Wirelessly connected smart embedded devices, forming the so called Internet of Things network, have achieved unprecedented levels of diffusion as they are adopted in many application domains, ranging from goods transportation to eHealth monitoring infrastructure. As they are always inherently connected, hence exposed to attacks, and as they densely populate our daily life collecting, managing and elaborating data, security has drawn a lot of attention in the literature. In a crowded network, classical security approaches may be not adequate, since they require secret sharing or public key distribution infrastructures. Physically Unclonable Functions (PUFs), introduced so far, are exploitable as security primitives, providing easy authentication and secure key storage mechanisms. Traditional PUF authentication schemes rely on the enrollment of some challenge/response pairs (CRPs), extracted before each device is issued, as it is not feasible to retrieve the whole CRPs set. Moreover, accomplishing such a procedure may introduce a significant overhead due to the cardinality of extracted CRPs and due to size of the device population. To avoid these issues, in this paper we exploit the knowledge of a PUF model in order to make available the whole CRPs set, and, by adopting an encryption scheme, we hide it to avoid model based attacks which can be performed on CRPs sent in clear. To this aim, we show an implementation based on the Anderson PUF and on AES, realized on a Xilinx Zynq-7000 Field Programmable Gate Array.
Authenticating IoT Devices with Physically Unclonable Functions Models / Barbareschi, M.; Bagnasco, P.; Mazzeo, A.. - (2015), pp. 563-567. (Intervento presentato al convegno 10th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, 3PGCIC 2015 tenutosi a pol nel 2015) [10.1109/3PGCIC.2015.117].
Authenticating IoT Devices with Physically Unclonable Functions Models
Barbareschi M.;
2015
Abstract
Wirelessly connected smart embedded devices, forming the so called Internet of Things network, have achieved unprecedented levels of diffusion as they are adopted in many application domains, ranging from goods transportation to eHealth monitoring infrastructure. As they are always inherently connected, hence exposed to attacks, and as they densely populate our daily life collecting, managing and elaborating data, security has drawn a lot of attention in the literature. In a crowded network, classical security approaches may be not adequate, since they require secret sharing or public key distribution infrastructures. Physically Unclonable Functions (PUFs), introduced so far, are exploitable as security primitives, providing easy authentication and secure key storage mechanisms. Traditional PUF authentication schemes rely on the enrollment of some challenge/response pairs (CRPs), extracted before each device is issued, as it is not feasible to retrieve the whole CRPs set. Moreover, accomplishing such a procedure may introduce a significant overhead due to the cardinality of extracted CRPs and due to size of the device population. To avoid these issues, in this paper we exploit the knowledge of a PUF model in order to make available the whole CRPs set, and, by adopting an encryption scheme, we hide it to avoid model based attacks which can be performed on CRPs sent in clear. To this aim, we show an implementation based on the Anderson PUF and on AES, realized on a Xilinx Zynq-7000 Field Programmable Gate Array.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.