PUF-IPA: A PUF-based Identity Preserving Protocol for Internet of Things Authentication
Mahmood Azhar Qureshi, Arslan Munir
Abstract
Physically unclonable functions (PUFs) can be used for Internet of things (IoT) based identification, authentication and authorization. However, PUF based authentication systems are vulnerable to various attacks including, but not limited to, replay and modeling attacks. In this paper, we propose PUF-IPA, a PUF-based identity-preserving protocol for IoT device authentication. The PUF-IPA provides stronger resilience against security attacks as compared to previous approaches assuming a threat model where adversary can conduct not only passive or active attacks during authentication phase but can also breach the server storing PUF credentials. The proposed PUF-IPA is robust against brute force, replay, and modeling attacks. In PUF-IPA, no partial/full challenge-response pairs (CRPs) or soft models associated to a PUF within a device are stored, generated, transmitted, or received by the server during authentication events. The PUF-IPA improves the PUF response accuracy by enabling self-checking. Results reveal that the PUF-IPA improves the PUF response accuracy from 89% to 98% without the use of hardware-expensive error correction codes.