Reliable, Secure, and Efficient Hardware Implementation of Password Manager System Using SRAM PUF

Reliable, Secure, and Efficient Hardware Implementation of Password Manager System Using SRAM PUF

Using Physical Unclonable Functions (PUFs) within the server-side has been recently proposed to address security vulnerabilities of the password (PW) authentication mechanism, including attacks on the database (DB) of user credentials. Practicing this idea using available memory technologies and con...

Descripción completa

Guardado en:
Detalles Bibliográficos
Autores principales: Mohammad Mohammadinodoushan, Bertrand Cambou, Fatemeh Afghah, Christopher Robert Philabaum, Ian Burke
Formato: article
Lenguaje:EN
Publicado: IEEE 2021
Materias:
Password security
PUF-based security
database hacking
authentication
hash chain
Electrical engineering. Electronics. Nuclear engineering
TK1-9971
Acceso en línea:https://doaj.org/article/eaff489a960d4e1eb76385f660e2a1b4
Etiquetas: Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
id oai:doaj.org-article:eaff489a960d4e1eb76385f660e2a1b4
record_format dspace
spelling oai:doaj.org-article:eaff489a960d4e1eb76385f660e2a1b42021-12-01T00:01:16ZReliable, Secure, and Efficient Hardware Implementation of Password Manager System Using SRAM PUF2169-353610.1109/ACCESS.2021.3129499https://doaj.org/article/eaff489a960d4e1eb76385f660e2a1b42021-01-01T00:00:00Zhttps://ieeexplore.ieee.org/document/9622268/https://doaj.org/toc/2169-3536Using Physical Unclonable Functions (PUFs) within the server-side has been recently proposed to address security vulnerabilities of the password (PW) authentication mechanism, including attacks on the database (DB) of user credentials. Practicing this idea using available memory technologies and constrained hardware modules may offer an additional hardware security layer. Thus, finding the PWs would require the attacker to access both the hardware containing the PUF and the information stored in the DB. PUFs have been used with other cryptographic algorithms in previous studies to improve the system’s security further. However, these studies have overlooked the challenges of implementing these algorithms with constrained hardware devices. Therefore, the trade-off between the achieved security and desired efficiency is still a challenge. The presented hardware-software PUF-based solutions lead to faster computation in the server-side hardware. Also, the client-side protocol can cope with the resource limitations existing in essential applications, including constrained IoTs. Moreover, the scheme handles the instability and bit alias of the Static Random-Access Memory (SRAM) PUF. This paper’s reliable, low-cost, and efficient prototype shows the functionality of a hardware-dependent protocol that is resistant to insider, PW guessing, and man-in-the-middle attacks. The presented hardware-software can be easily integrated with the server-side. Statistical tests on the embedded SRAM show that this paper protocol improves PUF entropy responses stored in the DB. Besides, the experimental results of this work show the possibility of obtaining an SRAM with very low intra-PUF variation without using any extra hardware overhead.Mohammad MohammadinodoushanBertrand CambouFatemeh AfghahChristopher Robert PhilabaumIan BurkeIEEEarticlePassword securityPUF-based securitydatabase hackingauthenticationhash chainElectrical engineering. Electronics. Nuclear engineeringTK1-9971ENIEEE Access, Vol 9, Pp 155711-155725 (2021)
institution DOAJ
collection DOAJ
language EN
topic Password security
PUF-based security
database hacking
authentication
hash chain
Electrical engineering. Electronics. Nuclear engineering
TK1-9971
spellingShingle Password security
PUF-based security
database hacking
authentication
hash chain
Electrical engineering. Electronics. Nuclear engineering
TK1-9971
Mohammad Mohammadinodoushan
Bertrand Cambou
Fatemeh Afghah
Christopher Robert Philabaum
Ian Burke
Reliable, Secure, and Efficient Hardware Implementation of Password Manager System Using SRAM PUF
description Using Physical Unclonable Functions (PUFs) within the server-side has been recently proposed to address security vulnerabilities of the password (PW) authentication mechanism, including attacks on the database (DB) of user credentials. Practicing this idea using available memory technologies and constrained hardware modules may offer an additional hardware security layer. Thus, finding the PWs would require the attacker to access both the hardware containing the PUF and the information stored in the DB. PUFs have been used with other cryptographic algorithms in previous studies to improve the system’s security further. However, these studies have overlooked the challenges of implementing these algorithms with constrained hardware devices. Therefore, the trade-off between the achieved security and desired efficiency is still a challenge. The presented hardware-software PUF-based solutions lead to faster computation in the server-side hardware. Also, the client-side protocol can cope with the resource limitations existing in essential applications, including constrained IoTs. Moreover, the scheme handles the instability and bit alias of the Static Random-Access Memory (SRAM) PUF. This paper’s reliable, low-cost, and efficient prototype shows the functionality of a hardware-dependent protocol that is resistant to insider, PW guessing, and man-in-the-middle attacks. The presented hardware-software can be easily integrated with the server-side. Statistical tests on the embedded SRAM show that this paper protocol improves PUF entropy responses stored in the DB. Besides, the experimental results of this work show the possibility of obtaining an SRAM with very low intra-PUF variation without using any extra hardware overhead.
format article
author Mohammad Mohammadinodoushan
Bertrand Cambou
Fatemeh Afghah
Christopher Robert Philabaum
Ian Burke
author_facet Mohammad Mohammadinodoushan
Bertrand Cambou
Fatemeh Afghah
Christopher Robert Philabaum
Ian Burke
author_sort Mohammad Mohammadinodoushan
title Reliable, Secure, and Efficient Hardware Implementation of Password Manager System Using SRAM PUF
title_short Reliable, Secure, and Efficient Hardware Implementation of Password Manager System Using SRAM PUF
title_full Reliable, Secure, and Efficient Hardware Implementation of Password Manager System Using SRAM PUF
title_fullStr Reliable, Secure, and Efficient Hardware Implementation of Password Manager System Using SRAM PUF
title_full_unstemmed Reliable, Secure, and Efficient Hardware Implementation of Password Manager System Using SRAM PUF
title_sort reliable, secure, and efficient hardware implementation of password manager system using sram puf
publisher IEEE
publishDate 2021
url https://doaj.org/article/eaff489a960d4e1eb76385f660e2a1b4
work_keys_str_mv AT mohammadmohammadinodoushan reliablesecureandefficienthardwareimplementationofpasswordmanagersystemusingsrampuf
AT bertrandcambou reliablesecureandefficienthardwareimplementationofpasswordmanagersystemusingsrampuf
AT fatemehafghah reliablesecureandefficienthardwareimplementationofpasswordmanagersystemusingsrampuf
AT christopherrobertphilabaum reliablesecureandefficienthardwareimplementationofpasswordmanagersystemusingsrampuf
AT ianburke reliablesecureandefficienthardwareimplementationofpasswordmanagersystemusingsrampuf
_version_ 1718406174029643776

Ejemplares similares