DPReF: Decentralized Key Generation Using Physical-Related Functions

Physical Unclonable Functions (PUFs) serve as a lightweight source to generate cryptographic keys utilizing the inherent physical device properties, making them particularly suitable for resource-constrained environments such as Internet of Things (IoT) devices. Recently, Physical-Related Functions (PReFs) extended PUFs to enable multiple devices to generate similar keys without the need to exchange or store them, improving security. However, state-of-the-art PReF implementations rely on a Trusted Third Party (TTP) to identify relative challenges, introducing a potential vulnerability if the TTP is compromised. In this work, we propose the first decentralized PReF protocol, removing reliance on the TTP and mitigating associated security risks. The proposed protocol allows relative challenges to be identified directly between devices in a decentralized manner. Additionally, we formalize a mathematical model to estimate the minimum number of devices required to build a network, based on the sizes of the PUF and the shared Challenge-Response Pair (CRP). We demonstrate the generality of our model by verifying it across different types of state-of-the-art PUFs (Arbiter-based Non-Volatile Memory PUF (ANV-PUF) and Pseudo Linear Feedback Shift Register PUF (PLPUF)). We establish a 128 bit cryptographic key using the proposed protocol that matches the state-of-the-art but in a decentralized manner. Moreover, we prove that our protocol can be used to construct hardware-assisted attestation networks using ANV-PUF and PLPUF implementations with a shared secret of 16 bit that allows for both integrity and identity verification.