Your search keyword '"PUF"' showing total 582 results

1. Security authentication scheme based on chebyshev chaotic mapping for library network

Author

Xiao, Wei, Liu, Baisong, and Yin, Wenting

Published

2024

2. A hybrid approach based on PUF and ML to protect MQTT based IoT system from DDoS attacks.

Author

Sharma, Ankit and Bhushan, Kriti

Subjects

*DENIAL of service attacks, *MACHINE learning, *FEATURE selection, *DECISION trees, *BROKERS, *MACHINE-to-machine communications

Abstract

IoT application uses MQTT, an application layer protocol that facilitates machine-to-machine communication using a central entity called broker. The vulnerability lies in the broker being susceptible to intrusion attempts, where a potential attacker might engage in a Distributed Denial of Service attack. Such an attack involves repetitively transmitting large number of malicious messages or counterfeit connect requests. To send large messages, the attackers must breach the authentication process of MQTT. MQTT employs two authentication approaches to safeguard its system: certificate-based and credential-based authentication. Credential-based authentication is popular as it is easy to implement. However, in MQTT, credential-based authentication is vulnerable to various attacks as credentials are transmitted in plain-text form. In literature, authors have explored different cryptography-based solutions to address these challenges. However, implementing these solutions in IoT systems is impractical due to the substantial computational requirements at the broker and the end devices. The primary objective of this work centres around formulating a PUF-based authentication policy and designing an IDS to track the behaviour of incoming traffic. In the proposed authentication scheme, the PUF mechanisms generate credentials to establish authenticity, thus protecting the network from password-based vulnerabilities like dictionary-based attacks. The second security module of this research implements a Machine Learning based IDS system to track and block fake connect requests in real-time. The proposed IDS system comprises Decision Tree and Neural Network algorithms that operate in parallel. In order to maintain the lightweight nature of the ML model, the system incorporates a feature selection technique. The result section shows that the proposed system effectively and efficiently recognizes fake connect requests in real-time and consumes minimal energy. Additionally, the proposed scheme requires less time than existing schemes in the literature. [ABSTRACT FROM AUTHOR]

Published

2024

3. AMCB: Authenticated Medical Cyber-Physical Blockchain model.

Author

Al-Ghuraybi, Hind A., AlZain, Mohammed A., and Soh, Ben

Abstract

At a time when technology is spreading rapidly and widely, technology has become a necessity in daily life and practical life, and this led to the emergence of many cyber-physical systems (CPS), among which the medical cyber-physical systems (MCPS) have emerged, which is one application of CPS that is particularly concerned with patients and health care providers. These systems generate a large amount of data that may be difficult to process and store, in addition to unauthorized access to these systems, which affects their protection. This paper presents a proposed Authenticated Medical Cyber-Physical Blockchain (AMCB) model in Medical Cyber-Physical Systems (MCPS) using Blockchain technology, machine learning, and physically unclonable function (PUF) to enhance the authentication process by controlling the access to electronic health records (EHR) that stored on the cloud server and physical authentication. In addition, it analyzes the data generated from the authorized devices to ensure that the devices do not contain malicious. This paper presents an experiment based on the medical Internet of Things (IoMT) dataset using K-nearest neighbors (k-NN), Random Forest (RF), Naive Bayes and Supporting Vector Machine (SVM) for malicious detection to test the proposed model's accuracy. The Random Forest (RF) classifier gave more accurate results based on the preliminary results with a slight difference from k-NN. [ABSTRACT FROM AUTHOR]

Published

2024

4. A secured trusted routing using the structure of a novel directed acyclic graph-blockchain in mobile ad hoc network internet of things environment.

Author

Ilakkiya, N. and Rajaram, A.

Abstract

In the contemporary technology context, several physical things may be used to support human activities. The Internet of Things is a cutting-edge technology solution that is used to link physical items with the digital world via a range of networks as well as communication technologies. The Internet of Things benefits from the smart settings in which mobile ad hoc networks (MANET) operate, making it more appealing to users and financially viable. Wireless sensors with MANETs may be integrated using the Internet of Things to develop new MANET-IoT devices and IT-based networks. Such a strategy lowers network deployment costs while increasing user mobility. That does, however, also bring up fresh, challenging issues about networking concerns. We introduced a new DAG-Blockchain architecture for MANET-IoT security in this study. The Multi-Factor PUF identification technique protects the network. Network topology is separated into clusters with all allowed nodes. We introduced the Secure Trust-based Dijikstra's Method with numerous criteria for secure data transfer. We presented a Bi-Directional GRU for deep packet analysis. Deep packet inspection is used to identify intrusions, which are then blocked by a blocking mechanism. The suggested method achieved increased efficiency in the packet delivery ratio, productivity, time analysis, detection accuracy, and security level using the combination of algorithms. The numerical findings from the simulation and analysis of the proposed DAG-IDS in the WSN-IoT network reveal significant improvements across various performance metrics. Specifically, the DAG-IDS demonstrates enhanced network lifetime, achieving up to 220 cycles compared to 100 cycles in the BLOCKCHAIN method. The analysis also highlights superior packet delivery ratios (PDR) exceeding 90%, reduced delays, and efficient throughput, showcasing the effectiveness of the proposed approach in optimizing the network's quality of service, energy efficiency, and security. [ABSTRACT FROM AUTHOR]

Published

2024

5. Advanced security framework for low Earth orbit satellites in space information network.

Author

Abdrabou, Mohammed, Gebali, Fayez, Shawky, Mahmoud A., Alluhaidan, Ala S., Mansour, Ahmed E., El-Rahman, Sahar A., Al-ahwal, Ayman, and Shamseldin, Tamer

Subjects

*LOW earth orbit satellites, *MARKOV processes, *EARTH stations, *INFORMATION networks, *SEED exchanges

Abstract

Recently, low Earth orbit (LEO) satellites have emerged as key players in space information network (SIN) due to their ability to provide global coverage. However, they remain susceptible to threats such as denial of service (DoS), man-in-the-middle (MITM), and spoofing attacks. In this paper, we propose a cross-layer security framework (CLSF) to address these vulnerabilities. Our approach begins by employing a physically unclonable function (PUF) at the upper layer to establish mutual authentication between legitimate satellites and ground stations, while also securely exchanging frequency seeds for the next phase. Following this, dynamic seed frequency hopping (DSFH) is applied at the physical layer to counter DoS, MITM, and spoofing attacks. Additionally, the frequency transitions of malicious satellites are modeled using a Markov chain. Our results demonstrate that the proposed CLSF, which integrates PUF and DSFH, delivers strong security performance. [ABSTRACT FROM AUTHOR]

Published

2024

6. An efficient hybrid multifactor mutual authentication and session key agreement scheme for patient monitoring system using IoMT.

Author

Rai, Shanvendra, Paul, Rituparna, Banerjee, Subhasish, and Meher, Preetisudha

Subjects

MULTI-factor authentication, INTELLIGENT sensors, INTERNET of things, PATIENT monitoring, HUMAN body

Abstract

The Internet of Medical Things (IoMT) provides such flexibility in our society where anyone can get medical treatment at any time, from anywhere. IoMT is a type of network where different resource-constraint physiological sensors are deployed in and/or on the human body that connects with the internet through the Gateway node, for monitoring purposes. However, due to the open nature of communication in the IoMT; the security, and privacy of patients' sensed data is very challenging, and that needs to be addressed, because any modification or alteration to it may lead to putting the life of a patient in danger. In this context, Chunka et al. proposed an authentication and key agreement (AKA) scheme for IoMT and claimed that the scheme has many security features and is easy to deploy. Unfortunately, it came to notice during this research that the scheme is vulnerable to multiple attacks, including replay, insider, smart card loss, eavesdropping, and server spoofing attacks, additionally failing to establish the session key agreement. So to overcome this issue, an efficient and improved multi-factor lightweight mutual AKA scheme is proposed through this article by incorporating a PUF-enabled sensor node and smart card for the users. To prove the superiority of the proposed schemes and to demonstrate the security features, the scheme is verified by formal security proof using the ROR model and informal proof using the AVISPA tool kit. In the end, a comprehensive analysis covering security, performance, and a comparative evaluation with existing similar approaches along with the Chunka et al. scheme demonstrates that the suggested approach not only achieves a higher level of protection against commonly recognized threats but also maintains an economically efficient mechanism concerning sensor nodes. [ABSTRACT FROM AUTHOR]

Published

2024

7. Adaptive PUF design to authenticate and evaluate heterogeneous IPs in edge computing.

Author

Hemavathy, S., Kokila, J., and Kanchana Bhaaskaran, V. S.

Subjects

*REAL-time computing, *INTEGRATED circuit design, *COMPUTER network traffic, *FINITE state machines, *PLURALITY voting

Abstract

Edge computing has become quintessential in commercial, healthcare, and industrial applications. It enables real-time data processing at the edge device, thus reducing the data traffic to the cloud and increasing the processing time efficiency. As an edge device, modern System-on-Chips (SoCs) provide scalability, security, and development in an integrated platform. Intellectual Property (IP) core reuse is a boon in SoCs that bridges the gap between integrated circuit design and fabrication. Such edge devices modeled by vendors are bound to ensure high security to avoid piracy. The proposed architecture provides a two-step authentication utilizing a Finite State Machine (FSM) with a secured key obtained from the newly structured Physical Unclonable Function (PUF) within the same edge device, with the primary goal of verifying several heterogeneous IPs to achieve the least power and energy. Two PUF designs, Anderson Arbiter PUF (AA-PUF) and Balanced AA-PUF, have been proposed for two different placements taking advantage of SoC-based architecture. The PUF characteristics have been experimentally validated with and without majority voting and demonstrate their proximity close to the desired value in ZedBoard. The proposed design is a strong PUF with less than 15% area overhead and power dissipation of 1.982 W for a 64-bit response. The experimental validation has evaluated that the power and energy consumptions are 2.56 W and 2.17 J for 52 heterogeneous IPs. [ABSTRACT FROM AUTHOR]

Published

2024

8. CrowdChain: A privacy-preserving crowdfunding system based on blockchain and PUF.

Author

He, Yueyue and Inoue, Koji

Subjects

AUDITING procedures, ASSET-liability management, CROWD funding, PROBLEM solving, BLOCKCHAINS

Abstract

Crowdfunding refers to the online collection of certain capital from a vast number of individuals or groups that each contribute a relatively small amount. Recently, the credibility of crowdfunding platforms has been undermined by fraudulent projects, inadequate fund management, and other forms of disorder. The decentralization and anti-tampering features of blockchain provide the possibility to solve the above problems, and many studies have proposed blockchain-based crowdfunding schemes. However, the existing state-of-the-art methods do not provide user authentication, transaction auditing, and identity management in a privacy-preserving way. Accordingly, this paper presents a novel blockchain-based crowdfunding system called CrowdChain. Initially, the distributed identity and BLS signature are employed to establish a user authentication mechanism, enabling CrowdChain to withstand Sybil attacks while preserving the non-linkability of user identities. Secondly, the physically unclonable function (PUF) is used to generate keys associated with digital identities that are not stored in external devices to resist physical attacks. Subsequently, a crowdfunding mechanism is constructed utilizing zero-knowledge proofs to facilitate streamlined auditing procedures while safeguarding the confidentiality of transactions. Additionally, the formal security analysis proves the security of the CrowdChain scheme. The system prototype is implemented on the Hyperledger Fabric. Empirical evidence indicates the viable efficiency of CrowdChain. [ABSTRACT FROM AUTHOR]

Published

2024

9. Enhancing MQTT-SN Security with a Lightweight PUF-Based Authentication and Encrypted Channel Establishment Scheme.

Author

Gong, Xiang, Kou, Ting, and Li, Yan

Subjects

*BUSINESS communication, *TIMESTAMPS, *PHYSICAL mobility, *INTERNET of things, *RANDOM numbers

Abstract

The communication of Industrial Internet of Things (IIoT) devices faces important security and privacy challenges. With the rapid increase in the number of devices, it is difficult for traditional security mechanisms to balance performance and security. Although schemes based on encryption and authentication exist, there are still difficulties in achieving lightweight security. In this paper, an authentication and key exchange scheme combining hardware security features and modern encryption technology is proposed for the MQTT-SN protocol, which is not considered security. The scheme uses Physical Unclonable Functions (PUFs) to generate unpredictable responses, and combines random numbers, time stamps, and shared keys to achieve two-way authentication and secure communication between devices and broker, effectively preventing network threats such as replay and man-in-the-middle attacks. Through verification, the proposed scheme has proved effective in terms of security and robustness, has computational and communication cost advantages compared with recent schemes, and provides higher availability. [ABSTRACT FROM AUTHOR]

Published

2024

10. Security authentication scheme based on chebyshev chaotic mapping for library network

Author

Wei Xiao, Baisong Liu, and Wenting Yin

Subjects

Library, Security, Chebyshev chaotic mapping, PUF, Engineering (General). Civil engineering (General), TA1-2040

Abstract

With the rapid advancement of information technology, the security of digital libraries, as critical platforms for modern knowledge dissemination, has become increasingly significant. User identity authentication in digital libraries is pivotal to ensuring system security. Traditional authentication methods often have security vulnerabilities and cannot effectively prevent unauthorized access. Therefore, this paper proposes a security authentication scheme based on chebyshev chaotic mapping for library. It addresses security issues in identity authentication in digital libraries. The proposed scheme integrates smart card, password and biometric factor, leveraging the chebyshev chaotic mapping algorithm to achieve stringent user authentication and generate secure session keys, thereby effectively countering security threats. Additionally, the scheme employs physical unclonable function (PUF) to enhance the protection of stored confidential data. The security of this scheme is rigorously analyzed using the Scyther. Security analysis and performance experiments indicate that the scheme not only ensures security but also optimizes authentication efficiency.

Published

2024

11. Advanced security framework for low Earth orbit satellites in space information network

Author

Mohammed Abdrabou, Fayez Gebali, Mahmoud A. Shawky, Ala S. Alluhaidan, Ahmed E. Mansour, Sahar A. El-Rahman, Ayman Al-ahwal, and Tamer Shamseldin

Subjects

SIN, PUF, Markov chain, Physical layer authentication (PLA), Frequency hopping (FH), LEO, Telecommunication, TK5101-6720, Electronics, TK7800-8360

Abstract

Abstract Recently, low Earth orbit (LEO) satellites have emerged as key players in space information network (SIN) due to their ability to provide global coverage. However, they remain susceptible to threats such as denial of service (DoS), man-in-the-middle (MITM), and spoofing attacks. In this paper, we propose a cross-layer security framework (CLSF) to address these vulnerabilities. Our approach begins by employing a physically unclonable function (PUF) at the upper layer to establish mutual authentication between legitimate satellites and ground stations, while also securely exchanging frequency seeds for the next phase. Following this, dynamic seed frequency hopping (DSFH) is applied at the physical layer to counter DoS, MITM, and spoofing attacks. Additionally, the frequency transitions of malicious satellites are modeled using a Markov chain. Our results demonstrate that the proposed CLSF, which integrates PUF and DSFH, delivers strong security performance.

Published

2024

12. Benzoyl peroxide encapsulation in poly(urea‐formaldehyde) microcapsules for use in dental materials.

Author

Fadel, Victoria Sanches, Furtado, Paula Roberta Perondi, and Meier, Marcia Margarete

Subjects

DENTAL resins, DENTAL materials, CORE materials, ACRYLIC acid, DENTAL fillings, LINSEED oil, SELF-healing materials

Abstract

New self‐healing resin composites with tertiary amine microcapsules enhance the mechanical performance of dental restorations. However, a higher concentration of dibenzoyl peroxide (BPO) must be added to the composite to react with the core material when the microcapsules rupture, reducing the shelf life of dental materials due to their reactivity. As a result, one approach to reducing the amount of BPO dissolved in dental resin is to microencapsulate it. Thus, this manuscript described the encapsulation of BPO in poly(urea‐formaldehyde) (PUF) microcapsules (MC) and investigated its effect on the flexural strength of BisGMA/TEGDMA composites. To synthesize hollow MC, poly(acrylic acid) (PAA) was tested as a continuous phase viscosity modifier. The MC were then infiltrated with BPO dissolved in linseed oil as core materials. PAA in continuous phase increased MC diameter due to improved air bubble stability. BPO dissolved in linseed oil was successfully infiltrated into empty PUF MC, causing the MC shell wall to expand. The dental resin had adequate adhesion to the PUF shell, which ruptured under induced stress. Thus, the MC filled with BPO as a healing agent has the potential to reduce the amount of BPO that is typically dissolved in the monomeric phase of dental materials, which can increase the shelf life of self‐healing dental materials. Highlights: The reactivity of dibenzoyl peroxide (BPO) affects resin stability in dental materials.When combined with tertiary amines, BPO acts as a healing agent in self‐healing composite materials.BPO dissolved in linseed oil can be infiltrated in PUF microcapsules and increase its size.Hollow microcapsules synthesized in a more viscous continuous phase have a larger diameter.Microencapsulated BPO is released during stress stimuli in dental resin. [ABSTRACT FROM AUTHOR]

Published

2024

13. A biometric and PUF-based authentication with Preserving anonymity in smart grid environment

Author

E. Haodudin Nurkifli

Subjects

Smart Grid, Attack Model, Biometrics, PUF, Formal Analysis, Engineering (General). Civil engineering (General), TA1-2040

Abstract

The intelligent grid environment is an electricity transmission and distribution system utilizing information and communication technology with two main components: the Smart Meter (SM) and the Service Provider (SP). Unfortunately, wireless mode communication allows the attacker to get data from the public channels and then alter, delete the data, and perform a severe attack such as DoS, impersonation, and tracking attack. In addition, the smart meter is vulnerable to cloning attacks. This research proposes a new authentication protocol utilizing Biometrics and Physical Unclonable Function (PUF). Intuitive analysis DY model ensures our protocol successfully attains security properties and withstands well-known attacks; formal analysis using mathematical and programming models such as Mao-and-Boyd Logic, Real-or-Random Model, and Scyther tools prove that our protocol also satisfies security features and resists well-known attacks. Subsequently, computational complexity comparisons are carried out to prove that our proposal has a low computational burden.

Published

2024

14. On combining Arbiter based PUFs

Author

Roy, Animesh, Roy, Dibyendu, and Stănică, Pantelimon

Published

2024

15. Robust and Lightweight Challenge Obfuscation Mechanism for Anti-modeling Protection of Arbiter-PUFs

Author

Ebrahimabadi, Mohammad, Younis, Mohamed, Mehjabin, Suhee Sanjana, Tekeoglu, Ali, Sookoor, Tamim I., and Karimi, Naghmeh

Published

2024

16. Mechanical Properties and Dynamic Constitutive Model of Polyurethane Foam under Different Strain Rates

Author

Yao, Houqi, Pang, Yuezhao, Jiang, Laixu, Li, Yuanyuan, and Qu, Jia

Published

2024

17. Two-Layered Multi-Factor Authentication Using Decentralized Blockchain in an IoT Environment.

Author

Bamashmos, Saeed, Chilamkurti, Naveen, and Shahraki, Ahmad Salehi

Subjects

*MULTI-factor authentication, *INTERNET of things, *BLOCKCHAINS, *DIGITAL signatures, *ELLIPTIC curves, *BURGLARY protection

Abstract

Internet of Things (IoT) technology is evolving over the peak of smart infrastructure with the participation of IoT devices in a wide range of applications. Traditional IoT authentication methods are vulnerable to threats due to wireless data transmission. However, IoT devices are resource- and energy-constrained, so building lightweight security that provides stronger authentication is essential. This paper proposes a novel, two-layered multi-factor authentication (2L-MFA) framework using blockchain to enhance IoT devices and user security. The first level of authentication is for IoT devices, one that considers secret keys, geographical location, and physically unclonable function (PUF). Proof-of-authentication (PoAh) and elliptic curve Diffie–Hellman are followed for lightweight and low latency support. Second-level authentication for IoT users, which are sub-categorized into four levels, each defined by specific factors such as identity, password, and biometrics. The first level involves a matrix-based password; the second level utilizes the elliptic curve digital signature algorithm (ECDSA); and levels 3 and 4 are secured with iris and finger vein, providing comprehensive and robust authentication. We deployed fuzzy logic to validate the authentication and make the system more robust. The 2L-MFA model significantly improves performance, reducing registration, login, and authentication times by up to 25%, 50%, and 25%, respectively, facilitating quicker cloud access post-authentication and enhancing overall efficiency. [ABSTRACT FROM AUTHOR]

Published

2024

18. A Lightweight Two-Factor Continuous Authentication Protocol for Agricultural IoT Devices.

Author

Wan, Tao, Ge, Jingjing, Liao, Weichuan, and Zhao, Haixia

Subjects

MULTI-factor authentication, AGRICULTURE, INTERNET of things, PHYSICAL mobility, KEY agreement protocols (Computer network protocols), RESOURCE allocation, CROP allocation

Abstract

The rapid development of Internet of Things (IoT) technology has led to increased attention to its potential applications in agriculture. IoT-based agricultural applications are able to better monitor crops and make informed decisions about resource allocation. Ensuring data reliability is a significant challenge in agricultural IoT environments. The reliability of collected data is subject to situational characteristics of IoT devices, such as their location, which can be easily compromised by environmental and human factors. To address this issue, location-based device authentication has been proposed as a means of ensuring data reliability. Currently, Physical Unclonable Function (PUF) is also widely used in IoT authentication mechanisms. In this paper, we propose a lightweight two-factor continuous authentication protocol based on PUF and location. The proposed protocol leverages the properties of PUF to resist physical attacks, uses simple cryptographic operations such as XORs and hash functions to ensure security, and reduces resource consumption through continuous authentication. A formal security analysis of the proposed scheme is performed using Burrows–Abadi–Needham (BAN) logic analysis. The informal security analysis of the proposed scheme demonstrates that it is resistant to several known attacks. Additionally, we further evaluate the performance of the proposed scheme. The results demonstrate that the proposed scheme has low communication and computational costs, and offers better security and functionality attributes. [ABSTRACT FROM AUTHOR]

Published

2024

19. Fuzzy miner selection toward Blockchain-based secure communication using multifactor authentication.

Author

Roy, Sanjib and Das, Ayan Kumar

Subjects

*CHEBYSHEV polynomials, *END-to-end delay, *INTERNET protocols, *INTERNET security, *PHYSICAL mobility, *CYBER physical systems, *MULTI-factor authentication

Abstract

The medical cyber-physical system utilizes various Internet of Medical Things (IoMT) devices that are connected to the network for real-time management and medication of patient. The resource constraint IoMT devices require energy-efficient lightweight security schemes to protect medical data. To the best of our knowledge, majority of the existing studies concentrate either on security or on energy efficiency issues. The main contribution of this research is to develop an energy-efficient lightweight authentication method without sacrificing the security level. The authentication is done using multiple factors, namely password, physical unclonable function (PUF), Chebyshev polynomial, smartcard and fuzzy extractor. Chebyshev polynomial is used for non-identification of the private key by any attacker, whereas PUF protects the smart card from cloning by generating unique challenge–response pairs. Apart from authentication, the proposed scheme includes Blockchain-enabled distributed trustable ecosystem among independent participants where miner is selected using lightweight fuzzy system. The proposed scheme carries out the formal security analysis using real or random model which is perseverance against different external attacks and the security verification has been done using AVISPA (Automate Validation of Internet Security Protocols and Applications) tool. As a major finding, the simulation result using NS-3 simulator confirms that the proposed study outperforms the existing studies in terms of packet loss rate, throughput, end-to-end delay, computational cost and communication cost. [ABSTRACT FROM AUTHOR]

Published

2024

20. Stimulated Microcontroller Dataset for New IoT Device Identification Schemes through On-Chip Sensor Monitoring.

Author

Ramos, Alberto, Martín, Honorio, Cámara, Carmen, and Peris-Lopez, Pedro

Subjects

MICROCONTROLLERS, ARTIFICIAL intelligence, INTERNET of things, DETECTORS, SYSTEM identification, TEMPERATURE sensors

Abstract

Legitimate identification of devices is crucial to ensure the security of present and future IoT ecosystems. In this regard, AI-based systems that exploit intrinsic hardware variations have gained notable relevance. Within this context, on-chip sensors included for monitoring purposes in a wide range of SoCs remain almost unexplored, despite their potential as a valuable source of both information and variability. In this work, we introduce and release a dataset comprising data collected from the on-chip temperature and voltage sensors of 20 microcontroller-based boards from the STM32L family. These boards were stimulated with five different algorithms, as workloads to elicit diverse responses. The dataset consists of five acquisitions (1.3 billion readouts) that are spaced over time and were obtained under different configurations using an automated platform. The raw dataset is publicly available, along with metadata and scripts developed to generate pre-processed T–V sequence sets. Finally, a proof of concept consisting of training a simple model is presented to demonstrate the feasibility of the identification system based on these data. Dataset: https://doi.org/10.5281/zenodo.10042177. Dataset License: The dataset is available under CC-BY 4.0 licence [ABSTRACT FROM AUTHOR]

Published

2024

21. Exploring the integration of blockchain technology, physical unclonable function, and machine learning for authentication in cyber-physical systems.

Author

Al-Ghuraybi, Hind A., AlZain, Mohammed A., and Soh, Ben

Abstract

In this rapidly advancing era, technology has been progressing extensively and swiftly. As a result, the emergence of numerous Cyber-Physical Systems (CPS) has become imperative to meet the technological demands of modern life. However, these systems generate a substantial amount of data, which poses challenges in terms of management, storage, and susceptibility to external attacks. This paper primarily focuses on the performance and security aspects of CPS, particularly in countering external threats, through the integration of blockchain technology and machine learning. It provides a comprehensive review of recent research findings that demonstrate the use of blockchain to enhance CPS performance while ensuring robust security. Furthermore, the paper explores the synergistic application of blockchain and machine learning techniques to reinforce CPS security. Moreover, it investigates how the combination of blockchain with physically unclonable functions (PUF) can significantly enhance the efficacy of physical device authentication. [ABSTRACT FROM AUTHOR]

Published

2024

22. A fog‐driven three‐factor authentication protocol for secure data sharing in Internet of Vehicles cyber‐physical systems.

Author

Katyal, Siddharth, Gupta, Shashank, Rawlley, Oshin, and Ghosh, Debjani

Subjects

CYBER physical systems, INFORMATION sharing, INTERNET, SERVER farms (Computer network management), COMPUTER passwords, INTERNET of things, FOG

Abstract

Summary: The Internet of Vehicles (IoV) has potentially escalated the management of vehicle and route planning. However, as the IoV becomes more prevalent, safeguarding the privacy and security of IoV data becomes crucial. Additionally, because vehicles often operate with minimal human interference, they become susceptible to various types of attacks that can compromise their privacy and security. In this article, we propose a three‐factor authentication system based on CROPUF (Crossover Ring Oscillator Physically Unclonable Function) that not only secures transmissions but also ensures safety against physical intervention. The three‐factor authentication protocol (passwords, biometrics, and PUF) avoids registering any confidential information in the user device eliminating the possibility of intrusion by an intruder. We also propose the use of aggregators (charging stations that act as mediators between the IoV and the data center) as a fog layer communication which will reduce load and improve the efficiency of communication between vehicles and the data center. Finally, the security analysis validates that our proposed method can survive several well‐known assaults and achieve the required features of security by maintaining the user anonymity. [ABSTRACT FROM AUTHOR]

Published

2024

23. On the Aging of OTFTs and Its Impact on PUFs Reliability.

Author

Porti, Marc, Palau, Gerard, Crespo-Yepes, Albert, Arnal Rus, August, Ogier, Simon, Ramon, Eloi, and Nafria, Montserrat

Subjects

PHYSICAL mobility, TRANSISTORS

Abstract

Given the current maturity of printed technologies, Organic Thin-Film Transistors (OTFT) still show high initial variability, which can be beneficial for its exploitation in security applications. In this work, the process-related variability and aging of commercial OTFTs have been characterized to evaluate the feasibility of OTFTs-based Physical Unclonable Functions (PUFs) implementation. For our devices, ID-based PUFs show good uniformity and uniqueness. However, PUFs' reliability could be compromised because of the observed transient and aging effects in the OTFTs, which could hinder the reproducibility of the generated fingerprints. A systematic study of the aging of OTFTs has been performed to evaluate the PUFs' reliability. Our results suggest that the observed transient and aging effects could be mitigated so that the OTFTs-based PUFs' reliability could be improved. [ABSTRACT FROM AUTHOR]

Published

2024

24. PSAF-IoT: Physically Secure Authentication Framework for the Internet of Things

Author

Omar Alruwaili, Faisal Mohammed Alotaibi, Muhammad Tanveer, Slim Chaoui, and Ammar Armghan

Subjects

Session key, authentication, elliptic curve cryptography, security, Internet of Things, PUF, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

The Internet of Things (IoT) revolutionizes connectivity, as IoT devices grow exponentially, vulnerabilities emerge, ranging from data breaches to device hijacking. Thus there is the critical need for robust security measures, including encryption protocols and authentication mechanisms, to safeguard against cyber threats. Despite advancements in the authentication mechanism, still IoT security remains an ongoing concern. Because most of the authentications are vulnerable to diverse security attacks and other resource intensive. Thus protecting user data in this increasingly interconnected IoT-enabled world requires a secure and lightweight authentication mechanism. In this direction, in this paper, we propose a physically secure authentication framework for the IoT (PSAF-IoT). PSAF-IoT utilizes a combination of physical unclonable functions, secure hash algorithm, and elliptic curve cryptography to establish robust security measures. It guarantees the creation of a secure channel (session key) following user authentication at the gateway node, allowing the user to use the established secure channel for future communication. The secure channel establishment procedure is validated for security by employing formal methods such as the random oracle model and Scyther-based simulations. Additionally, PSAF-IoT undergoes informal validation to demonstrate resilience against node capture, replay attacks, impersonation, and other common security threats. Notably, PSAF-IoT demonstrates efficiency in terms of execution time, energy consumption, and communication costs, as evidenced by comparative analyses with related authentication frameworks, all while enhancing information security functionalities.

Published

2024

25. PufParkChain: Secure and Smart Parking Based on PUF Authentication and Lightweight Blockchain

Author

Mariem Turki, Bouthaina Dammak, and Amnah Alshahrani

Subjects

Internet of things, lightweight blockchain, PUF, smart parking system, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Smart Parking Systems have emerged as a transformative solution to address the growing challenges associated with urbanization and increasing vehicular traffic. Such system integrates sensors, cameras, and other IoT connected devices to monitor parking spaces in real time. However, there are many security vulnerabilities in existing solutions, especially when it comes to car authentication at parking entry points. IoT sensors my be susceptible to Cyber-attacks and fraudulent activities, such as car theft, can exploit these vulnerabilities due to limited built-in security features. The reliability of authentication systems, based on IoT sensors can also be compromised by factors such as extreme weather conditions and physical damage. The cyber-physical solution we propose relies on Physical Unclonable Functions (PUFs) for identification and authentication in IoT devices to mitigate these challenges. The use of PUFs enhances the reliability and security of smart parking systems against unauthorized access and fraud. Furthermore, to ensure the integrity and confidentiality of the data within the smart parking ecosystem and to improve authentication process, we propose the implementation of a tailored blockchain framework. This framework incorporates lightweight local blockchains dedicated to individual parking slots, complemented by a central blockchain that manages data at the city level. The experimental results demonstrate the feasibility of the PUF computation process, showcasing an acceptable runtime for practical implementation. In the experimental results, we evaluated the SRAM used for the PUF implementation process and demonstrated its stability (intra HD equals to 2.25.

Published

2024

26. Generating hash value at edge device using SRAM-PUF and autoencoder in IoT network

Author

Anand, Abhishek and Singh, Jyoti Prakash

Published

2024

27. Improvement of a Conditional Privacy-Preserving and Desynchronization-Resistant Authentication Protocol for IoV.

Author

Xie, Qi and Huang, Juanjuan

Subjects

KEY agreement protocols (Computer network protocols), INFRASTRUCTURE (Economics), SMART cards, PHYSICAL mobility, DATA transmission systems, DATA security

Abstract

In Internet of Vehicles (IoV), the secure data transmission between vehicles and transportation infrastructure effectively ensures the safety and fast driving of vehicles, while authentication and key agreement protocols between vehicles and transportation infrastructure (V2I) play an important role in ensuring data security and user privacy. However, how to design a provably secure and lightweight V2I authentication protocol for IoV is a challenge. Recently, Kumar et al. proposed a conditional privacy-preserving and desynchronization-resistant authentication protocol for IoV, but we find that Kumar et al.'s scheme is vulnerable to identity guessing attacks, impersonation attacks, and a lack of session key secrecy once the attacker obtains data stored in smart card through side-channel attacks. We also point out that Kumar et al.'s protocol is vulnerable to Roadside Unit (RSU) captured attacks and lacks perfect forward secrecy. Therefore, we propose an improved V2I authentication protocol for IoV, which uses the Physical Unclonable Function (PUF) to resist RSU captured attacks, and designed a three-factor secrecy strategy to resist side-channel attacks; a conditional privacy-preserving strategy was also adopted to achieve anonymity and malicious user tracking. Furthermore, the proposed protocol is provably secure under the random oracle model and has low computation and communication costs. [ABSTRACT FROM AUTHOR]

Published

2024

28. A novel DAG-blockchain structure for trusted routing in secure MANET-IoT environment.

Author

Ilakkiya, N. and Rajaram, A.

Subjects

*DEEP packet inspection (Computer security), *AD hoc computer networks, *TELECOMMUNICATION, *RECURRENT neural networks, *TELECOMMUNICATION systems, *DATA transmission systems

Abstract

Different physical objects can be employed in the modern technological environment to facilitate human activity. In order to connect physical objects with the universe of digital using a variety of networks and communication technologies, an IoT, the cutting edges technological and effective solution, is deployed. Mobile ad hoc networks (MANET) interact with the IoTin smart settings, enhancing its user appeal and boosting its commercial viability. The new system of MANET based IoT and IT-network may be created by integrating wireless sensor and MANET with the Internet of Things. A solution like this increases user mobility while lowering network deployment costs. However, it also raises new, difficult problems in terms of networking considerations. In this, we presented a novel DAG (Directed Acyclic Graph)-Blockchain structure for MANET-IoT security. The network is secured through Multi-Factor PUF (MF-PUF) authentication scheme. With all authorized nodes, the network is segregated into cluster topology. For trusted data transmission, we proposed Jelly Fish Optimization (JFO) algorithm with the consideration of multiple criteria. For deep packet inspection, we proposed a Fully Connected Recurrent Neural Network (FCRNN). Through deep packet inspection, the intrusions are detected and mitigated through blocking system.With help of merged algorithm, the suggested method obtained improved ability in the PDR (Packet Delivery Ratio), production, analysis of time, detection accuracy also security levels. The comparison results clearly indicate that the proposed study outperforms all previous studies in various aspects. Particularly, the suggested methods for cluster creation, data aggregation, routing, encryption, and authentication significantly improve the system of DAG-IDS. Additionally, the planned task exhibits an exceptionally low standard deviation, making the suggested approach highly suitable for a WSN-IoT environment. [ABSTRACT FROM AUTHOR]

Published

2024

29. Strengthening Internet of Things Security: Surveying Physical Unclonable Functions for Authentication, Communication Protocols, Challenges, and Applications.

Author

Alhamarneh, Raed Ahmed and Mahinderjit Singh, Manmeet

Subjects

INTERNET security, INTERNET of things, PHYSICAL mobility, INTELLIGENT buildings, CYBERTERRORISM, MARKET penetration

Abstract

The spectrum of Internet of Things (IoT) applications is vast. It serves in various domains such as smart homes, intelligent buildings, health care, emergency response, and many more, reflecting the exponential market penetration of the IoT. Various security threats have been made to modern-day systems. Cyberattacks have seen a marked surge in frequency, particularly in recent times. The growing concern centers around the notable rise in cloning attacks, persisting as a significant and looming threat. In our work, an in-depth survey on the IoT that employs physically unclonable functions (PUFs) was conducted. The first contribution analyzes PUF-based authentication, communication protocols, and applications. It also tackles the eleven challenges faced by the research community, proposes solutions to these challenges, and highlights cloning attacks. The second contribution suggests the implementation of a framework model known as PUF3S-ML, specifically crafted for PUF authentication in the Internet of Things (IoT), incorporating innovative lightweight encryption techniques. It focuses on safeguarding smart IoT networks from cloning attacks. The key innovation framework comprises three stages of PUF authentication with IoT devices and an intelligent cybersecurity monitoring unit for IoT networks. In the methodology of this study, a survey relevant to the concerns was conducted. More data were provided previously regarding architecture, enabling technologies, and IoT challenges. After conducting an extensive survey of 125 papers, our analysis revealed 23 papers directly relevant to our domain. Furthermore, within this subset, we identified 11 studies specifically addressing the intersection of communication protocols with PUFs. These findings highlight the targeted relevance and potential contributions of the existing literature to our research focus. [ABSTRACT FROM AUTHOR]

Published

2024

30. A Combined Approach of PUF and Physiological Data for Mutual Authentication and Key Agreement in WMSN.

Author

Rai, Shanvendra, Paul, Rituparna, Banerjee, Subhasish, Meher, Preetisudha, and Sah, Gulab

Abstract

Wireless Medical Sensor Network (WMSN) is a kind of Ad-hoc Network that is used in the health sector to continuously monitor patients’ health conditions and provide instant medical services, over a distance. This network facilitates the transmission of real-time patient data, sensed by resource-constrained biosensors, to the end user through an open communication channel. Thus, any modification or alteration in such sensed physiological data leads to the wrong diagnosis which may put the life of the patient in danger. Therefore, among many challenges in WMSN, the security is most essential requirement that needs to be addressed. Hence, to maintain the security and privacy of sensitive medical data, this article proposed a lightweight mutual authentication and key agreement (AKA) scheme using Physical Unclonable Functions (PUFs) enabled sensor nodes. Moreover, to make the WMSN more secure and reliable, the physiological data like the electrocardiogram (ECG) of the patients are also considered. In order to establish its accuracy and security, the scheme undergoes validation through the Real or Random (RoR) Model and is further confirmed through simulation using the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. A thorough examination encompassing security, performance, and a comparative assessment with existing related schemes illustrates that the proposed scheme not only exhibits superior resistance to well-known attacks in comparison to others but also upholds a cost-effective strategy at the sensor node, specifically, a reduction of 35.71% in computational cost and 49.12% in communication cost. [ABSTRACT FROM AUTHOR]

Published

2024

31. SoC Virtual Platform with Secure Key Generation Module for Embedded Secure Devices.

Author

Seung-Ho Lim, Hyeok-Jin Lim, and Seong-Cheon Park

Abstract

In the Internet-of-Things (IoT) or blockchain-based network systems, secure keys may be stored in individual devices; thus, individual devices should protect data by performing secure operations on the data transmitted and received over networks. Typically, secure functions, such as a physical unclonable function (PUF) and fully homomorphic encryption (FHE), are useful for generating safe keys and distributing data in a network. However, to provide these functions in embedded devices for IoT or blockchain systems, proper inspection is required for designing and implementing embedded system-on-chip (SoC) modules through overhead and performance analysis. In this paper, a virtual platform (SoC VP) was developed that includes a secure key generation module with a PUF and FHE. The SoC VP platform was implemented using SystemC, which enables the execution and verification of various aspects of the secure key generation module at the electronic system level and analyzes the system-level execution time, memory footprint, and performance, such as randomness and uniqueness. We experimentally verified the secure key generation module, and estimated the execution of the PUF key and FHE encryption based on the unit time of each module. [ABSTRACT FROM AUTHOR]

Published

2024

32. Using a privacy-enhanced authentication process to secure IoT-based smart grid infrastructures.

Author

Rostampour, Samad, Bagheri, Nasour, Ghavami, Behnam, Bendavid, Ygal, Kumari, Saru, Martin, Honorio, and Camara, Carmen

Subjects

*MICROCONTROLLERS, *ELLIPTIC curve cryptography, *CYBER physical systems, *ARDUINO (Microcontroller), *COMPUTER networking equipment, *INTERNET of things

Abstract

Over the last decade, technological advances in smart grids have permitted the modernization of legacy electricity networks. As Internet of Things (IoT)-based smart grids are becoming an efficient response to managing changing electric demand, the heterogeneous network of equipment required to make these Cyber-Physical Systems a reality poses some security threats. This paper proposes a novel mutual authentication and key agreement scheme to ensure communications security and protect users' privacy in smart grid applications. In the proposed scheme (named EPSG), an elliptic curve cryptography (ECC) module and a physical unclonable function (PUF) are used simultaneously to provide acceptable confidentiality and integrity levels. The security analysis demonstrates that the EPSG has a robust security posture regarding transferred messages on the communication channel and physical attacks. In addition, EPSG is resistant to modeling attacks as one of the main vulnerabilities of PUF modules. Furthermore, by implementing the EPSG on an Arduino UNO microcontroller, a comparative performance evaluation (e.g., Time 156 ms, Communication cost 1408 bits, and Energy consumption 13.728 mJ) demonstrates the efficiency of the proposed EPSG. [ABSTRACT FROM AUTHOR]

Published

2024

33. A Reconfigurable SRAM CRP PUF with High Reliability and Randomness.

Author

Pham, Van Khanh, Ngo, Chi Trung, Nam, Jae-Won, and Hong, Jong-Phil

Subjects

STATIC random access memory, HAMMING distance, COMPLEMENTARY metal oxide semiconductors, ERROR rates

Abstract

This paper presents a novel reconfigurable SRAM CRP PUF that can achieve high reliability and randomness. In conventional reconfigurable SRAM CRP PUFs, imprecise timing control can produce a biased response output, which is typically attributed to mismatches in the connection of input control signals to the two inverter arrays in the layout floorplan. We propose a timing control scheme along with the addition of an adjunct NMOS transistor to address this issue. This eliminates the connection mismatches for the challenge and word-line inputs to the two inverter arrays. Furthermore, we employ symmetric layout techniques to achieve the randomness of response output. The symmetric arrangement of the two inverter arrays maximizes the inherent random output characteristics derived from process variation. The pre-charge input signal is symmetrically connected to each array to prevent delay mismatches. A 16 × 9-bit reconfigurable PUF array is fabricated by using a 180 nm CMOS process, with a PUF cell area of 1.2 × 10 4 F 2 /bit. The experimental results demonstrate an inter Hamming distance of 0.4949 across 40 chips and an intra Hamming distance of 0.0167 for a single chip in 5000 trials. The measured worst bit error rate (BER) is 4.86% at the nominal point (1.8 V, 25 °C). The proposed prototype exhibits good reliability and randomness, as well as a small silicon area when compared to the conventional SRAM CRP PUFs. [ABSTRACT FROM AUTHOR]

Published

2024

34. TFAS: two factor authentication scheme for blockchain enabled IoMT using PUF and fuzzy extractor.

Author

Singh, Namrata and Das, Ayan Kumar

Subjects

*PHYSICAL layer security, *ACCESS control, *COMPUTER network security, *BLOCKCHAINS, *MULTI-factor authentication, *PLANETARY systems, *CLIENT/SERVER computing equipment

Abstract

Security vulnerabilities associated with Internet of Medical Things (IoMT) may lead to health disasters. The researchers already have designed several lightweight authentication techniques to provide secure communication towards physical layer security in a heterogeneous IoMT environment. Blockchain technology is utilized to solve the existing security issues of IoMT ensuring the network layer security. This paper presents a lightweight two factor authentication scheme (TFAS) for a blockchain-enabled IoMT environment which focuses on both the physical and network layer security without involvement of any centralized third party. The proposed TFAS involves device, user and data authentication along with user authorization for improved access control of medical data. It is a two-phase authenticity verification method which involves the authentication of users and devices using the PUF and fuzzy extractor in the first phase and blockchain-based data authentication along with authorization of users in the second phase. It also improves storage capacity of blockchain-enabled IoMT network and ensures its scalability using a cluster of smart-contract enabled inter planetary file systems servers. The formal security analysis has been performed using the real-or-random model for evaluating security of session key and mutual authentication protocol. The informal security analysis provides strong evidences for resilience of TFAS from various known attacks. Moreover, the proposed scheme outperformed other existing schemes in terms of communication cost, computational cost and storage. [ABSTRACT FROM AUTHOR]

Published

2024

35. Recursive Challenge Feed Arbiter Physical Unclonable Function (RC-FAPUF) In 180nm Process For Reliable Key Generation In IOT Security.

Author

Podeti, Raveendra, Patri, Sreehari Rao, and Pullakandam, Muralidhar

Subjects

*PHYSICAL mobility, *SECURITY systems, *COMPLEMENTARY metal oxide semiconductors, *INTEGRATED circuits, *INTERNET of things, *VOLTAGE-controlled oscillators

Abstract

Physical Unclonable Functions (PUFs) are significant hardware primitives that use physical variations in the manufacturing process to build unclonable keys. They exploit the process variations (PVs) in transistors across the Integrated Circuits (ICs) that generate a unique signature for each chip for identification and authentication. In this article, a novel Recursive Challenge Feed Arbiter Physical Unclonable Function (RC-FAPUF) is proposed to generate unique, unpredictable, and reliable keys which are independent of the challenges that are generally fed by the user. Subsequently, the uncertainty in the prediction of the key increases while performing the security breach on IoT-enabled access systems like smartcards. The proposed design has a significant advantage in the feed-forward arbitration mechanism to generate reliable keys against PVs. Moreover, the robustness of the keys is measured by reliability is achieved as 99.91% when performed over a temperature that ranges from −40°C to +125°C and 99.23% with ±10% variations in supply voltage. The proposed RC-FAPUF is implemented in a 180 nm CMOS process and the responses regarding PVs are validated through a prediction analysis of 48% with Linear Regression (LR) against security attacks. It is confirmed that a significant improvement over previous works is witnessed with our design. [ABSTRACT FROM AUTHOR]

Published

2024

36. An AES Implementation with Improved PDL Based PUF Key Generator for IoT Devices.

Author

Boke, Amol K., Nakhate, Sangeeta, and Rajawat, Arvind

Subjects

*INTERNET of things, *PHYSICAL mobility, *CRYPTOGRAPHY, *PUBLIC key cryptography, *ALGORITHMS

Abstract

In recent days, cryptographic algorithm hardware is the need of IoT devices. However, limited resources demand an efficient approach towards designing the said cryptographic algorithm hardware. This paper introduces the PUF (Physical Unclonable Function) based approach to design the key generator used in cryptographic algorithm hardware to minimize the area and power consumption. A customizable key generation unit has been introduced in the form of a Standard Synchronization Unit (SSU) to match the desired key size requirements. The results were generated with PUF based designs from literature and compared with the proposed PDL (Programmable Delay Logic) PUF. All parameters considered, a proposed PDL PUF key generator is an efficient option that can be integrated with an Advanced Encryption System (AES) as the key generator. The modified AES design result was compared with the literature's results on the Xilinx Virtex XC7VX690T platform. The modified AES is an efficient solution with 12.10% less area consumption and a 44.51% increase in throughput. [ABSTRACT FROM AUTHOR]

Published

2024

37. A service-categorized security scheme with physical unclonable functions for internet of vehicles

Author

Nadhir Ben Halima, Ala Saleh Alluhaidan, Mohammad Zunnun Khan, Mohd Shahid Husain, and Mohammad Ayoub Khan

Subjects

PUF, IoV, Federated learning, Computer engineering. Computer hardware, TK7885-7895, Information technology, T58.5-58.64, Electronic computers. Computer science, QA75.5-76.95

Abstract

Abstract In smart cities, communication and information exchange for the Internet of Vehicles rely on open and closed infrastructures along the roadside. Secure communications rely on the sender and receiver devices having self-sustaining authentication methods. The perquisites of the authentication methods are to grip communication without being falsified by an adversary or unidentified third parties. This article introduces the Service-Categorized Security Scheme (SCSS) with a physically unclonable function (PUF) for handling sensitive guidance/communication information. The vehicle-side authentication, access control, and service demands are governed using service-based PUF factors such as digital signatures, passwords, etc. To prevent anonymous third parties and adversaries, the PUF operates over compromised and uncompromised communication devices. Device-specific keys generated by PUFs based on intrinsic physical variances help identify between compromised and uncompromised devices, while keys generated by uncompromised devices conform to their expected profiles In the service-sharing process, mutual authentication using synchronized keys is used for security and service verification. The synchronized keys are integrated with the PUF for monitoring de-synchronization and individual operation. This decision is made using federated learning from the external service provider and the communicator of the vehicle. Through the learning process, a de-synchronization occurrence at the service provider and vehicle is identified as the reason for disconnecting the session. As a result, any suspicious activity that contradicts service security is identified, and the information of the communicating vehicle is secured. The proposed scheme is analyzed using the metrics authentication time, adversary detection ratio, complexity, de-synchronization time, and successful sessions.

Published

2023

38. Enhancing MQTT-SN Security with a Lightweight PUF-Based Authentication and Encrypted Channel Establishment Scheme

Author

Xiang Gong, Ting Kou, and Yan Li

Subjects

IIoT, MQTT-SN protocol, PUF, lightweight safety, Mathematics, QA1-939

Abstract

The communication of Industrial Internet of Things (IIoT) devices faces important security and privacy challenges. With the rapid increase in the number of devices, it is difficult for traditional security mechanisms to balance performance and security. Although schemes based on encryption and authentication exist, there are still difficulties in achieving lightweight security. In this paper, an authentication and key exchange scheme combining hardware security features and modern encryption technology is proposed for the MQTT-SN protocol, which is not considered security. The scheme uses Physical Unclonable Functions (PUFs) to generate unpredictable responses, and combines random numbers, time stamps, and shared keys to achieve two-way authentication and secure communication between devices and broker, effectively preventing network threats such as replay and man-in-the-middle attacks. Through verification, the proposed scheme has proved effective in terms of security and robustness, has computational and communication cost advantages compared with recent schemes, and provides higher availability.

Published

2024

39. A Low-Complexity Security Scheme for Drone Communication Based on PUF and LDPC

Author

Jiacheng Zhang, Peng Gu, Zhen Wang, Jun Zou, and Guangzu Liu

Subjects

authentication, PUF, RAM, QC-LDPC, Motor vehicles. Aeronautics. Astronautics, TL1-4050

Abstract

Due to the limited payload and power of drones, the computational overhead, storage overhead and communication overhead that can be used for secure communication are restricted, making it difficult to apply some complex but fairly secure authentication protocols on drones. In this paper, we propose a low-complexity protocol for storing identity information in a resource-unconstrained device that does not require the UAV to store the information, thereby enhancing the UAV’s resistance to capture. The protocol in this paper mainly consists of quasi-cyclic low-density parity-check (QC-LDPC) codes, physical unclonable functions (PUFs) based on random-access memory (RAM), “XOR” operations, and hash computation. The protocol in this paper is an authentication architecture in which the drone is guided by the ground station to read its identity information, and the drone does not store any identity information in advance. The protocol is divided into two phases: 1. fuzzy authentication of fingerprint PUF and 2. uniqueness authentication accomplished while guiding the recovery of identity PUF. Recovering identity PUF in this paper, QC-LDPC is used as the error control module, and the optimization of bit-flip decoding significantly reduces the probability of decoding failure. After the comparative security analysis and comparative overhead analysis of this paper’s protocol, it can be concluded that this paper’s protocol can withstand common attacks (including attacks attempting to pass authentication, attacks attempting to interfere with authentication, and physical capture attacks), and the storage and communication overhead is small in the case of large time overhead.

Published

2024

40. A service-categorized security scheme with physical unclonable functions for internet of vehicles.

Author

Halima, Nadhir Ben, Alluhaidan, Ala Saleh, Khan, Mohammad Zunnun, Husain, Mohd Shahid, and Khan, Mohammad Ayoub

Subjects

PHYSICAL mobility, FEDERATED learning, DIGITAL signatures, INTERNET exchange points, ACCESS control, COMPUTER passwords, MULTI-factor authentication

Abstract

In smart cities, communication and information exchange for the Internet of Vehicles rely on open and closed infrastructures along the roadside. Secure communications rely on the sender and receiver devices having self-sustaining authentication methods. The perquisites of the authentication methods are to grip communication without being falsified by an adversary or unidentified third parties. This article introduces the Service-Categorized Security Scheme (SCSS) with a physically unclonable function (PUF) for handling sensitive guidance/communication information. The vehicle-side authentication, access control, and service demands are governed using service-based PUF factors such as digital signatures, passwords, etc. To prevent anonymous third parties and adversaries, the PUF operates over compromised and uncompromised communication devices. Device-specific keys generated by PUFs based on intrinsic physical variances help identify between compromised and uncompromised devices, while keys generated by uncompromised devices conform to their expected profiles In the service-sharing process, mutual authentication using synchronized keys is used for security and service verification. The synchronized keys are integrated with the PUF for monitoring de-synchronization and individual operation. This decision is made using federated learning from the external service provider and the communicator of the vehicle. Through the learning process, a de-synchronization occurrence at the service provider and vehicle is identified as the reason for disconnecting the session. As a result, any suspicious activity that contradicts service security is identified, and the information of the communicating vehicle is secured. The proposed scheme is analyzed using the metrics authentication time, adversary detection ratio, complexity, de-synchronization time, and successful sessions. [ABSTRACT FROM AUTHOR]

Published

2023

41. Integrating Lorenz Hyperchaotic Encryption with Ring Oscillator Physically Unclonable Functions (RO-PUFs) for High-Throughput Internet of Things (IoT) Applications.

Author

Magyari, Alexander and Chen, Yuhua

Subjects

IMAGE encryption, INTERNET of things, RANDOM number generators, COMPUTER network security, IMAGE analysis

Abstract

With the combined call for increased network throughput and security comes the need for high-bandwidth, unconditionally secure systems. Through the combination of true random number generators (TRNGs) for unique seed values, and four-dimensional Lorenz hyperchaotic systems implemented on a Stratix 10 Intel FPGA, we are able to implement 60 MB/s encryption/decryption schemes with 0% data loss on an unconditionally secure system with the NIST standard using less than 400 mW. Further, the TRNG implementation allows for unique encryption outputs for similar images while still enabling proper decryption. Histogram and adjacent pixel analysis on sample images demonstrate that without the key, it is not possible to extract the plain text from the encrypted image. This encryption scheme was implemented via PCIe for testing and analysis. [ABSTRACT FROM AUTHOR]

Published

2023

42. A Power-Gated 8-Transistor Physically Unclonable Function Accelerates Evaluation Speeds.

Author

Zheng, Yujin, Yakovlev, Alex, and Bystrov, Alex

Subjects

STATIC random access memory, BIT error rate, STATISTICAL measurement, PLURALITY voting, REMANENCE

Abstract

The proposed 8-Transistor (8T) Physically Unclonable Function (PUF), in conjunction with the power gating technique, can significantly accelerate a single evaluation cycle more than 100,000 times faster than a 6-Transistor (6T) Static Random-Access Memory (SRAM) PUF. The 8T PUF is built to swiftly eliminate data remanence and maximise physical mismatch. Moreover, a two-phase power gating module is devised to provide controllable power on/off cycles for the chosen PUF clusters in order to facilitate fast statistical measurements and curb the in-rush current. The architecture and hardware implementation of the power-gated PUF are developed to accommodate fast multiple evaluations of PUF Responses. The fast speed enables a new data processing method, which coordinates Dark-bit masking and Multiple Temporal Majority Voting (TMV) in different Process, Voltage and Temperature (PVT) corners or during field usage, hence greatly reducing the Bit Error Rate (BER) and the hardware penalty for error correction. The designs are based on the UMC 65 nm technology and aim to tape out an Application-Specific Integrated Circuit (ASIC) chip. Post-layout Monte Carlo (MC) simulations are performed with Cadence, and the extracted PUF Responses are processed with Matlab to evaluate the 8T PUF performance and statistical metrics for subsequent inclusion in PUF Responses, which comprise the novelty of this approach. [ABSTRACT FROM AUTHOR]

Published

2023

43. PUFGuard: Vehicle-to-Everything Authentication Protocol for Secure Multihop Mobile Communication.

Author

Gebali, Fayez and Elhadad, Mohamed K.

Subjects

OPTICAL communications, WIRELESS communications, TRUST, VISIBLE spectra, WIRELESS Internet

Abstract

Vehicle area networks (VANs) encompass a spectrum of communication modes, including point-to-point visible light communication, 5G/6G cellular wireless communication, and Wi-Fi ad hoc multihop communication. The main focus of this paper is the introduction and application of physically unclonable functions (PUFs) as a pivotal element in secure key generation, authentication processes, and trust metric definition for neighboring vehicles. The multifaceted protocols proposed herein encompass comprehensive security considerations, ranging from authentication and anonymity to the imperative aspects of the proof of presence, freshness, and ephemeral session key exchanges. This paper provides a systematic and comprehensive framework for enhancing security in VANs, which is of paramount importance in the context of modern smart transportation systems. The contributions of this work are multifarious and can be summarized as follows: (1) Presenting an innovative and robust approach to secure key generation based on PUFs, ensuring the dynamic nature of the authentication. (2) Defining trust metrics reliant on PUFs to ascertain the authenticity and integrity of proximate vehicles. (3) Using the proposed framework to enable seamless transitions between different communication protocols, such as the migration from 5G/6G to Wi-Fi, by introducing the concept of multimodal authentication, which accommodates a wide spectrum of vehicle capabilities. Furthermore, upholding privacy through the encryption and concealment of PUF responses safeguards the identity of vehicles during communication. [ABSTRACT FROM AUTHOR]

Published

2023

44. ANV-PUF: Machine-Learning-Resilient NVM-Based Arbiter PUF.

Author

NASSAR, HASSAN, BAUER, LARS, and HENKEL, JÖRG

Subjects

MACHINE learning, PHYSICAL mobility, WORK design

Abstract

Physical Unclonable Functions (PUFs) have been widely considered an attractive security primitive. They use the deviations in the fabrication process to have unique responses from each device. Due to their nature, they serve as a DNA-like identity of the device. But PUFs have also been targeted for attacks. It has been proven that machine learning (ML) can be used to effectively model a PUF design and predict its behavior, leading to leakage of the internal secrets. To combat such attacks, several designs have been proposed to make it harder to model PUFs. One design direction is to use Non-Volatile Memory (NVM) as the building block of the PUF. NVM typically are multilevel cells, i.e, they have several internal states, which makes it harder to model them. However, the current state of the art of NVM-based PUFs is limited to 'weak PUFs', i.e., the number of outputs grows only linearly with the number of inputs, which limits the number of possible secret values that can be stored using the PUF. To overcome this limitation, in this work we design the Arbiter Non-Volatile PUF (ANV-PUF) that is exponential in the number of inputs and that is resilient against ML-based modeling. The concept is based on the famous delay-based Arbiter PUF (which is not resilient against modeling attacks) while using NVM as a building block instead of switches. Hence, we replace the switch delays (which are easy to model via ML) with the multi-level property of NVM (which is hard to model via ML). Consequently, our design has the exponential output characteristics of the Arbiter PUF and the resilience against attacks from the NVM-based PUFs. Our results show that the resilience to ML modeling, uniqueness, and uniformity are all in the ideal range of 50%. Thus, in contrast to the state-of-the-art, ANV-PUF is able to be resilient to attacks, while having an exponential number of outputs. [ABSTRACT FROM AUTHOR]

Published

2023

45. Intrinsic PUFs for commodity devices

Author

Miskelly, Jack, Rafferty, Ciara, Gu, Chongyan, and O'Neill, Maire

Subjects

PUF, software PUF, hardware security, IoT, data provenance, Identity

Abstract

There has been a consistent trend of growth in recent years in the number and interconnectedness of embedded devices in all areas of life. Embedded systems are cheaper, more accessible, and more versatile than ever. The ubiquity of these systems and their intersection with critical areas means that practical security solutions are more essential than ever, but many conventional security solutions are not well suited to low resource embedded systems because of power usage, time, hardware resource, or computational constraints. One solution that has been proposed is the Physical Unclonable Function (PUF), a hardware security primitive which generates identifiers from low level manufacturing process variations. In this thesis several novel designs and improvements for Intrinsic PUFs are proposed and experimentally validated, with an aim towards achieving practical Intrinsic PUFs for ubiquitous underlying technologies that currently lack such a design.

Published

2021

46. Cross-layer instruction-aware timing error mitigation & evaluation for energy-efficient dependable architectures

Author

Tsiokanos, Ioannis, Karakonstantis, Georgios, Woods, Roger, and Nikolopoulos, Dimitrios S.

Subjects

621.381, Timing errors, low-power FPU, energy efficiency, reliability, hardware security, PUF, pipelined designs, dynamic timing analysis, machine learning, genetic algorithm

Abstract

Increased variability renders nanometer circuits extremely prone to timing errors that threaten system functionality and reliability. To protect circuits from timing errors, designers adopt pessimistic timing margins, which lead to energy inefficiency. This dissertation focuses on addressing the challenges related to energy efficiency and timing errors in a collective fashion. The rate and impact of such errors depend on their manifestation across the layers of the application, microarchitecture and circuit. Accordingly, this thesis investigates cross-layer methods to mitigate, evaluate and model timing errors, exploiting the data-dependent timing behaviour of pipelined designs. In the first part of this thesis, techniques that minimise, detect, and prevent timing errors are proposed. At the circuit-layer, this thesis investigates the root causes of timing errors and proposes a framework that isolates the timing critical paths to a single pipeline stage. At microarchitecture-layer, a dynamic cycle adjustment technique is devised to prevent timing errors in case of excitation of a timing critical path. At application/software-layer, the concept of approximate computing is leveraged to minimise timing errors. In the second part, two accurate timing error modeling and evaluation frameworks are proposed; for the first time the instruction execution history (i.e., type and order of instructions within a pipeline at any instant) is considered. DEFCON, a fully automated framework which customises a genetic algorithm driven by accurate dynamic timing analysis to stochastically search for microarchitecture-aware instructions that trigger timing errors, is presented. ARETE is then derived, a novel framework that enables fully-accurate impact-evaluation of timing errors on applications by combining dynamic binary instrumentation with machine learning-guided dynamic timing analysis. Finally, the inherent complex dynamic timing behaviour of pipelined architectures is exploited and a low power security primitive for hardware-rooted device authentication is proposed. To achieve this, DTA-PUF, a novel lightweight physical unclonable function, is introduced.

Published

2021

47. Improved two factor fuzzy commitment scheme for securing IoT device

Author

T., Yuvarani and A.R., Arunachalam

Published

2023

48. PUF and Chaotic Map-Based Authentication Protocol for Underwater Acoustic Networks

Author

Qi Xie and Ye Yao

Subjects

underwater acoustic networks, authentication, protocol, chaotic maps, PUF, Technology, Engineering (General). Civil engineering (General), TA1-2040, Biology (General), QH301-705.5, Physics, QC1-999, Chemistry, QD1-999

Abstract

A secure and effective authentication and communication scheme between users and underwater sensors plays an important role in improving the detection and utilization of marine resources in underwater acoustic networks (UANs). However, due to the energy limitations and susceptibility to capture of underwater sensors and gateways, it is necessary to design a lightweight authentication protocol that can resist capture of sensors and gateways during attacks. In this paper, a lightweight authentication protocol for UANs based on the Physical Unclonable Function (PUF) and chaotic map is proposed. We used the advantages of PUF to resist sensors and gateways being captured in attacks and the chaotic map to achieve lightweight authentication because the computational cost of the chaotic map is almost one-third that of Elliptic Curve Cryptography (ECC). Additionally, we used the formal security proof in the random oracle model to prove the security of the proposed scheme. Our scheme was more secure and efficient compared with some other related schemes in terms of security and performance requirements, and the proposed scheme is suitable for UANs.

Published

2024

49. Two-Layered Multi-Factor Authentication Using Decentralized Blockchain in an IoT Environment

Author

Saeed Bamashmos, Naveen Chilamkurti, and Ahmad Salehi Shahraki

Subjects

biometric, blockchain, digital signatures, IoT, multi-factor authentication, PUF, Chemical technology, TP1-1185

Abstract

Internet of Things (IoT) technology is evolving over the peak of smart infrastructure with the participation of IoT devices in a wide range of applications. Traditional IoT authentication methods are vulnerable to threats due to wireless data transmission. However, IoT devices are resource- and energy-constrained, so building lightweight security that provides stronger authentication is essential. This paper proposes a novel, two-layered multi-factor authentication (2L-MFA) framework using blockchain to enhance IoT devices and user security. The first level of authentication is for IoT devices, one that considers secret keys, geographical location, and physically unclonable function (PUF). Proof-of-authentication (PoAh) and elliptic curve Diffie–Hellman are followed for lightweight and low latency support. Second-level authentication for IoT users, which are sub-categorized into four levels, each defined by specific factors such as identity, password, and biometrics. The first level involves a matrix-based password; the second level utilizes the elliptic curve digital signature algorithm (ECDSA); and levels 3 and 4 are secured with iris and finger vein, providing comprehensive and robust authentication. We deployed fuzzy logic to validate the authentication and make the system more robust. The 2L-MFA model significantly improves performance, reducing registration, login, and authentication times by up to 25%, 50%, and 25%, respectively, facilitating quicker cloud access post-authentication and enhancing overall efficiency.

Published

2024

50. A Lightweight PUF based Multi-factor Authentication Technique for Intelligent Smart Healthcare System.

Author

Kumar Chaudhary, Ravi Raushan and Chatterjee, Kakali

Subjects

MULTI-factor authentication, INTEGRATED circuits, INTERNET of things, DIGITAL communications, PHYSICAL mobility, MEDICAL care

Abstract

The Internet of Things is gaining popularity throughout the world. With the growth of digital communication, healthcare 4.0 are being implemented by many businesses industry in order to establish a more resilient, competent, and intelligent smart healthcare system. Healthcare monitoring services are the part of smart healthcare system. These types of monitoring systems are mainly based on the Internet of Things (IoT). IoT helps to integrate multiple sensors and objects that can directly communicate with each other without human intervention. This type of IoT based systems are vulnerable to different adversarial threats such as cloning attack, impersonation attack etc. Hence medical IoT device authentication is essential in smart healthcare to verify user legitimacy. One way to verify user legitimacy is using physical unclonable function (PUF). The PUF protects sensor nodes from tampering, cloning attack. In this paper, we have proposed a lightweight PUF based authentication mechanism for embedded IoT devices in e-healthcare system. The proposed authentication technique helps to authenticate IoT sensor nodes which are responsible for transmitting sensitive health data in a health monitoring system. The performance comparison shows that the protocol is efficient with high through put and low computational load. The security analysis of the authentication scheme shows it would resist different types of network attacks. The proposed authentication provides a facility that no one except that the primary users can have access to the raw challenge response pair of integrated PUF circuits so that adversary will unable to build another same PUF model. Also the success probability is 2 - 76 for recovering the transformed 128 bit challenge and responses. [ABSTRACT FROM AUTHOR]

Published

2023