CN117896064A - Superlattice twin PUF key synchronization method and system with low calculation overhead - Google Patents
Superlattice twin PUF key synchronization method and system with low calculation overhead Download PDFInfo
- Publication number
- CN117896064A CN117896064A CN202410289445.XA CN202410289445A CN117896064A CN 117896064 A CN117896064 A CN 117896064A CN 202410289445 A CN202410289445 A CN 202410289445A CN 117896064 A CN117896064 A CN 117896064A
- Authority
- CN
- China
- Prior art keywords
- key
- puf
- bit
- superlattice
- ith
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 40
- 238000004364 calculation method Methods 0.000 title abstract description 11
- 238000012795 verification Methods 0.000 claims abstract description 17
- 230000004044 response Effects 0.000 abstract description 16
- 238000004891 communication Methods 0.000 description 11
- 238000010586 diagram Methods 0.000 description 9
- 238000012545 processing Methods 0.000 description 9
- 238000000605 extraction Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 3
- 239000003999 initiator Substances 0.000 description 3
- 238000004519 manufacturing process Methods 0.000 description 3
- 230000036962 time dependent Effects 0.000 description 3
- 238000009826 distribution Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 230000000052 comparative effect Effects 0.000 description 1
- 230000007423 decrease Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000010355 oscillation Effects 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 238000005070 sampling Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 238000003860 storage Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Compression, Expansion, Code Conversion, And Decoders (AREA)
- Synchronisation In Digital Transmission Systems (AREA)
Abstract
The invention discloses a superlattice twin PUF key synchronization method and system with low calculation cost, wherein the method comprises the following steps: generating m different challenge signals; adopting a first PUF device, and correspondingly generating m first binary sequences according to m different challenge signals and a preset data acquisition bit number k; generating an m-bit key, and calculating a verification value of the key; determining m auxiliary data according to the m first binary sequences and the key; transmitting m different challenge signals, m auxiliary data and verification values of a key to second equipment with a second PUF device so as to enable the second equipment to perform key decryption and verification, and realizing key synchronization between the first equipment and the second equipment; wherein the first PUF device and the second PUF device are twinned PUF devices. The invention can fully utilize the high-speed response signals generated by the twin PUF device to quickly realize the key synchronization among different devices.
Description
Technical Field
The invention belongs to the technical field of digital signal processing, and particularly relates to a superlattice twin PUF key synchronization method and system with low calculation overhead.
Background
The physical unclonable function (Physical Unclonable Functions, PUF) is an emerging hardware security technology that uses the inherent randomness of electronic component manufacturing processes to extract random and subtle differences within the components as output that can be used to generate cryptographic primitives. The PUF has good development prospect in the fields of key safety, identity recognition and the like because of the characteristics of unclonable property, low resource cost and the like. The keys extracted from the PUF remain vulnerable to security during encrypted communications because they must be written to a non-volatile memory before secure communications can take place in order to communicate with a participant that does not have the PUF. PUFs at adjacent locations on the same wafer in semiconductor fabrication have very similar characteristics as twins, known as twins. The twin PUF well solves the problem, and the safety of communication can be greatly improved without pre-extracting a secret key or writing in a storage body. A superlattice twinning PUF is a twinning PUF that can generate a high-speed signal, since there is inevitably a small difference in the shared original random number (key) obtained after digital sampling of the response of the twinning superlattice PUF device. Currently, fuzzy extraction technology in cryptography is generally adopted to eliminate response difference of two PUFs, so as to realize key distribution (key synchronization). The superlattice can be used for generating a secret key high-speed response signal, the bandwidth can reach nearly one G or even higher, but the processing speed of the fuzzy extraction technology cannot be matched with that of the superlattice PUF to generate the high-speed response signal, so that the application of the superlattice twin PUF in the aspect of safety communication is limited.
Disclosure of Invention
In order to solve the problems in the prior art, the invention provides a superlattice twin PUF key synchronization method and system with low calculation cost.
The technical problems to be solved by the invention are realized by the following technical scheme:
The invention provides a superlattice twin PUF key synchronization method with low computational overhead, which is applied to first equipment with a first PUF device, and comprises the following steps:
Generating m different challenge signals; m is an integer greater than 1;
Adopting the first PUF device, and correspondingly generating m first binary sequences according to the m different challenge signals and a preset data acquisition bit number k; k is an integer greater than 1;
generating an m-bit key, and calculating a verification value of the key;
determining m auxiliary data according to the m first binary sequences and the key;
Transmitting the m different challenge signals, the m auxiliary data and the verification value of the key to a second device with a second PUF device so as to enable the second device to perform key decryption and verification, and realizing key synchronization between the first device and the second device; wherein the first PUF device and the second PUF device are twinned PUF devices.
In some embodiments, the generating, by using the first PUF device, m first binary sequences according to the m different challenge signals and a preset data acquisition bit number k includes:
Inputting an ith challenge signal into the first PUF device, and correspondingly obtaining an ith output signal of the first PUF device; i=1, 2, …, m;
Acquiring the ith output signal according to the preset data acquisition bit number k to obtain an ith first binary sequence with the code length of k;
And after the m different challenge signals are processed, obtaining m first binary sequences.
In some embodiments, the determining m auxiliary data from the m first binary sequences and the key comprises:
converting each first binary sequence into a Gray code sequence to obtain m first Gray code sequences;
exclusive or is carried out on the ith first gray code sequence and the ith bit of the key, so that ith auxiliary data is correspondingly obtained; i=1, 2, …, m;
and after finishing the exclusive OR of the m first gray code sequences and the m-bit values of the key, obtaining m auxiliary data.
In some embodiments, the generating the m-bit key, calculating a check value of the key, includes:
generating an m-bit key by using a true random number generator;
And calculating a hash value of the key, and taking the hash value as a verification value of the key.
In some embodiments, the first PUF device is a first superlattice PUF device, the second PUF device is a second superlattice PUF device, and the first and second superlattice PUF devices are twin superlattice PUF devices.
The invention also provides a low computational overhead superlattice twinning PUF key synchronization method applied to a second device with a second PUF device, the method comprising:
Receiving m different challenge signals, m auxiliary data and verification values of a key sent by a first device with a first PUF device; wherein the first PUF device and the second PUF device are twinned PUF devices; m is an integer greater than 1;
Adopting the second PUF device, and correspondingly generating m second binary sequences according to the received m different challenge signals and a preset data acquisition bit number k; k is an integer greater than 1;
Determining m decryption sequences according to the m auxiliary data and the m second binary sequences;
decrypting to obtain a key' of m bits according to the m decryption sequences;
calculating a check value of the key';
when the check value of the key 'is consistent with the received check value of the key, the key' is identical to the key, and key synchronization between the first device and the second device is achieved.
In some embodiments, the determining m decryption sequences from the m auxiliary data and the m second binary sequences received includes:
converting each second binary sequence into a Gray code sequence to obtain m second Gray code sequences;
Exclusive or is carried out on the received ith auxiliary data and an ith second gray code sequence corresponding to the ith auxiliary data one by one to obtain an ith decryption sequence; i=1, 2, …, m;
And after the received m auxiliary data and the m second Gray code sequences are subjected to exclusive OR, obtaining m decryption sequences.
In some embodiments, the decrypting the m decryption sequences to obtain the m-bit key' includes:
adding bits of an ith decryption sequence to obtain an addition result of the ith decryption sequence; i=1, 2, …, m;
When the addition result of the ith decryption sequence is greater than n/2, obtaining the value of the ith bit of the key' as a first value; n is the code length of the decryption sequence;
when the addition result of the ith decryption sequence is smaller than n/2, obtaining the value of the ith bit of the key' as a second value;
When the values of the 1 st bit to the m th bit of the key 'are obtained, the m-bit key' is obtained.
In some embodiments, the first value is 1 and the second value is 0.
The invention also provides a superlattice twin PUF key synchronization system with low calculation cost, which comprises the following steps: a first device having a first PUF device and a second device having a second PUF device, wherein the first PUF device and the second PUF device are twinned PUF devices;
the first device is configured to generate m different challenge signals, generate m first binary sequences according to the m different challenge signals and a preset data acquisition bit number k by using the first PUF device, generate an m-bit key, calculate a check value of the key, determine m auxiliary data according to the m first binary sequences and the key, and send the m different challenge signals, the m auxiliary data and the check value of the key to the second device;
The second device is configured to generate m second binary sequences according to the received m different challenge signals and a preset data acquisition bit number k, determine m decryption sequences according to the received m auxiliary data and the m second binary sequences, decrypt the m decryption sequences to obtain a m-bit key ', calculate a check value of the key', and when the check value of the key 'is consistent with the received check value of the key, indicate that the key' is identical with the key, thereby realizing key synchronization between the first device and the second device.
Compared with the prior art, the invention has the beneficial effects that:
The invention can realize the key synchronization by utilizing the high-bandwidth signal generated by the twin PUF device through simple calculation, and has less calculation resources, thereby being capable of fully utilizing the high-speed response signal generated by the superlattice PUF to quickly realize the key synchronization among different devices.
The invention will be described in further detail with reference to the drawings and detailed description.
Drawings
Fig. 1 is a schematic flow chart of a low computational overhead superlattice twinning PUF key synchronization method applied in a first device according to an embodiment of the present invention;
fig. 2 is a schematic diagram of a method for using a PUF device provided by an embodiment of the present invention;
fig. 3 is a schematic diagram of converting an exemplary binary sequence into a gray code sequence according to an embodiment of the present invention;
Fig. 4 is a comparative schematic diagram of signal voltage versus time for an exemplary twin superlattice PUF device provided by an embodiment of the invention;
Fig. 5 is a flow chart of an exemplary low computational overhead superlattice twinning PUF key synchronization method applied in a second device provided by an embodiment of the present invention;
fig. 6 is a schematic flow diagram of exemplary superlattice twinning PUF key synchronization provided by an embodiment of the invention;
Fig. 7 is a schematic diagram of an exemplary low computational overhead superlattice twinning PUF key synchronization processing method provided by an embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to specific examples, but embodiments of the present invention are not limited thereto.
Fig. 1 is a schematic flow chart of a low computational overhead superlattice twinning PUF key synchronization method provided by an embodiment of the invention, where the method is applied to a first device having a first PUF device, as shown in fig. 1, and the method includes:
s101, generating m different challenge signals; m is an integer greater than 1.
Here, m different challenge signals may be correspondingly generated by the high-speed DAC using m different random numbers. The random number may be derived from a true random number generator based on a physical random process or may be generated by a pseudo-random number generator, as the invention is not limited in this respect.
S102, adopting a first PUF device, and correspondingly generating m first binary sequences according to m different challenge signals and a preset data acquisition bit number k; k is an integer greater than 1.
Here, as shown in fig. 2, an ith challenge signal may be input to the first PUF device, and an ith output signal of the first PUF device is correspondingly obtained; i=1, 2, …, m; then, according to a preset data acquisition bit number k, acquiring an ith output signal by adopting a high-speed ADC (analog-to-digital converter), and obtaining an ith first binary sequence with a code length k; when the first PUF device is used m times, m first binary sequences are obtained. Here, after the challenge signal is input, the PUF device relies on randomness inherent in the electronic element manufacturing process, and after the input signal passes through the PUF device, the output signal carries internal random and subtle differences of the PUF device.
S103, generating an m-bit key, and calculating a verification value of the key.
Here, a true random number generator may be used to generate an m-bit key, calculate a hash value of the key, and use the hash value as a check value of the key.
S104, determining m auxiliary data according to the m first binary sequences and the key.
Here, each first binary sequence may be converted into a gray code sequence, resulting in m first gray code sequences; then, exclusive OR is carried out on the ith first gray code sequence and the ith bit of the key, so that the ith auxiliary data is correspondingly obtained; i=1, 2, …, m; and after finishing the exclusive OR of the m first gray code sequences and the m-bit values of the key, obtaining m auxiliary data.
The binary sequence is converted into the Gray code form, so that digital oscillation of an output signal of the PUF device during analog-digital conversion can be reduced.
For example, fig. 3 is a schematic diagram of the principle of converting a binary sequence into a gray code sequence, as shown in fig. 3, when the binary sequence of n bits is b n-1,bn-2…b2,b1,b0, the highest bit of the binary sequence is taken as the highest bit of the gray code sequence, namely , then shifted to the right by one bit, the value obtained by performing bit exclusive or on the highest bit and the next highest bit of the binary sequence is taken as the next highest bit of the gray code sequence, namely/> , then shifted to the right by one bit, and then sequentially processed, finally obtaining the corresponding gray code sequence g n-1,gn-2…g2,g1,g0, wherein/> ,/>.
Here, S104 may be implemented by using m sub-threads, where each sub-thread determines an auxiliary data according to 1 bit in 1 first binary sequence and key; in this way, the processing efficiency can be improved.
S105, transmitting m different challenge signals, m auxiliary data and verification values of a key to second equipment with a second PUF device so as to enable the second equipment to perform key decryption and verification, and realizing key synchronization between the first equipment and the second equipment; wherein the first PUF device and the second PUF device are twinned PUF devices.
Here, a twin PUF device refers to a device that is prepared by growing simultaneously under the same process conditions, so that a functional twin phenomenon of the PUF can be achieved, and once the device is prepared, it is impossible to clone the device on another wafer.
In some embodiments, the first PUF device is a first superlattice PUF device, the second PUF device is a second superlattice PUF device, and the first and second superlattice PUF devices are twin superlattice PUF devices.
Here, the twinned superlattice PUF device refers to a superlattice device that is prepared by growing simultaneously under the same process condition, so that a twinning phenomenon of a PUF function can be realized, and once the device is prepared, the device cannot be cloned out on another wafer.
Fig. 4 is a schematic diagram illustrating a comparison of time-dependent signal voltages of twin superlattice PUF devices according to an embodiment of the present invention, where a square-sign line represents time-dependent signal voltages of twin superlattice PUF devices a (abbreviated as superlattice a) in the twin superlattice PUF devices, and a triangle-sign line represents time-dependent signal voltages of twin superlattice PUF devices a '(abbreviated as superlattice a') in the superlattice PUF devices. Clearly, as shown in fig. 4, the difference in signal voltages of the twin superlattice PUF devices a and a' over time is small.
Fig. 5 is another flow chart of a low computational overhead superlattice twinning PUF key synchronization method provided by an embodiment of the invention, where the method is applied to a second device having a second PUF device, as shown in fig. 5, and the method includes:
S201, receiving m different challenge signals, m auxiliary data and check values of a key sent by a first device with a first PUF device; wherein the first PUF device and the second PUF device are twinned PUF devices; m is an integer greater than 1.
S202, adopting a second PUF device, and correspondingly generating m second binary sequences according to the received m different challenge signals and a preset data acquisition bit number k; k is an integer greater than 1.
Here, the principle of S202 is the same as that of S102 described above, and will not be described in detail.
S203, determining m decryption sequences according to the received m auxiliary data and m second binary sequences.
Here, each second binary sequence may be converted into a gray code sequence, resulting in m second gray code sequences; then, the received ith auxiliary data and an ith second gray code sequence corresponding to the ith auxiliary data one by one are subjected to exclusive OR to obtain an ith decryption sequence; i=1, 2, …, m; and after the exclusive OR of the received m auxiliary data and m second Gray code sequences is completed, m decryption sequences are obtained.
Here, when the first device transmits the challenge signal and the auxiliary data, each of the challenge signals corresponds to one auxiliary data one by one, and one auxiliary data corresponds to one second gray code sequence one by one because one second binary sequence is generated according to the corresponding one of the challenge signals and one second gray code sequence is converted from the corresponding one of the second binary sequences.
Here, S203 may be implemented in parallel with m sub-threads, where each sub-thread determines 1 decryption sequence using 1 auxiliary data and 1 second binary sequence; in this way, the processing efficiency can be improved.
S204, decrypting to obtain an m-bit key' according to the m decryption sequences.
Here, bits of the i-th decryption sequence are added to obtain an addition result of the i-th decryption sequence; i=1, 2, …, m; then, when the addition result of the ith decryption sequence is larger than n/2, obtaining the value of the ith bit of the key' as a first value; n is the code length of the decryption sequence; when the addition result of the ith decryption sequence is smaller than n/2, obtaining the value of the ith bit of the key' as a second value; when the values of the 1 st bit to the m th bit of the key 'are obtained, the m-bit key' is obtained. Illustratively, the first value is 1 and the second value is 0.
Here, S204 may be implemented using m sub-threads, where each sub-thread decrypts to obtain one bit of the key' according to 1 decryption sequence.
S205, calculating a check value of the key'.
Here, a hash value of the key 'may be calculated, and the hash value may be used as a check value of the key'.
S206, when the check value of the key 'is consistent with the received check value of the key, the key' is identical with the key, and the key synchronization between the first device and the second device is realized.
Here, when the check value of the key 'is not identical to the received check value of the key, it is indicated that the key' is different from the key, and the above-described synchronization process may be re-performed.
In the present invention, the method shown in fig. 1 may also be applied to the second device, and correspondingly, the method shown in fig. 5 may also be applied to the first device, that is, the first device may be used as a communication initiator or a communication participant, and similarly, the second device may be used as a communication initiator or a communication participant.
Fig. 6 is a schematic flow diagram of superlattice twinning PUF key synchronization, as an example. As shown in fig. 6, the Alice terminal has a twin superlattice PUF device a (referred to simply as superlattice PUF a), the bob terminal has a twin superlattice PUF device a '(referred to simply as superlattice PUF a'), when the Alice terminal needs to perform key synchronization with the bob terminal, the Alice terminal uses a random number as a communication initiator to generate a challenge signal through a high-speed DAC, inputs the challenge signal into the superlattice PUF a through the high-speed DAC, uses the high-speed ADC to collect a response signal of the superlattice PUF a, and obtains a binary sequence Bn (random number) of k bits, and then converts the binary sequence collected by the high-speed ADC into a gray code form; then, an n-bit key is obtained by using a true random number generator, and then a key synchronization algorithm process is performed. Specifically, when the key synchronization algorithm processing is performed, the Alice end sequentially xors each bit of the key with the gray code sequence Gn of the response signal of one superlattice PUF a to correspondingly obtain n auxiliary data H, wherein each bit of the key corresponds to one gray code sequence Gn; then, calculating a hash value of the key; and then, the Alice end sends each challenge signal, the corresponding auxiliary data and the hash value of the key to the bob end.
The bob end inputs a challenge signal received from the Alice end into a twin superlattice PUF A 'of the superlattice PUF A through a high-speed DAC, then uses the high-speed ADC to collect a response signal of the superlattice PUF A' to obtain a binary sequence Bn '(random number), then converts the binary sequence collected by the high-speed ADC into a Gray code sequence Gn', and then carries out key synchronization algorithm processing. Specifically, when performing the key synchronization algorithm processing, the bob end performs exclusive or on each auxiliary data H obtained from the Alice end and the corresponding gray code sequence Gn 'to obtain a corresponding sequence V, adds each bit of the sequence V, if the addition result is greater than n/2, the number of "1" in the sequence V is indicated to be more, the value of the corresponding bit in the decrypted key' is "1", if the addition result is less than n/2, the number of "0" in the sequence V is indicated to be more, and the value of the corresponding bit in the decrypted key 'is "0", so as to obtain the key' by decryption by the method; then, calculating the hash value of the key ' and when the hash value of the key ' is consistent with the hash value received from the Alice, indicating that the key ' decrypted by the bob end is correct, so that the Alice end and the bob end realize the key synchronization; otherwise, the above-mentioned flow is carried out again.
In the present invention, the number of data acquisition bits k (i.e. the number of bits that need a PUF response for encrypting a bit) can be determined by the following formula: ; where,/> denotes the probability of the response agreement of the first PUF device and the second PUF device,/> denotes the bit error rate,/> denotes the number of combinations where an error has occurred resulting in a majority election failure, i.e. ,"/> "denotes the factorial sign. Obviously, BER decreases exponentially with increasing k. In the present invention, it is assumed that the responses (i.e., output signals) of two twin PUF devices (e.g., two superlattice twin PUF devices) are a and a ', respectively, and that the challenge signal is a random number, the output signal a of the superlattice PUF device is a random signal to a communication participant not having a twin PUF device, the signal a is xored with the random number R, the communication participant having a superlattice twin PUF device is xored with the a ' R, the a ' is (a ' key) = (a ' is a), and because the signals a ' and a are almost identical, the same number is different or 0, the binary number is xored with 0 to be equal to itself, (a ' key=key, so that key can be synchronized. In reality, however, the signals a 'and a cannot be completely consistent, a'. Sub.a=error, the response of the superlattice twinning PUF device has a certain probability p, the error uses the probability p as 0, and the key is restored by using the probability p. Therefore, the invention adds fault tolerant design in the process of the key synchronization of the twin PUF device, namely, k bits are used for encrypting one bit, so that the Bit Error Rate (BER) of the key encryption and decryption process can be reduced.
Fig. 7 is a schematic diagram of a method for processing a superlattice twin PUF key in synchronization with a low computational overhead. One bit is encrypted with 5 key bits, that is, k=5, that is, the binary sequence and the gray code sequence converted from the binary sequence are both 5 bits, for example, and it is assumed that the gray code sequences at Alice end and bob end are "10101" and "10001", respectively, and the key generated at Alice end=1. The two gray code sequences have a bit inconsistency (specifically, the inconsistency represents the inconsistency between output signals of superlattice twinning PUF devices at Alice end and bob end) which is marked by black square frame positions, 01010 is obtained after the 10101 is xored with key=1, 11011 is obtained after the 10001 is xored with 01010, the number of 1 and 0 in the statistical sequence 11011 is counted, and obviously, the number of 1 is more, and the key' =1 decrypted by the bob end. Similarly, when the key=0 generated by Alice end and the gray code sequences of Alice end and bob end are "10101" and "10001", respectively, the two gray code sequences have one bit inconsistent (specifically, the bit marked by the black box position), "10101" is xored with the key=0 to obtain "10101", and "10001" is xored with "10101" to obtain "00100", the number of "1" and "0" in the statistical sequence is obviously greater than the number of "0", and the key' =0 decrypted by bob end. In the present invention, a new superlattice response signal (i.e., a new gray code sequence) is replaced every one bit in the encrypted key, and a new superlattice response signal is used for transmitting only one key, i.e., one key at a time.
In practical tests, a random bit (i.e., k=16) is encrypted by 16 bits, so that the key can be restored stably, when the frequency of the high-speed ADC is 2.5Ga/s, the collected data is 16 bits, i.e., the 16-bit data collected in each clock cycle can finally obtain a random bit, and the 16-bit data can be processed in every four clock cycles, so that the key synchronization rate is 625Mbps, and the rate is far higher than the synchronization rate by using a fuzzy extraction algorithm (the superlattice key distribution rate is 10Mbps in the prior literature).
The invention also provides a superlattice twin PUF key synchronization system with low calculation cost, which comprises the following steps: a first device having a first PUF device and a second device having a second PUF device, wherein the first PUF device and the second PUF device are twinned PUF devices;
The first device is used for generating m different challenge signals, adopting a first PUF device, correspondingly generating m first binary sequences according to the m different challenge signals and a preset data acquisition bit number k, generating an m-bit key, calculating a check value of the key, determining m auxiliary data according to the m first binary sequences and the key, and transmitting the m different challenge signals, the m auxiliary data and the check value of the key to the second device;
the second device is configured to correspondingly generate m second binary sequences according to the received m different challenge signals and a preset data acquisition bit number k by using the second PUF device, determine m decryption sequences according to the received m auxiliary data and the m second binary sequences, decrypt the m decryption sequences to obtain a key 'with m bits, calculate a check value of the key', and indicate that the key 'is identical to the key when the check value of the key' is identical to the check value of the received key, so as to realize key synchronization between the first device and the second device.
Aiming at the problem that the processing speed of the existing fuzzy extraction technology is far behind the key generation speed of the superlattice twin PUF, the invention fully utilizes the high-bandwidth signals generated by the twin PUF device, can realize the key synchronization only by using basic operations of computers such as exclusive OR, addition and the like, and fully utilizes the high-speed response signals generated by the twin PUF device, thereby improving the key synchronization efficiency; in addition, the invention uses the basic operation instruction of the computer to complete the key synchronization, so that the pipeline parallelism can be used for corresponding calculation, and the high-speed key synchronization can be realized by only a small amount of calculation resources.
It should be noted that the terms "first," "second," and "second" are used for descriptive purposes only and are not to be construed as indicating or implying a relative importance or implying a number of technical features being indicated. Thus, a feature defining "a first" or "a second" may explicitly or implicitly include one or more features. In the description of the present invention, the meaning of "a plurality" is two or more, unless explicitly defined otherwise.
In the description of the present specification, a description referring to terms "one embodiment," "some embodiments," "examples," "specific examples," or "some examples," etc., means that a particular feature or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present invention. In this specification, schematic representations of the above terms are not necessarily directed to the same embodiment or example. Furthermore, the particular features or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. Further, one skilled in the art can engage and combine the different embodiments or examples described in this specification.
In the description, the word "comprising" does not exclude other elements or steps, and the "a" or "an" does not exclude a plurality. Some measures are described in mutually different embodiments, but this does not mean that these measures cannot be combined to produce a good effect.
The foregoing is a further detailed description of the invention in connection with the preferred embodiments, and it is not intended that the invention be limited to the specific embodiments described. It will be apparent to those skilled in the art that several simple deductions or substitutions may be made without departing from the spirit of the invention, and these should be considered to be within the scope of the invention.
Claims (10)
1. A method of low computational overhead superlattice twinning PUF key synchronization, applied to a first device having a first PUF device, the method comprising:
Generating m different challenge signals; m is an integer greater than 1;
Adopting the first PUF device, and correspondingly generating m first binary sequences according to the m different challenge signals and a preset data acquisition bit number k; k is an integer greater than 1;
generating an m-bit key, and calculating a verification value of the key;
determining m auxiliary data according to the m first binary sequences and the key;
Transmitting the m different challenge signals, the m auxiliary data and the verification value of the key to a second device with a second PUF device so as to enable the second device to perform key decryption and verification, and realizing key synchronization between the first device and the second device; wherein the first PUF device and the second PUF device are twinned PUF devices.
2. The method of claim 1, wherein generating m first binary sequences by using the first PUF device according to the m different challenge signals and a preset data acquisition bit number k includes:
Inputting an ith challenge signal into the first PUF device, and correspondingly obtaining an ith output signal of the first PUF device; i=1, 2, …, m;
Acquiring the ith output signal according to the preset data acquisition bit number k to obtain an ith first binary sequence with the code length of k;
And after the m different challenge signals are processed, obtaining m first binary sequences.
3. The low computational overhead superlattice twinning PUF key synchronization method of claim 1, wherein the determining m helper data from the m first binary sequences and the key comprises:
converting each first binary sequence into a Gray code sequence to obtain m first Gray code sequences;
exclusive or is carried out on the ith first gray code sequence and the ith bit of the key, so that ith auxiliary data is correspondingly obtained; i=1, 2, …, m;
and after finishing the exclusive OR of the m first gray code sequences and the m-bit values of the key, obtaining m auxiliary data.
4. The low computational overhead superlattice twinning PUF key synchronization method of claim 1, wherein the generating an m-bit key, calculating a verification value of the key, includes:
generating an m-bit key by using a true random number generator;
And calculating a hash value of the key, and taking the hash value as a verification value of the key.
5. The low computational overhead superlattice twinning PUF key synchronization method of claim 1, wherein the first PUF device is a first superlattice PUF device, the second PUF device is a second superlattice PUF device, and the first and second superlattice PUF devices are twinning PUF devices.
6. A method of low computational overhead superlattice twinning PUF key synchronization, for use with a second device having a second PUF device, the method comprising:
Receiving m different challenge signals, m auxiliary data and verification values of a key sent by a first device with a first PUF device; wherein the first PUF device and the second PUF device are twinned PUF devices; m is an integer greater than 1;
Adopting the second PUF device, and correspondingly generating m second binary sequences according to the received m different challenge signals and a preset data acquisition bit number k; k is an integer greater than 1;
Determining m decryption sequences according to the m auxiliary data and the m second binary sequences;
decrypting to obtain a key' of m bits according to the m decryption sequences;
calculating a check value of the key';
when the check value of the key 'is consistent with the received check value of the key, the key' is identical to the key, and key synchronization between the first device and the second device is achieved.
7. The low computational overhead superlattice twinning PUF key synchronization method of claim 6, wherein said determining m decryption sequences from the m helper data received and the m second binary sequences comprises:
converting each second binary sequence into a Gray code sequence to obtain m second Gray code sequences;
Exclusive or is carried out on the received ith auxiliary data and an ith second gray code sequence corresponding to the ith auxiliary data one by one to obtain an ith decryption sequence; i=1, 2, …, m;
And after the received m auxiliary data and the m second Gray code sequences are subjected to exclusive OR, obtaining m decryption sequences.
8. The method of claim 6, wherein decrypting the m decrypted sequences to obtain the m-bit key' comprises:
adding bits of an ith decryption sequence to obtain an addition result of the ith decryption sequence; i=1, 2, …, m;
When the addition result of the ith decryption sequence is greater than n/2, obtaining the value of the ith bit of the key' as a first value; n is the code length of the decryption sequence;
when the addition result of the ith decryption sequence is smaller than n/2, obtaining the value of the ith bit of the key' as a second value;
When the values of the 1 st bit to the m th bit of the key 'are obtained, the m-bit key' is obtained.
9. The low computational overhead superlattice twinning PUF key synchronization method of claim 8, wherein the first value is 1 and the second value is 0.
10. A low computational overhead superlattice twinning PUF key synchronization system, comprising: a first device having a first PUF device and a second device having a second PUF device, wherein the first PUF device and the second PUF device are twinned PUF devices;
the first device is configured to generate m different challenge signals, generate m first binary sequences according to the m different challenge signals and a preset data acquisition bit number k by using the first PUF device, generate an m-bit key, calculate a check value of the key, determine m auxiliary data according to the m first binary sequences and the key, and send the m different challenge signals, the m auxiliary data and the check value of the key to the second device;
The second device is configured to generate m second binary sequences according to the received m different challenge signals and a preset data acquisition bit number k, determine m decryption sequences according to the received m auxiliary data and the m second binary sequences, decrypt the m decryption sequences to obtain a m-bit key ', calculate a check value of the key', and when the check value of the key 'is consistent with the received check value of the key, indicate that the key' is identical with the key, thereby realizing key synchronization between the first device and the second device.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410289445.XA CN117896064B (en) | 2024-03-14 | 2024-03-14 | Superlattice twin PUF key synchronization method and system with low calculation overhead |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410289445.XA CN117896064B (en) | 2024-03-14 | 2024-03-14 | Superlattice twin PUF key synchronization method and system with low calculation overhead |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117896064A true CN117896064A (en) | 2024-04-16 |
| CN117896064B CN117896064B (en) | 2024-05-31 |
Family
ID=90639902
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410289445.XA Active CN117896064B (en) | 2024-03-14 | 2024-03-14 | Superlattice twin PUF key synchronization method and system with low calculation overhead |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117896064B (en) |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120204023A1 (en) * | 2009-10-21 | 2012-08-09 | Christiaan Kuipers | Distribution system and method for distributing digital information |
| US20160156476A1 (en) * | 2014-11-28 | 2016-06-02 | Yong Ki Lee | Physically Unclonable Function Circuits and Methods of Performing Key Enrollment in Physically Unclonable Function Circuits |
| US20180183589A1 (en) * | 2016-12-23 | 2018-06-28 | Secure-Ic Sas | Secret key generation using a high reliability physically unclonable function |
| CN111049652A (en) * | 2019-12-23 | 2020-04-21 | 北京明朝万达科技股份有限公司 | Data transmission method and device, electronic equipment and computer readable storage medium |
| CN111756540A (en) * | 2019-03-26 | 2020-10-09 | 北京普安信科技有限公司 | Method, terminal, server and system for transmitting ciphertext |
| CN112332971A (en) * | 2020-09-27 | 2021-02-05 | 湖南工商大学 | Safe and efficient data transmission method based on superlattice and compressed sensing |
| CN114844649A (en) * | 2022-05-20 | 2022-08-02 | 北京电子科技学院 | Secret key distribution method containing trusted third party based on superlattice PUF |
| WO2022259012A1 (en) * | 2021-06-07 | 2022-12-15 | Telefonaktiebolaget Lm Ericsson (Publ) | Storage device authenticating host credential and utilizing physically unclonable function (puf) for data encryption/decryption |
| CN116318678A (en) * | 2023-03-28 | 2023-06-23 | 重庆邮电大学 | Multi-factor internet of things terminal dynamic group access authentication method |
| CN117395006A (en) * | 2023-09-11 | 2024-01-12 | 北京普安信科技有限公司 | Communication encryption method |
-
2024
- 2024-03-14 CN CN202410289445.XA patent/CN117896064B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120204023A1 (en) * | 2009-10-21 | 2012-08-09 | Christiaan Kuipers | Distribution system and method for distributing digital information |
| US20160156476A1 (en) * | 2014-11-28 | 2016-06-02 | Yong Ki Lee | Physically Unclonable Function Circuits and Methods of Performing Key Enrollment in Physically Unclonable Function Circuits |
| US20180183589A1 (en) * | 2016-12-23 | 2018-06-28 | Secure-Ic Sas | Secret key generation using a high reliability physically unclonable function |
| CN111756540A (en) * | 2019-03-26 | 2020-10-09 | 北京普安信科技有限公司 | Method, terminal, server and system for transmitting ciphertext |
| CN111049652A (en) * | 2019-12-23 | 2020-04-21 | 北京明朝万达科技股份有限公司 | Data transmission method and device, electronic equipment and computer readable storage medium |
| CN112332971A (en) * | 2020-09-27 | 2021-02-05 | 湖南工商大学 | Safe and efficient data transmission method based on superlattice and compressed sensing |
| WO2022259012A1 (en) * | 2021-06-07 | 2022-12-15 | Telefonaktiebolaget Lm Ericsson (Publ) | Storage device authenticating host credential and utilizing physically unclonable function (puf) for data encryption/decryption |
| CN114844649A (en) * | 2022-05-20 | 2022-08-02 | 北京电子科技学院 | Secret key distribution method containing trusted third party based on superlattice PUF |
| CN116318678A (en) * | 2023-03-28 | 2023-06-23 | 重庆邮电大学 | Multi-factor internet of things terminal dynamic group access authentication method |
| CN117395006A (en) * | 2023-09-11 | 2024-01-12 | 北京普安信科技有限公司 | Communication encryption method |
Non-Patent Citations (4)
| Title |
|---|
| JING LIU;: "A Secure Secret Key Agreement Scheme among Multiple Twinning Superlattice PUF Holders", MDPI, 12 May 2023 (2023-05-12) * |
| 刘晶: "超晶格密钥生成、分发与同步机制中的关键技术研究", 《北京邮电大学博士论文》, 7 September 2019 (2019-09-07) * |
| 吴涵: "超晶格密钥分发技术研究与***实现", 《中国科学技术大学博士论文》, 16 August 2021 (2021-08-16) * |
| 童新海;陈小明;徐述;: "超晶格密码的研究进展", 科学通报, no. 1, 30 January 2020 (2020-01-30), pages 108 - 116 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117896064B (en) | 2024-05-31 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Bao et al. | Combination of sharing matrix and image encryption for lossless $(k, n) $-secret image sharing | |
| US20210194688A1 (en) | Single node multi-party encryption | |
| Awad et al. | Efficient image chaotic encryption algorithm with no propagation error | |
| JP2008513811A (en) | Calculation conversion method and system | |
| CN112084525B (en) | Distributed key encryption method and device, electronic equipment and storage medium | |
| CN113114475A (en) | PUF identity authentication system and protocol based on bit self-checking | |
| US7512794B2 (en) | System and method for authentication | |
| CN113098675B (en) | Binary data encryption system and method based on polynomial complete homomorphism | |
| Kuang et al. | Quantum encryption and decryption in IBMQ systems using quantum permutation pad | |
| Achkoun et al. | SPF-CA: A new cellular automata based block cipher using key-dependent S-boxes | |
| US6301361B1 (en) | Encoding and decoding information using randomization with an alphabet of high dimensionality | |
| Jumaa | Digital image encryption using AES and random number generator | |
| JP4470135B2 (en) | Pseudo random number generation system | |
| CN117896064B (en) | Superlattice twin PUF key synchronization method and system with low calculation overhead | |
| CN114422130B (en) | Quantum encryption method based on quantum power function confusion | |
| CN115987500A (en) | Data safety transmission method and system based on industrial equipment data acquisition | |
| US20220358203A1 (en) | Puf-rake: a puf-based robust and lightweight authentication and key establishment protocol | |
| CN110086619B (en) | Key stream generation method and device | |
| CN116527232A (en) | Data encryption and decryption methods, devices and storage medium | |
| CN113572606A (en) | Quantum digital signature system and method based on Gaussian modulation and homodyne detection | |
| CN109450618B (en) | MD 5-based encryption method and system | |
| KR101076747B1 (en) | Method and apparatus for random accessible encryption and decryption by using a hierarchical tree structure of stream cipher module | |
| Labbi et al. | Symmetric encryption algorithm for RFID systems using a dynamic generation of key | |
| JP5103407B2 (en) | Encrypted numerical binary conversion system, encrypted numerical binary conversion method, encrypted numerical binary conversion program | |
| CN110912679A (en) | Password device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |