Design Of Lightweight Security Authentication Scheme Based On PUFs

With the rapid development of the Internet of Things(Io T),the research on security and credibility of the Io T has received extensive attention.Traditional encryption authentication protocols are difficult to directly apply in Io T,whose requirements of high security and low cost of are mutually restricted.The exploration of authentication schemes suitable for lightweight scenarios has become a hot spot in the research of Io T security.Physical Unclonable Functions(PUFs)form unique security primitives by extracting manufacturing variations that cannot be replicated in the chip manufacturing process,avoiding the high cost,high power,and key storage security caused by traditional encryption algorithms.Such primitives have been widely used in the field of Io Ts security certification.While the transmission channel of authentication protocol is exposed where adversaries collect response and machine learning methods are performed on these data,that result in false certification.In order to resist machine learning attacks on PUFs,this thesis proposes a lightweight security authentication scheme based on PUFs.This scheme proposes an authentication strategy based on portion mapping,which eliminates the continuous and identical binary sequence of response,resulting in the unequal number and the non-linear relationship of PUFs challenge and response.Response mapped by scheme presents 50%noise to the attacker.Machine learning cannot obtain the mathematical model of PUFs through data training,which improves the anti-attack performance of PUFs.The same response obtain almost no noise to the authentication server,which ensures the accuracy of authentication.In order to reduce the hardware consumption of the authentication token and the reliability of PUFs,inverse fuzzy extractor and random number generator circuit is designed in token,deploying registration phase of fuzzy extractor on the token to achieve low hardware overhead error correction and lightweight authentication.The lightweight security authentication scheme proposed by this work is implemented on Xilinx Virtex-V FPGA,the token uses 2 XOR gate APUFs(2XOR-APUFs)as the authentication subject.The hardware resource consumption of token is 966 LUTs and 648 Registers.Compared with the existing PUFs-based authentication scheme,the overall hardware consumption is less.The experimental results of machine learning attacks show that the prediction rate of evolution strategy,logistic regression and artificial neural network for portion mapping schemes is about 51%,compared with 76%(evolution strategy)and 92%(logistic regression and artificial neural network)of 2XOR-APUFs,the portion mapping authentication scheme effectively reduces the machine learning prediction rate of PUFs.In addition,the authentication scheme achieves FAR of 6.071×10^-7 and FRR of 5.917×10^-8 under a total authentication bit width of 192bit,which meets the standard of 10^-6,which means the capability of accept legal tokens and reject illegal can meet the security requirements of Io T scenarios.In summary,the lightweight security authentication scheme based on PUFs proposed in this paper improves the machine learning attack resistance of PUFs under limited hardware resources,and ensures the authentication efficiency.It is an effective attempt in the field of lightweight authentication which has engineering application value.