Next Article in Journal
Design and Verification of Deep Submergence Rescue Vehicle Motion Control System
Next Article in Special Issue
Data Modifications in Blockchain Architecture for Big-Data Processing
Previous Article in Journal
Immunosensors for Autoimmune-Disease-Related Biomarkers: A Literature Review
Previous Article in Special Issue
Blockchain-Modeled Edge-Computing-Based Smart Home Monitoring System with Energy Usage Prediction
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Sensors
Volume 23
Issue 15
10.3390/s23156769
sensors-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles thumb_up
...
Endorse textsms
...
Comment
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

Microcontroller-Based PUF for Identity Authentication and Tamper Resistance of Blockchain-Compliant IoT Devices

by
Davor Vinko
*,
Kruno Miličević
,
Ivica Lukić
and
Mirko Köhler
Faculty of Electrical Engineering, Computer Science and Information Technology Osijek, Josip Juraj Strossmayer University of Osijek, Kneza Trpimira 2B, 31000 Osijek, Croatia
*
Author to whom correspondence should be addressed.
Sensors 2023, 23(15), 6769; https://doi.org/10.3390/s23156769
Submission received: 22 May 2023 / Revised: 16 July 2023 / Accepted: 26 July 2023 / Published: 28 July 2023
(This article belongs to the Special Issue Blockchain Technologies and Security in IoT Networks)
Browse Figures
Versions Notes

Abstract

:
Blockchain-based applications necessitate the authentication of connected devices if they are employed as blockchain oracles. Alongside identity authentication, it is crucial to ensure resistance against tampering, including safeguarding against unauthorized alterations and protection against device counterfeiting or cloning. However, attaining these functionalities becomes more challenging when dealing with resource-constrained devices like low-cost IoT devices. The resources of IoT devices depend on the capabilities of the microcontroller they are built around. Low-cost devices utilize microcontrollers with limited computational power, small memory capacity, and lack advanced features such as a dedicated secure cryptographic chip. This paper proposes a method employing a Physical Unclonable Function (PUF) to authenticate identity and tamper resistance in IoT devices. The suggested PUF relies on a microcontroller’s internal pull-up resistor values and, in conjunction with the microcontroller’s built-in analog comparator, can also be utilized for device self-checking. A main contribution of this paper is the proposed PUF method which calculates the PUF value as the average value of many single PUF measurements, resulting in a significant increase in accuracy. The proposed PUF has been implemented successfully in a low-cost microcontroller device. Test results demonstrate that the device, specifically the microcontroller chip, can be identified with high accuracy (99.98%), and the proposed PUF method exhibits resistance against probing attempts.

1. Introduction

There is an ongoing trend of continuously increasing the number of IoT devices and the data they generate. As the number of IoT devices grows, various use cases emerge that rely on the data from the IoT ecosystem. One crucial requirement is the ability to trust IoT devices and their data. These use cases span different industries, including the Internet of Vehicles [1], automotive systems [2], smart agriculture [3], food-chain traceability [4], and IoT security in general [5].
Blockchain technology is primarily utilized as a tamper-proof platform for IoT data [6,7], especially in wireless sensor networks [8], to establish data trust [9]. Numerous papers have reported on the use of blockchain as a security feature for IoT [10,11,12,13], even in sensitive use cases such as medical [14] and industrial [15], where confidentiality, integrity, and data availability must be ensured [16].
While blockchain technologies can provide a safety net for IoT data through stored proofs, they cannot guarantee the integrity of the data at its source. In other words, they cannot ensure the trustworthiness of IoT devices or verify their authenticity. Blockchain can compare previous and current records of an IoT device, but it cannot guarantee that the device is not counterfeited or cloned.
Some solutions attempt to address this issue from the blockchain side by proposing novel consensus algorithms for IoT applications [17] and blockchain-based IoT authentication [18]. More comprehensive solutions involve additional stakeholders and aim at metrology applications [19,20].
All blockchain-based solutions for tamper-proofing and authentication assume that tampering and false authentication are rare events, detectable through anomalous behavior compared to previous records stored on the blockchain. However, IoT devices’ deployment scenarios, operating principles, and communication methods make them vulnerable to attacks, tampering, and manipulation [21].
One way to ensure that IoT devices cannot be counterfeited is to use devices that support secure elements [22], such as ARM TrustZone [23]. Secure elements facilitate the authentication of IoT devices and establish data trust between the devices and the blockchain [24].
Various methods are proposed for tamper-proofing devices. Some focus on tamper detection, such as acoustic [25] and optic [26] based solutions. Other approaches propose tamper-resistant methods, for example, by employing highly volatile encryption keys [27] that get destroyed if the device is tampered with, rendering the device data unrecoverable. Probing detection methods are also discussed to protect against tampering and invasive attacks [28,29]. One common solution against tampering is the use of tamper-proof enclosures, also known as envelopes or shields, which are designed to monitor their integrity [30], temperature changes [31], proximity of foreign objects [32], and casing openings [33].

1.1. Motivation

Solutions for identity authentication and tamper-proofing of IoT devices that rely on additional secure elements and tamper-resistant enclosures tend to be expensive, which is unsuitable for low-cost and low-power devices and sensors that constitute a significant portion of the IoT ecosystem. For such devices and sensors, a cost-effective solution is required to prevent illegal copying and the leakage of important data through theft, stealing, and hacking [34,35].
One such affordable solution is the use of PUF technology. PUF technology leverages the unique physical properties of each device, which can be observed as a fingerprint of the IoT device. PUF-based solutions [36] promise to provide lightweight physical identities for authentication in IoT devices [37]. By employing PUF technology, the security level of IoT platforms can be significantly enhanced [38], particularly for resource-constrained IoT devices [39,40] in use cases where device authentication is essential, such as blockchain-based IoT applications [41].
As an emerging physical security mechanism, PUFs can reduce the overhead of cryptographic computations and effectively resist physical attacks [42] and device cloning [43] by binding the data to the device fingerprint [44]. In a blockchain environment, while the blockchain ensures the legitimacy of the IoT device and data, PUF technology safeguards the IoT device against counterfeiting and tampering [45].
In recent years, several prominent use cases have emerged that combine blockchain and PUF technology synergistically. These use cases encompass general security and authenticity aspects, such as secure IoT applications [46], multi-server authentication protocols [47], secure firmware updates [48], mutual authentication schemes [49], and smart home applications [50]. More specific use cases relate to the Internet of Medical Things [51] and Wireless Medical Sensor Networks [52], the Internet of Vehicles [53], vehicle-related technologies [54,55], supply chain provenance [56], and product tracking [57].
Different types of PUFs have been proposed and evaluated. The fingerprint of each IoT device can be generated based on capacitance or resistance values due to a coating layer of the device, device-specific drain voltage values of CMOS transistors, random differences between two delay paths, or random bits from an unstable SRAM state [58]. These physical values vary from device to device due to manufacturing variability and are used to derive a unique identifying key for each IoT device. More complex PUF examples include ring oscillators [59], XOR logic gate meshes [60], and flip-flop logic circuits [61].
PUFs based on the manufacturing variability of integrated circuits (such as microcontrollers, SRAM memory, etc.) can be employed to verify the identity of the integrated circuit (IC). To extend PUF to the PCB level of the IoT device, a resistor-capacitor (RC) PUF [62] can be used in conjunction with IC-level authentication to provide a board-level fingerprint [63].
There are two main authentication methods using PUF technology. The first method is based on the PUF value, which can be used as a cryptographic key, or its hash can be sent to the blockchain for verification [64]. The second method is based on the PUF function, where a challenge is given to the PUF function (e.g., a sequence of signal pulses), and the PUF function returns a response (e.g., a sequence of pulses, voltage waveform, etc.) [65]. The second method requires a third party that stores valid challenge-response pairs [66]. While challenge-response PUFs are considered strong PUFs, they are vulnerable to Machine Learning attacks [67], which can model PUF behavior based on collected challenge-response pairs [68].
Considering this, device verification based on PUFs should be performed locally on the device itself to avoid third-party storage and potential device ID counterfeiting using Machine Learning techniques. An approach where the device performs an integrity self-check is presented in [69] and can be expanded to mutual authentication [70].

1.2. Main Contributions

This paper focuses on an RC PUF that combines the fingerprint of both the PCB and the IC. The main contribution of this work is the development of a PUF that can be utilized for device self-checking. In other words, the PUF decodes the program code during device power-up or periodic device authentication. To enable this functionality, the firmware must be securely deployed on the IoT device. Subsequently, the PUF is used for authentication each time the device is utilized.
The proposed PUF offers a low-cost hardware solution that imposes minimal overhead on microcontroller resources and PCB design. PUF values rely on measurements of analog quantities, which are susceptible to measurement noise. Consequently, there may be limited distinction in PUF values between devices. To address this issue, the proposed PUF employs averaged batch measurements, significantly enhancing the uniqueness and precision of the PUF by two orders of magnitude.
Section 2 of the paper comprehensively describes the proposed PUF, offering insights into its design, architecture, and underlying principles. This section aims to provide readers with a thorough understanding of the PUF’s operational mechanisms and distinguishing features.
In Section 3, the measurement results obtained from practical experiments are presented and thoroughly analyzed. This section highlights the performance of the proposed PUF in real-world scenarios, discussing factors such as accuracy, reliability, uniqueness, and any observed limitations. The analysis provides valuable insights into the PUF’s behavior and performance characteristics, enabling researchers and practitioners to assess its practical feasibility and effectiveness. This section may include potential applications, areas for further research, and comparisons with existing PUF approaches.
The paper concludes with a Discussion section, where the implications of the research findings are discussed in a broader context. It serves as a platform for drawing conclusions based on the presented results and encourages further discourse on the proposed PUF and its implications.
Lastly, the paper includes a list of References, providing proper citations for the sources and works referenced throughout the paper. These references allow readers to delve deeper into related research and gain a broader perspective on the field of study.

2. Proposed PUF for Identity Authentication and Tamper Resistance

Strictly speaking, a PUF should take inputs and generate corresponding outputs. However, nowadays, the term “PUF” is often used as a general term for any method that provides hardware-based security relying on the physical properties of a device. This paper describes a PUF method that leverages inherent manufacturing variations in microcontrollers. By measuring and analyzing these physical properties, a PUF can generate a unique identifier or response that serves as a hardware-based fingerprint for the device. Therefore, the term “PUF” refers to the device fingerprint in this paper.
Each low-cost IoT device is built around a microcontroller. This section explains how to achieve an IoT device’s identity authentication and tamper resistance using a PUF. The proposed PUF is a chip-level and board-level PUF, which identifies a specific microcontroller on a specific PCB. It can detect if the microcontroller is replaced, and it can also detect if the “correct” microcontroller is placed on a different PCB, i.e., a different IoT device.
The schematic of the proposed PUF is shown in Figure 1. The PUF is based on the internal pull-up resistors of the microcontroller (RPU1 and RPU2) and an RC network (R1C1 and R2C2).
Identity authentication is based on the PUF value, which is determined by the resistors’ physical (analog) values, capacitors, power supply, and current consumption of the microcontroller’s analog comparator. The proposed PUF is designed for low-power, low-cost microcontrollers that lack additional security features, such as a secure chip or cryptographic co-processor. To demonstrate that the proposed PUF can be used for identity authentication and tamper resistance even on resource-constrained devices, it was implemented and tested on an Atmega328P microcontroller.
All microcontrollers have digital I/O pins, and for each I/O pin, a pull-up resistor can be enabled when the pin is used as an input pin. The pull-up resistor value is not critical and has a large tolerance. For the Atmega328P microcontroller, the pull-up resistor values (RPU1 and RPU2) range from 20 kΩ to 50 kΩ. Together with two external RC networks (R1C1 and R2C2), it forms an analog circuit whose response strongly depends on the selected components.
In the Introduction, various PUF methods and approaches were discussed. Our proposed PUF combines two methods: imperfections in the silicon die during chip manufacturing (values of internal pull-up resistors) and the time response of an RC network. RC networks are utilized in two different ways. First, the device measures the PUF value and uses it locally for self-checking, or a hash of the PUF value is sent to a blockchain for identification purposes. Second, the blockchain generates and sends a challenge to the IoT device. The challenge is fed to the RC network, and the output is sent back to the blockchain for verification. Our proposed PUF employs the first method because the challenge-response method has two main disadvantages. Achieving one-way communication with the blockchain is easier for resource-constrained IoT devices, while the challenge-response method requires two-way communication. In the challenge-response method, correct challenge-response pairs must be stored somewhere (either third-party storage or the blockchain), creating an additional attack vector. On the other hand, local measurement and usage of the PUF value eliminate such attack vectors.
The proposed PUF value is measured as follows:
  • The pull-up resistors are enabled, and capacitors C1 and C2 are charged to voltage values determined by the resistances of the internal pull-up resistors (RPU1 and RPU2) and external resistors (R1 and R2). Resistor R1 should have a lower resistance than R2 so that the voltage across capacitor C1 is lower than that across capacitor C2.
  • A timer is started when the pull-up resistors are disabled, and the charge stored in capacitors C1 and C2 starts to deplete through resistors R1 and R2, respectively. The capacitances of capacitors C1 and C2 should be chosen so that the time constant R1C1 is larger than the time constant of R2C2. This ensures that capacitor C1 discharges slower than capacitor C2.
  • The voltage values across capacitors C1 and C2 are monitored by an analog comparator, a built-in hardware feature found in most microcontrollers. When the voltage across capacitor C2 drops below that across capacitor C1, the analog comparator generates an interrupt that stops the timer.
  • The timer value corresponds to the proposed PUF value.
The voltage waveforms of a single PUF measurement are illustrated in Figure 2. The component values used in the RC networks are R1 = 10 kΩ, C1 = 47 nF, R2 = 100 kΩ, C2 = 2 nF. With a supply voltage of 5 V, the maximum voltage across capacitors C1 and C2 is 1 V and 3.4 V, respectively. The time interval that determines the PUF value is approximately 450 µs. During this interval, the timer counts several clock pulses, which becomes the proposed PUF value. After the PUF measurement, the timer is reset to zero, and the pull-up resistors are re-enabled to allow the capacitors to recharge. The capacitor recharging can be observed in Figure 2 as rising edges of the blue and purple traces.
To ensure that the capacitors are fully recharged between consecutive PUF measurements, a sufficient time interval for recharging should be provided. Figure 3 depicts the voltages across the capacitors during consecutive PUF measurements with a recharging time interval of approximately 10 ms. As mentioned earlier, the steady-state voltage values of the capacitors (while the pull-up resistors are enabled) differ due to the variations in the resistive dividers formed by RPU1-R1 and RPU2-R2.

3. Measurements

Measurements were conducted on 20 identical embedded boards equipped with Atmega328P microcontrollers, as shown in Figure 4. The testing aimed to determine if the proposed PUF could successfully identify a specific device, i.e., a specific microcontroller chip. All devices were connected to the same RC network for testing, as illustrated in Figure 5.
In the first test, the PUF value was measured 1000 times for each device under test (DUT). The results are presented in Figure 6. Each device is represented by a dot on the horizontal axis, indicating the average PUF value obtained from the 1000 measurements. Additionally, a vertical line is shown to depict each device’s range of measured PUF values. It can be observed that the average value for most devices (though not all) falls towards the lower end of the measured range. Furthermore, the measured range varies among the different devices.
To provide further insight into this behavior, Figure 7 illustrates the set of 1000 measurements obtained for a single device under test (DUT). Each point in the graph represents a single measurement of the PUF value. The variability in the measured values can be observed, indicating the inherent fluctuations in the physical properties that contribute to the PUF response.
Most measurements cluster closely around the average value (ranging from 6412 to 6424) in Figure 7, with a few peak values (6499, 6455, 6427, 6484) observed. In cases where the average values of the devices are situated in the middle of the measured range (e.g., device #11, #15, #18 in Figure 6), negative peak values are present, indicating values lower than the average.
These occasional unwanted peak values cannot be predicted, but their occurrence is infrequent, and they have a negligible effect on the overall average value of the measurements.
When conducting larger-scale measurements with 100,000 samples, positive and negative peaks are observed, with the average value centred within the measured range. In Figure 8, for 100,000 measurements, the measured range is consistent across all tested devices.
Although larger measurement sets result in improved distribution of values, conducting such measurements is time-consuming. For instance, obtaining 100,000 measurements can take approximately 15 min. In contrast, performing 1000 measurements requires around 10 s. Therefore, there is a trade-off between the level of distribution achieved and the time required to obtain the measurements.

3.1. Device Identification Using Proposed PUF

For the proposed PUF to effectively identify devices, each device’s PUF should be unique. In cryptographic applications, cryptographic keys with sufficiently large key spaces are commonly used. However, in the case of PUF values, which are inherently analog, the PUF value space is significantly smaller than the cryptographic essential space. In the laboratory testing of the devices, the average PUF values ranged from 6305.03 to 6633.05.
The resolution and precision of the PUF values are important parameters that define the PUF value space, i.e., the number of unique PUF values. Table 1 illustrates the impact of averaging measured PUF values on the resolution and precision of the PUF values. When a single PUF value measurement is used (batch size of 1 in Table 1), the measured values range from 6413 to 6499 (out of 100 measurements). With a single measurement, the relative error of the PUF value for a device is 1.34%. While this may seem acceptable for an analog PUF, it would perform poorly when unique device identification is required. Out of the 20 devices included in the laboratory testing, nine had their average PUF value, and 18 had their peak PUF value fall within the same range, as shown in Table 1 (6413–6499). Such resolution and precision of the PUF value are insufficient for reliable device identification.
To obtain PUF values with higher resolution and precision, batch measurements were employed, with batch sizes of 10, 100, and 1000 being evaluated. For example, with a batch size of 10, 10 single PUF measurements were taken, and the average value was calculated. The resolution and precision of the average PUF value (with a batch size of 10) are approximately an order of magnitude better than those obtained from a single PUF measurement. Larger batch sizes (100 and 1000) demonstrate even better results, with precisions of 0.0295% and 0.0159% (equivalent to an accuracy of 99.9841%). This represents an improvement of two orders of magnitude. Choosing the appropriate batch size is not straightforward and depends on the application or use case. Larger batch sizes offer higher precision and resolution but also increase the measurement time linearly (approximate measurement times for each batch size are provided in Table 1). Thus, a trade-off between precision and time should be considered to determine the most suitable batch size for a given application or use case.
This research focused on a batch size of 1000 measurements to determine the PUF values. The PUF value of each device was measured 100 times. With 20 devices included in the test, 2,000,000 single PUF measurements were conducted (20 devices × 100 PUF values × batch size of 1000). Table 2 presents the minimum and maximum values of the measured PUFs, while Figure 9 displays all the measured PUFs.
As previously mentioned, the PUF value has a certain accuracy, i.e., precision and resolution. PUF values fluctuate within a specific range of values, which becomes smaller with larger batch sizes. Table 2 provides each device’s minimum and maximum measured PUF values, corresponding to the PUFs shown in Figure 9. Among all the tested devices, only two partial overlaps in the PUF values exist. Devices #3 and #6 partially overlap for less than 30% of the PUF values. On the other hand, devices #15 and #20 overlap more significantly, accounting for up to 80% of the PUF values.

3.2. Tamper-Resistant Feature of the Proposed PUF

As explained in Section 3 and depicted in Figure 2, the PUF value is determined by the time it takes for the voltage across capacitor C2 (purple trace in Figure 2) to drop below the voltage across capacitor C1 (blue trace in Figure 2). Given that the PUF value is defined by a time interval, it is possible to measure the voltage waveforms across capacitors C1 and C2 to determine the PUF value of a specific device.
It is important to note that the time interval required for a single PUF measurement, as depicted in Figure 2, is fixed, and does not depend on the PUF value itself. The time interval for a single measurement is predetermined and significantly longer than the PUF value. For the PUF proposed in this paper, the time interval for a single measurement is set to approximately 10 ms, while the PUF value (in the time domain) is around 400 µs.
Table 3 presents the PUF values of a single device under three different scenarios. The first scenario represents the PUF value during normal operating conditions. The second scenario involves connecting an oscilloscope to capacitors C1 and C2 using additional jumper wires. The third scenario entails connecting only jumper wires to the device, with the other ends of the jumper wires left unconnected (“in the air”). The batch size is 1000, and the PUF measurement is repeated 100 times for each scenario. The results are also visualized in Figure 10.
These results demonstrate that the proposed PUF resists probing attempts, indicating tamper resistance. Also, the PUF is sensitive to small changes on and around the PCB, such as the addition of jumper wires, as it detects such alterations.
Comparing the PUF value for the “device only” scenario with the result for Device #20 in Table 2, a discrepancy can be observed: 6414 vs. 6420, respectively. This difference is attributed to the impact of temperature on the PUF value, a research topic planned for future work.
Cloning a device with an identical PUF value to the original device would require significant effort from an attacker. The duration of the exponential fall in Figure 2, which determines the PUF value, is determined by the RC network shown in Figure 1. The PUF value corresponds to the number of clock cycles from the beginning of the exponential fall to the point where the voltage across capacitor C2 drops below the voltage across capacitor C1. This time interval can be calculated using Equation (1):
t = R 1 C 1 R 2 C 2 R 2 C 2 R 1 C 1 l n R 1 R 2 + R P U 2 R 2 R 1 + R P U 1
With a microcontroller clock frequency of 16 MHz, each microsecond is equivalent to 16 clock cycles. The PUF time interval from Figure 2 is approximately 400 µs, resulting in a PUF value of around 6400. Each PUF value has a relative resolution/precision of 0.0159% (as shown in Table 1), translating to an absolute precision of approximately one clock cycle. For an attacker to falsify a PUF value on a different device or swap the microcontroller to a different RC network, all external components of the RC network would need to be matched with an error lower than 0.02%. To put this into perspective, state-of-the-art multi-turn trimmer resistors with 25 full turns (9000°) would need to be set with precision under 2°.
The proposed PUF fingerprint offers an additional benefit over challenge-response-based PUFs. With the advancement of machine learning techniques, it has become increasingly challenging to protect challenge-response PUFs against machine learning cloning attacks [67,68]. This provides an additional reason to develop fingerprint PUFs, which are used locally and, as a result, are less susceptible to machine learning attacks.

3.3. Comparison with State-of-the-Art

The main contribution of the proposed PUF method is the increased accuracy and reliability achieved through the use of averaged batch measurements. This characteristic of the proposed PUF is compared with state-of-the-art methods in Table 4.
Other common metrics to evaluate PUFs are Uniqueness, Uniformity, Reliability and Bias. Uniqueness refers to the property of a PUF where each instance or individual PUF produces a unique response or output when subjected to the same input or challenge. In other words, no two devices should generate identical PUF fingerprints or identical PUF responses for the same input. Uniqueness is a crucial property that ensures the distinctiveness and non-reproducibility of each PUF, making it suitable for various security applications.
Reliability is in literature often referred to as stability or robustness. Reliability in PUFs refers to the consistency and stability of the PUF’s response over time and environmental conditions. A reliable PUF consistently produces the same response when presented with the same challenge, even with variations such as temperature changes, aging effects, or power supply fluctuations. Reliability ensures that the PUF’s behavior remains consistent and predictable over its operational lifetime.
Uniformity refers to the property of a PUF where all the individual PUF instances or units exhibit similar characteristics and behavior. In other words, PUFs should have a high degree of uniformity, ensuring that the distribution of their responses or outputs across multiple units is statistically consistent. Uniformity is essential for achieving consistent and reliable behavior across different PUF instances.
In the context of PUFs, bias refers to any systematic deviation or non-randomness in the PUF’s response. Bias can occur due to factors such as manufacturing variations, asymmetries in the PUF structure, or environmental conditions. Bias in a PUF introduces a potential vulnerability, as an adversary may exploit these deviations to predict or manipulate the PUF’s output. Therefore, minimizing bias is crucial for ensuring the security and reliability of a PUF.
The presented paper introduces a fingerprint PUF, which allows the application of uniqueness and reliability metrics. However, uniformity and bias (also known as balance or uniformity) metrics only apply to challenge-response PUF types.
Both reliability and uniqueness metrics are determined by calculating the Hamming weights of the binary responses [73]. The measured PUF values needed to be converted from decimal to binary notation to calculate these metrics. For each measured PUF value (e.g., 6419.58), we first removed the decimal point (e.g., 641,958) and converted the resulting number to binary (e.g., 10011100101110100110). This binary representation was used to calculate the PUF metrics.
Reliability is calculated using Equation (2) [73], where T represents the total number of samples (PUF values) measured per device, t is the index of a sample (1 ≤ tT), N is the total number of devices used, n is the index of a device (1 ≤ nN), L is the total number of bits in a device ID (device PUF fingerprint value), l is the index of a bit in a device ID (1 ≤ lL), and r is the device response.
R e l i a b i l i t y = 1 1 T L t = 1 T l = 1 L r n , l r n , t , l ,
The ideal value for the reliability metric is 100%, but the proposed PUF has a calculated reliability of 75.20%. This lower value is mainly due to the aforementioned temperature dependence. However, this temperature dependence can be utilized as a feature, as a change in the PUF value can indicate overheating of a device. This information would be beneficial for low-power devices, which typically measure ambient temperature rather than the device’s temperature, especially if they lack a dedicated temperature sensor.
Uniqueness is calculated using Equation (3) [73], and a comparison with state-of-the-art is given in Table 5.
U n i q u e n e s s = 1 L 2 N N 1 l = 1 L i = 1 N 1 j = i + 1 N r i , l r j , l ,

4. Discussion

This paper proposes a PUF method for identity authentication and tamper resistance of IoT devices. The method leverages the high tolerance of the internal pull-up resistors in a microcontroller. Combining these resistors with an external RC network forms an analogue circuit, and its response is highly dependent on the selected components. To enhance the accuracy of the PUF method, the PUF value is calculated as the average value of batch measurements. By computing the average of numerous individual PUF measurements, the proposed method effectively determines the PUF value, leading to a substantial enhancement in accuracy, which is a main contribution of this work. The accuracy of the PUF value correlates with the batch size, with a trade-off of longer measurement time. This work used a batch size of 1000 measurements, taking approximately 10 s to complete on a low-cost microcontroller ATmega328P, achieving an accuracy of 99.9841% (relative error of 0.0159%).
Test results demonstrate the tamper resistance of the proposed PUF method against probing and its ability to detect even minor changes in the RC network, such as connected jumper wires left floating. Given the relatively long measurement time required, the proposed method is most suitable for sporadic checks, such as device self-check at startup, device identification, or payload signing during data transmission to the blockchain. The proposed PUF also exhibits temperature dependence, which can be utilized for auxiliary environmental monitoring. Still, further investigation of the temperature’s impact on the PUF value is left as future work.
The proposed PUF method offers a reliable solution for achieving identity authentication and tamper resistance in low-cost microcontrollers and IoT devices.

Author Contributions

Conceptualization, D.V. and K.M.; methodology, D.V. and K.M.; software, D.V.; validation, D.V., K.M., I.L. and M.K.; investigation, D.V., K.M., I.L. and M.K.; writing—original draft preparation, D.V.; writing—review and editing, D.V., K.M., I.L. and M.K.; visualization, D.V.; supervision, I.L. and M.K. All authors have read and agreed to the published version of the manuscript.

Funding

This research received no external funding.

Institutional Review Board Statement

Not applicable.

Informed Consent Statement

Not applicable.

Data Availability Statement

The data presented in this study are available on request from the corresponding author.

Conflicts of Interest

The authors declare no conflict of interest. The funders had no role in the study’s design; in the collection, analyses, or interpretation of data; in the writing of the manuscript; or in the decision to publish the results.

References

  1. Sey, C.; Lei, H.; Qian, W.; Li, X.; Fiasam, L.D.; Kodjiku, S.L.; Adjei-Mensah, I.; Agyemang, I.O. VBlock: A Blockchain-Based Tamper-Proofing Data Protection Model for Internet of Vehicle Networks. Sensors 2022, 22, 8083. [Google Scholar] [CrossRef]
  2. Roman, A.-S.; Genge, B.; Duka, A.-V.; Haller, P. Privacy-Preserving Tampering Detection in Automotive Systems. Electronics 2021, 10, 3161. [Google Scholar] [CrossRef]
  3. Alyahya, S.; Khan, W.U.; Ahmed, S.; Marwat, S.N.K.; Habib, S. Cyber Secure Framework for Smart Agriculture: Robust and Tamper-Resistant Authentication Scheme for IoT Devices. Electronics 2022, 11, 963. [Google Scholar] [CrossRef]
  4. Grecuccio, J.; Giusto, E.; Fiori, F.; Rebaudengo, M. Combining Blockchain and IoT: Food-Chain Traceability and Beyond. Energies 2020, 13, 3820. [Google Scholar] [CrossRef]
  5. Cano-Quiveu, G.; Ruiz-De-Clavijo-Vazquez, P.; Bellido, M.J.; Juan-Chico, J.; Viejo-Cortes, J.; Guerrero-Martos, D.; Ostua-Aranguena, E. Embedded LUKS (E-LUKS): A Hardware Solution to IoT Security. Electronics 2021, 10, 3036. [Google Scholar] [CrossRef]
  6. Alkurdi, F.; Elgendi, I.; Munasinghe, K.S.; Sharma, D.; Jamalipour, A. Blockchain in IoT Security: A Survey. In Proceedings of the 28th International Telecommunication Networks and Applications Conference (ITNAC), Sydney, NSW, Australia, 21–23 November 2018; pp. 1–4. [Google Scholar] [CrossRef]
  7. Wissner-Gross, A.D.; Willard, J.C.; Weston, N. Tamper-Proofing Imagery from Distributed Sensors Using Learned Blockchain Consensus. In Proceedings of the IEEE Applied Imagery Pattern Recognition Workshop (AIPR), Washington, DC, USA, 13–15 October 2020; pp. 1–4. [Google Scholar] [CrossRef]
  8. Tiberti, W.; Carmenini, A.; Pomante, L.; Cassioli, D. A Lightweight Blockchain-based Technique for Anti-Tampering in Wireless Sensor Networks. In Proceedings of the 23rd Euromicro Conference on Digital System Design (DSD), Kranj, Slovenia, 26–28 August 2020; pp. 577–582. [Google Scholar] [CrossRef]
  9. Ma, Z.; Wang, L.; Zhao, W. Blockchain-Driven Trusted Data Sharing with Privacy Protection in IoT Sensor Network. IEEE Sens. J. 2021, 21, 25472–25479. [Google Scholar] [CrossRef]
  10. Liu, H.; Shen, F.; Liu, Z.; Long, Y.; Liu, Z.; Sun, S.; Tang, S.; Gu, D. A Secure and Practical Blockchain Scheme for IoT. In Proceedings of the 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/13th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE), Rotorua, New Zealand, 5–8 August 2019; pp. 538–545. [Google Scholar] [CrossRef]
  11. Li, D.; Peng, W.; Deng, W.; Gai, F. A Blockchain-Based Authentication and Security Mechanism for IoT. In Proceedings of the 27th International Conference on Computer Communication and Networks (ICCCN), Hangzhou, China, 30 July–2 August 2018; pp. 1–6. [Google Scholar] [CrossRef]
  12. Wang, C.-H.; Hsu, C.-H. Blockchain of Resource-Efficient Anonymity Protection with Watermarking for IoT Big Data Market. Cryptography 2022, 6, 49. [Google Scholar] [CrossRef]
  13. Nguyen, L.D.; Kalør, A.E.; Leyva-Mayorga, I.; Popovski, P. Trusted Wireless Monitoring based on Distributed Ledgers over NB-IoT Connectivity. IEEE Commun. Mag. 2020, 58, 77–83. [Google Scholar] [CrossRef]
  14. Pelekoudas-Oikonomou, F.; Zachos, G.; Papaioannou, M.; de Ree, M.; Ribeiro, J.C.; Mantas, G.; Rodriguez, J. Blockchain-Based Security Mechanisms for IoMT Edge Networks in IoMT-Based Healthcare Monitoring Systems. Sensors 2022, 22, 2449. [Google Scholar] [CrossRef]
  15. Lin, I.-C.; Chang, C.-C.; Chang, Y.-S. Data Security and Preservation Mechanisms for Industrial Control Network Using IOTA. Symmetry 2022, 14, 237. [Google Scholar] [CrossRef]
  16. Bhattacharjya, A.; Kozdrój, K.; Bazydło, G.; Wisniewski, R. Trusted and Secure Blockchain-Based Architecture for Internet-of-Medical-Things. Electronics 2022, 11, 2560. [Google Scholar] [CrossRef]
  17. Uddin, M.; Muzammal, M.; Hameed, M.K.; Javed, I.T.; Alamri, B.; Crespi, N. CBCIoT: A Consensus Algorithm for Blockchain-Based IoT Applications. Appl. Sci. 2021, 11, 11011. [Google Scholar] [CrossRef]
  18. Bracciale, L.; Loreti, P.; Pisa, C.; Shahidi, A. Secure Path: Block-Chaining IoT Information for Continuous Authentication in Smart Spaces. IoT 2021, 2, 326–340. [Google Scholar] [CrossRef]
  19. Pop, C.; Antal, M.; Cioara, T.; Anghel, I.; Sera, D.; Salomie, I.; Raveduto, G.; Ziu, D.; Croce, V.; Bertoncini, M. Blockchain-Based Scalable and Tamper-Evident Solution for Registering Energy Data. Sensors 2019, 19, 3033. [Google Scholar] [CrossRef] [Green Version]
  20. Mustapää, T.; Tunkkari, H.; Taponen, J.; Immonen, L.; Heeren, W.; Baer, O.; Brown, C.; Viitala, R. Secure Exchange of Digital Metrological Data in a Smart Overhead Crane. Sensors 2022, 22, 1548. [Google Scholar] [CrossRef] [PubMed]
  21. Hussein, S.M.; Ramos, J.A.L.; Ashir, A.M. A Secure and Efficient Method to Protect Communications and Energy Consumption in IoT Wireless Sensor Networks. Electronics 2022, 11, 2721. [Google Scholar] [CrossRef]
  22. Noseda, M.; Zimmerli, L.; Schläpfer, T.; Rüst, A. Performance Analysis of Secure Elements for IoT. IoT 2022, 3, 1–28. [Google Scholar] [CrossRef]
  23. Park, J.; Kim, K. TM-Coin: Trustworthy management of TCB measurements in IoT. In Proceedings of the IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops), Kona, HI, USA, 13–17 March 2017; pp. 654–659. [Google Scholar] [CrossRef]
  24. Enkhtaivan, B.; Inoue, A. Mediating Data Trustworthiness by Using Trusted Hardware between IoT Devices and Blockchain. In Proceedings of the IEEE International Conference on Smart Internet of Things (SmartIoT), Beijing, China, 14–16 August 2020; pp. 314–318. [Google Scholar] [CrossRef]
  25. Muijlwijk, L.; Scott, J. Acoustic tamper detection sensor with very low false alarm rate. In Proceedings of the 42nd Annual IEEE International Carnahan Conference on Security Technology, Prague, Czech Republic, 13–16 October 2008; pp. 94–97. [Google Scholar] [CrossRef]
  26. Hoang, A.T.; Coonley, K.D.; Nekoogar, F.; Reynolds, M.S. A battery-free RFID sensor tag with fiber-optic tamper detection. In Proceedings of the 2016 IEEE SENSORS, Orlando, FL, USA, 30 October–3 November 2016; pp. 1–3. [Google Scholar] [CrossRef]
  27. Anjum, N.; Hammad, S.; Faheem, M. Passive design technique for tamper-resistant embedded system. In Proceedings of the 15th International Bhurban Conference on Applied Sciences and Technology (IBCAST), Islamabad, Pakistan, 9–13 January 2018; pp. 427–430. [Google Scholar] [CrossRef]
  28. Weiner, M.; Manich, S.; Rodriguez-Montanes, R.; Sigl, G. The Low Area Probing Detector as a Countermeasure Against Invasive Attacks. IEEE Trans. Very Large Scale Integr. Syst. 2018, 26, 392–403. [Google Scholar] [CrossRef] [Green Version]
  29. Miura, N.; Fujimoto, D.; Tanaka, D.; Hayashi, Y.-I.; Homma, N.; Aoki, T.; Nagata, M. A local EM-analysis attack resistant cryptographic engine with fully-digital oscillator-based tamper-access sensor. In Proceedings of the Symposium on VLSI Circuits Digest of Technical Papers, Honolulu, HI, USA, 10–13 June 2014; pp. 1–2. [Google Scholar] [CrossRef]
  30. Immler, V.; Obermaier, J.; Konig, M.; Hiller, M.; Sig, G. B-TREPID: Batteryless tamper-resistant envelope with a PUF and integrity detection. In Proceedings of the IEEE International Symposium on Hardware Oriented Security and Trust (HOST), Washington, DC, USA, 30 April–4 May 2018; pp. 49–56. [Google Scholar] [CrossRef]
  31. Vasile, D.C.; Svasta, P.M. Temperature sensitive active tamper detection circuit. In Proceedings of the IEEE 23rd International Symposium for Design and Technology in Electronic Packaging (SIITME), Constanta, Romania, 26–29 October 2017; pp. 175–178. [Google Scholar] [CrossRef]
  32. Eren, H.; Sandor, L.D. Fringe-Effect Capacitive Proximity Sensors for Tamper Proof Enclosures. In Proceedings of the 2005 Sensors for Industry Conference, Houston, TX, USA, 8–10 February 2005; pp. 22–26. [Google Scholar] [CrossRef]
  33. Lu, M.-C.; Huang, Q.-X.; Chiu, M.-Y.; Tsai, Y.-C.; Sun, H.-M. PSPS: A Step toward Tamper Resistance against Physical Computer Intrusion. Sensors 2022, 22, 1882. [Google Scholar] [CrossRef]
  34. Kim, B.; Yoon, S.; Kang, Y. PUF-based IoT Device Authentication Scheme on IoT Open Platform. In Proceedings of the International Conference on Information and Communication Technology Convergence (ICTC), Jeju Island, Republic of Korea, 20–22 October 2021; pp. 1873–1875. [Google Scholar] [CrossRef]
  35. Cui, P.; Guin, U. Countering Botnet of Things using Blockchain-Based Authenticity Framework. In Proceedings of the IEEE Computer Society Annual Symposium on VLSI (ISVLSI), Miami, FL, USA, 15–17 July 2019; pp. 598–603. [Google Scholar] [CrossRef]
  36. Choi, P.; Kim, D.K. Design of security enhanced TPM chip against invasive physical attacks. In Proceedings of the IEEE International Symposium on Circuits and Systems (ISCAS), Seoul, Republic of Korea, 20–23 May 2012; pp. 1787–1790. [Google Scholar] [CrossRef]
  37. Zhang, Y.; Li, B.; Liu, B.; Hu, Y.; Zheng, H. A Privacy-Aware PUFs-Based Multiserver Authentication Protocol in Cloud-Edge IoT Systems Using Blockchain. IEEE Internet Things J. 2021, 8, 13958–13974. [Google Scholar] [CrossRef]
  38. Kim, B.; Yoon, S.; Kang, Y. Reinforcement of IoT Open Platform Security using PUF-based Device Authentication. In Proceedings of the 13th International Conference on Information and Communication Technology Convergence (ICTC), Jeju Island, Republic of Korea, 19–21 October 2022; pp. 1969–1971. [Google Scholar] [CrossRef]
  39. Yoon, S.; Kim, B.; Kang, Y. Multiple PUF-based lightweight authentication method in the IoT. In Proceedings of the International Conference on Information and Communication Technology Convergence (ICTC), Jeju Island, Republic of Korea, 20–22 October 2021; pp. 1198–1200. [Google Scholar] [CrossRef]
  40. Felicetti, C.; Lanuzza, M.; Rullo, A.; Sacca, D.; Crupi, F. Exploiting Silicon Fingerprint for Device Authentication Using CMOS-PUF and ECC. In Proceedings of the IEEE International Conference on Smart Internet of Things (SmartIoT), Jeju Island, Republic of Korea, 13–15 August 2021; pp. 229–236. [Google Scholar] [CrossRef]
  41. Hassija, V.; Chamola, V.; Gupta, V.; Jain, S.; Guizani, N. A Survey on Supply Chain Security: Application Areas, Security Threats, and Solution Architectures. IEEE Internet Things J. 2021, 8, 6222–6246. [Google Scholar] [CrossRef]
  42. Yuan, P.; Li, B.; Zhang, Y.; Wu, J.; Zheng, H.; Wang, C. A PUF-Based Lightweight Broadcast Authentication Protocol for Multi-Server Systems Using Blockchain. In Proceedings of the IEEE 6th International Conference on Signal and Image Processing (ICSIP), Nanjing, China, 22–24 October 2021; pp. 1035–1041. [Google Scholar] [CrossRef]
  43. Guin, U.; Cui, P.; Skjellum, A. Ensuring Proof-of-Authenticity of IoT Edge Devices Using Blockchain Technology. In Proceedings of the IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), Halifax, NS, Canada, 30 July–3 August 2018; pp. 1042–1049. [Google Scholar] [CrossRef]
  44. Guan, Z.; Zhao, Y.; Li, D.; Liu, J. TBDCT: A Framework of Trusted Big Data Collection and Trade System Based on Blockchain and TSM. In Proceedings of the IEEE International Conference on Smart Cloud (SmartCloud), New York, NY, USA, 21–23 September 2018; pp. 77–83. [Google Scholar] [CrossRef]
  45. Islam, N.; Patii, V.C.; Kundu, S. On IC traceability via blockchain. In Proceedings of the International Symposium on VLSI Design, Automation and Test (VLSI-DAT), Hsinchu, Taiwan, 16–19 April 2018; pp. 1–4. [Google Scholar] [CrossRef]
  46. Yan, W.; Zhang, N.; Njilla, L.L.; Zhang, X. PCBChain: Lightweight Reconfigurable Blockchain Primitives for Secure IoT Applications. IEEE Trans. Very Large Scale Integr. Syst. 2020, 28, 2196–2209. [Google Scholar] [CrossRef]
  47. Zhao, J.; Bian, W.; Xu, D.; Jie, B.; Ding, X.; Zhou, W.; Zhang, H. A Secure Biometrics and PUFs-Based Authentication Scheme with Key Agreement for Multi-Server Environments. IEEE Access 2020, 8, 45292–45303. [Google Scholar] [CrossRef]
  48. Choi, J.; Ahn, B.; Pedavalli, S.; Ahmad, S.; Villasenor, A.; Kim, T. Secure Firmware Update and Device Authentication for Smart Inverters using Blockchain and Phyiscally Uncloable Function (PUF)-Embedded Security Module. In Proceedings of the 6th IEEE Workshop on the Electronic Grid (eGRID), New Orleans, LA, USA, 8–10 November 2021; pp. 1–4. [Google Scholar] [CrossRef]
  49. Diedhiou, O.N.; Diallo, C. An IoT mutual authentication scheme based on PUF and blockchain. In Proceedings of the International Conference on Computational Science and Computational Intelligence (CSCI), Las Vegas, NV, USA, 16–18 December 2020; pp. 1034–1040. [Google Scholar] [CrossRef]
  50. Rahim, K.; Tahir, H.; Ikram, N. Sensor Based PUF IoT Authentication Model for a Smart Home with Private Blockchain. In Proceedings of the International Conference on Applied and Engineering Mathematics (ICAEM), Taxila, Pakistan, 4–5 September 2018; pp. 102–108. [Google Scholar] [CrossRef]
  51. Jia, X.; Luo, M.; Wang, H.; Shen, J.; He, D. A Blockchain-Assisted Privacy-Aware Authentication Scheme for Internet of Medical Things. IEEE Internet Things J. 2022, 9, 21838–21850. [Google Scholar] [CrossRef]
  52. Yu, S.; Park, Y. A Robust Authentication Protocol for Wireless Medical Sensor Networks Using Blockchain and Physically Unclonable Functions. IEEE Internet Things J. 2022, 9, 20214–20228. [Google Scholar] [CrossRef]
  53. Javaid, U.; Aman, M.N.; Sikdar, B. A Scalable Protocol for Driving Trust Management in Internet of Vehicles with Blockchain. IEEE Internet Things J. 2020, 7, 11815–11829. [Google Scholar] [CrossRef]
  54. Lu, D.; Moreno-Sanchez, P.; Zeryihun, A.; Bajpayi, S.; Yin, S.; Feldman, K.; Kosofsky, J.; Mitra, P.; Kate, A. Reducing Automotive Counterfeiting Using Blockchain: Benefits and Challenges. In Proceedings of the IEEE International Conference on Decentralized Applications and Infrastructures (DAPPCON), Newark, CA, USA, 4–9 April 2019; pp. 39–48. [Google Scholar] [CrossRef]
  55. Alshaeri, A.; Younis, M. Lightweight Authentication and Authorization Protocol for Dynamic Charging of Electric Vehicles. In Proceedings of the IEEE 19th Annual Consumer Communications & Networking Conference (CCNC), Las Vegas, NV, USA, 8–11 January 2022; pp. 550–556. [Google Scholar] [CrossRef]
  56. Cui, P.; Dixon, J.; Guin, U.; Dimase, D. A Blockchain-Based Framework for Supply Chain Provenance. IEEE Access 2019, 7, 157113–157125. [Google Scholar] [CrossRef]
  57. Davies, J.; Wang, Y. Physically Unclonable Functions (PUFs): A New Frontier in Supply Chain Product and Asset Tracking. IEEE Eng. Manag. Rev. 2021, 49, 116–125. [Google Scholar] [CrossRef]
  58. Niya, S.R.; Jeffrey, B.; Stiller, B. KYoT: Self-sovereign IoT Identification with a Physically Unclonable Function. In Proceedings of the IEEE 45th Conference on Local Computer Networks (LCN), Sydney, NSW, Australia, 16–19 November 2020; pp. 485–490. [Google Scholar] [CrossRef]
  59. Amsaad, F.; Oun, A.; Niamat, M.Y.; Razaque, A.; Kose, S.; Mahmoud, M.; Alasmary, W.; Alsolami, F. Enhancing the Performance of Lightweight Configurable PUF for Robust IoT Hardware-Assisted Security. IEEE Access 2021, 9, 136792–136810. [Google Scholar] [CrossRef]
  60. Rajan, A.; Sankaran, S. Lightweight and Attack-resilient PUF for Internet of Things. In Proceedings of the IEEE International Symposium on Smart Electronic Systems (iSES) (Formerly iNiS), Chennai, India, 14–16 December 2020; pp. 139–142. [Google Scholar] [CrossRef]
  61. Hemavathy, S.; Bhaaskaran, V.S.K. Double Edge-Triggered Tristate Flip-Flop Physical Unclonable Function for Secure IoT Ecosystem. In Proceedings of the IEEE International Symposium on Smart Electronic Systems (iSES), Jaipur, India, 18–22 December 2021; pp. 44–47. [Google Scholar] [CrossRef]
  62. Yoon, S.; Kim, B.; Kim, K.; Kang, Y. Enhancing IoT security with PUF-based authentication scheme. In Proceedings of the 13th International Conference on Information and Communication Technology Convergence (ICTC), Jeju Island, Republic of Korea, 19–21 October 2022; pp. 2319–2321. [Google Scholar] [CrossRef]
  63. Hou, F.; He, H.; Xiao, N.; Liu, F. Board-level authentication through I/O fingerprinter. In Proceedings of the IEEE International Conference on Signal Processing, Communications and Computing (ICSPCC), Xi’an, China, 14–16 September 2011; pp. 1–4. [Google Scholar] [CrossRef]
  64. Ghafi, B.K.; Maybodi, B.M.-N. A Distributed PUF-Based Mutual Authentication System with Self-Correction. In Proceedings of the 28th Iranian Conference on Electrical Engineering (ICEE), Tabriz, Iran, 4–6 August 2020; pp. 1–5. [Google Scholar] [CrossRef]
  65. Liu, B.; Chen, Z.; Zhang, Y.; Xiong, L.; Yang, X.; Chen, S.; Li, B. A New Group-to-Group Authentication Scheme Based on PUFs and Blockchain. In Proceedings of the IEEE 4th International Conference on Signal and Image Processing (ICSIP), Wuxi, China, 19–21 July 2019; pp. 279–283. [Google Scholar] [CrossRef]
  66. Chaudhary, C.K.; Chatterjee, U.; Mukhopadhayay, D. Auto-PUFChain: An Automated Interaction Tool for PUFs and Blockchain in Electronic Supply Chain. In Proceedings of the Asian Hardware Oriented Security and Trust Symposium (AsianHOST), Shanghai, China, 16–18 December 2021; pp. 1–4. [Google Scholar] [CrossRef]
  67. Wu, L.; Hu, Y.; Zhang, K.; Li, W.; Xu, X.; Chang, W. FLAM-PUF: A Response–Feedback-Based Lightweight Anti-Machine-Learning-Attack PUF. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 2022, 41, 4433–4444. [Google Scholar] [CrossRef]
  68. Zhang, J.; Shen, C.; Guo, Z.; Wu, Q.; Chang, W. CT PUF: Configurable Tristate PUF Against Machine Learning Attacks for IoT Security. IEEE Internet Things J. 2022, 9, 14452–14462. [Google Scholar] [CrossRef]
  69. Park, T.; Shin, K. Soft tamper-proofing via program integrity verification in wireless sensor networks. IEEE Trans. Mob. Comput. 2005, 4, 297–309. [Google Scholar] [CrossRef]
  70. Lounis, K.; Zulkernine, M. T2T-MAP: A PUF-Based Thing-to-Thing Mutual Authentication Protocol for IoT. IEEE Access 2021, 9, 137384–137405. [Google Scholar] [CrossRef]
  71. Oh, M.-K.; Lee, S.; Kang, Y.; Choi, D. Wireless Transceiver Aided Run-Time Secret Key Extraction for IoT Device Security. IEEE Trans. Consum. Electron. 2020, 66, 11–21. [Google Scholar] [CrossRef]
  72. Nguyen, D.D.N.; Sood, K.; Nosouhi, M.R.; Xiang, Y.; Gao, L.; Chi, L. RF Fingerprinting-Based IoT Node Authentication Using Mahalanobis Distance Correlation Theory. IEEE Netw. Lett. 2022, 4, 78–81. [Google Scholar] [CrossRef]
  73. Maiti, A.; Gunreddy, V.; Schaumont, P. A systematic method to evaluate and compare the performance of physical unclonable functions. In Embedded Systems Design with FPGAs; Athanas, P., Pnevmatikatos, D., Sklavos, N., Eds.; Springer: Berlin/Heidelberg, Germany, 2013; pp. 245–267. [Google Scholar]
  74. Li, H.; Jin, Y.; Han, K.; Yu, D. A Lightweight XOR-PUF Structure for Resource Constrained Smart Device. In Proceedings of the IEEE 8th Global Conference on Consumer Electronics (GCCE), Osaka, Japan, 15–18 October 2019; pp. 168–169. [Google Scholar] [CrossRef]
  75. Sahithi, K.; Murty, N. Delay based Physical Unclonable Function for Hardware Security and Trust. In Proceedings of the International Conference on Advances in Computing, Communications and Informatics (ICACCI), Bangalore, India, 19–22 September 2018; pp. 797–803. [Google Scholar] [CrossRef]
  76. Wei, L.; Song, C.; Liu, Y.; Zhang, J.; Yuan, F.; Xu, Q. BoardPUF: Physical Unclonable Functions for printed circuit board authentication. In Proceedings of the IEEE/ACM International Conference on Computer-Aided Design (ICCAD), Austin, TX, USA, 2–6 November 2015; pp. 152–158. [Google Scholar] [CrossRef]
  77. Zhang, F.; Hennessy, A.; Bhunia, S. Robust counterfeit PCB detection exploiting intrinsic trace impedance variations. In Proceedings of the IEEE 33rd VLSI Test Symposium (VTS), Napa, CA, USA, 27–29 April 2015; pp. 1–6. [Google Scholar] [CrossRef]
Sensors 23 06769 g001 550
Figure 1. Schematic of proposed PUF.
Figure 1. Schematic of proposed PUF.
Sensors 23 06769 g001
Sensors 23 06769 g002 550
Figure 2. Voltage waveforms for a PUF measurement, UC1 (blue trace), UC2 (purple trace), R1 = 10 kΩ, C1 = 47 nF, R2 = 100 kΩ, C2 = 2 nF.
Figure 2. Voltage waveforms for a PUF measurement, UC1 (blue trace), UC2 (purple trace), R1 = 10 kΩ, C1 = 47 nF, R2 = 100 kΩ, C2 = 2 nF.
Sensors 23 06769 g002
Sensors 23 06769 g003 550
Figure 3. Voltage waveforms during consecutive PUF measurements, UC1 (blue trace), UC2 (purple trace), R1 = 10 kΩ, C1 = 47 nF, R2 = 100 kΩ, C2 = 2 nF.
Figure 3. Voltage waveforms during consecutive PUF measurements, UC1 (blue trace), UC2 (purple trace), R1 = 10 kΩ, C1 = 47 nF, R2 = 100 kΩ, C2 = 2 nF.
Sensors 23 06769 g003
Sensors 23 06769 g004 550
Figure 4. Devices under test (DUTs) are used for measurements.
Figure 4. Devices under test (DUTs) are used for measurements.
Sensors 23 06769 g004
Sensors 23 06769 g005 550
Figure 5. Device #20 is connected to the RC network on the protoboard.
Figure 5. Device #20 is connected to the RC network on the protoboard.
Sensors 23 06769 g005
Sensors 23 06769 g006 550
Figure 6. PUF value range (line) and average value (dot) for each DUT with 1000 PUF measurements.
Figure 6. PUF value range (line) and average value (dot) for each DUT with 1000 PUF measurements.
Sensors 23 06769 g006
Sensors 23 06769 g007 550
Figure 7. Set of 1000 PUF measurements for a single device.
Figure 7. Set of 1000 PUF measurements for a single device.
Sensors 23 06769 g007
Sensors 23 06769 g008 550
Figure 8. PUF value range (line) and average value (dot) for each DUT with 100,000 PUF measurements.
Figure 8. PUF value range (line) and average value (dot) for each DUT with 100,000 PUF measurements.
Sensors 23 06769 g008
Sensors 23 06769 g009 550
Figure 9. Measured PUFs for all test devices (#1–#20); 100 measurements with batch size = 1000.
Figure 9. Measured PUFs for all test devices (#1–#20); 100 measurements with batch size = 1000.
Sensors 23 06769 g009
Sensors 23 06769 g010 550
Figure 10. Measured PUFs for a single device (#20) in different scenarios; 100 measurements with batch size = 1000.
Figure 10. Measured PUFs for a single device (#20) in different scenarios; 100 measurements with batch size = 1000.
Sensors 23 06769 g010
Table
Table 1. PUF resolution/precision.
Table 1. PUF resolution/precision.
Batch SizeAverage PUF
(Max. Value)		Average PUF
(Min. Value)		Absolute ErrorRelative Error [%]Measurement
Time
164996413861.3410≈10 ms
106423.16415.27.90.1232≈100 ms
1006417.756415.861.890.0295≈1 s
10006415.456414.431.020.0159≈10 s
Table
Table 2. Measured PUFs for all test devices (#1–#20); 100 measurements with batch size = 1000.
Table 2. Measured PUFs for all test devices (#1–#20); 100 measurements with batch size = 1000.
Device No.Minimal PUF ValueMaximal PUF Value
#16575.216577.5
#26577.836580.37
#36529.426532.37
#46488.956491.48
#56495.326498.12
#66531.636534.21
#76590.336594.82
#86441.836444.54
#96628.456633.05
#106485.056488.91
#116432.756434.68
#126520.986522.56
#136355.166358.86
#146473.386478.79
#156414.146415.94
#166406.196409.33
#176305.036308.24
#186367.216369.39
#196420.986425.99
#206413.796415.48
Table
Table 3. Measured PUFs for a single device (#20); 100 measurements with batch size = 1000.
Table 3. Measured PUFs for a single device (#20); 100 measurements with batch size = 1000.
ScenarioMinimal PUF ValueMaximal PUF Value3
Device only6419.586421.41
With oscilloscope6396.196397.77
With jumper wires6451.926453.54
Table
Table 4. Accuracy: comparison with state-of-the-art.
Table 4. Accuracy: comparison with state-of-the-art.
PUF DesignPublication YearPUF Accuracy
c-ROPUF [59]202199.63%
XOR-mesh PUF [60]202092.87%
DETTFF PUF [61]202198.17%
SRAM PUF [71]202097.73%
RF PUF [72]202299.28%
This workThis work99.98%
Table
Table 5. Uniqueness: comparison with state-of-the-art.
Table 5. Uniqueness: comparison with state-of-the-art.
PUF DesignPublication YearUniqueness (50% Is Ideal)
c-ROPUF [59]202149.90%
XOR-mesh PUF [60]202044.64%
DETTFF PUF [61]202154.50%
XOR-PUF [74]201947.00%
XOR FF APUF [75]201843–48%
BoardPUF [76]201547.21%
PCB PUF [77]201547.94%
This workThis work43.16%
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Vinko, D.; Miličević, K.; Lukić, I.; Köhler, M. Microcontroller-Based PUF for Identity Authentication and Tamper Resistance of Blockchain-Compliant IoT Devices. Sensors 2023, 23, 6769. https://doi.org/10.3390/s23156769

AMA Style

Vinko D, Miličević K, Lukić I, Köhler M. Microcontroller-Based PUF for Identity Authentication and Tamper Resistance of Blockchain-Compliant IoT Devices. Sensors. 2023; 23(15):6769. https://doi.org/10.3390/s23156769

Chicago/Turabian Style

Vinko, Davor, Kruno Miličević, Ivica Lukić, and Mirko Köhler. 2023. "Microcontroller-Based PUF for Identity Authentication and Tamper Resistance of Blockchain-Compliant IoT Devices" Sensors 23, no. 15: 6769. https://doi.org/10.3390/s23156769

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop