当前位置:
X-MOL 学术
›
IEEE Trans. Inform. Forensics Secur.
›
论文详情
Our official English website, www.x-mol.net, welcomes your
feedback! (Note: you will need to create a separate account there.)
3PAA: A Private PUF Protocol for Anonymous Authentication
IEEE Transactions on Information Forensics and Security ( IF 6.3 ) Pub Date : 9-4-2020 , DOI: 10.1109/tifs.2020.3021917 Urbi Chaterjee , Debdeep Mukhopadhyay , Rajat Subhra Chakraborty
IEEE Transactions on Information Forensics and Security ( IF 6.3 ) Pub Date : 9-4-2020 , DOI: 10.1109/tifs.2020.3021917 Urbi Chaterjee , Debdeep Mukhopadhyay , Rajat Subhra Chakraborty
Anonymous authentication (AA) schemes are used by an application provider to grant services to its n users for pre-defined k times after they have authenticated themselves anonymously. These privacy-preserving cryptographic schemes are essentially based on the secret key that is embedded in a trusted platform module (TPM). In this work, we propose a private physically unclonable function (PUF) based scheme that overcomes the shortcomings of prior attempts to incorporate PUF for AA schemes. Traditional PUF based authentication protocols have their limitations as they only work based on challenge-response pairs (CRPs) exposed to the verifier, thus violating the principle of anonymity. Here, we ensure that even if the PUF instance is private to the user, it can be used for authentication to the application provider. Besides, no raw CRPs need to be stored in a secure database, thus making it more difficult for an adversary to launch model-building attacks on the deployed PUFs. We reduce the execution time from O(n) to O(1) and storage overhead from O(nk) to O(n) compared to state-of-the-art AA protocols and also dispense the necessity of maintaining a revocation list for the compromised keys. In addition, we provide security proofs of the protocol under Elliptic Curve Diffie-Hellman assumption and decisional uniqueness assumption of a PUF. A prototype of the protocol has been implemented on a Z-Turn board integrated with dual-core ARM CortexA9 processor and Artix-7 FPGA. The resource footprint and performance characterization results show that the proposed scheme is suitable for implementation on resource-constrained platforms.
中文翻译:
3PAA:用于匿名身份验证的私有 PUF 协议
应用程序提供商使用匿名身份验证 (AA) 方案,在其 n 个用户对自己进行匿名身份验证后,向其授予预定义的 k 次服务。这些隐私保护加密方案本质上基于嵌入可信平台模块 (TPM) 中的密钥。在这项工作中,我们提出了一种基于私有物理不可克隆函数(PUF)的方案,该方案克服了先前尝试将 PUF 纳入 AA 方案的缺点。传统的基于 PUF 的身份验证协议有其局限性,因为它们仅基于暴露给验证者的质询响应对 (CRP) 工作,从而违反了匿名原则。在这里,我们确保即使 PUF 实例对于用户来说是私有的,它也可以用于向应用程序提供商进行身份验证。此外,不需要将原始 CRP 存储在安全数据库中,从而使对手更难对已部署的 PUF 发起模型构建攻击。与最先进的 AA 协议相比,我们将执行时间从 O(n) 减少到 O(1),存储开销从 O(nk) 减少到 O(n),并且还免除了维护撤销列表的必要性。泄露的密钥。此外,我们还提供了椭圆曲线 Diffie-Hellman 假设和 PUF 决策唯一性假设下的协议安全性证明。该协议的原型已在集成双核 ARM CortexA9 处理器和 Artix-7 FPGA 的 Z-Turn 板上实现。资源占用和性能表征结果表明,所提出的方案适合在资源受限的平台上实现。
更新日期:2024-08-22
中文翻译:
3PAA:用于匿名身份验证的私有 PUF 协议
应用程序提供商使用匿名身份验证 (AA) 方案,在其 n 个用户对自己进行匿名身份验证后,向其授予预定义的 k 次服务。这些隐私保护加密方案本质上基于嵌入可信平台模块 (TPM) 中的密钥。在这项工作中,我们提出了一种基于私有物理不可克隆函数(PUF)的方案,该方案克服了先前尝试将 PUF 纳入 AA 方案的缺点。传统的基于 PUF 的身份验证协议有其局限性,因为它们仅基于暴露给验证者的质询响应对 (CRP) 工作,从而违反了匿名原则。在这里,我们确保即使 PUF 实例对于用户来说是私有的,它也可以用于向应用程序提供商进行身份验证。此外,不需要将原始 CRP 存储在安全数据库中,从而使对手更难对已部署的 PUF 发起模型构建攻击。与最先进的 AA 协议相比,我们将执行时间从 O(n) 减少到 O(1),存储开销从 O(nk) 减少到 O(n),并且还免除了维护撤销列表的必要性。泄露的密钥。此外,我们还提供了椭圆曲线 Diffie-Hellman 假设和 PUF 决策唯一性假设下的协议安全性证明。该协议的原型已在集成双核 ARM CortexA9 处理器和 Artix-7 FPGA 的 Z-Turn 板上实现。资源占用和性能表征结果表明,所提出的方案适合在资源受限的平台上实现。
京公网安备 11010802027423号