基于多PUF模组的身份标识与身份认证机制研究  被引量：1

作　　者：谢峰 孟坤[1] 张旺 许嘉鑫 王启源 XIE Feng;MENG Kun;ZHANG Wang;XU Jia-xin;WANG Qi-yuan(School of Computer Science,Beijing Information Science and Technology University,Beijing 100101,China)

机构地区：[1]北京信息科技大学计算机学院,北京100101

出　　处：《计算机技术与发展》2024年第8期73-77,共5页Computer Technology and Development

基　　金：北京教委2019年度科技计划一般项目(KM201911232002)。

摘　　要：身份认证是保护用户数据的第一道防线,为用户数据安全提供重要的保证。现有的身份认证方法均依赖于凭证服务提供商(CSP)等权威中心,信任其自身管控性和安全防护能力。但是,权威中心对身份标识具有绝对管控权,权威中心一旦失效将带来信息安全隐患。基于此,提出了一种基于多PUF模组的身份标识生成及身份认证机制,将PUF硬件指纹引入认证机制中,设计了一种去中心化身份认证机制。物理不可克隆功能(Physical Unclonable Function,PUF)描述了一种具有唯一性、不可篡改性的物理功能,已在身份认证领域得到了广泛应用,但其易受到使用环境等的影响而失效。现有的基于PUF的身份认证方法均未提供对PUF芯片失效的容忍方案。该文利用多PUF模组关联的方式,提出了提高身份认证机制可用性的解决方案。最后,对所提出的机制从安全性、可行性和可靠性三个方面进行了讨论和证明。Identity authentication serves as the primary line of defense for safeguarding user data,providing crucial assurance for the security of user information.Existing identity authentication methods rely on authoritative centers such as Credential Service Providers(CSP),trusting their self-control and security capabilities.However,authoritative centers possess absolute control over identity,and any failure in these centers may pose security risks to information.Considering this,we propose an identity generation and authentication mechanism based on multi-PUF modules,introducing PUF hardware fingerprints into the authentication process and designing a decentralized identity authentication mechanism.Physical Unclonable Function(PUF)describes a physically unique and tamper-resistant function widely applied in the field of identity authentication.However,PUFs are susceptible to environmental influences,leading to potential failures.Existing PUF-based identity authentication methods have not provided tolerance solutions for PUF chip failures.We propose a solution to enhance the usability of identity authentication mechanisms by utilizing a correlated approach with multiple PUF modules.Finally,we discuss and demonstrate the proposed mechanism in terms of security,feasibility,and reliability.

关 键 词：去中心化 物理不可克隆功能 身份认证 可靠性 硬件指纹 

分 类 号：TP309.7[自动化与计算机技术—计算机系统结构]