Abstract : In this work, a Static Random Access Memory-Physical Unclonable Functions (SRAM-PUF) based device security framework is proposed, which uses the trending blockchain technology for securing the device credentials. The proposed framework produces a unique fingerprint called PUF Key for each device based on its hardware characteristics, which will act as an authenticating parameter for the devices during the authentication and re-authentication phase. Unlike the current trend of using either a secured database or only a public blockchain, the proposed work uses both consortium and private blockchains for storing device credentials. The consortium blockchain acts as a first-time authenticator, while the private blockchain acts as a repeated authenticator. The private blockchain saves time incurred in accessing the consortium blockchain during repeated authentication. Further, the proposed protocol also includes mutual authentication between the entities involved. This dual security, namely, device authentication and mutual authentication, makes the system more secure and robust against attacks. Security analysis of the proposed protocol is done using the Real-OR-Random (ROR) model and scyther tool and the protocol is also theoretically proven to be stable under various attacks. The performance analysis of the protocol is done by analyzing the computation and communication costs of the proposed protocol against other state-of-the-art protocols. Further, the proposed protocol is also evaluated in the blockchain testbed, which includes Raspberry PI and Arduino components. The results showed that the introduction of a private blockchain reduced the time incurred in device reauthentication.
Index terms : Blockchain , PUF , Scyther , SRAM , Authentication , ROR