skip to main content


Title: Physical Unclonable Function (PUF)-Based e-Cash Transaction Protocol (PUF-Cash)
Electronic money (e-money or e-Cash) is the digital representation of physical banknotes augmented by added use cases of online and remote payments. This paper presents a novel, anonymous e-money transaction protocol, built based on physical unclonable functions (PUFs), titled PUF-Cash. PUF-Cash preserves user anonymity while enabling both offline and online transaction capability. The PUF’s privacy-preserving property is leveraged to create blinded tokens for transaction anonymity while its hardware-based challenge–response pair authentication scheme provides a secure solution that is impervious to typical protocol attacks. The scheme is inspired from Chaum’s Digicash work in the 1980s and subsequent improvements. Unlike Chaum’s scheme, which relies on Rivest, Shamir and Adlemans’s (RSA’s) multiplicative homomorphic property to provide anonymity, the anonymity scheme proposed in this paper leverages the random and unique statistical properties of synthesized integrated circuits. PUF-Cash is implemented and demonstrated using a set of Xilinx Zynq Field Programmable Gate Arrays (FPGAs). Experimental results suggest that the hardware footprint of the solution is small, and the transaction rate is suitable for large-scale applications. An in-depth security analysis suggests that the solution possesses excellent statistical qualities in the generated authentication and encryption keys, and it is robust against a variety of attack vectors including model-building, impersonation, and side-channel variants.  more » « less
Award ID(s):
1914635
NSF-PAR ID:
10208851
Author(s) / Creator(s):
; ; ; ; ;
Date Published:
Journal Name:
Cryptography
Volume:
3
Issue:
3
ISSN:
2410-387X
Page Range / eLocation ID:
18
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. Electronic money (e‐money or e‐Cash) is the digital representation of physical banknotes augmented by added use cases of online and remote payments. This paper presents a novel, anonymous e‐money transaction protocol, built based on physical unclonable functions (PUFs), titled PUF‐Cash. PUF‐Cash preserves user anonymity while enabling both offline and online transaction capability. The PUF’s privacy‐preserving property is leveraged to create blinded tokens for transaction anonymity while its hardware‐based challenge–response pair authentication scheme provides a secure solution that is impervious to typical protocol attacks. The scheme is inspired from Chaum’s Digicash work in the 1980s and subsequent improvements. Unlike Chaum’s scheme, which relies on Rivest, Shamir and Adlemans’s (RSA’s) multiplicative homomorphic property to provide anonymity, the anonymity scheme proposed in this paper leverages the random and unique statistical properties of synthesized integrated circuits. PUF‐Cash is implemented and demonstrated using a set of Xilinx Zynq Field Programmable Gate Arrays (FPGAs). Experimental results suggest that the hardware footprint of the solution is small, and the transaction rate is suitable for large‐scale applications. An in‐depth security analysis suggests that the solution possesses excellent statistical qualities in the generated authentication and encryption keys, and it is robust against a variety of attack vectors including model‐building, impersonation, and side‐ channel variants. 
    more » « less
  2. null (Ed.)
    Electronic money is the digital representation of physical banknotes enabling offline and online payments. An electronic e-Cash scheme, termed PUF- Cash was proposed in prior work. PUF-Cash preserves user anonymity by leveraging the random and unique statistical properties of physically unclonable functions (PUFs). PUF-Cash is extended meaningfully in this work by the introduction of multiple trusted third parties (TTPs) for token blinding and a fractional scheme to diversify and mask Alice's spending habits from the Bank. A reinforcement learning (RL) framework based on stochastic learning automata (SLA) is proposed to efficiently select a subset of TTPs as well as the fractional amounts for blinding per TTP, based on the set of available TTPs, the computational load per TTP and network conditions. An experimental model was constructed in MATLAB with multiple TTPs to verify the learning framework. Results indicate that the RL approach guarantees fast convergence to an efficient selection of TTPs and allocation of fractional amounts in terms of perceived reward for the end-users. 
    more » « less
  3. null (Ed.)
    Electronic money or e-Cash is becoming increasingly popular as the preferred strategy for making purchases, both on- and off-line. Several unique attributes of e-Cash are appealing to customers, including the convenience of always having "cash-on-hand" without the need to periodically visit the ATM, the ability to perform peer-to-peer transactions without an intermediary, and the peace of mind associated in conducting those transactions privately. Equally important is that paper money provides customers with an anonymous method of payment, which is highly valued by many individuals. Although anonymity is implicit with fiat money, it is a difficult property to preserve within e-Cash schemes. In this paper, we investigate several artificial intelligence (AI) approaches for improving performance and privacy within a previously proposed e-Cash scheme called PUF-Cash. PUF-Cash utilizes physical unclonable functions (PUFs) for authentication and encryption operations between Alice, the Bank and multiple trusted third parties (mTTPs). The AI methods select a subset of the TTPs and distribute withdrawal amounts to maximize the performance and privacy associated with Alice's e-Cash tokens. Simulation results show the effectiveness of the various AI approaches using a large test-bed architecture. 
    more » « less
  4. his work presents a sustainable cybersecurity solution using Physical Unclonable Functions (PUF), Trusted Platform Module (TPM), and Tangle Distributed Ledger Technology (DLT) for sustainable device and data security. Security-by-Design (SbD) or Hardware- Assisted Security (HAS) solutions have gained much prominence due to the requirement of tamper-proof storage for hardwareassisted cryptography solutions. Designing complex security mechanisms can impact their efficiency as IoT applications are more decentralized. In the proposed architecture, we presented a novel TPM-enabled PUF-based security mechanism with effective integration of PUF with TPM. The proposed mechanism is based on the process of sealing the PUF key in the TPM, which cannot be accessed outside the TPM and can only be unsealed by the TPM itself. A specified NV-index is assigned to each IoT node for sealing the PUF key to TPM using the Media Access Control (MAC) address. Access to the TPM's Non-Volatile Random Access Memory (NVRAM) is defined by the TPM's Enhanced Authorization policies as specified by the Trust Computing Group (TCG). The proposed architecture uses Tangle for sustainable data security and storage in decentralized IoT systems through a Masked Authentication Messaging (MAM) scheme for efficient and secure access control to Tangle. We validated the proposed approach through experimental analysis and implementation, which substantiates the potential of the presented PUFchain 4.0 for decentralized IoT-driven security solutions. 
    more » « less
  5. Padhy, Sudarsan ; Oria, Vincent (Ed.)
    The simplicity, low cost, and scalability of Internet of Things (IoT) devices have led researchers to study their applications in a wide range of areas such as Healthcare, Transportation, and Agriculture. IoT devices help farmers to monitor the conditions in a field. These are connected to edge devices for real-time analysis. The edge servers send commands to actuators in the farm directly, without human intervention. At the same time, security vulnerabilities are a big concern, concomitant with the increasing utilization of IoT devices. If the duplication of an IoT device occurs and attackers gain access to the system, then the integrity of the entire ecosystem will be at stake, regardless of the application domain. This paper presents a Physical Unclonable Function (PUF) based hardware security primitive for the authentication of Internet of Agro-Things (IoAT) devices. The proposed security scheme has been prototyped with a testbed evaluation. An arbiter PUF module has been used for the validation of the proposed scheme. The PUF based security primitive is lightweight, scalable, and robust as it mainly depends on inherent manufacturing variations, thereby ensuring no chance for the duplication of IoT devices. 
    more » « less