Realization And Security Application Of Physical Unclonable Function Based On Wireless Channel Characteristics

The concept of Physical Unclonable Function(PUF)is like the proverb "There are no two identical leaves in the world".By virtue of the differences between different physical entities of the same type,PUF can generate a unique identity for each physical entity.Used in information security fields such as identification and identity authentication.Existing PUFs,such as optical PUF,paper PUF,SRAM PUF,etc.,respectively use optical scattering characteristics,paper fiber distribu tion characteristics,and SRAM power-on level distribution characteristics to generate unique identifications of corresponding physical entities.However,the aforementioned PUF is not easy to implement in a wireless communication system where devices at both ends of the transceiver are authenticated.Channel State Information(CSI)reflects the characteristics of the wireless channel and device hardware,and the characteristics of the wireless channel are related to the characteristics of the wireless terminal device.Location-related,so PUF can be constructed based on CSI and applied to the identification of location-related wireless terminal devices.Aiming at the problem that traditional PUF is not easy to implement in wireless communication systems,this paper uses the robustness,uniqueness,and non-reproducibility of CSI related to wireless channels and device hardware based on the above-mentioned principles of PUF,and proposes a wireless terminal PUF based on CSI.It can generate the unique identity of the wireless terminal device.The main research contents are as follows:(1)A CSI-based wireless terminal physical unclonable function(CSIPUF)is proposed,and its design is completed.The physical unclonable function can generate a unique identity from the CSI while protecting the CSI from being leaked.CSI-PUF is divided into three modules: preprocessing,quantization function and fuzzy extractor.First,let the wireless terminal send packets on the wireless channel and calculate and extract the CSI by the access point;then take the amplitude value of the continuous CSI in the preprocessing module and use the Laida criterion to detect abnormalities,filter out the abnormal values in the CSI,and then take the average value Obtain the smoothed CSI value;then perform a quantization operation on the CSI in the quantization function module to obtain a bit sequence consistent with the Euclidean distance ratio of the CSI value in the Hamming distance as the output of the CSI-PUF.Finally,the bit sequence output by the CSIPUF is input to the fuzzy extractor module,and the corresponding unique identification is output.Experiments have shown that the on-chip Hamming distance and inter-chip Hamming distance of the CSI-PUF output bit sequence are 0.7453% and 20.26%,respectively.The unique identifier has passed the test on the indicators of the NIST randomness test,and the experimental results have proved that it has reached aim of design.(2)Aiming at the problem that CSI has random volatility and cannot directly generate unique identification,the algorithm of fuzzy extractor in CSI-PUF is designed,so that it can extract stable unique identification from CSI anonymously.In the process of generating the fuzzy extractor,the bit sequence of this input is determined as the standard input,the generated unique identification is the standard output,and auxiliary data is generated to correct the noise error of the CSI.In the reproduction process of the fuzzy extractor,the input bit sequence with noise error compared to the standard input and the auxiliary data generated during the generation process are input,and the standard output determined during the generation process is restored,and the unique identification is obtained.The results of the NIST randomness test show that the algorithm can stably extract the unique identity and protect the CSI from being leaked.(3)Based on the above-mentioned scheme,this paper designs and implements a Wi Fi wireless terminal identity authentication prototype system based on CSI-PUF.The prototype system includes wireless terminals to be authenticated,access points,and authentication servers.The system is divided into an initialization phase and an authentication phase.In the initialization phase,the unique ID of the Wi Fi wireless terminal is generated for use in subsequent authentication;in the authentication phase,the random number,shared key and unique ID are placed at the access point and the authentication the servers are encrypted with a hash function,so that the access point and the authentication server also authenticate each other while authenticating the identity of the Wi Fi wireless terminal.Tests show that in the identity authentication test of six devices in a non-interference indoor environment,the system has a good authentication success rate in the test scenario,and has a certain effect on improving the security of Wi Fi wireless terminals.