Feasibility of PUF-Based Authentication on ATtiny Devices with Off-the-Shelf SRAM

Abstract

With the proliferation of connected IoT devices over the last decade, security has become one of the most pronounced areas of technical concern. Furthermore, the most important challenge being device authentication and trust management of resource constrained IoT devices. Public-key-based authentication may be computationally expensive for such capability constrained devices if they are not designed for those applications. Recently the use of Physically Unclonable Functions (PUFs) in IoT authentication has gained significant research interest as they are providing a promising low-cost solution to the existing challenges. PUFs are a class of "physical variations"that promise intrinsic security and are inherently lightweight. In this paper we present a practical design of an authentication scheme that can be implemented on a class of resource constrained microcontrollers. It employs off-the-shelf SRAM as PUF to produce cryptographic keys as well as random numbers. The feasibility evaluation is supported by implementation of a helper data scheme on an ATtiny45 microcontroller. Experimental results and observations show the suitability of the off-the-shelf SRAM and the efficiency of the authentication scheme.