NOISY LOW-POWER PUF AUTHENTICATION WITHOUT DATABASE
First Claim
1. A method of authenticating, at a verifier (210), a device (101, 201) comprising a physical token (102), the method comprising the steps of:
- receiving, at the verifier, a first set of concealed response data from the device, which response data was derived from the physical token, concealed and stored in the device during enrolment;
revealing the concealed response data and sending it to the device;
challenging, at the device, the physical token with a first challenge that was employed to derive the first set of response data, to derive response data and comparing the derived response data with the first set of response data received from the verifier;
challenging, if the derived response data corresponds to the first response data set received from the verifier, the physical token with a second challenge that was employed to derive a second set of response data from the physical token and which second set was concealed and stored in the device during enrolment, to derive response data;
sending the second set of concealed response data and the response data derived from the second challenge to the verifier;
revealing, at the verifier, the second set of concealed response data and comparing the second set of response data with the response data derived from the second challenge, wherein the device is considered to be authenticated if there is correspondence between the two data sets.
2 Assignments
0 Petitions
Accused Products
Abstract
The present invention relates to a method of authenticating, at a verifier (210), a device (101, 201) comprising a physical token (102), a system for performing authentication and a device comprising a physical token which provides measurable parameters. A basic idea of the present invention is to provide a secure authentication protocol in which a low-power device (101, 201), for example an RFID tag, comprising a physical token (102) in the form of a physical uncloneable function (PUF) is relieved from performing cryptographic operations or other demanding operations in terms of processing power. To this end, a PUF device (101, 201) to be authenticated verifies if it in fact is being queried by an authorized verifier. For instance, an RFID tag comprising a PUF (102) may be arranged in a banknote which a bank wishes to authenticate. This verification is based on the bank'"'"'s unique ability to reveal concealed data, such as data having been created in an enrolment phase at which the RFID tag (or actually the PUF) was registered with the bank. Now, the RFID tag again challenges its PUF to create response data sent to the verifier. The verifier checks whether the response data is correct and, if so, authenticates the device comprising the physical token, since the device is able to produce response data that corresponds to response data concealed and stored in the enrolment phase.
87 Citations
28 Claims
-
1. A method of authenticating, at a verifier (210), a device (101, 201) comprising a physical token (102), the method comprising the steps of:
-
receiving, at the verifier, a first set of concealed response data from the device, which response data was derived from the physical token, concealed and stored in the device during enrolment; revealing the concealed response data and sending it to the device; challenging, at the device, the physical token with a first challenge that was employed to derive the first set of response data, to derive response data and comparing the derived response data with the first set of response data received from the verifier; challenging, if the derived response data corresponds to the first response data set received from the verifier, the physical token with a second challenge that was employed to derive a second set of response data from the physical token and which second set was concealed and stored in the device during enrolment, to derive response data; sending the second set of concealed response data and the response data derived from the second challenge to the verifier; revealing, at the verifier, the second set of concealed response data and comparing the second set of response data with the response data derived from the second challenge, wherein the device is considered to be authenticated if there is correspondence between the two data sets. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 11, 12, 16, 17)
-
-
10. (canceled)
-
13. (canceled)
-
14. (canceled)
-
15. (canceled)
-
18. (canceled)
-
19. A system for performing authentication, said system comprising:
-
a verifier (210); and a device (101, 201) comprising a physical token (102);
wherein;the verifier is arranged to receive, from the device, a first set of concealed response data, which response data was derived from the physical token, concealed and stored in the device during enrolment; reveal the concealed response data; and send it to the device; the device is arranged to derive response data by challenging the physical token with a first challenge that was employed to derive the first set of response data; compare the derived response data with the first set of response data received from the verifier; derive response data by challenging, if the derived response data corresponds to the first response data set received from the verifier, the physical token with a second challenge that was employed to derive a second set of response data from the physical token and which second set was concealed and stored in the device during enrolment; and send the second set of concealed response data and the response data derived from the second challenge to the verifier; the verifier is further arranged to; reveal the second set of concealed response data and compare the second set of response data with the response data derived from the second challenge, wherein the device is considered to be authenticated if there is correspondence between the two data sets. - View Dependent Claims (20, 21, 22)
the device (201) further is arranged to apply a noninvertible function to the verification data and compare an output of the function to a parameter stored in the device, wherein deriving response data and comparing the derived response data with response data received from the verifier is performed if the output of the function corresponds to the stored parameter.
-
-
23. (canceled)
-
24. (canceled)
-
25. A device (101) comprising a physical token (102) which provides measurable parameters, said device further comprising:
-
sensor elements (103) for measuring the parameters provided by the physical token; logic circuitry (108) for processing data supplied to it in a noninvertible function; at least one memory (106, 107) for storing concealed response data derived from said physical token (102) during enrolment of the device; and communication means (105, 109) for communicating with an external entity. - View Dependent Claims (26, 27)
-
-
28. (canceled)
Specification