基于BST-PUF模型的轻量型认证与会话密钥交换协议

doi:10.3778/j.issn.1002-8331.2012-0494

摘要/Abstract

摘要： 为解决现有PUF密钥交换协议存在的纠错机制复杂、辅助数据过大而导致的高开销问题，利用新提出的比特自检PUF电路（BST-PUF）设计了一种轻量型认证与密钥交换协议，在含有PUF的密码设备与服务器之间进行安全认证并建立共享会话密钥。协议能实现双向认证与可靠的密钥交换，抵抗篡改攻击、中间人攻击、DoS攻击、物理探测攻击与建模攻击等各种攻击技术。协议采用BST-PUF电路和鲁棒响应提取器来生成可靠的响应，取代传统PUF和纠错码组合，将可靠性标志F作为辅助数据用来恢复密钥，大幅降低纠错复杂性，减少辅助数据长度并提升PUF利用率。

关键词: 纠错, 辅助数据, BST-PUF电路, 认证与密钥交换, 建模攻击, 鲁棒响应提取器, 可靠性标志

Abstract: In order to solve the problem of high overhead caused by the complicated error correction mechanism and excessive Helper data in the existing PUF key exchange protocol, this paper uses the newly proposed Bit Self-Test physical unclonable function（PUF） circuit（BST-PUF） to design a lightweight authentication with the key exchange protocol, security authentication is performed between the cryptographic device containing the PUF and the server and a shared session key is established. The protocol can realize two-way authentication and reliable key exchange, and resist various attack techniques such as tampering attacks, man-in-the-middle attacks, DoS attacks, physical detection attacks and modeling attacks. The protocol uses BST-PUF circuits and robust response extractors to generate reliable responses, replacing the traditional PUF and error correction code combination. The reliability flag F is used as auxiliary data to recover the key, which greatly reduces the complexity of error correction, and reduces the length of auxiliary data and improves PUF utilization.

Key words: error correction, helper data, Bit Self-Test PUF circuit, authentication and key exchange, modeling attacks, robust response extractor, reliability sign

贺章擎, 项链, 汪晨, 吴铁洲. 基于BST-PUF模型的轻量型认证与会话密钥交换协议[J]. 计算机工程与应用, 2022, 58(1): 122-127.

HE Zhangqing, XIANG Lian, WANG Chen, WU Tiezhou. Lightweight Authentication and Session Key Exchange Protocol Based on BST-PUF[J]. Computer Engineering and Applications, 2022, 58(1): 122-127.

参考文献

[1] MAES R.Physically unclonable functions：Constructions，properties and applications[M].[S.l.]：Springer Publishing Company，2013.
[2] MAES R，VERBAUWHEDE I.Physically unclonable functions：A study on the state of the Art and future research directions[M].Berlin Heidelberg：Springer，2010：3-37.
[3] 刘海龙.基于PUF的密钥生成关键技术及FPGA实现研究[D].武汉：华中科技大学，2018.
LIU H L.Research on key technologies and FPGA implementation of PUF-based key generation[D].Wuhan：Huazhong University of Science and Technology，2018.
[4] TEBELMANN L，PEHL M，SIGL G.EM side-channel analysis of BCH-based error correction for PUF-based key generation[C]//Proceedings of Workshop on Attacks & Solutions in Hardware Security，2017：43-52.
[5] AYSU A，GULCAN E，MORIYAMA D，et al.End-to-end design of a PUF-based privacy preserving authentication Protocol[C]//Proceedings of International Workshop on Cryptographic Hardware & Embedded Systems，2015：556-576.
[6] ROSTAMI M，MAJZOOBI M，KOUSHANFAR F，et al.Robust and reverse-engineering resilient PUF authentication and key-exchange by substring matching[J].IEEE Transactions on Emerging Topics in Computing，2014，2（1）：37-49.
[7] GOPE P，LEE J，QUEK T.Lightweight and practical anonymous authentication protocol for RFID systems using physically unclonable functions[J].IEEE Transactions on Information Forensics & Security，2018，13（11）：2831-2843.
[8] YU M D，DEVADAS S.Secure and robust error correction for physical unclonable functions[J].IEEE Design & Test of Computers，2010，27（1）：48-65.
[9] HE Z，WAN M，DENG J，et al.A reliable strong PUF based on switched-capacitor circuit[J].IEEE Transactions on Very Large Scale Integration Systems，2018，26（6）：1073-1083.
[10] HE Z，CHEN W，XU X，et al.A reliable and efficient PUF-based cryptographic key generator using bit self-tests[J].Electronics Letters，2020，56（16）：803-806.
[11] 贺章擎，张灵超，万美琳，等.一种高可靠的开关电容PUF电路[J].华中科技大学学报（自然科学版），2019，47（3）：93-97.
HE Z Q，ZHANG L C，WAN M L，et al.Areliable puf circuit based on switched-capacitor circuit[J].Journal of Huazhong University of Science and Technology（Natural Science Edition），2019，47（3）：93-97.
[12] HE Z，CHEN W，ZHANG L，et al.A highly reliable arbiter PUF with improved uniqueness in FPGA implementation using bit-self-test[J].IEEE Access，2020，8：181751-181762.
[13] 贺章擎，项链，高扬，等.基于BST-PUF的两方认证与会话密钥交换方法：CN110752919A[P].2020-02-04.
HE Z Q，XIANG L，GAO Y，et al.Two-party authentication and session key exchange method based on BST-PUF：CN110752919A[P].2020-02-04.
[14] 尹魏昕，贾咏哲，高艳松，等.物理不可克隆函数（PUF）研究综述[J].网络安全技术与应用，2018（6）：41-42.
YIN W X，JIA Y Z，GAO Y S，et al.Research on physical unclonable function[J].Network Security Technology & Application，2018（6）：41-42.
[15] RUHRMAIR U，SOLTER J，SEHNKE F，et al.PUF modeling attacks on simulated and silicon data[J].IEEE Transactions on Information Forensics and Security，2013，8（11）：1876-1891.
[16] MAJZOOBI M，KOUSHANFAR F，DEVADAS S.FPGA-based true random number generation using circuit metastability with adaptive feedback control[C]//Proceedings of Cryptographic Hardware & Embedded Systems-Ches-International Workshop，2011：17-32.