Comments on Physically Unclonable Function Based Two-Factor Authentication Protocols
- Authors
- Byun, Jin Wook; Jeong, Ik Rae
- Issue Date
- Jun-2019
- Publisher
- SPRINGER
- Keywords
- Physical unclonable function; Authentication; Password guessing attack
- Citation
- WIRELESS PERSONAL COMMUNICATIONS, v.106, no.3, pp.1243 - 1252
- Indexed
- SCIE
SCOPUS
- Journal Title
- WIRELESS PERSONAL COMMUNICATIONS
- Volume
- 106
- Number
- 3
- Start Page
- 1243
- End Page
- 1252
- URI
- https://scholar.korea.ac.kr/handle/2021.sw.korea/64866
- DOI
- 10.1007/s11277-019-06211-6
- ISSN
- 0929-6212
- Abstract
- Physically unclonable function (PUF) is an embedded hardware-based function in a device and cannot be cloned or reproduced on another device. Due to its unclonability, the PUF has been one of the hot issues in IoT devices over pervasive communication network. Recently, there have been attempts to combine a password with an input of PUF for more efficient authentication over insecure communication. In this paper, we firstly raise a question that Is it really secure if a password is used for an input of PUF?. Up to now, to the best of our knowledge, only two password-based PUF authentications have been introduced in the literature. We revisit two schemes in view of an off-line password guessing attack. Under a practical PUF assumption, however, we observe that two protocols are susceptible to an off-line dictionary attack. We also present a quite simple but powerful countermeasure.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - School of Cyber Security > Department of Information Security > 1. Journal Articles
![qrcode](https://api.qrserver.com/v1/create-qr-code/?size=55x55&data=https://scholar.korea.ac.kr/handle/2021.sw.korea/64866)
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.