Secure PUF-Based Authentication Systems

Abstract

The Internet of Things faces significant security challenges, particularly in device authentication. Traditional methods of PUF-based authentication protocols do not fully address IoT’s unique security needs and resource constraints. Existing solutions like Identity-Based Encryption with Physically Unclonable Functions enhance security but still struggle with protecting data during transmission. We show a new protocol that leverages PUFs for device authentication by utilizing Paillier homomorphic encryption or the plaintext equality test to enhance security. Our approach involves encrypting both the challenge–response pairs (CRPs) using Paillier homomorphic encryption scheme or ElGamal encryption for plaintext equality testing scheme. The verifier does not need access to the plaintext CRPs to ensure that sensitive data remain encrypted at all times and our approach reduces the computational load on IoT devices. The encryption ensures that neither the challenge nor the response can be deciphered by potential adversaries who obtain them during the transmission. The homomorphic property of the Paillier scheme or plaintext equality testing scheme allows a verifier to verify device authenticity without decrypting the CRPs, preserving privacy and reducing the computational load on IoT devices. Such an approach to encrypting both elements of the CRP provides resistance against CRP disclosure, machine learning attacks, and impersonation attacks. We validate the scheme through security analysis against various attacks and evaluate its performance by analyzing the computational overhead and the communication overhead. Comparison of average computational and communication time demonstrates Paillier scheme achieves approximately 99% reduction while the plaintext equality test achieves approximately 94% reduction between them.