Abstract
For a secure Internet-of-Things (IoT) ecosystem, not only the establishment of secure communication channels but also the authentication of devices is crucial. Authenticated key exchange protocols establish shared cryptographic keys between the parties and, in addition, authenticate their identities. Usually, the identities are based on a pair of private and public keys. Physical Unclonable Functions (PUFs) are widely used recently to bind physically the private key to a device. However, since PUFs are vulnerable to attacks, even non-invasive attacks without accessing the device, this paper proposes the use of Behavioral and Physical Unclonable Functions (BPUFs), which allow multimodal authentication and are more difficult to be virtually or physically cloned. In order to resist attacks from classic and quantum computers, this paper considers a Kyber key exchange protocol. Recently, Kyber has been selected by the Post-Quantum Cryptography standardization process of the National Institute of Standards and Technology (NIST) for key establishment protocols. In this work, we propose to strengthen a Kyber key exchange protocol with BPUFs extracted from SRAMs included in IoT devices. Experimental results prove the feasibility of the proposal in WiPy boards.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Mall, P., Amin, R., Das, A.K., Leung, M.T., Choo, K.-K.R.: PUF-based authentication and key agreement protocols for IoT, WSNs, and Smart Grids: a comprehensive survey. IEEE Internet Things J. 9(11), 8205–8228 (2022)
Buchmann, J., Ding, J. (eds.): PQCrypto 2008. LNCS, vol. 5299. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-88403-3
Ebrahimabadi, M., Younis, M., Karimi, N.: A PUF-based modeling-attack resilient authentication protocol for IoT devices. IEEE Internet Things J. 9(5), 3684–3703 (2022)
Prada-Delgado, M.A., Baturone, I.: Behavioral and Physical Unclonable Functions (BPUFs): SRAM example. IEEE Access 9, 23751–23763 (2021)
Bahar Talukder, B.M.S., Ferdaus, F., Rahman, M.T.: Memory-based PUFs are vulnerable as well: a non-invasive attack against SRAM PUFs. IEEE Trans. Inf. Forensics Secur. 16, 4035–4049 (2021)
NIST CSRC, Post-Quantum Cryptography. https://csrc.nist.gov/projects/post-quantum-cryptography. Accessed 28 July 2022
Seyhan, K., Nguyen, T.N., Akleylek, S., Cengiz, K.: Lattice-based cryptosystems for the security of resource-constrained IoT devices in post-quantum world: a survey. Clust. Comput. 1–20 (2021). https://doi.org/10.1007/s10586-021-03380-7
Septien-Hernandez, J.-A., Arellano-Vazquez, M., Contreras-Cruz, M.A., Ramirez-Paredes, J.-P.: A Comparative study of post-quantum cryptosystems for Internet-of-Things applications. Sensors 22(2), 489 (2022)
Schöffel, M., Lauer, F., Rheinländer, C.C., When, N.: Secure IoT in the era of quantum computers—where are the bottlenecks? Sensors 22(7), 2484 (2022)
Paul, S., Scheible, P.: Towards post-quantum security for cyber-physical systems: integrating PQC into industrial M2M communication. In: Chen, L., Li, N., Liang, K., Schneider, S. (eds.) ESORICS 2020. LNCS, vol. 12309, pp. 295–316. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-59013-0_15
Chikouche, N., Cayrel, P.-L., Mboup, E.H.M., Boidje, B.O.: A privacy-preserving code-based authentication protocol for Internet of Things. J. Supercomput. 75(12), 8231–8261 (2019). https://doi.org/10.1007/s11227-019-03003-4
Bos, J., et al.: CRYSTALS – Kyber: a CCA-secure module-lattice-based KEM. In: 2018 IEEE European Symposium on Security and Privacy (EuroS&P), pp. 353–367. IEEE (2018)
Cambou, B., et al.: Post quantum cryptographic keys generated with physical unclonable functions. Appl. Sci. 11(6), 2801 (2021)
Román, R., Arjona, R., Arcenegui, J., Baturone, I.: Hardware Security for eXtended Merkle Signature Scheme using SRAM-based PUFs and TRNGs. In: 2020 32nd International Conference on Microelectronics (ICM), pp. 1–4. IEEE (2020)
Zerrouki, F., Ouchani, S., Bouarfa, H.: A survey on silicon PUFs. J. Syst. Architect. 127, 102514 (2022)
Helfmeier, C., Boit, C., Nedospasov, D., Seifert, J. -P.: Cloning physically unclonable functions. In: 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp. 1–6. IEEE (2013)
GitHub, pq-crystals/Kyber. https://github.com/pq-crystals/kyber. Accessed 28 July 2022
Acknowledgements
This research was conducted thanks to Grant PDC2021-121589-I00 funded by MCIN/AEI/https://doi.org/10.13039/501100011033 and the “European Union NextGenerationEU/PRTR”, and Grant PID2020-119397RB-I00 funded by MCIN/AEI/ https://doi.org/10.13039/501100011033. The work of Roberto Román was supported by VI Plan Propio de Investigación y Transferencia through the University of Seville.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Román, R., Arjona, R., Baturone, I. (2022). Post-quantum Secure Communication with IoT Devices Using Kyber and SRAM Behavioral and Physical Unclonable Functions (Extended Abstract). In: Li, W., Furnell, S., Meng, W. (eds) Attacks and Defenses for the Internet-of-Things. ADIoT 2022. Lecture Notes in Computer Science, vol 13745. Springer, Cham. https://doi.org/10.1007/978-3-031-21311-3_9
Download citation
DOI: https://doi.org/10.1007/978-3-031-21311-3_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-21310-6
Online ISBN: 978-3-031-21311-3
eBook Packages: Computer ScienceComputer Science (R0)