UCL Discovery
UCL home » Library Services » Electronic resources » UCL Discovery

Building PUF as a Service: Distributed Authentication and Recoverable Data Sharing With Multidimensional CRPs Security Protection

Zhang, Y; Li, B; Liu, B; Chang, J; (2024) Building PUF as a Service: Distributed Authentication and Recoverable Data Sharing With Multidimensional CRPs Security Protection. IEEE Internet of Things Journal 10.1109/JIOT.2024.3358011. (In press). Green open access

[thumbnail of Building_PUF_as_a_Service_Distributed_Authentication_and_Recoverable_Data_Sharing_With_Multidimensional_CRPs_Security_Protection.pdf]
Preview
Text
Building_PUF_as_a_Service_Distributed_Authentication_and_Recoverable_Data_Sharing_With_Multidimensional_CRPs_Security_Protection.pdf - Accepted Version

Download (1MB) | Preview

Abstract

Physically Unclonable Functions (PUFs) have emerged as hardware fingerprints for IoT devices in the form of challenge-response pairs (CRPs). This mapping behaviour is regarded as a physically secure primitive, activating mechanisms of authentication and data protection. However, multidimensional security threats to CRPs, including impersonation attacks, availability attacks, machine learning attacks, and single point failure, impede the applications of PUFs technology. To simultaneously solve these threats, this paper not only leverages Shamir secret sharing (SSS) to provide comprehensive CRPs protection, but also integrates blockchain to address trust issues of synchronization, supervision, and deployment brought by the SSS system. Specifically, we first propose a security-enhanced and reliable CRPs management method. This method leverages SSS and its homomorphic addition feature to protect CRPs storage, sharing, and backup processes. Meanwhile, blockchain is involved in the SSS system to synchronize CRPs and supervise sharing behaviours. Then, a PUF-as-a-service (PaaS) framework is constructed, which utilizes blockchain to trace the change of the SSS system and integrate different PUFs-based security mechanisms. Once deployed in PaaS, users can always utilize transactions to build secure on-chain channels with SSS system and employ the PUF service. Based on our CRPs management method and PaaS framework, we successfully constructed PUFs-based distributed authentication and recoverable data sharing with multidimensional CRPs protection. The security proof and discussions of our scheme are also provided. Moreover, a proof-of-concept prototype was implemented to conduct experimental evaluations and comparative analysis. The results and additional discussions demonstrate that our work is efficient, practical, and suitable for IoT deployment.

Type: Article
Title: Building PUF as a Service: Distributed Authentication and Recoverable Data Sharing With Multidimensional CRPs Security Protection
Open access status: An open access version is available from UCL Discovery
DOI: 10.1109/JIOT.2024.3358011
Publisher version: http://dx.doi.org/10.1109/jiot.2024.3358011
Language: English
Additional information: This version is the author accepted manuscript. For information on re-use, please refer to the publisher’s terms and conditions.
Keywords: Physically Unclonable Functions, blockchain, Shamir secret sharing, Internet of Things (IoT), authentication and data sharing, CRPs security protection, security and privacy
UCL classification: UCL
UCL > Provost and Vice Provost Offices > School of Life and Medical Sciences
UCL > Provost and Vice Provost Offices > School of Life and Medical Sciences > Faculty of Medical Sciences
UCL > Provost and Vice Provost Offices > School of Life and Medical Sciences > Faculty of Medical Sciences > Div of Surgery and Interventional Sci
UCL > Provost and Vice Provost Offices > School of Life and Medical Sciences > Faculty of Medical Sciences > Div of Surgery and Interventional Sci > Department of Surgical Biotechnology
URI: https://discovery.ucl.ac.uk/id/eprint/10190812
Downloads since deposit
43Downloads
Download activity - last month
Download activity - last 12 months
Downloads by country - last 12 months

Archive Staff Only

View Item View Item