Abstract
The proposed methods protect networks of client devices connected to a server containing physical unclonable functions, by generating session keys for secure cryptographic protocols. Hostile servers without known physical unclonable functions cannot generate these session keys, thereby are not trust-worthy to the client devices. During an initial set up cycle, each client device selects a set of passwords, and picks a first set of random numbers to hash these passwords multiple times. The resulting sets of message digests are converted by the server into sets of instructions to generate some responses from the physical functions; these initial responses are stored for future reference by the server. The client device picks a second set of random numbers smaller than the first set and repeat of the same scheme; the session keys are computed from the differences between both sets of random numbers. The sever can also get access independently to the session keys by finding a group of responses from its physical function that is similar to the initial responses. The proposed pseudo-homomorphic computations never disclose to the server the set of original passwords. We are suggesting ways to optimize the levels of protections and the performance of the session key generation in terms of latencies and entropy.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
National cybersecurity center of excellence: Zero Trust Architecture, NIST newsletter. https://www.nccoe.nist.gov/projects/building-blocks/zero-trust-architecture. Accessed 22 June 2021
Allan, D., Haddon E.: Zero Trust networks, the concepts, the strategies, and the reality (2021). https://doi.org/10.1016/B978-0-12-821442-8.00001-X
Jenzen, W.: Iterated password hash systems and methods for preserving password entropy. US patent 8,769,637 (2007)
Eldefrawy, M., Alghathbar, K., Khan, M.: One-time password authentication with infinite nested hash claims. Patent application US2013/0191899 A1
Champine, M., Kaufman, C.: Secure remote password validation. Patent 7,949,880 B2 (2010)
Kamakari, R., et al.: Relational encryption for password verification. US patent 10,129,028 (Nov 2018)
Roth, G., Rubin, G.: Distributed passcode verification system. Patent 9,967,249 (May 2018)
Cambou, B.: Password management with Addressable PUF generators. US Patent 11,010,465 (May 2021)
Cambou, B.: Password manager combining hashing functions and ternary PUFs. In: Arai, K., Bhatia, R., Kapoor, S. (eds.) Intelligent Computing: Proceedings of the 2019 Computing Conference, Volume 2, pp. 494–513. Springer International Publishing, Cham (2019). https://doi.org/10.1007/978-3-030-22868-2_37
Quigley, O., Waddle, J., Adida, B., Guise, M.: Homomorphic passcode encryption. US patent 10,719,828 (Jun 2020)
Quigley, O., Waddle, J., Adida, B., Guise, M., Boneh, D.: Splicing resistant homomorphic passcode encryption. US patent 9,646,306 (May 2017)
Assiri, F., Cambou, B.: Homomorphic Password Manager using Multi-Hash with PUFs. In: NAU D2019-045 (May 2019)
Cambou, B., Telesca, D.: Ternary computing to strengthen cybersecurity: development of ternary state based public key exchange. In: Arai, K., Kapoor, S., Bhatia, R. (eds.) Intelligent Computing: Proceedings of the 2018 Computing Conference, Volume 2, pp. 898–919. Springer International Publishing, Cham (2019). https://doi.org/10.1007/978-3-030-01177-2_67
Maeda, S., et al.: An artificial fingerprint device (AFD): a study of identification number applications utilizing characteristics variation of polycrystalline silicon TFTs. Trans. Electron Devices 50(6), 1451–1458 (2003)
Lofstrom, K., Daasch, W.R., Taylor, D.: IC identification circuits using device mismatch. In: Proceeding of ISSCC, pp. 372–373 (2000). http://kl-ic.com/isscc2K.pdf
Alkabani, Y., Koushanfar, F., Kiyavash, N., Potkonjak, M.: Trusted integrated circuits: a nondestructive hidden characteristics extraction approach. In: Solanki, K., Sullivan, K., Madhow, U. (eds.) IH 2008. LNCS, vol. 5284, pp. 102–117. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-88961-8_8
Huang, J., Lach, J.: IC activation and user authentication for security-sensitive systems. In: Proceeding of IEEE International Workshop on Hardware-Oriented Security and Trust, pp. 79–83 (2008)
Suh, G.E., Devadas, S.: Physical unclonable functions for device authentication and secret key generation. In: Proceeding of Design Automation Conference, pp. 9–14 (2007)
Simpson, E., Schaumont, P.: Offline hardware/software authentication for reconfigurable platforms. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 311–323. Springer, Heidelberg (2006). https://doi.org/10.1007/11894063_25
Guajardo, J., Kumar, S.S., Schrijen, G.-J., Tuyls, P.: PUFs and public key crypto for FPGA IP protection. In: Conference on Field Programmable Logic and Applications, pp. 189–195 (2007)
Kumar. S.S., Guajardo, J., Maes, R., Schrijen, G.J., Tuyls, P.: Extended abstract: the butterfly PUF protecting IP on every FPGA. In: Proceeding of IEEE International Workshop HOST, pp. 70–73 (2008). https://www.esat.kuleuven.be/cosic/publications/article-1154.pdf
Alkabani, Y., Koushanfar, F., Potkonjak, M.: Remote activation of ICs for piracy prevention and digital right management. In: Proceeding of International Conference on CAD, pp. 674−677 (2007)
Guajardo, J., Kumar, S.S., Schrijen, G., Tuyls, P.: Brand and IP protection with physical unclonable functions. In: IEEE Symposium on Circuits and Systems, pp. 3186–3189 (2008)
Herder, C., Yu, M., Koushanfar, F., Devadas, S.: Physical unclonable functions and applications: a tutorial. Proc. IEEE 102(8), 1126–1141 (2014). https://doi.org/10.1109/JPROC.2014.2320516
Yoshimoto, Y., Katoh, Y., Ogasahara, S., Wei, Z., Kouno, K.: A ReRAM-based PU?F with bit error rate < 0.5% after 10 years at 125 °C for 40 nm embedded application. In: 2016 IEEE, Honolulu, HI, pp. 1–2 (2016). https://doi.org/10.1109/VLSIT.2016.7573433
Liu, R., Wu, H., Pang, Y., Qian, H., Yu, S.: A highly reliable and tamper-resistant RRAM PUF: design and experimental validation. In: 2016 IEEE-HOST, McLean, VA, pp. 13−18 (2016).https://doi.org/10.1109/HOST.2016.7495549
Delvaux, J., Verbauwhede, I.: Key-recovery attacks on various RO PUF constructions via helper data manipulation. In: Proceedings -Design, Automation and Test in Europe, DATE, pp. 1−6 (2014).https://doi.org/10.7873/DATE.2014.085
Zhao, X., Zhao, Q., Liu, Y., Zhang, F.: An ultracompact switching-voltage-based fully reconfigurable RRAM PUF with low native instability. IEEE Trans. Electron Devices 67(7), 3010–3013 (2020). https://doi.org/10.1109/TED.2020.2996181
Lin, B., et al.: A Novel Bi-functional Memory-PUF Module Utilizing Adjustable Switching Window of RRAM, pp. 1–4 (2020). https://doi.org/10.1109/EDTM47692.2020.9117813
Yang, J., et al.: A PUF with BER < 0.35% for Secure Chip Authentication Using Write Speed Variation of RRAM, pp. 54–57 (2018). https://doi.org/10.1109/ESSDERC.2018.8486888
Pang, Y., et al.: Design and optimization of strong Physical Unclonable Function (PUF) based on RRAM array. In: 2017 International Symposium on VLSI Technology, Systems and Application (VLSI-TSA), pp. 1–2 (2017). https://doi.org/10.1109/VLSI-TSA.2017.7942473
Uddin, M., Majumder, M.B., Rose, G.S.: Robustness analysis of a memristive crossbar PUF against modeling attacks. IEEE Trans. Nanotechnol. 16(3), 396–405 (2017). https://doi.org/10.1109/TNANO.2017.2677882
Shrivastava, A., Chen, P., Cao, Y., Yu, S., Chakrabarti, C.: Design of a reliable RRAM-based PUF for compact hardware security primitives. In: 2016 IEEE-ISCAS, Montreal, QC, pp. 2326−23292016). https://doi.org/10.1109/ISCAS.2016.7539050
Pang, Y., et al.: 25.2 A reconfigurable RRAM physically unclonable function utilizing post-process randomness source with <6×10−6 native bit error rate. In: 2019 IEEE-ISSCC, San Francisco, CA, USA, pp. 402−404 (2019).https://doi.org/10.1109/ISSCC.2019.8662307
Helfmeier, C., et al.: Cloning physically unclonable functions. Hardware-Oriented Security and Trust (HOST). In: 2013 IEEE International Symposium. IEEE (2013)
Microchip: Security IC Solutions for Authentication. https://www.microchip.com/en-us/products/security-ics. Accessed 30 June 2021
Acknowledgment
The authors are thanking the research team from Northern Arizona University, and from the Information Directorate of the US Air Force Research Laboratory (AFRL) Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of AFRL.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Cambou, B., Telesca, D., Jacinto, H.S. (2022). PUF-Protected Methods to Generate Session Keys. In: Arai, K. (eds) Advances in Information and Communication. FICC 2022. Lecture Notes in Networks and Systems, vol 439. Springer, Cham. https://doi.org/10.1007/978-3-030-98015-3_51
Download citation
DOI: https://doi.org/10.1007/978-3-030-98015-3_51
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-98014-6
Online ISBN: 978-3-030-98015-3
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)