A low-end embedded platform for Internet of Things (IoT) often suffers from a critical trade-off dilemma between security enhancement and computation overhead. We propose PUFSec, a new device fingerprint-based security architecture for IoT devices. By leveraging intrinsic hardware characteristics, we aim to design a computationally lightweight security software system architecture so that complex cryptography computation can dramatically be prohibited. We exploit the innovative idea of Public Physical Unclonable Functions (PPUFs) that fundamentally protects attackers from recovering the secret key from public gate delay information. We implement its hardware logic in a real-world FPGA board. On top of the PPUF fingerprint hardware, we present an adaptive security control mechanism consisting of adaptive key generation and key exchange protocol, which adjusts security strength depending on system load dynamics. We demonstrate that our PPUF FPGA implementation embeds distinctive variability enough to distinguish between two different PPUFs with high fidelity. We validate our PUFSec architecture by implementing necessary algorithms and protocols in a real-world IoT platform, and performing empirical evaluation in terms of computation and memory usages, proving its practical feasibility.
|Title of host publication
|INFOCOM 2017 - IEEE Conference on Computer Communications
|Institute of Electrical and Electronics Engineers Inc.
|Published - 2017 Oct 2
|2017 IEEE Conference on Computer Communications, INFOCOM 2017 - Atlanta, United States
Duration: 2017 May 1 → 2017 May 4
|Proceedings - IEEE INFOCOM
|2017 IEEE Conference on Computer Communications, INFOCOM 2017
|17/5/1 → 17/5/4
Bibliographical notePublisher Copyright:
© 2017 IEEE.
All Science Journal Classification (ASJC) codes
- General Computer Science
- Electrical and Electronic Engineering