XOR Compositions of Physically Related Functions

Physically related functions~(PReFs) are hardware primitives proposed to establish key-exchange between resource-constrained devices with no pre-established secrets. In this paper, we introduce XOR composition of PReFs to eliminate the requirement of revealing the complete functionality of the hardware primitive during the setup phase, which is a prerequisite to setup PReFs. We evaluate the quality of XOR\_PReF design by implementing them on Artix-7 FPGAs

On the Validity of Spoofing Attack Against Safe is the New Smart

Recently, a light-weight authenticated key-exchange (AKE) scheme has been proposed. The scheme provides mutual authentication. It is asymmetric in nature by delegating complex cryptographic operations to resource-equipped servers, and carefully managing the workload on resource-constrained Smart meter nodes by using Physically Unclonable Functions. The prototype Smart meter built using commercial-off-the-shelf products is enabled with a low-cost countermeasure against load-modification attacks, which goes side-by-side with the proposed protocol. An attack against this AKE scheme has been recently proposed claiming that the server can be breached to mount spoofing attacks. It relies on the assumption that the result of an attack against authenticated key-exchange protocol is determined before the attacker learns the session key. In this short paper, we discuss the attack’s validity and describe the misinterpretation of the AKE protocol’s security definition

PUF-COTE: A PUF Construction with Challenge Obfuscation and Throughput Enhancement

Physically Unclonable Functions~(PUFs) have been a potent choice for enabling low-cost, secure communication. However, the state-of-the-art strong PUFs generate single-bit response. So, we propose PUF-COTE: a high throughput architecture based on linear feedback shift register and a strong PUF as the ``base\u27\u27-PUF. At the same time, we obfuscate the challenges to the ``base\u27\u27-PUF of the final construction. We experimentally evaluate the quality of the construction by implementing it on Artix 7 FPGAs. We evaluate the statistical quality of the responses~(using NIST SP800-92 test suit and standard PUF metrics: uniformity, uniqueness, reliability, strict avalanche criterion, ML-based modelling), which is a crucial factor for cryptographic applications

Physically Related Functions: A New Paradigm for Light-weight Key-Exchange

In this paper, we propose a novel concept named Physically Related Function(PReF) which are devices with hardware roots of trust. It enables secure key-exchange with no pre-established/embedded secret keys. This work is motivated by the need to perform key-exchange between lightweight resource-constrained devices. We present a proof-of-concept realization of our contributions in hardware using FPGAs

Harmonizing PUFs for Forward Secure Authenticated Key Exchange with Symmetric Primitives

Physically Unclonable Functions (PUFs) have been a potent choice for enabling low-cost, secure communication. However, in most applications, one party holds the PUF, and the other securely stores the challenge-response pairs (CRPs). It does not remove the need for secure storage entirely, which is one of the goals of PUFs. This paper proposes a PUF-based construction called Harmonizing PUFs (\textsf{H_PUF}s), allowing two independent PUFs to generate the same outcome without storing any confidential data. As an application of \textsf{H_PUF} construction, we present $\textsf{H-AKE}$: a low-cost authenticated key exchange protocol for resource-constrained nodes that is secure against replay and impersonation attacks. The novelty of the protocol is that it achieves forward secrecy without requiring to perform asymmetric group operations like elliptic curve scalar multiplications underlying traditional key-exchange techniques

Safe is the new Smart: PUF-based Authentication for Load Modification-Resistant Smart Meters

In the energy sector, IoT manifests in the form of next-generation power grids that provide enhanced electrical stability, efficient power distribution and utilization. The primary feature of a Smart Grid is the presence of an advanced bi-directional communication network between the Smart meters at the consumer end and the servers at the Utility Operators. The Smart meters are broadly vulnerable to attacks on communication and physical systems. We propose a secure and operationally asymmetric mutual authentication and key-exchange protocol for secure communication. Our protocol balances security and efficiency, delegates complex cryptographic operations to the resource-equipped servers, and carefully manages the workload on the resource-constrained Smart meter nodes using unconventional lightweight primitives such as Physically Unclonable Functions. We prove the security of the protocol using well-established cryptographic assumptions. We implement the proposed scheme end-to-end in a Smart meter prototype using commercial-off-the-shelf products, a Utility server and a credential generator as the trusted third party. Additionally, we demonstrate a physics-based attack named load modification attack on the Smart meter to demonstrate that merely securing the communication channel using authentication does not secure the meter, but requires further protections to ensure the correctness of the reported consumption. Hence, we propose a countermeasure to such attack that goes side-by-side with our protocol implementation.ISSN:1545-5971ISSN:1941-001