Physically Related Functions: Exploiting Related Inputs of PUFs for Authenticated-Key Exchange
Abstract
This paper initiates the study of 'Cryptophasia in Hardware' - a phenomenon that allows hardware circuits/devices with no pre-established secret keys to securely exchange secret information over insecure communication networks. The study of cryptophasia is motivated by the need to establish secure communication channels between lightweight resource-constrained devices incapable of securely storing cryptographic keys and/or executing resource-intensive cryptographic protocols. In this paper, we introduce a novel concept called Physically Related Functions (PReFs) that can exchange secret information in a secure and authenticated manner over insecure networks. This function can be visualized as an abstraction of Strong Physically Unclonable Functions (PUFs). Strong PUFs have the limitation in communicating between two identical devices, an issue that we address in the definition of PReFs. We describe a formal framework for analyzing the functional and security requirements of PReFs. In this framework, we present a lightweight (in terms of computation cost) yet provably secure authenticated key-exchange protocol that relies only on PReFs and makes no additional assumptions (such as secure storage of cryptographic keys). Finally, we present a proof-of-concept realization of PReFs in hardware over Digilent Cora Z7 - a low-cost development platform (consisting of an ARM Cortex processor and a Xilinx FPGA) that is particularly suitable for real-world IoT applications involving resource-constrained devices. We validate that our realization of PReFs satisfies all the properties warranted by our formal framework. We further demonstrate the efficacy of our proposed protocol by analyzing its performance (in terms of computational and communication latency) over the Digilent Cora Z7 platform.