A Novel Forward-Secure Key Establishment Protocol from Physically Related Functions

Kuppusamy, Lakshmi; Shankar, B R; Lee, Cheng-Chi

doi:10.2478/ias-2025-0009

Abstract

Physically Related Functions (PReFs) are fundamentally similar to strong Physically Unclonable Functions (PUFs). Their study was driven by the goal of realizing “Cryptophasia in hardware"—a phenomenon where two hardware devices can securely establish an authenticated key without the need for long-term cryptographic key storage. Chatterjee et al. demonstrated that devices using PReFs can achieve Authenticated Key Exchange (AKE) without the burden of intensive cryptographic computations, making this approach desirable for lightweight environments. However, to ensure forward secrecy, they employed an elliptic curve Diffie-Hellman protocol, with PReFs replacing long-term keys typically used in traditional public key-based AKE systems. This paper proposes a method to eliminate dependence on conventional public key cryptography for achieving forward-secure AKE under minimal and practical assumptions. Our forward-secure AKE protocol is constructed using PReFs, error-correction codes, and collision-resistant hash functions, and is proven secure under CK and eCK security models.

References

Brian LaMacchia, Kristin Lauter, and Anton Mityagin. Stronger security of authenticated key exchange. In Provable Security, pages 1–16, 2007.
Search in Google Scholar Back to article
Ran Canetti and Hugo Krawczyk. Analysis of key-exchange protocols and their use for building secure channels. In Advances in Cryptology — EUROCRYPT 2001, pages 453–474, 2001.
Search in Google Scholar Back to article
Andrew J. Clark. Physical protection of cryptographic devices. In Advances in Cryptology - EUROCRYPT '87, Workshop on the Theory and Application of of Cryptographic Techniques, volume 304, pages 83–93, 1987.
Search in Google Scholar Back to article
Muhammad Aman, Kee Chua, and Biplab Sikdar. Position paper: Physical unclonable functions for iot security. In the 2nd ACM International Workshop, pages 10–13, 2016.
Search in Google Scholar Back to article
Ulrich Rührmair Towards secret-free security. In Cryptology ePrint Archive, Paper 2019/388, 2019.
Search in Google Scholar Back to article
Mohammad Nasim Imtiaz Khan and Swaroop Ghosh. Comprehensive study of security and privacy of emerging non-volatile memories. Journal of Low Power Electronic Applications, 11(4), 2021.
Search in Google Scholar Back to article
Sergei Skorobogatov. Semi-invasive attacks-a new approach to hardware security analysis. In University of Cambridge, UK, 2005.
Search in Google Scholar Back to article
Durba Chatterjee, Harishma Boyapally, Sikhar Patranabis, Urbi Chatterjee, Debdeep Mukhopadhyay, and Aritra Hazra. Physically related functions: A new paradigm for light-weight key-exchange. Cryptology ePrint Archive, 2021/389.
Search in Google Scholar Back to article
Durba Chatterjee, Harishma Boyapallya, Sikhar Patranabis, Urbi Chatterjee, Aritra Hazra, and Debdeep Mukhopadhyay. Physically related functions: Exploiting related inputs of pufs for authenticated-key exchange. IEEE Transactions on Information Forensics and Security, 17:3847–3862, 2022.
Search in Google Scholar Back to article
R. Impagliazzo and S. Rudich. Limits on the provable consequences of one-way permutations. In Advances in Cryptology — CRYPTO’ 88, LNCS, volume 403, pages 147–160, 1988.
Search in Google Scholar Back to article
R. W. Hamming. Error detecting and error correcting codes. The Bell System Technical Journal, 29:147–160, 1950.
Search in Google Scholar Back to article
Jeroen Delvaux, Roel Peeters, Dawu Gu, and Ingrid Verbauwhede. A survey on lightweight entity authentication with strong pufs. In ACM Computer Survey, pages 1–42, 2015.
Search in Google Scholar Back to article
Ali Shahidinejad and Jemal Abawajy. An all-inclusive taxonomy and critical review of blockchainassisted authentication and session key generation protocols for iot. ACM Comput. Surv., 56(7), April 2024.
Search in Google Scholar Back to article
Gildas Avoine. Symmetric-key authenticated key exchange (SAKE) with perfect forward secrecy. In Topics in Cryptology - CT-RSA 2020 - The Cryptographers’ Track, LNCS, volume 12006, pages 199–224, 2020.
Search in Google Scholar Back to article
Suman Bala, Gaurav Sharma, and Anil Verma. Pf-id-2paka: Pairing free identity-based two-party authenticated key agreement protocol for wireless sensor networks. In Wireless Personal Communications, volume 87, 2015.
Search in Google Scholar Back to article
S. Blake-Wilson, D. Johnson, and A.Menezes. Key agreement protocols and their security analysis. In Cryptography and Coding 1997, LNCS, volume 1355, 1997.
Search in Google Scholar Back to article
C.Saint Guilhem, N. P. Smart, and B. Warinschi. Generic forward-secure key agreement without signatures. In Information Security (ISC) 2017, LNCS, volume 10599, 2017.
Search in Google Scholar Back to article
Mohammad Sadeq Dousti and Rasool Jalili. Forsakes: A forward-secure authenticated key exchange protocol based on symmetric key-evolving schemes. Advances in Mathematics of Communications,2015, 9(4):471–514, 2015.
Search in Google Scholar Back to article
Quanrun Li, Ching-Fang Hsu, Kim-Kwang Raymond Choo, and Debiao He. A provably secure and lightweight identity-based two-party authenticated key agreement protocol for vehicular ad hoc networks. Security and Communication Networks, 7871067, 2019.
Search in Google Scholar Back to article
Xiruo Liu, Meiyuan Zhao, Sugang Li, Feixiong Zhang, and W. Trappe. A security framework for the internet of things in the future internet architecture. Futue Internet, 9, 2017.
Search in Google Scholar Back to article
Ni Liang, Chen Gongliang, Li Jianhua, and Yanyan Hao. Strongly secure identity-based authenticated key agreement protocols. Computers and Electrical Engineering, 37:205–217, 2011.
Search in Google Scholar Back to article
Dmitry Obukhov and Bin Tan. Encryption key destruction for secure data erasure. United States Patent (US 9,467.288 B2) to SEAGATE TECHNOLOGY LLC.
Search in Google Scholar Back to article
Jingwei Liu, Qian L, Rui Yan, and Rong Sun. Efficient authenticated key exchange protocols for wireless body area networks. J Wireless Com Network, 188, 2015.
Search in Google Scholar Back to article
Muhammad Naveed Aman and Kee Chaing Chuaand Biplab Sikdar. Mutual authentication in iot systems using physical unclonable functions. IEEE Internet of Things Journal, 4(5):1327–1340, 2017.
Search in Google Scholar Back to article
Urbi Chatterjee, Rajat Subhra Chakraborty, and Debdeep Mukhopadhyay. A puf-based secure communication protocol for iot. ACM Trans. Embed. Comput. Syst., 16(3), April 2017.
Search in Google Scholar Back to article
Urbi Chatterjee, Vidya Govindan, Rajat Sadhukhan, Debdeep Mukhopadhyay, Rajat Subhra Chakrabortyand Debashis Mahata, and Mukesh M. Prabhu. Building puf based authentication and key exchange protocol for iot without explicit crps in verifier database. IEEE Transactions on Dependable and Secure Computing, 16(3):424–437, 2019.
Search in Google Scholar Back to article
Jin Wook Byun. End-to-end authenticated key exchange based on different physical unclonable functions. IEEE Access, 7:102951–102965, 2019.
Search in Google Scholar Back to article
Sensen Li, Tikui Zhang, Bin Yu, and Kuan He. A provably secure and practical puf-based end-to-end mutual authentication and key exchange protocol for iot. IEEE Sensors Journal, 21(4):5487–5501, 2021.
Search in Google Scholar Back to article
Yue Zheng and Chip-Hong Zheng. Secure mutual authentication and key-exchange protocol between puf-embedded iot endpoints. In 2021 IEEE International Symposium on Circuits and Systems (ISCAS), pages 1–5, 2021.
Search in Google Scholar Back to article
Harishma Boyapally, Durba Chatterjee, Kuheli Pratihar, Sayandeep Saha, Debdeep Mukhopadhyay, and Shivam Bhasin. Harmonizing PUFs for forward secure authenticated key exchange with symmetric primitives. Cryptology ePrint Archive, Paper 2024/484, 2024.
Search in Google Scholar Back to article
Jeroen Delvaux, Roel Delvaux, Dawu Gu, and Ingrid Verbauwhede. A survey on lightweight entity authentication with strong pufs. ACM Comput. Surv., 48(2), October 2015.
Search in Google Scholar Back to article
Roel Maes, Roel Peeters, Anthony Herrewege, Christian Wachsmann, Stefan Katzenbeisser, Ahmad-Reza Sadeghi, and Ingrid Verbauwhede. Reverse fuzzy extractors: Enabling lightweight mutual authentication for puf-enabled rfids. In Financial Cryptography, pages 374–389, 2012.
Search in Google Scholar Back to article
Ran Canetti, Daniel Shahaf, and Margarita Vald. Universally composable authentication and keyexchange with gluobal pki. In CM Cheng, K M Chung, G Persiano, and B Y Yang, editors, Public-Key Cryptography – PKC 2016, LNCS., volume 9615, 2016.
Search in Google Scholar Back to article
L. Law, A. Menezes, M. Qu, J. Solinas, and Vanstone S. Error detecting and error correcting codes. Designs Codes and Cryptography, 28:119–134, 2003.
Search in Google Scholar Back to article
Bin Rabiah, Abdulrahman, K Ramakrishnan, Olule-Liri, Elizabeth, and Koushik Kar. A lightweight authentication and key exchange protocol for iot. In Workshop Decentralised IoT Security Standards, 2018.
Search in Google Scholar Back to article

A Novel Forward-Secure Key Establishment Protocol from Physically Related Functions

Abstract

Paradigm

My account