| dc.contributor.author | Hiller, Matthias | |
| dc.contributor.author | Delvaux, Jeroen | |
| dc.contributor.author | Sowell, Richard | |
| dc.contributor.author | Verbauwhede, Ingrid | |
| dc.contributor.author | Yu, Meng-Day | |
| dc.contributor.author | Devadas, Srinivas | |
| dc.date.accessioned | 2017-08-18T17:43:49Z | |
| dc.date.available | 2017-08-18T17:43:49Z | |
| dc.date.issued | 2016-04 | |
| dc.identifier.issn | 2332-7766 | |
| dc.identifier.uri | http://hdl.handle.net/1721.1/110985 | |
| dc.description.abstract | We present a lightweight PUF-based authentication approach that is practical in settings where a server authenticates a device, and for use cases where the number of authentications is limited over a device's lifetime. Our scheme uses a server-managed challenge/response pair (CRP) lockdown protocol: unlike prior approaches, an adaptive chosen-challenge adversary with machine learning capabilities cannot obtain new CRPs without the server's implicit permission. The adversary is faced with the problem of deriving a PUF model with a limited amount of machine learning training data. Our system-level approach allows a so-called strong PUF to be used for lightweight authentication in a manner that is heuristically secure against today's best machine learning methods through a worst-case CRP exposure algorithmic validation. We also present a degenerate instantiation using a weak PUF that is secure against computationally unrestricted adversaries, which includes any learning adversary, for practical device lifetimes and read-out rates. We validate our approach using silicon PUF data, and demonstrate the feasibility of supporting 10, 1,000, and 1M authentications, including practical configurations that are not learnable with polynomial resources, e.g., the number of CRPs and the attack runtime, using recent results based on the probably-approximately-correct (PAC) complexity-theoretic framework. | en_US |
| dc.language.iso | en_US | |
| dc.publisher | Institute of Electrical and Electronics Engineers (IEEE) | en_US |
| dc.relation.isversionof | http://dx.doi.org/10.1109/TMSCS.2016.2553027 | en_US |
| dc.rights | Creative Commons Attribution-Noncommercial-Share Alike | en_US |
| dc.rights.uri | http://creativecommons.org/licenses/by-nc-sa/4.0/ | en_US |
| dc.source | MIT Web Domain | en_US |
| dc.title | A Lockdown Technique to Prevent Machine Learning on PUFs for Lightweight Authentication | en_US |
| dc.type | Article | en_US |
| dc.identifier.citation | Yu, Meng-Day, et al. “A Lockdown Technique to Prevent Machine Learning on PUFs for Lightweight Authentication.” IEEE Transactions on Multi-Scale Computing Systems 2, 3 (July 2016): 146–159 © 2016 Institute of Electrical and Electronics Engineers (IEEE) | en_US |
| dc.contributor.department | Massachusetts Institute of Technology. Computer Science and Artificial Intelligence Laboratory | en_US |
| dc.contributor.department | Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science | en_US |
| dc.contributor.mitauthor | Yu, Meng-Day | |
| dc.contributor.mitauthor | Devadas, Srinivas | |
| dc.relation.journal | IEEE Transactions on Multi-Scale Computing Systems | en_US |
| dc.eprint.version | Author's final manuscript | en_US |
| dc.type.uri | http://purl.org/eprint/type/JournalArticle | en_US |
| eprint.status | http://purl.org/eprint/status/PeerReviewed | en_US |
| dspace.orderedauthors | Yu, Meng-Day; Hiller, Matthias; Delvaux, Jeroen; Sowell, Richard; Devadas, Srinivas; Verbauwhede, Ingrid | en_US |
| dspace.embargo.terms | N | en_US |
| dc.identifier.orcid | https://orcid.org/0000-0001-8253-7714 | |
| mit.license | OPEN_ACCESS_POLICY | en_US |
| mit.metadata.status | Complete | |
