Paper 2023/1215

Authentica: A Secure Authentication Mechanism using a Software-defined Unclonable Function

Ripon Patgiri, National Institute of Technology Silchar
Laiphrakpam Dolendro Singh, National Institute of Technology Silchar
Abstract

Password-based authentication is an extensively used method to authenticate users. It uses cryptography to communicate the authentication process. On the contrary, the physically unclonable function (PUF)-based authentication mechanism is also gaining popularity rapidly due to its usability in IoT devices. It is a lightweight authentication mechanism that does not use cryptography protocol. PUF-based authentication mechanisms cannot authenticate users. To overcome the drawback of PUF, we introduce a software-defined unclonable function (SUF, for short). Contrary to the PUF, the SUF is used to authenticate users, not devices. We use SUF to implement a lightweight password-based authentication mechanism termed Authentica. Authentica bridges the gap between the password-based and the PUF-based authentication mechanism. Authentica does not use cryptography for authentication. However, we establish challenge-response using cryptography during the registration phase, which is a one-time cost. Authentica addresses a) impersonation attacks, b) collision attacks, c) dictionary and rainbow table attacks, d) replay attacks, e) DDoS attacks, f) the domino effect issues, and g) the challenge-response database leakage issues.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Preprint.
Keywords
AuthenticationPUFPasswordUnclonable Function
Contact author(s)
ripon @ cse nits ac in
ldsingh @ cse nits ac in
History
2024-09-08: last of 2 revisions
2023-08-10: received
See all versions
Short URL
https://ia.cr/2023/1215
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2023/1215,
      author = {Ripon Patgiri and Laiphrakpam Dolendro Singh},
      title = {Authentica: A Secure Authentication Mechanism using a Software-defined Unclonable Function},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/1215},
      year = {2023},
      url = {https://eprint.iacr.org/2023/1215}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.