Print Email Facebook Twitter Design & development of public-key based authentication architecture for IoT devices using PUF Title Design & development of public-key based authentication architecture for IoT devices using PUF Author Akhundov, H. Contributor Hamdioui, S. (mentor) Faculty Electrical Engineering, Mathematics and Computer Science Department Quantum Engineering Programme Computer Engineering Project CE-MS-2017-02 Date 2017-01-30 Abstract Secure communication has been paramount throughout history. Although in the early ages it was mainly found in niche applications such as the military and royal society, today it is an inevitable part of our daily lives. The recent rapid proliferation of Internet of Things (IoT), a diverse set of devices that are connected to the Internet, imposes new challenges in protecting our privacy and security in our daily connected lives. In most cases, one-size-fits-all security solutions are inefficient; therefore, we need high-quality application-specific solutions. This thesis designs, develops and evaluates a secure communication architecture based on Static Random-Access Memory (SRAM) Physical Unclonable Function (PUF) technology and Elliptic Curve Cryptography (ECC) for IoT devices in collaboration with Intrinsic ID, a world leading PUF technology company. SRAM PUF is a popular emerging hardware intrinsic security primitive: its start-up values (SUV) can be used to uniquely identify and authenticate silicon, due to the hard to clone, inherent and device unique deep-submicron process variations. ECC is an approach to public-key cryptography, which can be used to establish shared secret keys among parties; it has been gaining popularity among lightweight IoT devices because achieving equivalent security level requires significantly smaller operands when compared to other approaches. Our solution consists of two systematic steps: (1) development of a cryptographic protocol which utilizes PUF-derived key as the root-of-trust, while keeping the area constraint into account, and (2) design and development of a modular hardware architecture that supports the protocol. We propose four protocol variants with trade-offs related to security versus implementation requirements. Further, we verify and prototype one protocol variant on the Xilinx Zynq-7000 APSoC device, and analyze its practicality as well as its feasibility. The prototype offers interesting insights and lays a solid foundation for future research. Subject SecurityauthenticationPUFpublic-key cryptographyprotocolcommunication To reference this document use: http://resolver.tudelft.nl/uuid:58ad76d8-4552-461e-aa61-54299d021bd1 Part of collection Student theses Document type master thesis Rights (c) 2017 Akhundov, H. Files PDF Thesis_report_Haji.pdf 2.52 MB Close viewer /islandora/object/uuid:58ad76d8-4552-461e-aa61-54299d021bd1/datastream/OBJ/view