A Survey on Physical Unclonable Function (PUF)-based Security Solutions for Internet of Things
Alireza Shamsoshoara, Ashwija Korenda, Fatemeh Afghah, Sherali, Zeadally

TL;DR
This survey reviews the security challenges in IoT networks, emphasizing the potential of PUFs for secure key generation, and presents a ReRAM-based proof-of-concept solution addressing key protection issues.
Contribution
It provides a comprehensive overview of PUF-based security solutions for IoT, highlighting recent techniques and introducing a novel ReRAM-based key generation approach.
Findings
PUFs offer a practical hardware-based solution for IoT security.
ReRAM-based PUFs can generate secret keys effectively.
Challenges remain in deploying PUFs widely in IoT devices.
Abstract
The vast areas of applications for IoTs in future smart cities, smart transportation systems, and so on represent a thriving surface for several security attacks with economic, environmental and societal impacts. This survey paper presents a review of the security challenges of emerging IoT networks and discusses some of the attacks and their countermeasures based on different domains in IoT networks. Most conventional solutions for IoT networks are adopted from communication networks while noting the particular characteristics of IoT networks such as the nodes quantity, heterogeneity, and the limited resources of the nodes, these conventional security methods are not adequate. One challenge toward utilizing common secret key-based cryptographic methods in large-scale IoTs is the problem of secret key generation, distribution, and storage and protecting these secret keys from physical…
Click any figure to enlarge with its caption.
Figure 1
Figure 2
Figure 3
Figure 1
Figure 1
Figure 2
Figure 2
Figure 2
Figure 3
Figure 4
Figure 5
Figure 4
Figure 13
Figure 14
Figure 15
Figure 16
Figure 17
Figure 18
Figure 19
Figure 20
Figure 21
Figure 22
Figure 23
Figure 24
Figure 25
Figure 26
Figure 27
Figure 28
Figure 10
Figure 11
Figure 12
Figure 32
Figure 33
Figure 34
Figure 35| Acronyms | Paraphrase | Acronyms | Paraphrase |
|---|---|---|---|
| AES | Advanced Encryption Standard | CPS | Cyber Physical Systems |
| CRP | Challenge Response Pair | DoS | Denial of Service |
| DDoS | Distributed DoS | DES | Data Encryption System |
| DHT | Distributed Hash Tag | ECC | Elliptic Curve Cryptography |
| FAR | False Authentication Rate | FE | Fuzzy Extractor |
| FPGA | Field Programmable Gate Array | FRR | False Rejection Rate |
| HSM | Hardware Security Modules | IC | Integrated Circuit |
| ICN | Information Centric Network | IoT | Internet of Things |
| IP | Intellectual Property | LDPC | Low Density parity Check |
| MRAM | Magnetoresistive Random Access Memory | MQTT | Message Queuing Telemetry Transport |
| NVM | Non-Volatile Memory | OSI | Open System Interconnection |
| OSN | Online Social Network | PKI | Public Key Infrastructure |
| PMKG | Pattern Matching Key Generators | PUF | Physically Unclonable Function |
| Re-RAM | Resistive Random Access Memory | RF | Radio Frequency |
| RFID | Radio Frequency Identification | RO | Ring Oscillator |
| RSA | Rivest Shamir Aldeman | SDA | Software Defined Network |
| SEA | Secure and Efficient Architecture | SEM | Scanning Electron Microscope |
| SMB | Server Message Block | SoC | System on Chip |
| SOA | Secure-Oriented Architecture | SRAM | Static Random Access Memory |
| SS | Secure Sketch | SSL | Secure Socket Layer |
| TCP | Transmission Control Protocol | TSL | Transport Layer Security |
| ULP | Ultra Low Power | UUID | Universally Unique IDentifier |
| WBC | White Box Cryptography |
| Layer | Attacks | Attackers’ Strategies | ||||||||
| Jamming [93, 94, 95] | With radio interference | |||||||||
| Physical | Tampering [96, 97] | Making fake nodes | ||||||||
| Collision [98, 99, 100] |
|
|||||||||
| Exhaustion [101, 89, 102] |
|
|||||||||
| Data Link | Unfairness [103, 104] |
|
||||||||
|
|
|||||||||
| Selective forwarding [107, 108, 109] |
|
|||||||||
| SinkHole [110, 111, 112] |
|
|||||||||
| Sybil [70, 113, 87] |
|
|||||||||
| Acknowledgement spoofing [114] | Spoof the link layer acknowledgement | |||||||||
| Hello flood [115, 116, 117] |
|
|||||||||
| Network | WormHoles [118, 119] | Re-transmit data to the IoT nodes | ||||||||
| SYN flooding [120, 121, 122] |
|
|||||||||
| Transport | De-synchronization, [123, 124, 125] | Reinitialize the connection in order to disrupt it | ||||||||
| Application |
|
|
| Encryption attack [67] | Perception attacks [153] | Network attacks [154] | Application attacks [155] | |||
| Side channel attack | Node tampering | Sybil attack | Virus and worms | |||
| RF interference |
|
|
||||
| Man-in-the-middle attack | Node jamming | Sinkhole attack | Trojan horse | |||
|
RFID spoofing | Denial of service | ||||
| Physical damage | RFID cloning | |||||
| Crypto attacks | Social engineering |
|
Malevolent script | |||
|
Denial of service |
| o —c—c—c—c— Operation | Flash | ReRAM | MRAM |
|---|---|---|---|
| Program parameter | NOR Vds = 5V; NAND Vgb = 15V | Vset = +100mV | Current: 500uA |
| Program power required | 1mJ/bit | 10pJ/bit | 100pJ/bit |
| Program speed (ns) | 5000ns/block | 2-20ns | 2-20ns |
| Read parameter | Voltage: 10mV | Current: 1-20uA | Current: 1-20uA |
| Read power required | 10 pJ | 1pJ | 1pJ |
| Read speed (ns) | 50ns | 2-20ns | 2-20ns |
| Type | Name | Weak/Strong | Ref | Comment | ||
|---|---|---|---|---|---|---|
| Special fabrication | coating | Weak | [210, 211, 212] | Smaller number of CRP | ||
| Optical | Strong | [213, 211, 214] | Difficult to evaluate the uniqeness | |||
| Silicon PUF | Delay based | Arbiter | Strong | [215, 216, 217] | Vulnerable to attacks | |
|
Weak | [218, 194, 219] | Needs large power and space | |||
| Memory based | Re-RAM | Strong | [201, 220, 221] |
|
||
| Butterfly | Weak | [222, 223] |
|
|||
| SRAM | Weak | [224, 225, 226, 227] | Vulnerable to side-channel attacks |
| Fuzzy extractor construction | Key length | Helper data bits | Failure probability | Flipping probability |
|---|---|---|---|---|
| BCH repetition code [239] | 128 | 2052 | 13% | |
| Reed Muller generalized multiple concatenated coding [241] | 128 | 13952 | 15% | |
| Generalized concatenated (GC) Reed Muller[242] | 2048 | 2048 | 14% | |
| GC Reed Solomon[242] | 1024 | 1024 | 14% | |
| Polar codes with SC [243] | 128 | 896 | 15% | |
| Polar codes with Hash-Aided SCL decoder [243] | 128 | 896 | 15% | |
| Serially concatenated BCH-Polar codes with SC decoder [189] | 250 | 262 | 15% | |
| Serially concatenated BCH-Polar codes with belief propagation decoder [189] | 250 | 262 | 15% |
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
A Survey on Physical Unclonable Function (PUF)-based Security Solutions for Internet of Things
Alireza Shamsoshoara
Ashwija Korenda
Fatemeh Afghah
Sherali Zeadally
School of Informatics, Computing, and Cyber Systems, Northern Arizona University, Flagstaff, Arizona
College of Communication and Information, University of Kentucky, Lexington, Kentucky
Abstract
The vast areas of applications for IoTs in future smart cities, smart transportation systems, and so on represent a thriving surface for several security attacks with economic, environmental and societal impacts. This survey paper presents a review of the security challenges of emerging IoT networks and discusses some of the attacks and their countermeasures based on different domains in IoT networks. Most conventional solutions for IoT networks are adopted from communication networks while noting the particular characteristics of IoT networks such as the nodes quantity, heterogeneity, and the limited resources of the nodes, these conventional security methods are not adequate. One challenge toward utilizing common secret key-based cryptographic methods in large-scale IoTs is the problem of secret key generation, distribution, and storage and protecting these secret keys from physical attacks. Physically unclonable functions (PUFs) can be utilized as a possible hardware remedy for identification and authentication in IoTs. Since PUFs extract the unique hardware characteristics, they potentially offer an affordable and practical solution for secret key generation. However, several barriers limit the PUFs’ applications for key generation purposes. We discuss the advantages of PUF-based key generation methods, and we present a survey of state-of-the-art techniques in this domain. We also present a proof-of-concept PUF-based solution for secret key generation using resistive random-access memories (ReRAM) embedded in IoTs.
keywords:
security, hardware-based security, IoT, physical unclonable functions (PUFs), memory-based PUFs, key generation, authentication
MSC:
[2010] 00-01, 99-00
1 Introduction
Wireless communication technologies have managed to imprint themselves into our daily lives through the Internet of Things (IoTs). IoT enables billions of “things” from tiny sensors to automobiles to interconnect with each other and share their data to create a wide range of value-added services. IoT systems currently impact different aspects of people’s daily life. Various kinds of data including location information, medical information are constantly being collected by sensors and different electronic and tracking devices [1]. Some examples include using smart watches to set the credit cards with the cell phone’s NFC interface to stimulate a transaction protocol and reduce the required time for shopping [2]; using IoT-based remote health monitoring systems to gather information from patients in a short time and inform the physicians to take timely actions [3]. Figure 1 demonstrates some applications of IoT systems in our day-to-day life. Fig. 1 categorizes the IoT’s applications into different branches such as smart home application, smart farming, security and privacy, and healthcare and wearable devices. While IoT networks have improved the quality of our life in many levels and opened up a path for several new services, due to the power and computing limitation, high mobility, and the dynamic nature of the network, the security threats and attacks can rapidly propagate throughout the entire network [4]. One key challenge in IoT networks is the lack of a unified security, identification and authentication standard, while new products and technologies come to market every day without paying enough attention to the potential security threats. Besides the security challenges [5], there are several other concerns regarding the large scale IoT networks [6] in terms of data fusion [7, 8] and data management [9, 10, 11], complexity [12], spectrum scarcity [13, 14, 15, 16, 17, 18], and so on. Moreover, several recent IoT technologies are still based on IPV4 for addressing which compromises the scalability of these networks.
According to Symantec [19], cyber-criminals progressively target IoT devices since they are developing and expanding rapidly. It is estimated that by the end of 2025, 75 billion IoT devices will be connected to the worldwide network [20]. In 2019, the attack traffic on IoT network increased by three-fold to 2.9 billion attacks which represents an increase of 300% from 2018. [21]
Ransomware is one of the rapidly growing malwares types, in which the attacker uses Bitcoin or prepaid credit cards to demand money, where they do not need to decrypt the public or private keys for stealing cards information [22, 23]. In Ransomware, the attacker prevent the victim from accessing his/her data unless ransom is paid by the victim [24]. For instance, in the earlier months of 2017, many individuals and businesses around the world were affected by two huge ransomware attacks, followed by a variant called “Wanacry” which affected 300,000 computers. Petya is another version of the Ransomware attack, which exploited the existence of a third party software to spread and grow itself in the networks [25, 26, 27]. The prevalence of this malware started from Ukraine, where 12,500 computers were affected. According to Microsoft, this malware has been outspread by using a third-party application [25]. The Dyn cyber attack used distributed denial of service (DDoS) which to target domain name systems (DNS) which are provided by the Dyn company [28]. In 2016, Dyn cyber attack used DDoS techniques on several Internet platforms and services in Europe and North America by exploiting security vulnerabilities in the IoT nodes [29]. These attacks have even penetrated into remote health monitoring systems. An article published in the Journal of the American College of Cardiology in February 2018, confirms that cardiac devices can be attacked by hackers leading to severe consequences or even death in some cases [30].
There are several factors contributing to the immense security vulnerability of IoTs including the limited energy available at IoT nodes, their low computational capability, the myriad of available “things” in a network as well as the heterogeneous nature of the network [31]. These characteristics, in particular, the number of connected devices, often result in inefficient performance of conventional security mechanisms. As stated above, it is anticipated that, about 75 billion IoT devices will be interconnected by the year 2025, which drastically increases the need for advanced security mechanisms for IoT. These “things” need to transmit the data they collected and intelligently respond and react to the received information. Therefore, it is crucial that information is received from and sent to an authenticated user.
The security challenges in IoTs can be broadly classified into identification, authentication, encryption, confidentially, jamming, cloning, hijacking, and privacy. Encryption has been widely used by several mechanisms in order to send their messages without the risk of being understood by the hackers. Cryptographic methods are a crucial element in securing IoT systems. In theory, encrypting messages does not allow the hackers to have access to the messages and eliminates the risk of data manipulation. However, encryption alone does not provide or guarantee integrity. For instance, an encrypted message can still be decrypted but the outcome is not fully clear. In addition, encryption by itself cannot avoid malicious third parties from transmitting encrypted packets in the network.
Several widely-used encryption mechanisms including public Key infrastructure (PKI), advanced encryption standard (AES), and elliptic curve cryptography (ECC) rely on secret keys [32, 33]. In PKI-based systems, there are two sets of keys for each user, private and public keys. The private keys need to be kept secret while the public keys can be known by everyone. In these systems, one of the two keys is used for encrypting while the other one is used for decrypting. These secret (private) cryptographic keys are expected to not only be reliable, and robust but also perfectly reproducible. Hence, these keys are usually stored in the Non-volatile memory (NVM) of the devices such as ROM and one-time electronic fuse. However, due to the electrical nature of these memories they are highly susceptible to physical attacks. For instance, using a scanning electron microscope (SEM), attackers can implement many invasive threats on these chips. Moreover, using these kinds of memories requires additional fabrication steps during the production of the device. Antifuse or electronic fuse is another security technique which is being used for key storage using FinFET transistors [34]. The main benefit of this technology is that the information about the power consumption is not disclosed during the reading process. Furthermore, this technology enhances the reliability of the read procedure. The disadvantage is that it fails to remove the key from the device. Once the key is exposed, it cannot be eliminated from the chip.
The cryptographic keys are sensitive information and therefore, several mechanisms have been developed to protect these keys. White box cryptography (WBC) is a software based solution to protect these keys and allow secure distribution of valuable information [35]. WBC requires high processing power and memory and is only applicable to symmetric cryptographic methods; therefore, it will not be a competing candidate for the security of IoT networks. In addition, RSA encryption keys are stored in a specialized chip called trusted platform modules, introduced in [36], on an endpoint device (client device) to allow secured encryption. Physical computing devices called hardware security modules (HSM) were designed to safeguard and manage digital keys. HSM require programming the equipment and interfaces to allow fast data transfer. Key management in an IoT network is even more difficult due to the increasing number of devices. The process of generation, distribution and storage of keys in large-scale IoT networks is still a major challenge of IoT security.
In general, there are two types of software-based, and hardware-based mechanisms to protect IoT devices from various attacks. Software-based security mechanisms rely solely on software to protect their messages. They are based on mathematical approaches (e.g., a discrete logarithmic problem) which may not be easily solvable using today’s computers but when the existence of quantum computers becomes a reality, they can be solved in a shorter time compared to traditional methods in order to extract the keys [37]. Moreover, in software-based security mechanisms, the keys are stored in the NVM of the devices which are prone to attacks. Though software-based security systems were effective all these years, the advancement in hardware and computers may allow the hackers to break them using quantum computers [38, 39, 40, 41]. As a lot of resources are put towards the creation of quantum computers, their existence will soon be a reality. Therefore, all the existing software security mechanisms are at high risk, which calls for additional security solutions. Hardware based security is one of the possible solutions to improve the current security mechanisms. Hardware-based security uses a dedicated hardware integrated circuit or processor to perform cryptographic functions and store the keys. They can prevent read-and-write access to data and offer a stronger protection against various attacks. The hardware-based mechanisms such as HSM have been used for crypto processing and strong authentication where it can encrypt, decrypt, store, and manage the digital keys. HSM have been used alongside with software mechanisms such as PKI, AES to encrypt their messages [42].
One of the main problems with the hardware-based security solutions is that they are prone to the Man-in-the-middle attacks. In these attacks, when the hardware security module is stolen, the attackers can clone the device. This can be compared to a simple physical lock and key, where the key is stolen and cloned to mimic the actual key. Physically unclonable functions (PUFs) can provide a solution to this mentioned problem. Physically unclonable functions were introduced by Gassend et. al. in 2002 [43] as a security primitive based on hardware. PUF utilizes the intrinsic manufacturing variations in a device to generate a fingerprint of the hardware that offers the valuable advantage of unclonability. This property gives PUFs an edge over other hardware-based security schemes as the hacker cannot clone the intrinsic properties of the device even with physical access to it. Therefore, PUFs are unique to their device and can be used as a security primitive to enable device-based identification, and authentication. Furthermore, PUFs can provide a low cost alternative solution for on-demand generation of cryptographic keys from the device rather than the conventional methods, where the secret keys are produced and distributed by the server and stored in the IoT device memories [44].
The data derived from PUFs is often highly sensitive to environmental changes and the physical conditions where the device is being tested. In other words, the readings from the PUFs are not perfectly reproducible. Therefore, different types of PUFs have been used for the purpose of identification and authentication of devices, where a certain margin of error rate is tolerable. However, even a small amount of variation in the PUF’s responses in different conditions can prevent them from being utilized in key generation because the key used for encryption needs to be perfectly reproducible to decrypt the messages. These PUF’s responses act as unique fingerprints for the device which are not reproducible.
1.1 Review of Recent Relevant Survey Papers and the Contributions of this Paper
This survey focuses on the applicability of PUFs-based hardware security for generating keys and authenticating IoT devices. The paper offers a unique and timely survey compared to existing survey papers in the literature by investigating the role of PUFs in IoT security, in particular providing an additional level of security to common key-based cryptographic methods to generate the keys from the devices.
In 2019, the authors of [45] presented a review which discussed several characteristics of PUFs that contribute to their application in authentication followed by a comprehensive classification of different types of PUFs using three different classification systems based on their properties and applications, their parameters and also a chronological classification based on the time these PUF technologies were first introduced. The authors described relationships between PUF technologies that were not identified previously and investigated other novel forms of PUF which were not exploited. While the mentioned paper offers an inclusive classification of a wide range of different types of PUFs, it does not provide much insight on the challenges of PUFs when it comes to their applications in various security applications.
In [46], hardware based security techniques in a low-power system-on-chip (SoC) design was surveyed in order to investigate the hardware defenses suitable for it. The authors focus on mitigating the threats faced by the SoC-based embedded and mobile systems as they operate in uncontrolled low power environments.
In [47], the authors review the authentication protocols used in 19 different strong PUFs proposed between 2001 and 2014. The aforementioned survey reveals different security issues in these protocols and suggests more research is needed on the fundamental physics of a PUF in order to create a truly strong PUF, or else only conventional cryptographic Key generation methods are a promising alternative. The authors also recommend that some of the protocols might leverage the strong PUF to provide side channel attack resistance, but the same physical attack can still be launched on them by adding a machine learning block.
In [48], the authors state that the compatibility between IoT with limited resources and PUF is its main advantage over other cryptographic solutions proposed for IoT devices. The mentioned paper examines the challenges in utilizing PUF technology in IoT that must be addressed. The paper discusses different threats in using PUF with a focus on the man-in-the-middle and side-channel attacks (invasive, semi-invasive and non-invasive attacks) as well as the defense strategies against these attacks. The survey then describes the selection of PUF architectures for IoT based on their robustness to possible attacks, the uniqueness of Challenge Response Pairs (CRPs), and ease of implementation on FPGA. The paper also presents several ways to utilize PUFs to implement cryptographic schemes more efficiently by utilizing them for designing encryption keys, random numbers and electronic signatures.
In 2018, authors of [49] discuss the standards of wireless communication in cyber physical systems (CPS) and IoT and focus on security of these systems. The paper does not study the physical side channel attacks in implementation of security mechanisms for these systems. The paper explains in detail, the various wireless communication standards and protocols. Later, it briefly reviews the security threats in IoT and CPS domains and concludes the paper with recommendations on careful selection of devices from sensors to routers, and auditing the systems using dedicated third party surveillance technologies. The paper does not address the problems in identifying malicious nodes and authenticating known users in the network. In [50], several recent challenges are identified as a result of the introduction of IoT and CPS systems.The authors in [50] focus on different attacks and threats for these systems as well as the challenges related to implementation of CPS and IoT in the wireless network.
In [51], the security and privacy challenges of IoT in general and possible attacks in different layers of IoT devices were discussed. In particular, the mentioned paper discusses the security challenges of fog/edge computing-based IoT. In [52], the use of information-centric networking (ICN) as a possible protocol for addressing IoT devices in terms of in-network caching, content naming schemes, security schemes and mobility handling schemes was introduced. The authors of [51] stress on the need for “larger and permanent naming scheme and addressing space for IoT contents and devices”[52]. In [53], the authors focused on securing communications between IoT devices using different protocols and mechanisms and the security weaknesses of IoT at different layers of communication were also discussed. In [54], the authors discussed the use of programmable hardware such as FPGAs in network infrastructure security. The author highlighted the role of hardware-based mechanisms to address some of the challenges in software-based methods, as well as the potential challenges due to the rising demands of intensive analysis and real time operation for sequential processing.
In another survey paper [55], the authors describe how remote attestation schemes can determine the level of integrity of a system and their application in IoT networks, cloud computing infrastructures, and content delivery networks. The authors surveyed hardware-based security devices and cryptographic primitives to achieve security integrity and efficiency and investigated PUFs as a possible solution for remote attestation.
Another recent survey paper [56] studies the application of quantum technology in cryptography and in particular physical security. The authors of the mentioned paper proposed a new type of PUFs called post-quantum PUFs using the fundamental of quantum phenomena.
The key contribution of this survey compared to the previously published surveys in IoT security is to study the role of memory-based PUFs in authentication and identification of the various IoT devices. More importantly, we discuss the potential advantages and challenges of using PUF-based secret key generation mechanisms to add another level of security to popular key-based cryptographic methods. Such mechanisms, if successful can enhance the security of a huge number of IoT devices against physical attacks. The current memory-based PUF technologies do not have the required robustness to generate fully reproducible responses for low-power IoT devices. This need calls for key generation schemes with error correction mechanisms to generate robust secret keys as required in cryptographic systems as discussed in this paper.
This survey paper is organized as follows. In Section 2, we discuss various security challenges in different domains of IoT networks, with a focus on TCP/IP Stack protocol. Moreover, we also briefly describe different attacks in an IoT network. Next, we explain the chain of integrated circuit manufacturing and point out hardware attacks based on the vulnerable points. In Section 3, the concept of PUF, their classification along with their application in different security applications are discussed. After explaining different IoT attacks, Section 4 investigates the role of PUFs in preventing hardware attacks. In Section 5, the role of fuzzy extractors in PUF to generate keys is described. In Section 6, we provide a survey on the state-of-the-art key generation mechanisms. Section 7 investigates different types of attacks on fuzzy extractors. In Section 8, the concluding remarks and future directions of research are discussed.
1.2 List of acronyms
All of the abbreviations used throughout this paper are summarized in Table 1.
2 Security Challenges and Attacks in IoTs
In this section, we classify the possible attacks on IoT networks from different perspectives and discuss the potential ways the PUF-based security solutions can contribute to mitigating such attacks. Section 2.1 studies the IoT security challenges in different domains such as data, communication, architecture, and application. Then, in Section 2.2, several traditional attacks including denial of service, Sybil are mentioned to familiarize the reader with different attacks and security challenges based on the TCP/IP stack layer. Next, considering the different layers of the IoT’s architecture, Section 2.3 describes a taxonomy of attacks with respect to the IoT structure. Finally, Sections 2.4 and 2.5 focus on hardware-based attacks and hardware-based assisted security respectively. The goal of these last two sections is to familiarize the readers with a wider range of hardware-based attacks and possible hardware-based solutions in addition to the PUF-based security solutions which is the main focus of this survey.
2.1 Domain Taxonomy to Consider the Security
In this paper, we address the security issues of IoTs and the potential impact of PUF technology to address some of these challenges. In IoT networks, the Internet connects enormous sensors and machines which form a huge network with mobility and heterogeneity characteristics that makes it difficult to protect the network against security attacks. Moreover, the limited energy and computation capability of IoT nodes restrict the utilization of some conventional security mechanisms in these networks [57, 58]. One key challenge related to utilizing some traditional security protocols is the heterogeneous nature of IoT networks due to the wide variety of applications of these networks. As a result, different applications require different protection mechanisms. In most scenarios, these applications can be categorized by different characteristics such as user association, openness, and heterogeneity. The heterogeneity of IoTs can degrade the efficiency of cryptographic methods that rely on the key generation and key exchange [59]. Furthermore, noting the characteristics of IoT networks, the security threats such as DoS, routing attack, man-in-the-middle, side channel attack, replay attack, node capture, and mass node authentication are common attacks in these networks.
Figure 2 shows the various security concepts for IoT based on four domains namely, application, architecture, communication, and data. Based on these stack layers, a security taxonomy can be defined in IoT. We developed Figure 2 based on the discussions in [60, 61, 62] and the literature.
Next, different concepts of security for each of the application, data, communication, and architecture domains are introduced.
2.1.1 Data
Data privacy and confidentiality are important aspects of security in different networks [61, 63, 64]. In general, confidentiality is a security concept which ensures that unauthorized users cannot access the data or try to hijack the information. Preserving the confidentiality of data is even more challenging in IoTs because of the large number of users and the diversity of network protocols and applications in these networks. Secure key management is one of the methods which can improve the confidentiality in IoT networks [51, 65]. On the other hand, data privacy refers to the required regulations related to the collection, storage and sharing of data in such a way to protect the users’ personal information (e.g., users’ identity) from third parties. Most of the time, the main focus of confidentiality is on the encryption of the data; however, privacy defines the level of access to the received data for different users [51, 66]. Finally, trust is a concept for the user to accept the security, privacy, and confidentiality in each network. Trust imposes privacy, confidentiality, and security among different layers of IoT, or between different users, devices and applications [51, 67, 68, 69].
2.1.2 Communication
Communication in IoT networks is defined based on exchanging or sharing information between the users, devices or even exchanging information between different IoT layers. Noting the wide applications of IoT devices in different domains, several communication protocols have been used in IoT networks making these networks vulnerable to various communication attacks [62]. As a result, the communication medium is a bottleneck for different attacks such as eavesdropping [70] and Man-in-the-Middle (MitM)[71]. Many PUF solutions are available to handle security issues in the communication domain. For instance, in [72], the authors utilized PUF with an authentication key exchange and a broadcast authentication technique to develop a secure 2-way communication between smart grid meters and the utility infrastructure.
2.1.3 Architecture
There are no global and specific architectures for IoT networks to validate the security concepts for authorization and authentication. However, various architectures such as software-defined network (SDN) [73], secure and efficient architecture (SEA) [74], smart city [75], service-oriented architecture (SOA), object security architecture (OSCAR) [76], and black SDN [77] are proposed to examine both authentication and authorization.
2.1.4 Application
Scope, scale, heterogeneity, accessibility, and repeatability are among the application features that can be used to evaluate different security techniques. Trust establishment, exhaustion, authorization, and authentication are considered as different security metrics [78, 79]. Since there is no definite architecture for IoT devices, various techniques have been developed for authentication and authorization in this domain [80]. Noting the wide range of applications of IoT, attacks on these systems can impact several critical domains.
2.2 Attacks on IoT Devices
The specific characteristics of IoT devices such as low price, low power, and low computational capability as well as the heterogeneity and large-scale of the network limit the applications of common security mechanisms. Therefore, IoTs are prone to several advanced attacks and security issues [81, 82, 83] that call for novel security mechanisms in different domains, including identification/authentication, reliability, confidentiality, and non-renunciation. In this section, we review some common attacks on IoTs such as spoofing, altering, replay routing attack, DoS, node capture attack, and Sybil attack.
2.2.1 Denial of service Attack (DoS)
In this attack, the attacker attempts to exploit all the reserves and resources in the network which can seriously degrade the network performance. The DoS attack is also called a computational resource attack. These attacks are categorized into two groups: Distributed DoS (DDoS) and individual (single) DoS [84, 85]. In a single DoS attack, the intruder as a single entity tries to exhaust the resources of the target entity. However, in a DDoS attack, multiple attackers exploit the single entity or a single attacker compromises multiple users to flood the target machine with lots of requests.
2.2.2 Sybil attack
Networks with a large number of users are more susceptible to Sybil attacks. In this attack, a single node is identified with different IDs. This means that the unification of entities will be eliminated from the network [86]. Based on [87], in 2012, 20 million users on Twitter and 76 million users on Facebook were fake. Online social networks (OSNs) such as Facebook, Instagram, or Twitter are prone to this kind of attack as they have lots of users. One of the purposes of the Sybil attack is to hijack the information from the OSNs and websites. Since the quantity of IoT sensors and applications is increasing rapidly, they are also vulnerable to Sybil attacks. A Sybil attack can cause users to produce fake and false reports. Users might also receive spam messages from fake profiles and fail to keep their privacy. Different mechanisms including feature-based mobile Sybil detection, cryptography-based mobile Sybil detection, and friend relationship-based sybil detection (FRSD) are being used to defend IoT networks against Sybil attacks [87].
2.2.3 Spoofed, Alter, or Replay Routing Information
In these types of attacks, an attacker changes the routing information or tried to manipulate the routing packets by listening to the legitimate transmitter and impersonating the identity of the real transmitter. Then, it sends fake data to the receiver and introduces loops into the network [88, 86].
2.2.4 Attacks based on Access-Level
Based on the level of access to the network, these types of attacks are categorized into two different branches namely, passive and active attacks.
Passive Attacks: In most passive attacks, the attacker just eavesdrops the communication between the legitimate transmitter and its receiver to exploit their data. [89, 85, 90].
Active Attacks: In active attacks, the intruder attempts to disturb the connection between the legitimate entities, perform impersonation itself, or even disrupt the connection by manipulating the routing information [89, 85, 91, 92].
2.2.5 Attacks in Communication Protocols
The communication functions of IoT networks are commonly described by the TCP/IP model. Table 2 presents the taxonomy of attacks that are possible on the TCP/IP protocol stack.
2.2.6 Attacks based on device property
IoT devices are categorized into two groups: high-end and low-end device classes. According to these types, attacks might have different effects on the devices. They might just result in abnormal behavior or they might stop the devices from working [89].
High-end device class attacks: In this class of attacks, powerful devices such as laptops and computers are used to launch attacks on the IoT network. Most of the time, the Internet protocol is used between the attacker and the IoT network. In these types of attacks, the intruders can use the computing power of CPUs and even GPUs to launch attacks on the IoT network [132, 133].
Low-end device class attacks: In contrast to the previous class of attacks, in this class, the devices which have low power and energy are engaged in attacks on IoT devices. The attacker uses the radio connection between itself and the IoT device to perform the attack. As an example, smart watches or smart home gadgets are very common in every home. These tiny devices connect to your smart home network which includes TV, refrigerator, cooling system, home security and they can control the configurations of these features. However, these smart home utilities could also be attacked by these little IoT devices [134, 135, 136].
2.2.7 Attacks based on transmitting data
Sensing and collecting information from the surrounding environment are the main goals for most IoT networks. For this reason, thousands of sensors are being used to gather information. These sensors are also prone to different sorts of attacks which can be used to launch network attacks which can be categorized into six groups such as 1) man-in-the-middle attack, 2)message replay attack, 3) fabrication attack, 4) alteration attack, 5) eavesdropping attack, and 6) interruption attack. PUFs can provide lots of solutions for these kind of attacks. For instance, a controlled PUF(C-PUF) can be introduced to handle man-in-the-middle attack. C-PUF is a specific type of PUF that can only be accessed using a specific algorithm which is physically linked to PUF [137]. The algorithm uses a collision resistant hash function. Thus the only way for the man-in-the-middle attack to be successful is to use the user’s program. Therefore, if the user’s program has a security leak then the attack can still be successful but not through the PUF itself. Section 4 describes the algorithm further. Utilizing this controlling algorithm prevents the man-in-the-middle attack. [137, 138].
2.2.8 Host-Based Attacks
In this attack, the intruder targets the host resources such as the operating system (OS) or the hardware. The assumption in this attack is that the intruder has managed to access to the host. Host-based attacks are categorized into three groups: hardware-, software- and user-based attacks. The IoT nodes are usually tiny devices with some applications or software embedded in the OS. The attackers target these three resources of IoT devices and compromise each group with different impact on the overall network [139]. In Sec. 2.4, we focus more on hardware-based attacks and possible hardware-based assisted security solutions.
2.3 Classification of IoT Security Attacks on Different Layers of IoT Networks
This section categorizes common attacks based on the IoT ecosystem. Although there is no well-defined layered model for IoT, Figure 3 illustrates a three-layered model for IoT devices [140, 141, 142]. These layers include perception, network, and application. First, we describe each layer and then we present a classification of attacks with respect to the different layers in Table 3.
2.3.1 Perception layer
The perception layer is the lower layer of the IoT networks which handles the interconnection of the nodes in the network. For instance, Arduino boards can use the Ethernet to get access to the Internet, Raspberry Pi can use the Ethernet, WiFi module, or the Bluetooth module to connect to the Internet or other nodes. Each of the communicating devices should have a unique identification called the Universally Unique IDentification (UUID) [143]. Most of the time, these IDs are interchangeable. Hence, these UUIDs as System-on-Chip(SoC)s are embedded in the hardware or provided by a secondary chip [144].
2.3.2 Network layer
Addressing, network administration, communication channels, and interfaces are the main parts of the network layer. This layer is also responsible for all communications and connectivity for all devices in the network using multiple communication protocols [141]. Unlike the Internet, no well-established or standard protocol exists for the network layer in IoT devices. However, Constrained Application Protocol (CoAP) [145] and Message Queuing Telemetry Transport (MQTT) 3.1 [146] are two common protocols for the IoT networks. This layer transmits information within the network (other nodes) or outside of the network (e.g., the Internet or a sensor network). Since devices in an IoT network have a limited amount of energy and computation, the role of addressing, forwarding, and routing is pivotal in such networks.
2.3.3 Application layer
This layer makes sure that different entities in the network communicate using the same type of service. This layer is also known as the service-oriented layer [147] which handles data for different applications based on user requirements and demands. For instance, for applications such as smart transportation, smart home, and eHealth, it can store data into an appropriate database [147, 148].
In Table 3, we provide an overview of some of the main attacks on different layers of the IoT networks. Since the majority of IoT devices have limited on-board power and computation capabilities, existing encryption methods cannot be performed at the device level.
Memory-based PUFs have gained high importance in recent years because they are available as embedded memories in every IoT Device as cache or storage, and unlike other PUF technologies, they require minimal or no additional hardware [149, 150, 151, 152]. Moreover, several memory-based technologies such as memristors can offer a short process time and a low power supply to generate the PUF responses which makes them a good security primitive for IoT. The PUFs require a density of 128-256 bits for key generation, which is very small compared to the memory needed in IoT. This will allow us to increase the devices’ security as only a small percentage of the entire memory cells will be used for Key generation, therefore identifying those cells will be a challenging task for the hacker. Moreover, by utilizing advanced protocols, which will allow us to change the memory cells we use to extract the PUF response, we can extract many different keys which will increase the security because every time a different key is utilized to authenticate a PUF. Therefore, memory-based PUFs can offer a unique solution for identification, authentication and even extracting the private cryptographic keys from the embedded memory in these devices without introducing additional fabrication costs to the device.
2.4 Hardware-based Attacks
In this section, we focus on hardware-based attacks in IoT networks to lay the groundwork to discuss the role of PUFs in securing the IoT devices. Based on the production line for integrated circuits (ICs), there are several vulnerabilities based on hardware designs. Figure 4 shows this semiconductor manufacturing process chain which consists of different tasks.
As a result of the fast and growing tendency in IC industry and production, the global supply line can be targeted and attacked at different vulnerable points. Some common threats faced by the manufacturing process include fake copy, side-channel attack, reverse engineering, intellectual property (IP) hijacking, and hardware Trojans. Next, we review hardware-based attacks and threats discussed in [156, 157].
2.4.1 Fake Replica
In this attack, the intruder counterfeits the original IP illegally. Fake replica and piracy are totally different. Piracy means overbuilding the entire IC. This might happen because the attacker gets access to the design information at different points such as the design or the fabrication. However, a fake replica might happen at different stages such as recycling, packaging, or the new vendor [158]. Fake replica or counterfeiting can be very harmful to the industry. Since the attacker uses the reputation of the original designer, instead he/she uses expired or old designs to rebuild the ICs or IPs. In most cases, the attacker’s intention is to make profit by selling fake products. However, he/she can also put malicious circuits such as Trojans into those ICs and compromise different critical products and applications such as airplanes, vehicles, drones and UAVs, elevators, and so on.
2.4.2 Side-Channel Attack
In some cases, physical states’ parameters such as power consumption, timing values, or electromagnetic reflection from hardware can reveal important information to the intruder. In most cases, such information sets can be extracted when the application is being executed where the attacker can perform different tests. Such attacks which involve extracting the behavior of devices [159], are very common in public-crypto systems such as Rivest-Shamir-Adleman (RSA). RSA uses public and private keys which encrypts and decrypts messages based on modular operations and large exponential values. Two common approaches include calculating the multiplication chain: the first one uses the naive multiplication operation and the second one uses square-and-multiply method [160, 161]. In both scenarios, the attacker can use delay analysis to perform a timing side-channel attack. Delay analysis measures the execution time for a number of multiplications which the system uses to calculate the exponential results [162]. Using the execution time and by exploiting the information regarding the implementation method, the attacker can extract secret information such as the secret private key. For instance, in RSA, the modular exponentiation utilizes the square-and-multiply algorithm to perform multiplication; however, using the statistical analysis and timing analysis with this attack, it is possible to recover the secret key. In addition to timing side-channel attacks, other attacks such as measuring the photonic emissions, systemic acoustic noise, power consumption, and electromagnetic emissions are common in crypto systems [163, 164, 165]. One possible solution to mitigate this kind of attack is to use a key-based PUF to extract the key from the device. In [166], the authors proposed a public key exchange method using a PUF which is hard to break by physical and side-channel attacks. Using simulation, they showed that if an attacker uses all available computational resources, then it takes 500 years to break this protocol.
2.4.3 Reverse Engineering (RE)
Reverse engineering is the process wherein the intruder follows a reverse path from the application to the design point for the IC or the IP to reconstruct it, modify it, or implant malicious circuit into it. RE may involve different steps such as i) detecting the technology model which is being used in the design and fabrication steps [167], ii) taking out different parts of design such as gate, logic, circuit, and physical [168], and iii) discovering and observing the functionality of the IP or the IC [156, 169]. RE might have different objectives such as hijacking the design, illegally replicating the IC and announcing the technology used in the design. The intruder might use a table of information based on a defined pair of inputs and outputs to evaluate the behavior of the circuit. In this way, the attacker can verify the gate level design from the IP/IC. The attacker’s incentive might be hijacking at the gate-level, circuit-level, or physical design by performing reverse engineering in order to extract an abstract level of the IP. The attacker can use the abstract level to reproduce the product and to sell it illegally or implant a malicious circuit into the product. One solution for mitigating this attack is to use PUF. In [170], the authors proposed new approaches using PUFs to obfuscate the hardware. The authors hide the circuit functionality using two methods: i) Hiding the signal path and ii) Replacing a logic using PUFs. They showed that these techniques are resilient to reverse engineering attacks.
2.4.4 Intellectual Property (IP) Hijacking
When the IC is designed, the designers of the IP company or people involved in the fabrication process might hijack the design information without respecting the copyright terms. Moreover, an attacker at the fabrication stage may reproduce additional chips to sell them on the black market. In these cases, unreliable people can steal the design information and assert a right to possess the proprietary of the IP or the IC [171]. One possible solution to protect against the IP hijacking is to use PUFs. For instance, in [172], the authors used the variation of delays in specific arrays of gates in an FPGA to employ a unique signature for IP protection and anti-hijacking.
2.4.5 Trojans in Hardware
Malicious modifications to an IC can be defined as a hardware Trojan. This Trojan can mislead the communication or cause a failure in control and processing units. In this kind of attack, the intruder can modify and alter the circuit or add a malicious circuit to it. Since the testing procedures are usually slow and expensive, it is difficult to identify the hardware Trojans after wafer fabrications. Moreover, the technology is merging with Nano- and Pico- meter fabrication design and because of the large space inside of ICs, there are many locations for implanting Trojans. Such locations include different design points such as logic, circuit, and physical and the fabrication process [173, 174, 175]. In [176], the authors proposed novel hardware protection techniques using PUF to prevent the use of hardware Trojan and unauthorized overproduction. The authors minimized the rare values in the IC to make it difficult for an attacker to use these values with hardware Trojans.
After introducing hardware-based attacks, Figure 5 summarizes these attacks and indicates which entities are vulnerable to specific attacks in the semiconductor manufacturing chain.
These attacks mentioned above are not unique only to IoT devices and they can affect the whole process of IC fabrication. However, considering the fast growth production rate of IoT devices during recent years, the lack of standards in this domain, and the high demand for low cost devices, these hardware attacks are more likely to be implemented on IoT devices compared to old-fashioned traditional devices. Another reason is that IoT has the largest application for digital device marketing. Hence compared to other applications, it is more likely to have devastating outcomes on IoT devices because of their mass production. In [177], the authors present the pyramid of attacks depicted in Fig. 6 which is based on [178, 179]. The peak of the pyramid is the most vulnerable element of the IoT stack with the least impact which are the sensors in IoT networks. The bottom of the pyramid is the hardware platform consisting of the systems on chips, microcontrollers, and Field-programmable gate arrays, which has the most impact on the system in case of any attacks on the IoT systems. In this section, we focus on the manufacturing chain process because it has the most impact in case of attacks.
2.5 Hardware-Based Assisted Security
In previous sections, an overview of possible attacks on IoT networks was provided. Such attacks can be generally categorized into two classes. i) The attacker does not have physical access to the IoT device, hence, the attacker exploits software or network connections to gain access to the IoT device remotely. In this case, the attacker can draw out the cryptographic keys and disturb the authentication mechanism. ii) In the second case, the attacker has physical access to the IoT device or the chip. For instance, the intruder can perform fake replica, reverse engineering or the IP hijacking [180]. Hence, the existence of an environment is necessary to avoid these kind of adversaries. In the following, two types of hardware-based security methods are proposed. These methods work based on environment splitting which means dividing the the hardware and environment into two sections: i) the secured area, and ii) the unsecured area. In the first approach, which is “ARM TrustZone”, a new state is defined in the processor to bring a meaningful separation. In the latter one, a specific hardware “Security Controller” such as a microcontroller takes the responsibility to define the reliable environment [181].
2.5.1 ARM TrustZone
This approach is a system-wide method to utilize the security option at the low level for the microcontrollers with the cortex-based cores. Cortex-based cores are a specific family of ARM microcontrollers. This technology initiates at the hardware level on a single core which divides the processor into two secured and unsecured areas. Since attackers can target the boot up procedure for microcontrollers, this method also secures the boot up process. Core families such as ARM Cortex-A and Cortex-M series support the TrustZone feature [182, 183]. The new secure state in the processor splits all partitions in the CPU [181]. Using this method, all signals and interrupts of the secured area are isolated from the unsecured one. Figure 7 shows the schematic for this technique.
2.5.2 Security Controller
In the past, several organizations have utilized individual cryptoprocessors which are also known as hardware security modules. Moreover, ATM technologies also utilize those cryptoprocessors as a concept of security in smart cards. In this approach, the security controller or the secure microcontroller is an individual IC in the IoT device which brings a group of predefined cryptographic tasks. The security controller safeguards the confidentiality and the authenticity of the cryptosystems [180].
PUF is a principle which is being used for authentication and authorization that does not call for any non-volatile memory [43, 185]. They can be also used for cryptographic key generation, where the digital key is not saved in the device, rather, it is extracted from the physical features of the device. PUFs exploit the random disorder of the physical system in the environment or from the manufacturer. These disorders cannot be re-fabricated again. Hence, they are called intrinsic behavior of the device. Although these features are disadvantageous from the perspective of integrated circuits, they can be advantageous from a security perspective. In recent years, PUFs face many critical challenges such as reproducibility, wireless transmission of data, and exposure to the predictive models for attacks.
In general, cryptographic methods are currently the most reliable way to secure IoT devices in a vulnerable environment. However, power utilization and key storage are amongst the main concerns when implementing these cryptographic methods in IoT networks.
In the following, Section 3 introduces the concept of PUFs and their roles to prevent the aforementioned attacks in this section.
3 Physically Unclonable Functions (PUFs)
3.1 Introduction to PUFs
PUFs use the unique variations introduced in the fabrication of the device, to extract a fingerprint unique to the device. One or more specific parameters of the device such as threshold voltage, critical dimensions etc., are measured when an external stimulus is applied. When the devices’ parameter is being measured for the first time, the measurement is called an “original response” for a specific input stimulus or a specific address in the memory-called as a “challenge” used to obtain this measurement and they are both stored in the server. When the same parameter is measured again, and the same external stimulus is applied it is called a response. These challenges and responses form a pair, called the Challenge Response Pair (CRP) and are generally compared with each other to validate the identity of the device. The error between the challenge and response of a PUF during the registration and authentication phases is referred to as the Challenge Response Pair error (CRP error).
Subject to the number of possible CRPs a PUF has, they can be broadly classified into: “strong PUFs” and “weak PUFs”. Weak PUFs leverage the manufacturing variability and allow digitization of some “fingerprint” of the hardware device. The number of responses in a weak PUF is a function of the number of components in the device used for generation of CRPs [186]. This fact results in a small number of CRPs with stable responses which are usually robust to environmental conditions. Due to high stability and reproducibility of weak PUF responses, they are generally used for secret key generation. “Strong PUFs” have a large number of CRPs in a device. Ideally, if the number of unique CRPs is high, even though an attacker gets temporary accesses to the system, he/she will not be able to apply all the responses (brute force attack) and get access to the system. Hence, strong PUFs are generally used for authentication [186]. However, a large set of PUF responses may offer stronger cryptographic strength as it leads to longer cryptographic keys [187]. Independent CRP refers to the fact that if one CRP is known, one cannot predict the other CRPs in the PUF, hence there is no shared information between two CRPs. PUFs can also be classified based on how their unique-randomness was obtained. If the PUFs had their variation obtained by externally applying additional steps as in the case of coating PUFs they are called explicit PUFs. If the randomness was natural through variations in the manufacturing process they are called implicit PUFs [45].
Usability of PUF can be determined by two statistical parameters of intra-distance and inter-distance which are defined as follows in [188]:
“Intra-distance: the Hamming or the fractional Hamming distance between two different responses to the same PUF challenge”[188]
- 2.
“Inter-distance: the Hamming or the fractional hamming distance between two responses of two different PUFs to a given challenge.”[188]
These measurements indicate the PUFs reproducibility and uniqueness, respectively.
PUF-based security mechanisms depend on the unique CRP’s produced from a device[189]. Every PUF device initially needs to be registered with the server in order to use it with any cryptographic method. During the registration phase, the server uses a stimulus to challenge the client’s PUF and as a result a corresponding original response will be produced. This challenge and response pair is stored in the server’s memory. During the authentication process, the server uses the same challenge for the client’s PUF to extract the corresponding response. These responses depend on the manufacturing behavior and variations in PUF. The user is authenticated if the number of bits in error between a CRP at the registration phase and authentication phase is statistically low enough [190, 191].
Another application of PUFs is to utilize the high randomness introduced during its manufacturing to create a secure key from the device. Such key generation requires ideal PUFs that are robust, tamper evident, and unpredictable. In order to correct the noise in a PUF response and generate cryptographic keys, the concepts of a secure sketch in a fuzzy extractor which are described in sections 5 and 6, are utilized. Secure sketches use the concept of error correction coding to ensure that we recover the original PUF data from the noisy PUF.
3.2 Types of PUFs
Different components can be utilized to extract fingerprints from a device. Initially randomness was physically introduced into a device to extract a fingerprint, whose examples are optical and coating PUFs. An optical PUF uses the physical property of a transparent material, in which the light particles scatter in an uncontrolled manner. When a laser beam falls on it, a unique and random pattern is produced [192]. A coating PUF can be built by filling the space between a network of metal wires on top of an IC with a randomly doped opaque with dielectric particles [186]. Due to the random placement of doping, each couple of wires will have a random capacitance value. This PUF is generally used on the top layer of the ICs which is generally used to protect the underlying circuits from attackers’ inspection. The capacitance between the wires will change when a portion of the coating is removed. These PUFs have been used as RFID tags [193].
Current technologies prefer to utilize the PUFs designed based on intrinsic variations, because they are already embedded in the device. Silicon PUFs exploit the intrinsic variations in the IC manufacturing process. Leaked current-based PUFs were dependant on the concept that the combination of different intrinsic variations in a circuit will result in a different leakage current. Another example of silicon PUFs are Delay-based PUFs, where distinct delays are caused in a circuit due to the manufacturing variations in its components even in an identical layout. The most popular examples of delay-based PUFs are Arbiter PUFs and Ring Oscillator PUFs [194]. These PUFs need huge groups of device components to make them secure. These PUFs tend to take a substantial amount of chip space and are vulnerable to side channel attacks because they give off information due to heat and therefore, they may not be suitable for IoT nodes. Therefore, PUFs which can be easily deployed, occupy less space, and require less power are required for security purposes. These characteristics can be found in PUFs made from memory devices.
3.2.1 Memory based PUF’s
Memory-based PUFs utilize the memory chips readily available in different devices and hence can be easily deployed in any device, to allow PUF based security in a network. PUFs can be made from different types of memory including SRAM, Flash, MRAM, memristor, and ReRAM.
SRAM cells are made of cross-coupled inverters which are connected by access transistors and because of the intrinsic manufacturing variations, SRAM cells typically settle into a “0” or “1” state consistently [195, 196]. SRAM PUFs were introduced in [197] where the initial values of the cells, on powering on the SRAM were used to generate a unique fingerprint. SRAMs tend to emit energy when they switch states which can be detected by checking the wavelength of the laser by using a signal analyzer. When this side channel information is leaked, it can provide enough information to the attacker about the device in order to clone it [198, 199].
In our experiments, we utilize addressable PUF generator protocol to extract the fingerprint of the Memory device [200]. In this protocol, a random number and a password which is known to both the client and server is exclusively- or’ed and sent to a hash function. This random number acts as our challenge for the protocol. The message digest obtained from the hash gives us the information in terms of address of the memory cell, from which the response of the PUF is extracted. This protocol can also be further extended to use multiple addresses to extract a key from different places of the device. A new key can also be easily developed by changing the Random number which will give rise to new addresses for fingerprint extraction.
The manufacturing of a Re-RAM is very similar to memories which use CMOS technology and hence can be easily integrated into the IC. Voltage is used to program Re-RAM and erase cells while current is used to read the resistance values of the cells [201]. Only specific parameters such as low and high state resistance, which are used in making the CRPs in the device can be measured consistently.
Re-RAM-based PUFs use the value of after programming or the resistance of each cell, to differentiate between “0” and “1” states. The flipping probability of cells during response generation is higher when their resistance values are closer to the threshold, when they are subjected to voltage changes, temperature, aging or electromagnetic interference. This could result in 5-20% CRP matching error rate if the number of cells whose resistance is close threshold is high.
PUFs designed using Re-RAMs are immune to side channel attacks without direct access to the chip as they work at or below noise level. Re-RAM and magnetoresistive random-access memory (MRAM) offer low power options when compared to current Flash technologies because they rely on resistance. Table 3.2.1 compares the operation requirements for Flash, Re-RAM and MRAM.
The reference list from the paper itself. Each links out to its DOI / PubMed record.
- 1[1] M. Bhayani, M. Patel, C. Bhatt, Internet of Things (Io T): In a way of Smart World, in: Proceedings of the international congress on information and communication technology, Springer, 2016, pp. 343–350.
- 2[2] M. Galleso, Samsung Gear S 3 Classic and Frontier: An Easy Guide to Best Features, Lulu Press, Inc, 2016.
- 3[3] D. Lu, T. Liu, The Application of Io T in Medical Systems, in: IT in Medicine and Education (ITME), 2011 International Symposium on, Vol. 1, IEEE, 2011, pp. 272–275.
- 4[4] R. Kloti, V. Kotronis, P. Smith, Openflow: A Security Analysis, in: Network Protocols (ICNP), 2013 21st IEEE International Conference on, IEEE, 2013, pp. 1–6.
- 5[5] Z.-K. Zhang, M. C. Y. Cho, C.-W. Wang, C.-W. Hsu, C.-K. Chen, S. Shieh, Io T Security: Ongoing Challenges and Research Opportunities, in: Service-Oriented Computing and Applications (SOCA), 2014 IEEE 7th International Conference on, IEEE, 2014, pp. 230–234.
- 6[6] L. Fuhong, L. Qian, Z. Xianwei, C. Yueyun, H. Daochao, Cooperative Differential Game for Model Energy-bandwidth Efficiency Tradeoff in the Internet of Things, China Communications 11 (1) (2014) 92–102.
- 7[7] A. Valehi, A. Razi, B. Cambou, W. Yu, M. Kozicki, A Graph Matching Algorithm for User Authentication in data Networks using Image-based Physical Unclonable Functions, in: 2017 Computing Conference, IEEE, 2017, pp. 863–870.
- 8[8] A. Valehi, A. Razi, Maximizing Energy Efficiency of Cognitive Wireless Sensor Networks with Constrained Age of Information, IEEE Transactions on Cognitive Communications and Networking 3 (4) (2017) 643–654.
