PUF‐based solutions for secure communications in Advanced Metering Infrastructure (AMI)

Advanced metering infrastructure (AMI) provides 2‐way communications between the utility and the smart meters. Developing authenticated key exchange (AKE) and broadcast authentication (BA) protocols is essential to provide secure communications in AMI. The security of all existing cryptographic protocols is based on the assumption that secret information is stored in the nonvolatile memories. In the AMI, the attackers can obtain some or all of the stored secret information from memories by a great variety of inexpensive and fast side‐channel attacks. Thus, all existing AKE and BA protocols are no longer secure. In this paper, we investigate how to develop secure AKE and BA protocols in the presence of memory attacks. As a solution, we propose to embed a physical unclonable function (PUF) in each party, which generates the secret values as required without the need to store them. By combining PUFs and 2 well‐known and secure protocols, we propose PUF‐based AKE and BA protocols. We show that our proposed protocols are memory leakage resilient. In addition, we prove their security in the standard model. Performance analysis of both protocols shows their efficiency for AMI applications. The proposed protocols can be easily implemented.     

Preserving User Anonymity in Context‐Aware Location‐Based Services: A Proposed Framework

Protecting privacy is an important goal in designing location‐based services. Service providers want to verify legitimate users and allow permitted users to enjoy their services. Users, however, want to preserve their privacy and prevent tracking. In this paper, a new framework providing users with more privacy and anonymity in both the authentication process and the querying process is proposed. Unlike the designs proposed in previous works, our framework benefits from a combination of three important techniques: k‐anonymity, timed fuzzy logic, and a one‐way hash function. Modifying and adapting these existing schemes provides us with a simpler, less complex, yet more mature solution. During authentication, the one‐way hash function provides users with more privacy by using fingerprints of users' identities. To provide anonymous authentication, the concept of confidence level is adopted with timed fuzzy logic. Regarding location privacy, spatial k‐anonymity prevents the users' locations from being tracked. The experiment results and analysis show that our framework can strengthen the protection of anonymity and privacy of users by incurring a minimal implementation cost and can improve functionality.     

Privacy‐preserving authentication protocols with efficient verification in VANETs

As an important component of intelligent transportation systems, vehicular ad hoc networks can provide safer and more comfortable driving circumstance for the drivers. However, communication security and privacy issues present practical concerns to the deployment of vehicular ad hoc networks. Although recent related studies have already addressed most of these issues, most of them have only considered a posteriori countermeasures or a priori countermeasures to prevent the attacks of an adversary. To the best of our knowledge, up to now, only two privacy‐preserving authentication schemes can provide a posteriori countermeasures and a priori countermeasures. But, the computational cost of verifying a signature is relatively high or security proof of the scheme is loose in the two schemes. In this paper, we propose two novel privacy‐preserving authentication schemes. The first one cannot only provide a posteriori and a priori countermeasures, but also has low computational cost in the verification phase and tight security proof. The second one can achieve batch verification on multiple messages. Comparison with Wu et al.'s scheme and Chen et al's scheme, our scheme shows higher efficiency in terms of the computational cost of verifying signature.Copyright © 2013 John Wiley & Sons, Ltd.     

Flexible and Biocompatible Physical Unclonable Function Anti-Counterfeiting Label

Optical physical unclonable functions (PUFs) have been proven to be one of the most effective anti-counterfeiting strategies. However, optical PUFs endowed with flexibility and biocompatibility have not been developed, limiting their application scenarios. Herein, biocompatible and flexible optical PUF labels are developed by randomly embedding microdiamonds in silk fibroin films. The PUF labels can be conformally attached onto the surface of complex shaped objects, providing the desired protection against fake and interior products. In this system, silk fibroin films serve as a flexible and biocompatible substrate, while the Raman signal of the microdiamonds serves as response of the excitation. The extremely high stability and random distribution of the microdiamonds ensure the performance of PUFs, and the maximum encoding capability of 2¹⁰⁰⁰⁰ is finally realized. The cytotoxicity analysis results also verify the biosafety of the PUF system. In addition, the as-prepared PUF labels are attached onto the surface of polyethylene material, and human skin, and even have been implanted under chicken skin tissue, promising their practical applications.     

Dynamic anonymous identity authentication (DAIA) scheme for VANET

With the development of the vehicular ad hoc network, the security and privacy are now becoming vital concerns, especially when the attacker owns more and more resources. In order to address these concerns, a dynamic anonymous identity authentication scheme is proposed using Elliptic Curve Discrete Logarithm Problem and blockchain method, which guarantees the security and fast off‐line authentication for vehicle‐to‐infrastructure. Specifically, a dynamic pseudonym key is generated using tamper proof device (TPD) for off‐line authentication and anonymity when a vehicle roams among different roadside units' (RSUs) communication ranges. Even if all RSUs are compromised, vehicle's identity is still privacy. Moreover, two additional design goals are more suitable for the practical environment: (1) the reduced assumption of TPD; (2) certification authority can trace vehicle under the authorization by law.     

FPGA-based Physical Unclonable Functions: A comprehensive overview of theory and architectures

Physically Unclonable Functions (PUFs) are a promising technology and have been proposed as central building blocks in many cryptographic protocols and security architectures. Among other uses, PUFs enable chip identifier/authentication, secret key generation/storage, seed for a random number generator and Intellectual Property (IP) protection. Field Programmable Gate Arrays (FPGAs) are re-configurable hardware systems which have emerged as an interesting trade-off between the versatility of standard microprocessors and the efficiency of Application Specific Integrated Circuits (ASICs). In FPGA devices, PUFs may be instantiated directly from FPGA fabric components in order to exploit the propagation delay differences of signals caused by manufacturing process variations. PUF technology can protect the individual FPGA IP cores with less overhead. In this article, we first provide an extensive survey on the current state-of-the-art of FPGA based PUFs. Then, we provide a detailed performance evaluation result for several FPGA based PUF designs and their comparisons. Subsequently, we briefly report on some of the known attacks on FPGA based PUFs and the corresponding countermeasures. Finally, we conclude with a brief overview of the FPGA based PUF application scenarios and future research directions.     

Photonic Side-Channel Analysis of Arbiter PUFs

As intended by its name, physically unclonable functions (PUFs) are considered as an ultimate solution to deal with insecure storage, hardware counterfeiting, and many other security problems. However, many different successful attacks have already revealed vulnerabilities of certain digital intrinsic PUFs. This paper demonstrates that legacy arbiter PUF and its popular extended versions (i.e., feed-forward and XOR-enhanced) can be completely and linearly characterized by means of photonic emission analysis. Our experimental setup is capable of measuring every PUF internal delay with a resolution of 6 ps. Due to this resolution, we indeed require only the theoretical minimum number of linear independent equations (i.e., physical measurements) to directly solve the underlying inhomogeneous linear system. Moreover, it is not required to know the actual PUF responses for our physical delay extraction. We present our practical results for an arbiter PUF implementation on a complex programmable logic device manufactured with a 180 nm process. Finally, we give an insight into photonic emission analysis of arbiter PUF on smaller chip architectures by performing experiments on a field programmable gate array manufactured with a 60 nm process.     

X‐Region: A framework for location privacy preservation in mobile peer‐to‐peer networks

While enjoying various LBS (location‐based services), users also face the threats of location privacy disclosure. This is because even if the communications between users and LBS providers can be encrypted and anonymized, the sensitive information inside LBS queries may disclose the exact location or even the identity of a user. The existing research on location privacy preservation in mobile peer‐to‐peer (P2P) networks assumed that users trust each other and directly share location information with each other. Nonetheless, this assumption is not practical for most of the mobile P2P scenarios, for example, an adversary can pretend to be a normal user and collect the locations of other users. Aiming at this issue, this paper presents x‐region as a solution to preserve the location privacy in a mobile P2P environment where no trust relationships are assumed amongst mobile users. The main idea is to allow users to share a blurred region known as x‐region instead of their exact locations so that one cannot distinguish any user from others inside the region. We propose a theoretical metric for measuring the anonymity property of x‐region, together with three algorithms for generating an x‐region, namely, benchmark algorithm, weighted expanding algorithm, and aggressive weighted expanding algorithm. These algorithms achieve the anonymity and QoS requirements with different strategies. Our experiments verify the performance of the algorithms against three key metrics. Copyright © 2013 John Wiley & Sons, Ltd.     

Secure anonymous authentication scheme without verification table for mobile satellite communication systems

An authentication scheme is one of the most basic and important security mechanisms for satellite communication systems because it prevents illegal access by an adversary. Lee et al. recently proposed an efficient authentication scheme for mobile satellite communication systems. However, we observed that this authentication scheme is vulnerable to a denial of service (DoS) attack and does not offer perfect forward secrecy. Therefore, we propose a novel secure authentication scheme without verification table for mobile satellite communication systems. The proposed scheme can simultaneously withstand DoS attacks and support user anonymity and user unlinkability. In addition, the proposed scheme is based on the elliptic curve cryptosystem, has low client‐side and server‐side computation costs, and achieves perfect forward secrecy. Copyright © 2013 John Wiley & Sons, Ltd.     

Cryptanalysis and improvement of the YAK protocol with formal security proof and security verification via Scyther

Hao proposed the YAK as a robust key agreement based on public‐key authentication, and the author claimed that the YAK protocol withstands all known attacks and therefore is secure against an extremely strong adversary. However, Toorani showed the security flaws in the YAK protocol. This paper shows that the YAK protocol cannot withstand the known key security attack, and its consequences lead us to introduce a new key compromise impersonation attack, where an adversary is allowed to reveal both the shared static secret key between two‐party participation and the ephemeral private key of the initiator party in order to mount this attack. In addition, we present a new security model that covers these attacks against an extremely strong adversary. Moreover, we propose an improved YAK protocol to remedy these attacks and the previous attacks mentioned by Toorani on the YAK protocol, and the proposed protocol uses a verification mechanism in its block design that provides entity authentication and key confirmation. Meanwhile, we show that the proposed protocol is secure in the proposed formal security model under the gap Diffie‐Hellman assumption and the random oracle assumption. Moreover, we verify the security of the proposed protocol and YAK protocol by using an automatic verification method such as the Scyther tool, and the verification result shows that the security claims of the proposed protocol are proven, in contrast to those of the YAK protocol, which are not proven. The security and performance comparisons show that the improved YAK protocol outperforms previous related protocols.     

Privacy‐preserving registration protocol for mobile network

In this paper, we propose a novel privacy‐preserving registration protocol that combines the verifier local revocation group signature with mobile IP. The protocol could achieve strong security guarantee, such as user anonymity via a robust temporary identity, local user revocation with untraceability support, and secure key establishment against home server and eavesdroppers. Various kinds of adversary attacks can be prevented by the proposed protocol, especially that deposit‐case attack does not work here. Meanwhile, a concurrent mechanism and a dynamical revocation method are designed to minimize the handover authentication delay and the home registration signals. The theoretical analysis and simulation results show that the proposed scheme could provide high security level besides lightweight computational cost and efficient communication performance. For instance, compared with Yang's scheme, the proposed protocol could decrease the falling speed of handover authentication delay up to about 40% with privacy being preserved. Copyright © 2012 John Wiley & Sons, Ltd.     

Design of a user anonymous password authentication scheme without smart card

Recently, Jiang et al. and He et al. independently found security problems in Chen et al.'s remote user authentication scheme for non‐tamper‐proof storage devices like Universal Serial Bus stick and proposed improvements. Nonetheless, we detect that the schemes proposed by Jiang et al. and He et al. overlook a user's privacy. We also observe that Jiang et al.'s scheme is vulnerable to insider attack and denial of service attacks and lacks forward secrecy. We point out that the password changing facility in He et al.'s scheme is equivalent to undergoing registration, whereas in Jiang et al.'s scheme, it is unsuitable. Moreover, the login phase of both the schemes is incapable to prevent the use of wrong password leading to the computation of an unworkable login request. Therefore, we design a new scheme with user anonymity to surmount the identified weaknesses. Without adding much in communication/computational cost, our scheme provides more security characteristics and keeps the merits of the original schemes. As compared with its predecessor schemes, the proposed scheme stands out as a more apt user authentication method for common storage devices. We have also presented a formal proof of security of the proposed scheme based on the logic proposed by Burrows, Abadi and Needham (BAN logic). Copyright © 2014 John Wiley & Sons, Ltd.     

Improvement of robust smart‐card‐based password authentication scheme

Smart‐card‐based password authentication scheme is one of the commonly used mechanisms to prevent unauthorized service and resource access and to remove the potential security threats over the insecure networks and has been investigated extensively in the last decade. Recently, Chen et al. proposed a smart‐card‐based password authentication scheme and claimed that the scheme can withstand offline password guessing attacks even if the information stored in the smart card is extracted by the adversary. However, we observe that the scheme of Chen et al. is insecure against offline password guessing attacks in this case. To remedy this security problem, we propose an improved authentication protocol, which inherits the merits of the scheme of Chen et al. and is free from the security flaw of their scheme. Compared with the previous schemes, our improved scheme provides more security guarantees while keeping efficiency. Copyright © 2013 John Wiley & Sons, Ltd.     

Strong roaming authentication technique for wireless and mobile networks

When one considers the broad range of wirelessly connected mobile devices used today, it is clear that integrating such network‐enabled devices into secure roaming over wireless networks is of essential importance. Over the years, many authentication protocols have been suggested to address this issue. Among these protocols, the recently proposed privacy‐preserving universal authentication protocol, Priauth, exceeds the security and efficiency of other authentication techniques. This paper studies the existing roaming authentication protocols and shows that they are not strong enough to provide secure roaming services in three aspects. Further, using Priauth as an example, we propose efficient remedies that fix the weaknesses. The experimental results show that the proposed approaches are feasible in practice. Copyright © 2012 John Wiley & Sons, Ltd.     

Are RNGs Achilles’ Heel of RFID Security and Privacy Protocols?

Security and privacy concerns have been growing with the increased utilisation of RFID technology in our daily lives. To mitigate these issues, numerous privacy-friendly authentication protocols have been published in the last decade. Random number generators (RNGs) are necessarily used in RFID tags to provide security and privacy. However, low-end RNGs can be the weakest point in a protocol scheme and using them might undesirably cause severe security and privacy problems. On the other hand, having a secure RNG with large entropy might be a trade-off between security and cost for low-cost RFID tags. Furthermore, RNGs used in low-cost RFID tags might not work properly in time. Therefore, we claim that the vulnerability of using an RNG deeply influences the security and privacy level of the RFID system. To the best of our knowledge, this concern has not been considered in the RFID literature. Motivated by this need, in this study, we first revisit Vaudenay’s privacy model which combines the early models and presents a new mature privacy model with different adversary classes. Then, we extend the model by introducing RANDOMEYE privacy, which allows analyzing the security of RNGs in RFID protocols. We further apply our extended model to two existing RFID schemes.     

Design and implementation of an improved MA‐APUF with higher uniqueness and security

An arbiter physical unclonable function (APUF) has exponential challenge‐response pairs and is easy to implement on field‐programmable gate arrays (FPGAs). However, modeling attacks based on machine learning have become a serious threat to APUFs. Although the modeling‐attack resistance of an MA‐APUF has been improved considerably by architecture modifications, the response generation method of an MA‐APUF results in low uniqueness. In this study, we demonstrate three design problems regarding the low uniqueness that APUF‐based strong PUFs may exhibit, and we present several foundational principles to improve the uniqueness of APUF‐based strong PUFs. In particular, an improved MA‐APUF design is implemented in an FPGA and evaluated using a well‐established experimental setup. Two types of evaluation metrics are used for evaluation and comparison. Furthermore, evolution strategies, logistic regression, and K‐junta functions are used to evaluate the security of our design. The experiment results reveal that the uniqueness of our improved MA‐APUF is 81.29% (compared with that of the MA‐APUF, 13.12%), and the prediction rate is approximately 56% (compared with that of the MA‐APUF (60%‐80%).     

A PUFs-based hardware authentication BLAKE algorithm in 65 nm CMOS

This paper presents a hardware authentication BLAKE algorithm based on physical unclonable functions (PUFs) in Taiwan Semiconductor Manufacturing Company low-power 65 nm CMOS. To support hardware authentication feature, PUFs have been organised in BLAKE algorithm as the salt value. The trials table method is used to improve the robust of PUFs, resulting in approximately 100% stability against supply voltage variations form 0.7 V to 1.6 V. By discussing the G-function of BLAKE algorithm, the hardware implementation is considered for acceleration, resulting in significant performance improvements. The die occupies 2.62 mm² and operates maximum frequency 1.0 GHz at 1.6 V. Measured results show that PUFs have great random characteristic and the authentication chip dissipates an average power of 91 mW under typical condition at 1.2 V and 780 MHz. In comparison with other works, the PUFs-based BLAKE algorithm has hardware authentication feature and improves throughput about 45%.     

Securing sensor data storage and query based on k‐out‐of‐ n coding

With in‐network sensor data storage and query, sensed data are stored locally and further accessed by users on demand. Thus, without proper protection for sensor data and user queries, compromise of sensor nodes may reveal sensitive information about the sensed environment as well as users’ query patterns. Furthermore, the adversary can alter some stored data and prevent users from recovering information correctly. In this paper, we propose and analyze the use of maximum‐distance separable codes to address the problem. First, initial data is encoded in (n, k) maximum‐distance separable code and spread from a single data source to a set of storage nodes for higher survivability. Second, a blind signature‐based privacy scheme is explored to preserve user query, such that authorized user's identity and privacy interests are concealed from others. Finally, an efficient data retrieval scheme is carried out such that the redundancy symbols in the remaining nodes are accessed only if the user fails to decode the data, which reduces the communication and computation cost. Analysis and evaluation verify the efficiency of the proposed scheme. Copyright © 2011 John Wiley & Sons, Ltd.     

Exploiting Multi-Phase On-Chip Voltage Regulators as Strong PUF Primitives for Securing IoT

The physical randomness of the flying capacitors in the multi-phase on-chip switched-capacitor (SC) voltage converter is exploited as a novel strong physical unclonable function (PUF) primitive for IoT authentication. Moreover, for the strong PUF we devised, an approximated constant input power is achieved against side-channel attacks and a non-linear transformation block is utilized to scramble the high linear relationship between the input challenges and output responses against machine-learning attacks. The results show that the novel strong PUF primitive we designed achieves a nearly 51.3% inter-Hamming distance (HD) and 98.5% reliability while maintaining a high security level against both side-channel and machine-learning attacks.     

Integrated circuit design for physical unclonable function using differential amplifiers

A physical unclonable function (PUF) based on process variations on silicon wafers is a very promising technology which finds various applications in identification and authentication, but only a few integrated circuits have been reported so far. As those circuits are vulnerable to power supply noises, switching noises and environmental variations, they lead to a reliability issue such as time-varying or metastable responses. To resolve this issue, this letter proposes a new integrated circuit design for PUFs using differential amplifiers. The feasibility of the proposed circuit has been theoretically analyzed and validated through HSPICE simulations for the previous and proposed circuits.