A Secure Secret Key Agreement Scheme among Multiple Twinning Superlattice PUF Holders
Abstract
:1. Introduction
2. Related Work
3. Preliminary and Background
3.1. Secure Communication Group
3.2. Fuzzy Extractor
- (1)
- In the generation procedure : a uniformly random string R and a public helper value P are produced from a source value w.
- (2)
- In the reproduction procedure : the original string R is reproduced by using the helper value P and a close value .
3.3. ElGamal Encryption
Algorithm 1 ElGamal Public-key Cryptosystem in multiplicative group |
Assuming that the Discrete Logarithm problem in the multiplicative group is infeasible, ElGamal Cryptosystem can be used to encrypt and decrypt messages. The public key is comprised of three values: a prime number p, a primitive root in the multiplicative group , and where a is the private key. To encrypt a message x, a random number k is chosen by Alice, and the resulting ciphertext is , where and To decrypt the ciphertext, Bob uses the private key a to compute and then computes the plaintext message as |
4. Key Agreement Scheme Based on Multiple Twinning Superlattice PUFs
4.1. System and Threat Model
- (1)
- Impersonation attack. Assuming that Alice and Bob are legal communication parties, Alice wants to establish a session key with Bob. However, she is concerned that she may communicate with an attacker Adver impersonating Bob.
- (2)
- Replay attack. While agreeing on a group key between Alice and multiple legal communication parties, Adver may intercept the incentives sent between them and use the last challenge sequence to replay, trying to communicate them with the old group key.
- (3)
- Man-in-the-middle attack. Adver may intercept the message sent by Alice and tamper with it. It is then broadcast to the receiver to establish a new group key between him and other recipients.
- (4)
- Adver changes the information sent by Alice on the public channel. Adver may modify the challenge sequence, which causes incentive errors, thus rejecting the key agreement. Adver may also modify the helper data. Suppose the modified number of bits causes the number of codeword errors to be less than the error correction ability t. In that case, the honest communication party can still obtain an unconditionally secure key. Suppose the modified number of bits causes the number of codeword errors to be greater than the error correction capability t. In that case, the honest communication party refuses the key agreement service.
4.2. Key Agreemnet Scheme
4.3. The Choice of Fuzzy Extractor
- Gen
- Input:
- Sample:
- For .
- (i)
- Choose random .
- (ii)
- Set .
- (iii)
- Set .
- Output , where .
- Rep
- Input: ()
- For
- (i)
- Parse
- (ii)
- Set .
- (iii)
- Set unlock . If output .
- Output ⊥.
4.4. Subgroup Communication
4.5. Dynamic Group Management
4.5.1. Member Join
- (1).
- A new user requests any member in the subgroup to join and generates its public-private key pair.
- (2).
- randomly reselects the challenge c, generate the response w through the superlattice PUF. Then, through the reusable fuzzy extractor, generates the uniformly random string R and the public helper string P. encrypts c and P using the public key of the remaining members and sends the results to them, respectively.
- (3).
- The remaining members decrypt the message with their private key to get c and P. Through the reusable fuzzy extractor, they can get R consistent with .
- (4).
- According to the entropy loss leaked by the public string P and the min-entropy of superlattice PUF, the members in the new subgroup get a short key K through privacy amplification.
4.5.2. Member Leave
4.6. Computational Cost
4.7. Experimental Results
5. Security Analysis
5.1. Theoretical Security of the Scheme
- (1)
- Give to .
- (2)
- computes , gives to , the attacker of . Then, outputs the bit .
- (1)
- chooses and runs on its own to generate .
- (2)
- runs to encrypt . These are produced by , which also returns a ciphertext c.
- (3)
- gives to . Then, outputs the bit .
5.2. Informal Security Analysis
- Insider Attack: In the scheme proposed in this paper, the subgroup key is changed when the subgroup members leave, which guarantees forward secrecy. Subsequently, the members of the current subgroup agree on the new key. The leaving members are prevented from obtaining new challenge sequences and helper data because the sender uses the public-key cryptosystem to encrypt them. That is to say, leaving members cannot obtain the new subgroup key. Thus, insider attacks are blocked.
- Dictionary Attack: The output signal of the superlattice device is unpredictable. Even if an adversary obtains the challenge sequence, they cannot use mathematical methods to infer the output signal (key). Thus, attackers cannot obtain the group key through a dictionary attack.
- Replay Attack: The superlattice PUF cannot be cloned once prepared, including the physical entity and its electrical characteristics. Even if the third party obtains the challenge sequence from the public channel, obtaining the output signal (key) is impossible by forging, imitating the device, or fitting its function. Furthermore, old responses are discarded after re-keying, and forward secrecy during re-keying is designed to protect the system from such attacks.
- Man-in-the-middle Attack: The group key is established by legal members locally using the twinning superlattice PUF and reusable fuzzy extractor. The attacker does not hold the multi-twinning superlattice PUF device so that attackers cannot tamper with the public shared messages among members to obtain the group key, rendering the attack ineffective.
- Machine Learning Attack: Machine learning attacks usually collect CRPs as training data and run a learning algorithm to obtain a model close to the actual model [2]. However, the CRPs of superlattice PUFs grow exponentially with the length of the challenge sequence, which has strong PUF properties. This feature is due to the structure of the superlattice PUF, which has 50 quantum wells, and each quantum well has four thin layers of materials. The thin layers of materials have fluctuations in the energy level of single atoms. That is, there will be variation samples for each thin layer of material. To sum up, the number of various samples of superlattice PUF structure parameters is , enough to deal with machine learning modeling attacks.
- Sybil Attack: In the proposed scheme, each legal member holds a multi-twinning superlattice PUF on the same wafer, which is physically secure and can be cloned once fabricated, neither mathematically nor physically. During the key agreement process, members use the superlattice PUF and reusable fuzzy extractor to locally generate private keys in response to the sender’s challenge sequence and helper data. Therefore, the attacker can not forge the identity. Furthermore, attackers cannot affect the key agreement process by forging the identity.
- Key-compromise Impersonation (KCI) Attack: The member generates their private key using the superlattice PUF locally, which ensures that attackers cannot obtain it. If an attacker obtains the member’s private key illegally, they will only get the challenge sequence and helper data after decryption. However, the actual group key can only be obtained locally through the superlattice PUF which the member hold, and the reusable fuzzy extractor. Therefore, the KCI attack is ineffective.
6. Limitations & Future Work
7. Conclusions
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Conflicts of Interest
Abbreviations
KDC | Key Distribution Center |
LKH | Logical Key Hierarchy |
IoE | Internet of Everything |
PUF | Physical Unclonable Function |
WSN | Wireless Sensor Networks |
AC | Auxiliary Controller |
MC | Main Controller |
SDN | Software-Defined Networking |
BAN | Body Area Network |
DoS | Denial of Service |
KCI | Key-compromise Impersonation |
References
- Gao, B.; Lin, B.; Li, X.; Tang, J.; Qian, H.; Wu, H. A Unified PUF and TRNG Design Based on 40-nm RRAM with High Entropy and Robustness for IoT Security. IEEE Trans. Electron Devices 2022, 69, 536–542. [Google Scholar] [CrossRef]
- Wang, Y.; Xi, X.; Orshansky, M. Lattice PUF: A Strong Physical Unclonable Function Provably Secure against Machine Learning Attacks. In Proceedings of the 2020 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), San Jose, CA, USA, 7–11 December 2020; pp. 273–283. [Google Scholar] [CrossRef]
- Ibrahim, H.M.; Abunahla, H.; Mohammad, B.; AlKhzaimi, H. Memristor-based PUF for lightweight cryptographic randomness. Sci. Rep. 2022, 12, 8633. [Google Scholar] [CrossRef] [PubMed]
- Lotfy, A.; Kaveh, M.; Martín, D.; Mosavi, M.R. An Efficient Design of Anderson PUF by Utilization of the Xilinx Primitives in the SLICEM. IEEE Access 2021, 9, 23025–23034. [Google Scholar] [CrossRef]
- Esaki, L.; Tsu, R. Superlattice and Negative Differential Conductivity in Semiconductors. IBM J. Res. Dev. 1970, 14, 61–65. [Google Scholar] [CrossRef]
- Zhang, Y.; Kastrup, J.; Klann, R.; Ploog, K.H.; Grahn, H.T. Synchronization and chaos induced by resonant tunneling in GaAs/AlAs superlattices. Phys. Rev. Lett. 1996, 77, 3001. [Google Scholar] [CrossRef] [PubMed]
- Huang, Y.; Li, W.; Ma, W.; Qin, H.; Zhang, Y. Experimental observation of spontaneous chaotic current oscillations in GaAs/Al0.45Ga0.55As superlattices at room temperature. Chin. Sci. Bull. 2012, 57, 2070–2072. [Google Scholar] [CrossRef]
- Wu, H.; Yin, Z.; Xie, J.; Ding, P.; Liu, P.; Song, H.; Chen, X.; Xu, S.; Liu, W.; Zhang, Y. Design and implementation of true random number generators based on semiconductor superlattice chaos. Microelectron. J. 2021, 114, 105119. [Google Scholar] [CrossRef]
- Li, W.; Aviad, Y.; Reidler, I.; Song, H.; Huang, Y.; Biermann, K.; Rosenbluh, M.; Zhang, Y.; Grahn, H.T.; Kanter, I. Chaos synchronization in networks of semiconductor superlattices. EPL (Europhys. Lett.) 2015, 112, 30007. [Google Scholar] [CrossRef]
- Huang, Y.; Li, W.; Ma, W.; Qin, H.; Grahn, H.T.; Zhang, Y. Spontaneous quasi-periodic current self-oscillations in a weakly coupled GaAs/(Al, Ga) As superlattice at room temperature. Appl. Phys. Lett. 2013, 102, 242107. [Google Scholar] [CrossRef]
- Yin, Z.; Song, H.; Zhang, Y.; Ruiz-García, M.; Carretero, M.; Bonilla, L.L.; Biermann, K.; Grahn, H.T. Noise-enhanced chaos in a weakly coupled GaAs/(Al, Ga) As superlattice. Phys. Rev. E 2017, 95, 012218. [Google Scholar] [CrossRef]
- Huang, Y.; Qin, H.; Li, W.; Lu, S.; Dong, J.; Grahn, H.T.; Zhang, Y. Experimental evidence for coherence resonance in a noise-driven GaAs/AlAs superlattice. EPL (Europhys. Lett.) 2014, 105, 47005. [Google Scholar] [CrossRef]
- Mompo, E.; Ruiz-Garcia, M.; Carretero, M.; Grahn, H.T.; Zhang, Y.; Bonilla, L.L. Coherence resonance and stochastic resonance in an excitable semiconductor superlattice. Phys. Rev. Lett. 2018, 121, 086805. [Google Scholar] [CrossRef] [PubMed]
- Tong, X.; Chen, X.; Xu, S.; Li, Y.; Su, M.; Sun, X.; Yu, L.; Liu, C.; He, S.; Wu, R.; et al. Advances in superlattice cryptography research. Chin. Sci. Bull. 2020, 65, 108–116. [Google Scholar] [CrossRef]
- Liu, W.; Yin, Z.; Chen, X.; Peng, Z.; Song, H.; Liu, P.; Tong, X.; Zhang, Y. A secret key distribution technique based on semiconductor superlattice chaos devices. Sci. Bull. 2018, 63, 1034–1036. [Google Scholar] [CrossRef]
- Wu, H. The Technical Research and System Implementation of the Superlattice Key Distribution. Ph.D. Thesis, University of Science and Technology of China, Hefei, China, 2021. [Google Scholar] [CrossRef]
- Zhou, Z.; Tian, Y.; Xiong, J.; Ma, J.; Peng, C. Blockchain-enabled secure and trusted federated data sharing in IIoT. IEEE Trans. Ind. Inform. 2022, 1–11. [Google Scholar] [CrossRef]
- Tian, Y.; Wang, S.; Xiong, J.; Bi, R.; Zhou, Z.; Bhuiyan, M.Z.A. Robust and Privacy-Preserving Decentralized Deep Federated Learning Training: Focusing on Digital Healthcare Applications. IEEE/ACM Trans. Comput. Biol. Bioinform. 2023. [Google Scholar] [CrossRef]
- Xiong, J.; Bi, R.; Zhao, M.; Guo, J.; Yang, Q. Edge-assisted privacy-preserving raw data sharing framework for connected autonomous vehicles. IEEE Wirel. Commun. 2020, 27, 24–30. [Google Scholar] [CrossRef]
- Bi, R.; Xiong, J.; Tian, Y.; Li, Q.; Choo, K.K.R. Achieving Lightweight and Privacy-Preserving Object Detection for Connected Autonomous Vehicles. IEEE Internet Things J. 2023, 10, 2314–2329. [Google Scholar] [CrossRef]
- Hong, H.; Sun, Z. TS-ABOS-CMS: Time-bounded secure attribute-based online/offline signature with constant message size for IoT systems. J. Syst. Archit. 2022, 123, 102388. [Google Scholar] [CrossRef]
- Liu, Y.; Harn, L.; Chang, C.C. An authenticated group key distribution mechanism using theory of numbers. Int. J. Commun. Syst. 2014, 27, 3502–3512. [Google Scholar] [CrossRef]
- Dondeti, L.R.; Mukherjee, S.; Samal, A. DISEC: A Distributed Framework for Scalable Secure Many-to-Many Communication. In Proceedings of the Fifth IEEE Symposium on Computers and Communications (ISCC 2000), Antibes, France, 4–6 July 2000; IEEE Computer Society: Washington, DC, USA, 2000; pp. 693–698. [Google Scholar] [CrossRef]
- Mahalle, P.N.; Prasad, N.R.; Prasad, R. Threshold cryptography-based group authentication (TCGA) scheme for the Internet of Things (IoT). In Proceedings of the 2014 4th International Conference on Wireless Communications, Vehicular Technology, Information Theory and Aerospace & Electronic Systems (VITAE), Aalborg, Denmark, 11–14 May 2014; IEEE: Piscataway, NJ, USA, 2014; pp. 1–5. [Google Scholar] [CrossRef]
- Yıldız, H.; Cenk, M.; Onur, E. PLGAKD: A PUF-Based Lightweight Group Authentication and Key Distribution Protocol. IEEE Internet Things J. 2021, 8, 5682–5696. [Google Scholar] [CrossRef]
- Dong, P.; Wang, W.; Shi, X.; Qin, T. Lightweight Key Management for Group Communication in Body Area Networks through Physical Unclonable Functions. In Proceedings of the 2017 IEEE/ACM International Conference on Connected Health: Applications, Systems and Engineering Technologies (CHASE), Philadelphia, PA, USA, 17–19 July 2017; pp. 102–107. [Google Scholar] [CrossRef]
- Huang, M.; Yu, B.; Li, S. PUF-Assisted Group Key Distribution Scheme for Software-Defined Wireless Sensor Networks. IEEE Commun. Lett. 2018, 22, 404–407. [Google Scholar] [CrossRef]
- Rafaeli, S.; Hutchison, D. A survey of key management for secure group communication. ACM Comput. Surv. 2003, 35, 309–329. [Google Scholar] [CrossRef]
- Stinson, D.R. Cryptography: Theory and Practice; Chapman and Hall/CRC: Boca Raton, FL, USA, 2005. [Google Scholar] [CrossRef]
- Dodis, Y.; Reyzin, L.; Smith, A. Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, Switzerland, 2–6 May 2004; Springer: Berlin/Heidelberg, Germany, 2004; pp. 523–540. [Google Scholar] [CrossRef]
- Boyen, X.; Dodis, Y.; Katz, J.; Ostrovsky, R.; Smith, A. Secure Remote Authentication Using Biometric Data. In Advances in Cryptology-EUROCRYPT 2005, Proceedings of the 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, 22–26 May 2005; Springer: Berlin/Heidelberg, Germany, 2005; pp. 147–163. [Google Scholar] [CrossRef]
- Shannon, C.E. Communication theory of secrecy systems. Bell Syst. Tech. J. 1949, 28, 656–715. [Google Scholar] [CrossRef]
- Gope, P.; Sikdar, B. Lightweight and Privacy-Preserving Two-Factor Authentication Scheme for IoT Devices. IEEE Internet Things J. 2019, 6, 580–589. [Google Scholar] [CrossRef]
- Kaveh, M.; Aghapour, S.; Martin, D.; Mosavi, M.R. A Secure Lightweight Signcryption Scheme for Smart Grid Communications Using Reliable Physically Unclonable Function. In Proceedings of the 2020 IEEE International Conference on Environment and Electrical Engineering and 2020 IEEE Industrial and Commercial Power Systems Europe, Madrid, Spain, 9–12 June 2020; pp. 1–6. [Google Scholar] [CrossRef]
- Boyen, X. Reusable cryptographic fuzzy extractors. In Proceedings of the 11th ACM conference on Computer and Communications Security, Washington, DC, USA, 25–29 October 2004; pp. 82–91. [Google Scholar] [CrossRef]
- Wen, Y.; Liu, S. Robustly Reusable Fuzzy Extractor from Standard Assumptions. In Advances in Cryptology—ASIACRYPT 2018, Proceedings of the 24th International Conference on the Theory and Application of Cryptology and Information Security, Brisbane, QLD, Australia, 2–6 December 2018; Springer: Cham, Switzerland, 2018; pp. 459–489. [Google Scholar] [CrossRef]
- Apon, D.; Cho, C.; Eldefrawy, K.; Katz, J. Efficient, Reusable Fuzzy Extractors from LWE. In Cyber Security Cryptography and Machine Learning, Proceedings of the First International Conference, CSCML 2017, Beer-Sheva, Israel, 29–30 June 2017; Springer: Cham, Switzerland, 2017; pp. 1–18. [Google Scholar] [CrossRef]
- Canetti, R.; Fuller, B.; Paneth, O.; Reyzin, L.; Smith, A. Reusable fuzzy extractors for low-entropy distributions. J. Cryptol. 2021, 34, 2. [Google Scholar] [CrossRef]
- Wong, C.K.; Gouda, M.; Lam, S. Secure group communications using key graphs. IEEE/ACM Trans. Netw. 2000, 8, 16–30. [Google Scholar] [CrossRef]
- Eroz, M.; Sun, F.W.; Lee, L.N. DVB-S2 low density parity check codes with near Shannon limit performance. Int. J. Satell. Commun. Netw. 2004, 22, 269–279. [Google Scholar] [CrossRef]
Request | Requesting User | Non-Requesting User | Initiator |
---|---|---|---|
join | 1 | 1 | 1 |
leave | 0 | 1 | 1 |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Liu, J.; Xie, J.; Zhang, J.; Liu, B.; Chen, X.; Feng, H. A Secure Secret Key Agreement Scheme among Multiple Twinning Superlattice PUF Holders. Sensors 2023, 23, 4704. https://doi.org/10.3390/s23104704
Liu J, Xie J, Zhang J, Liu B, Chen X, Feng H. A Secure Secret Key Agreement Scheme among Multiple Twinning Superlattice PUF Holders. Sensors. 2023; 23(10):4704. https://doi.org/10.3390/s23104704
Chicago/Turabian StyleLiu, Jing, Jianguo Xie, Junwei Zhang, Biao Liu, Xiaoming Chen, and Huamin Feng. 2023. "A Secure Secret Key Agreement Scheme among Multiple Twinning Superlattice PUF Holders" Sensors 23, no. 10: 4704. https://doi.org/10.3390/s23104704
APA StyleLiu, J., Xie, J., Zhang, J., Liu, B., Chen, X., & Feng, H. (2023). A Secure Secret Key Agreement Scheme among Multiple Twinning Superlattice PUF Holders. Sensors, 23(10), 4704. https://doi.org/10.3390/s23104704