TREVERSE: Trial-and-Error Lightweight Secure Reverse Authentication with Simulatable PUFs
This addresses authentication security for resource-constrained IoT devices, but appears incremental as it builds on existing PUF concepts with a novel trial-and-error approach.
The paper tackles the challenge of practical and secure lightweight authentication for low-end IoT devices using physically unclonable functions (PUFs) by introducing TREVERSE, a trial-and-error reverse authentication method that leverages simulatable PUFs; it demonstrates authentication capability with two experimentally derived SimPUFs, though no concrete performance numbers are provided in the abstract.
A physical unclonable function (PUF) generates hardware intrinsic volatile secrets by exploiting uncontrollable manufacturing randomness. Although PUFs provide the potential for lightweight and secure authentication for increasing numbers of low-end Internet of Things devices, practical and secure mechanisms remain elusive. We aim to explore simulatable PUFs (SimPUFs) that are physically unclonable but efficiently modeled mathematically through privileged one-time PUF access to address the above problem. Given a challenge, a securely stored SimPUF in possession of a trusted server computes the corresponding response and its bit-specific reliability. Consequently, naturally noisy PUF responses generated by a resource limited prover can be immediately processed by a one-way function (OWF) and transmitted to the server, because the resourceful server can exploit the SimPUF to perform a trial-and-error search over likely error patterns to recover the noisy response to authenticate the prover. Security of trial-and-error reverse (TREVERSE) authentication under the random oracle model is guaranteed by the hardness of inverting the OWF. We formally evaluate the TREVERSE authentication capability with two SimPUFs experimentally derived from popular silicon PUFs.