A taxonomy of PUF Schemes with a novel Arbiter-based PUF resisting machine learning attacks

As the Intenert of Things (IoT) continues to evolve in our daily personal lives and in future industrial systems (industry 4.0), one of the most significant issues is security. IoT systems must overcome a number of challenges, including deficiency of resources, low power consumption, and the need to protect devices against cyber-attacks. Regrettably, issues about energy use and the lack of computing resources limit the cryptographic methods that can be implemented on these devices. Moreover, the conventional use of non-volatile memory for storing secret keys are vulnerable to a number of attacks like reverse-engineering, cold-boot, side channel, device tampering, etc. Physical Unclonable Functions (PUFs) are one of the categories for enhancing physical device security and solving issues involving with the use of traditional cryptographic algorithms. PUFs are associated as lightweight one-way functions used to extract a unique identity for each end-device, based on physical factors introduced during manufacturing which are unforeseeable and unclonable. PUFs are promising hardware security primitive and have seen a lot of attention in the past few years. In this paper, we provide a survey of a large range of PUF schemes proposed in the literature. Our comparison analysis of the surveyed schemes ends with a number of observations. Then we propose a new scheme of Arbiter PUF to create an identity for each IoT device. The proposed scheme is resistant to Machine Learning (ML) attacks. It is proven to avoid the shortcoming of several previously proposed related PUF-based authentication protocols.