scispace - formally typeset
Search or ask a question
Journal ArticleDOI

Physical unclonable functions based secret keys scheme for securing big data infrastructure communication

TL;DR: Protecting the storage of ZigBee secret keys and showing how Physical Unclonable Functions (PUFs) can help the ZigBee devices to be robust tamper-resistant against the physical attacks are focused on.
About: This article is published in Information Sciences.The article was published on 2019-11-01. It has received 5 citations till now. The article focuses on the topics: Key generation & Hardware security module.
Citations
More filters
Journal ArticleDOI
TL;DR: In this paper, a lightweight architecture and protocols for consortium blockchain-based identity management are proposed to address privacy, security, and scalability issues in a centralized system for IoT, and a proof-of-concept prototype is implemented and evaluated.
Abstract: Identity management is a fundamental feature of Internet of Things (IoT) ecosystem, particularly for IoT data access control. However, most of the actual works adopt centralized approaches, which could lead to a single point of failure and privacy issues that are tied to the use of a trusted third parties. A consortium blockchain is an emerging technology that provides a neutral and trustable computation and storage platform that is suitable for building identity management solutions for IoT. This paper proposes a lightweight architecture and the associated protocols for consortium blockchain-based identity management to address privacy, security, and scalability issues in a centralized system for IoT. Besides, we implement a proof-of-concept prototype and evaluate our approach. We evaluate our work by measuring the latency and throughput of the transactions while using different query actions and payload sizes, and we compared it to other similar works. The results show that the approach is suitable for business adoption.

38 citations

Journal ArticleDOI
01 Apr 2021
TL;DR: A lightweight, robust static random access memory (SRAM)-PUF-based entity authentication scheme to guarantee that the accessed end devices are trustable and can efficiently authenticate resources-constrained IoT devices with a low computation overhead and small memory capacity is proposed.
Abstract: With the development of the cloud-based Internet of Things (IoT), people and things can request services, access data, or control actuators located thousands of miles away. The entity authentication of the remotely accessed devices is an essential part of the security systems. In this vein, physical unclonable functions (PUFs) are a hot research topic, especially for generating random, stable, and tamper-resistant fingerprints. This article proposes a lightweight, robust static random access memory (SRAM)-PUF-based entity authentication scheme to guarantee that the accessed end devices are trustable. The proposed scheme uses challenge-response pairs (CRPs) represented by reordered memory addresses as challenges and the corresponding SRAM cells’ startup values as responses. The experimental results show that our scheme can efficiently authenticate resources-constrained IoT devices with a low computation overhead and small memory capacity. Furthermore, we analyze the SRAM-PUF by testing the PUF output under different environmental conditions, including temperature and magnetic field, in addition to exploring the effect of writing different values to the SRAM cells on the stability of their startup values.

29 citations


Cites background or methods or result from "Physical unclonable functions based..."

  • ...These results are very close to the ones published in [12] and [14]....

    [...]

  • ...Therefore, the hashing tables in the NVM need protection by encrypting them using a hardware key derived from the SRAM-PUF [12]....

    [...]

  • ...attacks, including physical attacks, such as devices tampering, reading out the devices’ NVM, and extracting the devices’ secrets [12]....

    [...]

Journal ArticleDOI
TL;DR: The proposed solutions, show their advantages and schemes, highlight some of the newest IoT-enabled applications, and show how they benefit from applying the new paradigms are listed.
Abstract: Internet-of-Things (IoT)-enabled sensors and services have increased exponentially recently. Transmitting the massive generated data and control messages becomes an overhead on the communication system infrastructure. Many architectures and paradigms have been introduced to address the connection exploding, such as cloudlets, fog, and mist computing. Besides, software-related solutions, such as mobile Internet technologies and software-defined network also take part in mitigating the communication overhead. All of those new techniques have the same purposes summarized in achieving low latency, high throughput, and less storage and computing at the cloud level in addition to other objectives discussed through this survey. We list the proposed solutions, show their advantages and schemes, highlight some of the newest IoT-enabled applications, and show how they benefit from applying the new paradigms.

15 citations

Journal ArticleDOI
TL;DR: A multiple-input, multilayer-perceptron-based method for classifying power traces, in which a probability is assigned to each class, indicating the likelihood that each trace corresponds to the label for further recovering the key.
Abstract: Side-channel analysis concerns cryptanalytic attacks that exploit the physical environment of cryptographic modules by analyzing leaking emanations and obtaining the encryption key. We propose a multiple-input, multilayer-perceptron-based method for classifying power traces, in which a probability is assigned to each class, indicating the likelihood that each trace corresponds to the label for further recovering the key.

3 citations

Journal ArticleDOI
TL;DR: In this paper , a neural network learning-based approximation algorithm is proposed to separate the coupling influence, and then estimate the lumped uncertain nonlinearities, which is done by using the separated data as the input of the neural networks.

1 citations

References
More filters
Book ChapterDOI
10 Sep 2007
TL;DR: New protocols for the IP protection problem on FPGAs are proposed and the first construction of a PUF intrinsic to current FPGA based on SRAM memory randomness present on current FFPAs is provided.
Abstract: In recent years, IP protection of FPGA hardware designs has become a requirement for many IP vendors. In [34], Simpson and Schaumont proposed a fundamentally different approach to IP protection on FPGAs based on the use of Physical Unclonable Functions (PUFs). Their work only assumes the existence of a PUF on the FPGAs without actually proposing a PUF construction. In this paper, we propose new protocols for the IP protection problem on FPGAs and provide the first construction of a PUF intrinsic to current FPGAs based on SRAM memory randomness present on current FPGAs. We analyze SRAM-based PUF statistical properties and investigate the trade offs that can be made when implementing a fuzzy extractor.

1,235 citations

Journal ArticleDOI
TL;DR: It is demonstrated that a 512-byte SRAM fingerprint contains sufficient entropy to generate 128-bit true random numbers and that the generated numbers pass the NIST tests for runs, approximate entropy, and block frequency.
Abstract: Intermittently powered applications create a need for low-cost security and privacy in potentially hostile environments, supported by primitives including identification and random number generation. Our measurements show that power-up of SRAM produces a physical fingerprint. We propose a system of fingerprint extraction and random numbers in SRAM (FERNS) that harvests static identity and randomness from existing volatile CMOS memory without requiring any dedicated circuitry. The identity results from manufacture-time physically random device threshold voltage mismatch, and the random numbers result from runtime physically random noise. We use experimental data from high-performance SRAM chips and the embedded SRAM of the WISP UHF RFID tag to validate the principles behind FERNS. For the SRAM chip, we demonstrate that 8-byte fingerprints can uniquely identify circuits among a population of 5,120 instances and extrapolate that 24-byte fingerprints would uniquely identify all instances ever produced. Using a smaller population, we demonstrate similar identifying ability from the embedded SRAM. In addition to identification, we show that SRAM fingerprints capture noise, enabling true random number generation. We demonstrate that a 512-byte SRAM fingerprint contains sufficient entropy to generate 128-bit true random numbers and that the generated numbers pass the NIST tests for runs, approximate entropy, and block frequency.

846 citations

Proceedings ArticleDOI
09 Dec 2002
TL;DR: Controlled physical random functions (CPUFs) are introduced which are PUFs that can only be accessed via an algorithm that is physically bound to the PUF in an inseparable way.
Abstract: A physical random function (PUF) is a random function that can only be evaluated with the help of a complex physical system. We introduce controlled physical random functions (CPUFs) which are PUFs that can only be accessed via an algorithm that is physically bound to the PUF in an inseparable way. CPUFs can be used to establish a shared secret between a physical device and a remote user. We present protocols that make this possible in a secure and flexible way, even in the case of multiple mutually mistrusting parties. Once established, the shared secret can be used to enable a wide range of applications. We describe certified execution, where a certificate is produced that proves that a specific computation was carried out on a specific processor. Certified execution has many benefits, including protection against malicious nodes in distributed computation networks. We also briefly discuss a software licensing application.

430 citations

Journal ArticleDOI
TL;DR: In this paper, the security and privacy effects of eight IoT new features were discussed, including the threats they cause, existing solutions and challenges yet to be solved, and the developing trend of IoT security research and reveals how IoT features affect existing security research.
Abstract: The future of Internet of Things (IoT) is already upon us. IoT applications have been widely used in many field of social production and social living such as healthcare, energy and industrial automation. While enjoying the convenience and efficiency that IoT brings to us, new threats from IoT also have emerged. There are increasing research works to ease these threats, but many problems remain open. To better understand the essential reasons of new threats and the challenges in current research, this survey first proposes the concept of "IoT features". Then, the security and privacy effects of eight IoT new features were discussed including the threats they cause, existing solutions and challenges yet to be solved. To help researchers follow the up-to-date works in this field, this paper finally illustrates the developing trend of IoT security research and reveals how IoT features affect existing security research by investigating most existing research works related to IoT security from 2013 to 2017.

326 citations

Journal ArticleDOI
TL;DR: Experiments show that the technique to reliably and securely identify individual integrated circuits (ICs) based on the precise measurement of circuit delays and a simple challenge–response protocol is viable, but that current implementations could require some strengthening before it can be considered as secure.
Abstract: This paper describes a technique to reliably and securely identify individual integrated circuits (ICs) based on the precise measurement of circuit delays and a simple challenge–response protocol. This technique could be used to produce key-cards that are more difficult to clone than ones involving digital keys on the IC. We consider potential venues of attack against our system, and present candidate implementations. Experiments on Field Programmable Gate Arrays show that the technique is viable, but that our current implementations could require some strengthening before it can be considered as secure. Copyright © 2004 John Wiley & Sons, Ltd.

317 citations