About OpenKnowledge@NAU | For NAU Authors

High throughput, reliable, and secure password management system using physical unclonable functions

Mohammadinodoushan, Mohammad (2022) High throughput, reliable, and secure password management system using physical unclonable functions. Doctoral thesis, Northern Arizona University.

[thumbnail of Mohammadinodoushan_2022_high_throughput_reliable_secure_password_manag.pdf] Text
Mohammadinodoushan_2022_high_throughput_reliable_secure_password_manag.pdf - Published Version
Restricted to Repository staff only

Download (5MB) | Request a copy

Abstract

Insider attacks capable of diverting databases (DBs) of passwords (PWs) are a significant risk. This risk cannot be mitigated by turning PWs into digests with salted hashing schemes. Converting digests to PUF responses via low-cost memory PUFs and constrained hardware (HW) is attractive because DBs cannot be exploited without PUF control. Even though PUFs provide an additional layer of security, PUFs are slow for PW managers (PWMs). For systems with a large number of users, this can be a serious issue. Furthermore, the resiliency of PUFs, like that of any other piece of HW, can be a source of concern. As a result, accepting the concept of a PUF-based PWM system requires a trade-off between achieved security and desired throughput and resiliency. This dissertation investigates how PUF-based PW managers might be brought closer to reality, with a focus on throughput and reliability. Several methods and architectures are proposed and evaluated to improve the PUF-based PWMs' resiliency, latency, or both. The proposed solution involves implementing a high-throughput architecture with PWM nodes controlled by a dispatcher that distributes the central DB and tasks to all PUF-based PWM nodes. The concept of high throughput, resilient, and secure PWM system with multiple PUFs is tested and evaluated on a prototype consisting of four PWM nodes to overcome the latency constraint caused by PUFs. A PWM node receives user information from the dispatcher and outputs the authentication result. A PWM node is implemented using a low-cost microcontroller, extremely low-cost SRAM PUF, and a non-volatile memory. The experimental results of this work show functionality of PUF-based PWM systems as the number of PUF-based PWM nodes increases. The findings of this study can help mitigate one of the critical cybersecurity attacks that may be utilized in various real-world situations.

Item Type: Thesis (Doctoral)
Publisher’s Statement: © Copyright is held by the author. Digital access to this material is made possible by the Cline Library, Northern Arizona University. Further transmission, reproduction or presentation of protected items is prohibited except with permission of the author.
Keywords: PASSWORD; PHYSICAL UNCLONABLE FUNCTIONS; SECURE; THROUGHPUT
Subjects: Q Science > QA Mathematics > QA76 Computer software
NAU Depositing Author Academic Status: Student
Department/Unit: Graduate College > Theses and Dissertations
College of Engineering, Informatics, and Applied Sciences > School of Informatics, Computing, and Cyber Systems
Date Deposited: 25 May 2023 22:21
Last Modified: 25 May 2023 22:21
URI: https://openknowledge.nau.edu/id/eprint/5908

Actions (login required)

IR Staff Record View IR Staff Record View

Downloads

Downloads per month over past year