Indonesian
J
our
nal
of
Electrical
Engineering
and
Computer
Science
V
ol.
24,
No.
3,
December
2021,
pp.
1392
1398
ISSN:
2502-4752,
DOI:
10.11591/ijeecs.v24.i3.pp1392-1398
r
1392
Pr
oof
of
concept
f
or
lightweight
PUF-based
authentication
pr
otocol
using
NodeMCU
ESP8266
Mohd
Syafiq
Mispan
1
,
Aiman
Zakwan
Jidin
2
,
Muhammad
Raihaan
Kamaruddin
3
,
Haslinah
Mohd
Nasir
4
1,2
Micro
and
Nano
Electronics
(MiNE),
Uni
v
ersiti
T
eknikal
Malaysia
Melaka,
Melaka,
Malaysia
3
Machine
Learning
and
Signal
Processing
(MLSP),
Uni
v
ersiti
T
eknikal
Malaysia
Melaka,
Melaka,
Malaysia
4
Adv
ance
Sensors
and
Embedded
Controls
System
(ASECs),
Uni
v
ersiti
T
eknikal
Malaysia
Melaka,
Melaka,
Mal
aysia
1,2,3,4
Centre
for
T
elecommunication
Research
and
Inno
v
ation
(CeTRI),
Uni
v
ersiti
T
eknikal
Malaysia
Melaka,
Melaka,
Malaysia
1,2,3,4
F
akulti
T
eknologi
K
ejuruteraan
Elektrik
dan
Elektronik,
Uni
v
ersiti
T
eknikal
Malaysia
Melaka,
Melaka,
Malaysi
a
Article
Inf
o
Article
history:
Recei
v
ed
Jul
22,
2021
Re
vised
Sep
28,
2021
Accepted
Oct
5,
2021
K
eyw
ords:
Authentication
NodeMCU
ESP8266
Ph
ysical
unclonable
function
W
ireless
sensor
netw
ork
ABSTRA
CT
W
ireless
sensor
node
is
the
foundation
for
b
uilding
the
ne
xt
generation
of
ubiquitous
netw
orks
or
the
so-called
internet
of
things
(IoT).
Each
node
is
equipped
with
sensing,
computing
de
vices,
and
a
radio
transcei
v
er
.
Each
node
is
connected
to
other
nodes
via
a
wireless
sensor
netw
ork
(WSN).
Examples
of
WSN
applications
include
health
care
monitoring,
and
industrial
monitoring.
These
applications
process
sensiti
v
e
data,
which
if
disclosed,
may
lead
to
unw
anted
implications.
Therefore,
it
is
crucial
to
pro-
vide
fundamental
security
services
such
as
identi
fication
and
authentication
in
WSN.
Ne
v
ertheless,
pro
viding
this
security
on
WSN
imposes
a
significant
challenge
as
each
node
in
WSN
has
a
limited
area
and
ener
gy
consumption.
Therefore,
in
this
study
,
we
pro
vide
a
proof
of
concept
of
a
lightweight
authentication
protocol
by
using
ph
ysical
unclonable
function
(PUF)
technology
for
resource-constrained
wireless
sensor
nodes.
The
authentication
protocol
has
been
implemented
on
NodeMCU
E
SP8266
de
vices.
A
serv
er
-client
protocol
configuration
has
been
used
to
v
erify
the
functionality
of
the
authentication
protocol.
Our
findings
indicate
that
the
protocol
used
approximately
7%
of
flash
memory
and
48%
of
s
tatic
random-access
memory
(SRAM)
in
the
sensor
node
during
the
authentication
process.
Hence,
the
proposed
scheme
is
suitable
to
be
used
for
resource-constrained
IoT
de
vices
such
as
WSN.
This
is
an
open
access
article
under
the
CC
BY
-SA
license
.
Corresponding
A
uthor:
Mohd
Syafiq
Mispan
F
akulti
T
eknologi
K
ejuruteraan
Elektrik
dan
Elektronik
Uni
v
ersiti
T
eknikal
Malaysia
Melaka
Melaka,
Malaysia
Email:
syafiq.mispan@utem.edu.my
1.
INTR
ODUCTION
Building
a
trusted
a
n
d
secure
internet
of
things
(IoT)
solution
is
crucial
especially
for
appl
ications
that
process
sensiti
v
e
and
user
-specific
data.
Pro
viding
the
aforementioned
solution
is
e
xacerbate
d
with
the
stringent
requirement
of
po
wer
and
area
in
resource-constrained
IoT
de
vices
such
as
sensor
nodes
in
wireless
sensor
netw
orks
(WSN).
WSN
consists
of
hundreds
of
thousands
of
sensor
nodes
used
to
sense
the
data
and
the
main
location
(i.e.,
base
station
or
sink)
where
the
sensed
data
can
be
observ
ed
and
analyzed.
The
sensor
nodes
can
communicate
among
themselv
es
and
to
the
base
station
for
transferring
the
sensed
data.
Therefore,
J
ournal
homepage:
http://ijeecs.iaescor
e
.com
Evaluation Warning : The document was created with Spire.PDF for Python.
Indonesian
J
Elec
Eng
&
Comp
Sci
ISSN:
2502-4752
r
1393
the
identification
and
authentication
process
must
e
xist
to
ensure
secure
node-to-node
and
node-to-base
station
communications.
Ph
ysical
unclonable
function
(PUF)
is
a
promising
hardw
are
fingerprinting
technology
that
can
be
used
in
identification
and
authentication
application
[1].
PUF
e
xploits
the
intrinsic
process
v
ariations
during
inte
grated
circuit
(IC)
f
abrication
to
generate
a
de
vice-specific
response
[2].
When
a
set
of
binary
bit-stream
kno
wn
as
the
chal
lenge
is
applied
onto
the
PUF
,
a
corresponding
unique
and
random
binary
output
kno
wn
as
the
response
is
generated.
The
challenge
and
response
generation
is
also
kno
wn
as
the
mapping
of
challenge-
response
pair
(CR
P)
[3].
The
de
vice-specific
response
generated
from
a
particular
PUF
can
be
us
ed
to
uniquely
distinguish
a
sensor
node
from
a
group
of
similar
nodes.
As
b
uilding
a
PUF
requires
no
special
f
abrication
process
and
consumes
considerably
lo
w
g
ate
counts,
therefore,
PUF
is
seen
to
be
a
promising
identification
and
authentication
technology
for
resource-constrained
sensor
nodes
such
as
WSN
applications.
Hence,
in
this
paper
,
we
pro
vide
a
proof-of-concept
of
a
lightweight
PUF-based
authentication
proto-
col
tar
geted
for
resource-constrained
sensor
nodes.
In
this
study
,
32-bit
Arbiter
-PUF
is
used
as
a
PUF
b
uilding
block.
The
main
contrib
utions
of
this
w
ork
are
highlighted
belo
w:
1)
W
e
design
the
Arbiter
-PUF
using
an
artificial
neural
netw
ork
(ANN)
on
the
NodeMCU
ESP8266
de
vice
which
acts
as
a
sensor
node.
2)
W
e
de
v
elop
a
proof-of-concept
for
a
lightweight
PUF-based
authentication
protocol.
The
protocol
is
implemented
on
NodeMCU
ESP8266
de
vices
and
v
erified
using
serv
er
-client
configuration.
The
rest
of
t
he
paper
is
or
g
anized
as
follo
ws.
Section
2
describes
the
background
related
to
this
w
ork.
Section
3
describes
the
method
to
construct
the
proof
of
concept
of
the
lightweight
authentication
protocol
based
on
serv
er
-client
configuration.
The
v
erification
of
the
authentication
protocol
and
the
memory
utilization
are
discussed
in
section
4.
Finally
,
the
conclusion
is
dra
wn
in
section
5.
2.
RELA
TED
W
ORK
Se
v
eral
techniques
ha
v
e
been
proposed
in
the
past
aiming
for
lightweight
authentication
schemes
[4]-
[9].
Y
ilmaz
et
al.
[4]
proposed
a
PUF-based
IoT
authentication
protocol
combined
with
Ri
v
est
cipher
5
(RC5)
encryption
technique
implemented
on
Zolertia
Zoul
de
vices.
A
similar
scope
of
w
ork
has
been
presented
in
[10],
combined
with
the
hash
function.
Ho
we
v
er
,
the
de
vice
name/type
for
the
implementation
of
the
au-
thentication
protocol
w
as
ne
v
er
re
v
ealed.
Else
where,
the
PUF-based
authentication
without
e
xplicit
CRPs
in
the
v
erifier
database
is
proposed
in
[11].
A
combination
of
PUF
,
identity-based
encryption
(IBE),
and
hash
function
were
used
to
strengthen
the
proposed
technique.
Furthermore,
the
application
of
PUF
technology
in
b
uil
ding
the
authentication
protocol
is
e
xpanded
into
the
medical
fields
as
proposed
in
[12]
and
[13]
for
internet-of-medical-things
(IoMT)
applications.
In
another
study
,
Gope
et
al.
,
[14],
[15]
proposed
the
PUF-based
authentication
protocol
for
real-
time
data
access
in
industrial
wirel
ess
sensor
netw
orks.
The
authentication
scheme
for
field-programmable
g
ate
array
(FPGA)
application
is
proposed
in
[16].
The
proposed
technique
eliminates
the
requirement
of
the
enormous
CRPs
database
in
the
v
erifier
by
using
the
double
PUF
authentication
model.
Else
where,
a
non-
PUF-based
lightweight
authentication
protocol
of
resource-constrained
IoT
de
vices
is
proposed
in
[17].
A
combination
of
RC5
and
elliptic
curv
e
cryptograph
y
(ECC)
w
as
used
to
implement
the
proposed
protocol.
All
of
the
abo
v
e
studies
mainly
focused
on
the
l
ightweight
PUF-based
authentication
implementation
on
Zolertia
Zoul
and
FPGA
as
IoT
de
vices.
In
our
study
,
we
focus
on
b
uilding
the
lightweight
PUF-based
authentication
scheme
tar
geted
for
WSN
applications
using
NodeMCU
ESP8266
de
vices.
3.
METHODOLOGY
In
this
section,
the
methodology
used
to
de
v
elop
the
authentication
protocol,
b
uilding
the
PUF
model,
the
v
erification
of
the
authentication
protocol,
and
the
attack
er
threat
model
are
described.
3.1.
A
uthentication
pr
otocol
The
authentication
protocol
described
in
[18],
[19]
is
used
as
a
proof-of-concept
for
a
lightwe
ight
authentication
scheme
in
our
s
tudy
.
The
authentication
protocol
consists
of
t
w
o
phases
which
are
enrollment
and
authentication.
In
the
enrollment
phase,
a
ne
w
PUF-based
de
vice
(i.e.,
sensor
node)
is
re
gistered
in
the
v
erifier’
s
database,
D
B
with
the
follo
wing
steps:
1)
De
vice
identifier
,
I
D
for
node
j
is
entered
into
the
D
B
j
.
Pr
oof
of
concept
for
lightweight
PUF-based
authentication
pr
otocol
using
...
(Mohd
Syafiq
Mispan)
Evaluation Warning : The document was created with Spire.PDF for Python.
1394
r
ISSN:
2502-4752
2)
The
v
erifier
sends
a
set
of
challenge
C
=
f
C
1
;
C
2
;
:
:
:
;
C
k
g
to
node
j
and
node
j
returns
the
correspond-
ing
response
R
=
f
R
1
;
R
2
;
:
:
:
;
R
k
g
to
the
v
erifier
,
sequentially
.
Further
,
C
R
P
1
;
C
R
P
2
;
:
:
:
;
C
R
P
k
are
stored
in
the
D
B
.
In
the
authentication
phase,
the
node
j
is
deplo
yed
in
the
field
and
requested
for
authentication
(i.e.,
i
-th
authentication)
as
illustrated
in
Figure
1.
Node
j
sends
its
I
D
0
to
the
v
erifier
and
the
v
erifier
finds
the
match
I
D
in
the
D
B
.
If
the
match
I
D
is
found,
a
challenge
C
i
is
retrie
v
ed
from
the
D
B
and
sends
to
node
j
.
Node
j
computes
the
response
R
0
i
based
on
its
PUF
model
and
sends
the
R
0
i
to
the
v
eri
fier
.
The
v
erifier
retrie
v
es
R
i
from
the
D
B
and
compares
ag
ainst
t
he
R
0
i
.
If
both
matches,
then
node
j
is
authenticated
as
a
genuine
de
vice,
otherwise
the
v
erifier
detects
node
j
as
a
f
ak
e
de
vice.
Note
that
the
C
R
P
i
is
only
used
once
for
the
i
-th
authentication
process.
The
subsequent
C
R
P
that
is
a
v
ailable
in
the
D
B
will
be
used
for
the
ne
xt
authentication
process
to
a
v
oid
a
man-in-the-middle
attack.
V
erifier
Node
j
D
B
j
=
h
I
D
;
C
R
P
1
;
C
R
P
2
;
:
:
:
;
C
R
P
k
i
I
D
0
Send
I
D
0
if
I
D
0
=
I
D
then
C
i
2
f
0
;
1
g
n
;
i
k
;
C
i
!
R
0
i
=
P
U
F
mod
el
(
C
i
)
else
Rejected
if
R
i
=
R
0
i
;
R
0
i
Send
R
0
i
then
Succeeded
;
else
Rejected
Figure
1.
Authentication
protocol
3.2.
Pr
otocol
v
erification
and
attack
er
thr
eat
model
The
authentication
protocol
is
v
erified
using
a
serv
er
-client
configuration
implemented
on
NodeMCU
ESP8266
de
vices
which
ha
v
e
specifications
of
4MB
of
flash
memory
and
64kB
of
static
random-access
memory
(SRAM)
[4].
One
de
vice
acts
as
a
serv
er
(i.e.,
v
erifier
or
base
station),
and
another
de
vice
acts
as
a
client
(i.e.,
sensor
node).
All
the
required
information
such
as
I
D
and
C
R
P
for
sensor
node
j
are
re
gistered
in
the
v
erifier’
s
D
B
.
The
communication
between
the
v
erifier
and
node
j
as
depicted
in
Figure
1
is
de
v
eloped
using
the
SimpleESPNo
wConnection
library
function.
Assuming
that
the
adv
ersary
can
ea
v
esdrop
on
the
communication
between
the
v
erifier
and
node
j
,
and
successfull
y
obtained
the
node’
s
I
D
.
Ne
xt,
the
adv
ersary
has
to
use
the
guessed
CRPs
data
set
and
initiated
the
authentication
process
using
pre
viously
obtained
I
D
.
T
o
test
this
condit
ion,
another
PUF
model
is
b
uilt
on
NodeMCU
ESP8266
with
guessed
CRPs
data
set
and
this
node
is
defined
as
node
j
0
(i.e.,
f
ak
e
node).
The
authentication
protocol
between
the
v
erifier
and
node
j
0
is
performed
and
the
analysis
is
discussed
in
section
4.
3.3.
PUF
model
generation
In
our
study
,
the
32-bit
Arbiter
-PUF
architecture
which
has
been
proposed
in
[20],
[21]
is
used
as
a
PUF
in
the
sensor
node.
As
mentioned
in
section
1,
PUF
is
a
hardw
are
fingerprinting
technology
.
Hence,
the
Arbiter
-PUF
needs
to
be
implemented
from
the
hardw
are
layer
(i.e.,
logic
circuit).
Ne
v
ertheless,
it
is
impossible
to
b
uild
the
hardw
are
of
Arbiter
-PUF
on
microcontroller
de
vices
[22].
Hence,
as
a
proof
of
concept
to
the
authenticat
ion
protocol,
a
supervised
machine
learning
technique
called
artificial
neural
netw
ork
(ANN)
is
used
to
model
the
Arbiter
-PUF
on
NodeMCU
ESP8266
de
vice.
A
feed-forw
ard
netw
ork
with
multilayer
perceptron
and
the
resilient
back-propag
ation
algorithm
has
been
chosen
to
construct
our
ANN
as
the
y
of
fer
the
ability
to
solv
e
non-linear
problems
and
f
ast
con
v
er
gence
time
[23],
[24].
The
modeling
of
32-bit
Arbiter
-PUF
using
ANN
consists
of
tw
o
phases
which
are
the
training
and
testing
phase.
A
set
of
CRPs
is
required
as
an
input
to
train
and
test
the
ANN.
F
ollo
wing
the
method
in
[25],
a
total
of
32000
CRPs
were
measured
to
model
the
32-bit
Arbiter
-PUF
using
ANN.
B
ased
on
the
measured
CRPs,
ANN
successfully
model
the
32-bit
Arbiter
-PUF
with
a
v
ery
high
prediction
accurac
y
of
about
99%.
The
model
of
32-bit
Arbiter
-PUF
which
is
represented
by
the
weightage
and
bias
parameters
of
ANN
is
stored
in
NodeMCU
ESP8266
memory
.
The
Arbiter
-PUF
model
in
this
de
vice
represents
node
j
.
Indonesian
J
Elec
Eng
&
Comp
Sci,
V
ol.
24,
No.
3,
December
2021
:
1392
–
1398
Evaluation Warning : The document was created with Spire.PDF for Python.
Indonesian
J
Elec
Eng
&
Comp
Sci
ISSN:
2502-4752
r
1395
4.
SIMULA
TION
RESUL
TS
AND
AN
AL
YSIS
In
this
section,
the
rele
v
ant
simulation
and
analysis
are
discuss
ed
bas
ed
on
the
descri
bed
m
ethodology
in
section
3.
The
estimation
of
memory
usage
is
also
discussed
in
this
section.
4.1.
PUF-based
authentication
The
authentication
protocol
as
described
in
Figure
1
is
e
v
aluated
using
three
NodeMCU
ESP8266
de
vices
which
act
as
the
v
erifier
,
node
j
,
and
node
j
0
(i.e.,
f
ak
e
de
vice).
Three
communication
ports
were
used
which
are
COM10
for
v
erifier
,
COM4
for
node
j
,
and
COM5
for
node
j
0
.
Figure
2
illustrates
the
v
erifier
status
when
no
authentication
request
from
the
sensor
nodes.
When
the
sensor
node
j
is
requested
for
authentication
(i.e.,
node
j
is
defined
as
de
vice
‘0’
in
the
program
code),
node
j
sends
its
I
D
to
the
v
erifier
and
the
v
erifier
matches
the
recei
v
ed
I
D
with
the
one
that
stored
in
the
D
B
.
Figure
3
depicts
the
status
of
Online
Client
(status=1)
and
P
aired
Client
(status=1)
indicating
that
the
authentication
has
been
reques
ted
by
the
de
vice
‘0’.
The
authentication
status
o
f
the
de
vice
‘0’
at
this
stage
remains
UNKNW
ON.
Once
the
match
I
D
is
found,
the
v
erifier
sends
ten
of
32-bit
challenges
to
the
node
j
,
and
node
j
returns
10-bit
of
response
to
the
v
erifier
.
The
v
erifier
compares
the
recei
v
ed
response
ag
ainst
the
response
in
the
D
B
.
Figure
4
sho
ws
that
the
recei
v
ed
response
is
matched
with
the
response
in
the
D
B
.
Therefore,
node
j
is
a
genuine
de
vice.
When
the
f
ak
e
de
vice
or
node
j
0
is
requested
for
authentication
with
the
guessed
CRPs,
the
v
erifier
f
ailed
to
authenticate
node
j
0
as
the
CRPs
are
not
e
xist
in
the
D
B
.
Hence,
the
v
erifier
returns
‘De
vice
is
F
ak
e’
status
as
illustrated
in
Figure
5.
Figure
2.
No
authentication
request
Figure
3.
De
vice
‘0’
or
node
j
requested
for
an
authentication
Figure
4.
Authentication
process
between
the
v
erifier
and
de
vice
‘0’
or
node
j
Pr
oof
of
concept
for
lightweight
PUF-based
authentication
pr
otocol
using
...
(Mohd
Syafiq
Mispan)
Evaluation Warning : The document was created with Spire.PDF for Python.
1396
r
ISSN:
2502-4752
Figure
5.
Authentication
process
between
the
v
erifier
and
de
vice
‘
0
0
’
or
node
j
0
4.2.
Estimation
of
memory
usage
The
memory
usage
during
the
authentication
process
has
been
e
v
aluated
and
summarized
in
T
abl
e
1.
F
or
a
serv
er
configuration,
a
total
of
277681
bytes
for
code
and
5200
bytes
for
data
were
occupied
on
the
flash
memory
(7.1%
of
flash
memory
consumption),
and
32208
bytes
of
space
w
as
occupied
on
the
SRAM
(50.3%
of
SRAM
consumption).
Meanwhile,
for
a
client
configuration,
a
total
of
278273
bytes
for
code
and
3984
bytes
for
data
were
occupied
on
the
flash
memory
(7.1%
of
flash
memory
consumption).
In
addition,
30640
bytes
of
SRAM
were
utilized
to
configure
a
client
or
sensor
node
(47.9%
of
SRAM
consumption).
Note
that
in
this
study
,
only
one
CRP
has
been
re
gistered
in
the
serv
er’
s
D
B
to
v
erify
the
serv
er
-client
authenticati
on
protocol.
In
practice,
the
D
B
should
consist
enormous
number
of
CRPs
for
the
authentication
process
since
the
same
CRP
cannot
be
reused
to
a
v
oid
a
man-in-the-middle
attack.
Therefore,
the
serv
er
needs
a
huge
memory
space
to
store
the
CRPs.
This
causes
no
issue
as
typically
the
serv
er
is
resource-rich
de
vices.
T
able
1.
Memory
usage
of
the
proposed
authentication
protocol
based
on
serv
er
-client
configuration
in
Byte
.te
xt
.data
.bss
Flash
SRAM
T
otal
Serv
er
(V
erifier)
277681
5200
27008
282881
32208
309889
Client
(Node)
278273
3984
26656
282257
30640
308913
5.
CONCLUSION
Identification
and
authentication
are
the
fundamental
security
processes
in
b
uilding
the
“trust”
in
secured-computing
IoT
de
vices.
WSN
is
an
e
xample
of
an
IoT
application
that
requires
such
fundamental
security
.
All
the
nodes
which
include
the
base
station
in
WSN
must
be
authenticated
before
the
data
transmis-
sion
to
ensure
no
loss
of
pri
v
ac
y
which
can
be
potentially
caused
by
the
man-in-the-middle
attack.
Ne
v
ertheless,
pro
viding
the
identification
and
authentication
protocol
for
WSN
applications
is
challenging
due
to
the
limited
resources
in
sensor
nodes.
PUF
is
seen
as
a
promising
identification
and
authentication
technology
for
WSN
applications
as
it
consumes
l
o
w
area
o
v
erhead
and
po
wer
consumption.
In
this
study
,
we
ha
v
e
pro
vide
the
proof
of
concept
of
a
lightweight
PUF-based
authentication
protocol
for
resources-constrained
sensor
nodes
in
WSN.
The
authentication
protocol
has
been
implemented
on
NodeMCU
ESP8266
de
vices
and
v
erified
using
serv
er
-client
configuration.
Our
finding
sho
ws
that
the
sensor
node
which
contains
the
PUF
b
uilding
block
can
be
identified
and
authenticated
as
a
genuine
de
vice
using
the
CRPs
database
stored
in
the
v
erifier
(i.e.,
base
station).
Meanwhile,
the
sensor
node
which
using
the
guessed
CRPs
is
successfully
authenticated
as
a
f
ak
e
Indonesian
J
Elec
Eng
&
Comp
Sci,
V
ol.
24,
No.
3,
December
2021
:
1392
–
1398
Evaluation Warning : The document was created with Spire.PDF for Python.
Indonesian
J
Elec
Eng
&
Comp
Sci
ISSN:
2502-4752
r
1397
de
vice
since
its
CRPs
are
not
re
gistered
in
the
v
erifier’
s
database.
Moreo
v
er
,
based
on
our
analysis,
the
sensor
node
only
consumes
approximately
7%
of
flash
memory
and
48%
of
SRAM
during
the
authentication
process.
A
CKNO
WLEDGEMENT
The
authors
w
ould
lik
e
to
thank
Uni
v
ersiti
T
eknikal
Malaysia
Melaka
and
the
Ministry
of
Higher
Education
Malaysia
for
the
financial
funding
under
Grant
No.
FRGS/1/2020/TK0/UTEM/02/56
for
completing
this
project.
REFERENCES
[1]
J.
H.
L.
T
eo,
N.
A.
N.
Hashim
,
A.
Ghaza
li,
and
F
.
A.
Hamid,
“Ring
oscillator
ph
ysically
uncl
onable
function
using
sequential
ring
oscillator
pairs
for
more
challenge-response-pairs,
”
Indonesian
J
ournal
of
Electrical
Engineering
and
Computer
Science
(IJEECS)
,
v
ol.
13,
no.
3,
pp.
892-901,
2019,
doi:
10.11591/ijeecs.v13.i3.pp892-901.
[2]
B.
Gassend,
D.
Clark
e,
M.
v
an
Dijk,
a
nd
S.
De
v
adas,
“Silicon
ph
ysical
random
functions,
”
in
A
CM
Confer
ence
on
Computer
and
Communications
Security
,
2002,
pp.
148-160,
doi:
10.1145/586110.586132.
[3]
M.
S.
Mispan,
H.
Sarka
wi,
A.
Z.
Jidin,
R.
H.
Ramlee,
and
H.
M.
Nasir
,
“Design
and
implementation
of
multiple
x
ed
and
obfuscated
ph
ysical
unclonable
function,
”
Indonesian
J
ournal
of
Electrical
Engineering
and
Informatics
(IJEEI)
,
v
ol.
9,
no.
1,
pp.
91-100,
2021,
doi:
10.52549/ijeei.v9i1.2664.
[4]
Y
.
Y
ilmaz,
S.
R.
Gunn,
and
B.
Halak,
“Lightweight
PUF-based
authentication
protocol
for
IoT
de
vices,
”
in
2018
IEEE
3r
d
International
V
erification
and
Security
W
orkshop
(IVSW)
,
2018,
pp.
38-43,
doi:
10.1109/IVSW
.2018.8494884.
[5]
Y
.
Y
ilmaz,
V
.-h.
Do,
and
B.
Halak,
“
ARMOR:
An
anti-counterfeit
security
mechanism
for
lo
w
cost
ra-
dio
frequenc
y
identification
systems,
”
in
IEEE
T
r
ansactions
on
Emer
ging
T
opics
in
Computing
,
2020,
doi:
10.1109/TETC.2020.2964435.
[6]
U.
Guin,
A.
Singh,
M.
Alam,
J.
Canedo,
and
A.
Skjellum,
“
A
secure
lo
w-c
ost
edge
de
vice
authentication
scheme
for
the
internet
of
things,
”
2018
31st
International
Confer
ence
on
VLSI
Design
and
2018
17th
International
Confer
ence
on
Embedded
Systems
(VLSID)
,
2018,
pp.
85-90,
doi:
10.1109/VLSID.2018.42.
[7]
F
.
F
arha,
H.
Ning,
K.
Ali,
L.
Chen,
and
C.
Nugent,
“SRAM-PUF
based
entities
authentication
scheme
for
resource-
constrained
Iot
de
vices,
”
i
n
IEEE
Internet
of
Things
J
ournal
,
v
ol.
8,
no.
7,
pp.
5904-5913,
1
April1,
2021,
doi:
10.1109/JIO
T
.2020.3032518.
[8]
M.
Barbareschi,
A.
De
Benedictis,
E.
La
Montagna,
A.
Mazzeo,
and
N.
Mazzocca,
“PUF-enabled
authentication-as-
a-service
in
F
og-IoT
systems,
”
in
2019
IEEE
28th
International
Confer
ence
on
Enabling
T
ec
hnolo
gies:
Infr
astructur
e
for
Collabor
ative
Enterprises
(WETICE)
,
2019,
pp.
58-63,
doi:
10.1109/WETICE.2019.00020.
[9]
S.
Li,
T
.
Zhang,
B.
Y
u,
and
K.
He,
“
A
pro
v
ably
secure
and
practical
PUF-based
end-to-end
mutual
authentication
and
k
e
y
e
xchange
protocol
for
IoT
,
”
in
IEEE
Sensor
s
J
ournal
,
ol.
21,
no.
4,
pp.
5487-5501,
Feb
.
15,
2021,
doi:
10.1109/JSEN.2020.3028872.
[10]
M.
A.
Muhal,
X.
Luo,
Z.
Mahmood,
and
A.
Ullah,
“Ph
ysical
unclonable
function
based
authentication
scheme
for
smart
de
vices
in
Internet
of
Things
,
”
in
2018
IEEE
International
Confer
ence
on
Smar
t
Internet
of
Things
(SmartIoT)
,
2018,
pp.
160-165,
doi:
10.1109/SmartIoT
.2018.00037.
[11]
U.
Chatterjee
et
al
.,
“Building
PUF
based
authentication
and
k
e
y
e
xchange
protocol
for
IoT
without
e
xplicit
CRPs
in
v
erifier
database,
”
IEEE
T
r
ansactions
on
Dependable
and
Secur
e
Computing
,
v
ol.
16,
no.
3,
pp.
424-437,
1
May-June
2019,
doi:
10.1109/TDSC.2018.2832201.
[12]
V
.
P
.
Y
anambaka,
S.
P
.
Mohanty
,
E.
K
ougianos,
and
D.
Puthal,
“PMsec:
Ph
ysical
unclonable
function-based
rob
ust
and
lightweight
authenticati
on
in
the
Internet
of
Medical
Things,
”
IEEE
T
r
ansactions
on
Consumer
Electr
onics
,
v
ol.
65,
no.
3,
pp.
388-397,
Aug.
2019,
doi:
10.1109/TCE.2019.2926192.
[13]
X.
T
an,
J.
Zhang,
Y
.
Zhang,
Z.
Qin,
Y
.
Ding,
and
X.
W
ang,
“
A
PUF-Based
and
cloud-assisted
lightweight
authentica-
tion
for
multi-hop
body
area
netw
ork,
”
Tsinghua
Science
and
T
ec
hnolo
gy
,
v
ol.
26,
no.
1,
pp.
36-47,
Feb
.
2021,
doi:
10.26599/TST
.2019.9010048.
[14]
P
.
Gope
and
B.
Sikdar
,
“Lightweight
and
pri
v
ac
y-preserving
tw
o-f
actor
authentication
scheme
for
IoT
de
vices,
”
IEEE
Internet
of
Things
J
ournal
,
v
ol.
6,
no.
1,
pp.
580-589,
Feb
.
2019,
doi:
10.1109/JIO
T
.2018.2846299.
[15]
P
.
Gope,
A.
K.
Das,
N.
K
umar
,
and
Y
.
Cheng,
“Lightweight
and
ph
ysically
secure
anon
ymous
mutual
authentication
protocol
for
real-time
data
access
in
indus
trial
wireless
sensor
netw
orks,
”
IEEE
T
r
ansactions
on
Industrial
Informat-
ics
,
v
ol.
15,
no.
9,
pp.
4957-4968,
Sept.
2019,
doi:
10.1109/TII.2019.2895030.
[16]
J.
Long,
W
.
Liang,
K.
C.
Li,
D.
Zhang,
M.
T
ang,
and
H.
Luo,
“PUF-based
anon
ymous
authentication
scheme
for
hardw
are
de
vices
and
IPs
in
edge
computing
en
vironment,
”
IEEE
Access
,
v
ol.
7,
pp.
124785-124796,
2019,
doi:
10.1109/A
CCESS.2019.2925106.
[17]
Y
.
Y
ilmaz
and
B.
Halak,
“
A
tw
o-flights
mutual
authentication
for
ener
gy-constrained
IoT
de
vices,
”
in
2019
IEEE
4th
International
V
erification
and
Security
W
orkshop
(IVSW)
,
2019,
pp.
31-36,
doi:
10.1109/IVSW
.2019.8854438.
Pr
oof
of
concept
for
lightweight
PUF-based
authentication
pr
otocol
using
...
(Mohd
Syafiq
Mispan)
Evaluation Warning : The document was created with Spire.PDF for Python.
1398
r
ISSN:
2502-4752
[18]
G.
E.
Suh
and
S.
De
v
adas,
“Ph
ysical
Unclonable
Functions
for
de
vice
authentication
and
secret
k
e
y
generation,
”
in
2007
44th
A
CM/IEEE
Design
A
utomation
Confer
ence
,
2007,
pp.
9-14.
[19]
J.
Delv
aux,
R.
Peeters,
D.
Gu,
and
I.
V
erbauwhede,
“
A
surv
e
y
on
lightweight
entity
authentication
with
strong
PUFs,
”
A
CM
Computing
Surve
ys
,
v
ol.
48,
no.
2,
pp.
1-42,
2015,
doi:
10.1145/2818186.
[20]
D.
Lim,
J.
W
.
Lee,
B.
Gassend,
G.
E.
Suh,
M.
v
an
Dijk
and
S.
De
v
adas,
“Extracting
secret
k
e
ys
from
inte
grated
circuits,
”
in
IEEE
T
r
ansactions
on
V
ery
Lar
g
e
Scal
e
Inte
gr
ation
(VLSI)
Systems
,
v
ol.
13,
no.
10,
pp.
1200-1205,
Oct.
2005,
doi:
10.1109/TVLSI.2005.859470.
[21]
J.
W
.
Lee,
D.
Lim,
B.
Gassend,
G.
E.
Suh,
M.
v
an
Dijk,
and
S.
De
v
adas,
“
A
technique
t
o
b
uild
a
secret
k
e
y
in
inte
grated
circuits
for
identification
and
authentication
applications,
”
in
2004
Symposium
on
VLSI
Cir
cuits.
Dig
est
of
T
ec
hnical
P
aper
s
(IEEE
Cat.
No.04CH37525)
,
2004,
pp.
176-179,
doi:
10.1109/VLSIC.2004.1346548.
[22]
T
.
Sutikno,
H.
S.
Purnama,
A.
P
amungkas,
A.
F
adlil,
I.
M.
Alsofyani,
and
M.
H.
Jopri,
“Internet
of
things-based
photo-
v
oltaics
parameter
monitoring
system
using
NodeMCU
ESP8266,
”
International
J
ournal
of
Electrical
and
Computer
Engineering
(IJECE)
,
v
ol.
11,
no.
6,
pp.
5578-5587,
2021,
doi:
10.11591/ijece.v11i6.pp5578-5587.
[23]
J.
Heaton,
Intr
oduction
to
Neur
al
Networks
for
J
ava,
2nd
Edition
,
2nd
ed.
Heaton
Research,
Inc.,
2008.
[24]
G.
Hospodar
,
R.
Maes,
and
I.
V
erbauwhede,
“Machine
learning
attacks
on
65nm
Arbiter
PUFs:
Accurate
modeling
poses
strict
bounds
on
usability
,
”
in
2012
IEEE
International
W
orkshop
on
Information
F
or
ensics
and
Security
(WIFS)
,
2012,
pp.
37-42,
doi:
10.1109/WIFS.2012.6412622.
[25]
M.
S.
Mispan,
H.
Su,
M.
Zw
olinski,
and
B.
Halak,
“Cost-Ef
ficient
Designs
for
Modeling
Attacks
Resistant
PUFs,
”
in
2018
Design,
A
utomation
&
T
est
in
Eur
ope
Confer
ence
&
Exhibition
(D
A
TE)
,
2018,
pp.
467-472,
doi:
10.23919/D
A
TE.2018.8342054.
BIOGRAPHIES
OF
A
UTHORS
Mohd
Syafiq
Mispan
recei
v
ed
B.Eng
Electrical
(Electronics)
and
M.Eng
Electrical
(Computer
and
Microelectronic
System)
from
Uni
v
ersiti
T
eknologi
Malaysia,
M
alaysia
in
2007
and
2010
respec-
ti
v
ely
.
He
had
e
xperienced
w
orking
in
semiconductor
industries
from
2007
until
2014
before
pursu-
ing
his
Ph.D.
de
gree.
He
obtained
his
Ph.D.
de
gree
in
Electronics
and
Electrical
Engineering
from
Uni
v
ersity
of
Southampton,
United
Kingdom
in
2018.
He
is
currently
a
senior
lecturer
in
F
akulti
T
eknologi
K
ejuruteraan
Elektrik
dan
Elektronik,
Uni
v
ersiti
T
eknikal
Malaysia
Melaka.
His
current
research
interests
include
hardw
are
security
,
CMOS
rel
iability
,
VLSI
design,
and
Electronic
Systems
Design.
Aiman
Zakwan
Jidin
obtained
his
M.Eng
in
Electronic
and
Microelectronic
System
Engineering
from
ESIEE
Engineering
P
aris
France
in
2011.
He
has
2
years
of
w
orking
e
xperience
in
designing
digital
IC
and
digital
system
in
FPGA
at
Altera
Corporation
Malays
ia,
before
joining
Uni
v
ersiti
T
eknikal
Malaysia
Melaka
as
lecturer
and
researcher
,
in
Electronics
and
Computer
Engineering.
His
research
interests
include
FPGA
Design
and
Digital
System
Design.
Muhammad
Raihaan
Kamaruddin
recei
v
ed
the
B.Eng
(Electronics
and
Computer
Systems)
and
M.Eng
(Electronics
and
Information
Science)
de
grees
from
T
akushoku
Uni
v
ersity
,
Japan,
He
is
w
ork-
ing
to
w
ar
d
the
PhD
de
gree
in
Electronics
and
Computer
Engineering
with
the
Uni
v
ersiti
T
eknikal
Malaysia
Melaka
(UT
eM).
His
PhD
is
on
the
Implementation
of
bio-inspired
robotic
na
vig
ation
system
using
stochastic
computing.
He
has
w
orking
e
xperience
as
lecturer
in
Uni
v
ersiti
T
eknikal
Malaysia
Melaka
(UT
eM)
for
10
years
(2010-present).
His
research
interest
includes
machine
learn-
ing,
robotic
and
stochastic
computing.
Haslinah
Mohd
Nasir
recei
v
ed
her
Bachelor
De
gree
in
Electrical-Elec
tronic
Engineering
(2008)
from
Uni
v
ersiti
T
eknologi
Malaysia
(UTM),
MSc
(2016)
and
PhD
(2019)
in
Electronic
Engineering
from
Uni
v
ersiti
T
eknikal
Malaysia
Melaka
(UT
eM).
She
had
5
years
(2008-2013)
e
xperience
w
orking
in
industry
and
currently
a
lecturer
in
UT
eM.
Her
research
interest
includes
microelectronics,
artificial
intelligence
and
biomedical.
Indonesian
J
Elec
Eng
&
Comp
Sci,
V
ol.
24,
No.
3,
December
2021
:
1392
–
1398
Evaluation Warning : The document was created with Spire.PDF for Python.