burleson, W.: Low-power sub-threshold design of secure physical unclonable functions. In: ISLPED, pp 43–48 (2010)

  15. 15.

    Lin, L., Srivathsa, S., Krishnappa, D.K., Shabadi, P., Burleson, W.: Design and validation of Arbiter-based PUFs for sub-45-nm low-power security applications. IEEE Trans. Inf. Forensics Secur. 7(4), 1394–1403 (2012)

    Article  Google Scholar 

  16. 16.

    Lipps, C., Krummacker, D., Fischer, C., Schotten, H.D.: Proof of concept for IoT device authentication based on SRAM PUFs using ATMEGA 2560-MCU. In: ISDIS, pp 1–7 (2018)

  17. 17.

    Liu, N., Hanson, S., Sylvester, D., Blaauw, D.: OxID: on-chip one-time random ID generation using oxide breakdown. In: VLSIC, pp 231–232 (2010)

  18. 18.

    Liu, Y.H.: Introduction to internet of things, pp 283–288. Science China Press, Peking (2011)

    Google Scholar 

  19. 19.

    Maiti, A., Schaumont, P.: Improved ring oscillator PUF: an FPGA-friendly secure primitive. J. Cryptol. 24(2), 375–397 (2011)

    MathSciNet  Article  Google Scholar 

  20. 20.

    Maiti, A., Kim, I., Schaumont, P.: A robust physical unclonable function with enhanced challenge-response set. IEEE Trans. Inf. Forensics Secur. 7(1), 333–345 (2012)

    Article  Google Scholar 

  21. 21.

    Majzoobi, M., Koushanfar, F., Devadas, S.: FPGA PUF using programmable delay lines. In: WIFS, pp 1–6 (2011)

  22. 22.

    Mathew, S.K., Satpathy, S.K., Anders, M.A., Kaul, H., Hsu, S., Agawal, A., Chen, G.K., Parker, R.J., Krishnamurthy, R.K., De, V.: A 0.19pJ/b PVTVariation-tolerant hybrid physically unclonable function circuit for 100% stable secure key generation in 22Nm CMOS. In: ISSCC, pp 278–279 (2014)

  23. 23.

    Morozov, S., Maiti, A., Schaumont, P.: An analysis of delay based PUF implementations on FPGA. In: ARC, pp 382–394 (2010)

    Google Scholar 

  24. 24.

    Mustapa, M., Niamat, M., Alam, M., Killian, T.: Frequency uniqueness in ring oscillator physical unclonable functions on FPGAs. In: MWSCAS, pp 465–468 (2013)

  25. 25.

    Rk, E., Hammouri, G., Sunar, B.: Towards robust low cost authentication for pervasive devices. In: Percom, pp 170–178 (2008)

  26. 26.

    Satheesh, N., Mahapatra, A., Sudeendra, K.K., Sahoo, S., Mahapatra, K.K.: A modified RO-PUF with improved security metrics on FPGA. In: INIS, pp 178–181 (2017)

  27. 27.

    Sengupta, A., Kundu, S.: Securing IoT hardware: threat models and reliable, low-power design solutions. IEEE Trans. Very Large Scale Integr. VLSI Syst. 25(12), 3265–3267 (2017)

    Article  Google Scholar 

  28. 28.

    Skoric, B., Maubach, S., Kevenaar, T., Tuyls, P.: Information theoretic analysis of capacitive physical unclonable functions. J. Appl. Phys. 100(2), 14–155 (2006)

    Article  Google Scholar 

  29. 29.

    Sudeendra, K.K., Sahoo, S., Mahapatra, A., Swain, A.K.: Security enhancements to system on chip devices for IoT perception layer. In: INIS, pp 151–156 (2017)

  30. 30.

    Suh, G.E., Devadas, S.: Physical unclonable functions for device authentication and secret key generation. In: DAC, pp 9–14 (2007)

  31. 31.

    Sun, X., Li, M., Wang, H., Plank, A.: An efficient hash-based algorithm for minimal k-anonymity. In: ACSC, pp 101–107 (2008)

  32. 32.

    Sutar, S., Raha, A., Kulkarni, D.M., Raghunathan, V.: D-PUF: an intrinsically reconfigurable DRAM PUF for device authentication and random number generation. IEEE Trans. Embed. Comput. Syst. 17(1), 1–31 (2017)

    Article  Google Scholar 

  33. 33.

    Wang, X.M., Zheng, Y., Basak, A., Bhunia, S.: IIPS: infrastructure IP for secure SoC design. IEEE Trans. Comput. 64(8), 2226–2238 (2015)

    MathSciNet  Article  Google Scholar 

  34. 34.

    Xin, X., Kaps, J.P., Gaj, K.: A configurable ring-oscillator-based PUF for Xilinx FPGAs. In: DSD, pp 651–657 (2011)

  35. 35.

    Yin, C.E., Qu, G.: Improving PUF security with regression-based distiller. In: DAC, pp 1–6 (2013)

  36. 36.

    Yu, H., Leong, P.H.W., Xu, Q.: An FPGA chip identification generator using configurable ring oscillators. IEEE Trans. Very Large Scale Integr. VLSI Syst. 20(12), 2198–2207 (2012)

    Article  Google Scholar 

  37. 37.

    Zhang, J.R., Xue, J.F.: A new physical unclonable functions based on measuring power distribution system resistance variations. In: ICASID, pp 1–3 (2012)

  38. 38.

    Zhang, J.L., Qu, G., Lv, Y.Q., Zhou, Q.: A survey on silicon PUFs and recent advances in ring oscillator PUFs. J. Comput. Sci. Technol. 29(4), 664–678 (2014)

    Article  Google Scholar 

  39. 39.

    Zhang, J., Tao, X., Wang, H.: Outlier detection from large distributed databases. World Wide Web Int. Web Inf. Syst. 17(4), 539–568 (2014)

    Article  Google Scholar 

  40. 40.

    Zhang, J.L., Wu, Q., Ding, Y.P.: Techniques for design and implementation of an FPGA-specific physical unclonable function. J. Comput. Sci. Technol. 31(1), 124–136 (2016)

    Article  Google Scholar 

  41. 41.

    Zhang, Y., Shen, Y., Wang, H., Yong, J., Jiang, X.: On secure wireless communications for IoT under eavesdropper collusion. IEEE Trans. Autom. Sci. Eng. 13(3), 1281–1293 (2016)

    Article  Google Scholar 

Download references

Acknowledgements

This work was supported by grant the National Natural Science Foundation of China Program (Program ID 61572385, 61702395), and completed under guidance of Professor Quan Wang. Opinions, findings, conclusions and recommendations expressed in this material are those of the authors and may not reflect the view of the funding entities. Professor Quan Wang is the corresponding author.

Author information

Affiliations

Authors

Corresponding author

Correspondence to Quan Wang.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

This work is extended on the basic of previous work, a paper which has been accepted by the international conference of NaNA2018.

This article belongs to the Topical Collection: Special Issue on Security and Privacy in Network Computing

Guest Editors: Xiaohong Jiang, Yongzhi Wang, Tarik Taleb, and Hua Wang

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Huang, Z., Wang, Q. A PUF-based unified identity verification framework for secure IoT hardware via device authentication. World Wide Web 23, 1057–1088 (2020). https://doi.org/10.1007/s11280-019-00677-x

Download citation

Keywords

  • IoT
  • Hardware security
  • PUF
  • FPGA
  • Embedded systems
  • Device authentication