Authentication against Man-in-the-Middle Attack with a Time-variant Reconfigurable Dual-LFSR-based Arbiter PUF
share
With the expansion of the Internet of Things industry, the information security of Internet of Things devices attracts much attention. Traditional encryption algorithms require sensitive information such as keys to be stored in memory, and also need the support of operating system, which is obviously unacceptable for resource-constrained Internet of Things terminals. Physical not cloning function by extracting the chip is inevitable in the process of manufacturing process deviation, the introduction of the corresponding function relationship between incentive and response, not to need the storage user sensitive information, and only when electricity will respond, in power response immediately disappear, this can save a lot of resources of equipment and the power consumption. However, PUF is vulnerable to modeling attacks, and the traditional methods such as the challenge obfuscation method are time-invariant, which is equivalent to adding a fixed function to the front stage of a traditional APUF circuit. Therefore, it can be potentially modelling attacked with sufficient CRPs. In order to further enhance APUF circuit resistance to modelling attack, this paper proposes a dual-LFSR-based APUF circuit with time-variant challenge obfuscation. Besides, traditional authentication scheme generally adopts the one-time key scheme to enhance resistance to man-in-the-middle attack. The two-time authentication scheme proposed in this paper can improve the ability of RFID system to resist man-in-the-middle attack without sacrificing CRPs.
READ FULL TEXT