Device authentication is an important issue in Internet of Things (IoT) for enabling the connection of ubiquitous objects/things to the Internet. One of the emerging authentication approaches is based on some device characteristic (fingerprint) such as its type, firmware version, or signature. The usage of a Physically Unclonable Function (PUF) as device ``digital fingerprint'' for authentication has attracted great interest, however existing solutions present security drawbacks related to the authentication protocol, or to the poor reliability of the adopted PUF technology. The authentication protocol may require challenge-response pairs to be stored in a dependable repository, with an elevated risk of information leakage. To overcome the above limitations, this paper presents a reliable CMOS-PUF which produces a stable output that is used as private key in an authentication protocol based on Elliptic Curve Cryptography (ECC). The overall device architecture embeds the PUF and ECC components in a memory-less framework so that the device is resilient to cyberattacks and capable to perform authentication tasks with a stable and durable identity. The main advantages of the proposed framework are that no challenge-response pairs need to be previously stored, and no error correction mechanism is needed. A prototype implementation of the CMOS-PUF is sketched and three important key points (Randomness, Circuit Reliability and Security) of the proposed device authentication scheme are discussed as well.

Exploiting Silicon Fingerprint for Device Authentication Using CMOS-PUF and ECC

Carmelo Felicetti
;
Marco Lanuzza;Antonino Rullo
Methodology
;
Domenico Saccà;felice Crupi
2021-01-01

Abstract

Device authentication is an important issue in Internet of Things (IoT) for enabling the connection of ubiquitous objects/things to the Internet. One of the emerging authentication approaches is based on some device characteristic (fingerprint) such as its type, firmware version, or signature. The usage of a Physically Unclonable Function (PUF) as device ``digital fingerprint'' for authentication has attracted great interest, however existing solutions present security drawbacks related to the authentication protocol, or to the poor reliability of the adopted PUF technology. The authentication protocol may require challenge-response pairs to be stored in a dependable repository, with an elevated risk of information leakage. To overcome the above limitations, this paper presents a reliable CMOS-PUF which produces a stable output that is used as private key in an authentication protocol based on Elliptic Curve Cryptography (ECC). The overall device architecture embeds the PUF and ECC components in a memory-less framework so that the device is resilient to cyberattacks and capable to perform authentication tasks with a stable and durable identity. The main advantages of the proposed framework are that no challenge-response pairs need to be previously stored, and no error correction mechanism is needed. A prototype implementation of the CMOS-PUF is sketched and three important key points (Randomness, Circuit Reliability and Security) of the proposed device authentication scheme are discussed as well.
2021
Physical Unclonable Function, Elliptic Curve Cryptography, ECDSA, Authentication, Internet of Things
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.11770/324334
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 5
  • ???jsp.display-item.citation.isi??? ND
social impact