Securing Distributed Elements Connected to a Network with Addressable Physically Unclonable Functions (PUFs)

Description

The technology uses of an array of physical unclonable functions (PUFs), enhancing the security of distributed elements (e.g., subscriber identity module or SIM card) that use security systems. Distributed elements do not need the capability to store or memorize authentication patterns, because they can be stored within a secure host server. This technology is based on the replacement of the hackable storage of secure keys, in the distributed elements, by arrays of addressable PUF generators (APG), which do not have storage capabilities. Also, the methods used replace the single static master key with a dynamic key assignment generated by the APGs. Traditional authentication mechanisms can be combined with hash functions on both the network and the user sides, referred to as AAH (APG-based authentication and hashing). Finally, the security protocols have two steps: personalization and authentication.

Additional information

Patent number and inventor

16/492,562

Bertrand Cambou and Abolfazl Razi.

Potential applications

This technology is designed for use with cryptographic systems and authentication methods.

Benefits and advantages

In many network communication systems, the systems’ secure elements are exposed to side channel attack when the static secret key stored in the device is compromised. The methods and system of the current technology use a set of protocols based on APGs, which protect the distributed network elements by generating dynamic secure keys. As a result, the passwords and secret keys do not require the storage in a database. Hence, the network devices are immune to traditional database attacks.

Case number and licensing status

2017-019

This invention is available for licensing.