Cryptology ePrint Archive: Report 2018/1016

Concealing Ketje: A Lightweight PUF-Based Privacy Preserving Authentication Protocol

Gerben Geltink

Abstract: In this paper, we focus on the design of a novel authentication protocol that preserves the privacy of embedded devices. A Physically Unclonable Function (PUF) generates challenge-response pairs that form the source of authenticity between a server and multiple devices. We rely on Authenticated Encryption (AE) for confidentiality, integrity and authenticity of the messages. A challenge updating mechanism combined with an authenticate-before-identify strategy is used to provide privacy. The major advantage of the proposed method is that no shared secrets need to be stored into the device’s non-volatile memory. We design a protocol that supports server authenticity, device authenticity, device privacy, and memory disclosure. Following, we prove that the protocol is secure, and forward and backward privacy-preserving via game transformations. Moreover, a proof of concept is presented that uses a 3-1 Double Arbiter PUF, a concatenation of repetition and BCH error-correcting codes, and the AE-scheme Ketje. We show that our device implementation utilizes 8,305 LUTs on a 28 nm Xilinx Zynq XC7Z020 System on Chip (SoC) and takes only 0.63 ms to perform an authentication operation.

Category / Keywords: cryptographic protocols / Privacy-preserving authentication protocol, Physically Unclonable Function, Authenticated Encryption, SoC, FPGA

Original Publication (in the same form): Lightweight Cryptography for Security and Privacy

Date: received 19 Oct 2018

Contact author: g geltink at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20181024:173348 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]