Philabaum, Christopher Robert (2022) Enhancing cryptographic systems with ternary-based methodologies and physical unclonable functions. Doctoral thesis, Northern Arizona University.
Text
Philabaum_2022_enhancing_cryptographic_systems_with_ternary-based_meth.pdf - Published Version Restricted to Repository staff only Download (8MB) | Request a copy |
Abstract
Historically, the practical use of ternary algebra has had limited success amongst the various fields of computer science. Likewise, in the past two decades alone, the advent of physical unclonable functions (PUFs) has created a new avenue for security in numerous applications. To this day, however, the thorn in the side of the real world deployment in PUF technology has consistently been the limitation of noise. Thus, the majority of PUF research is still primarily focused on mitigating the issue of errors when extracting fingerprints and cryptographic keys from many types of PUFs by using client-focused techniques, such as fuzzy extraction and helper functions. This research describes an alternative methodology: by utilizing the long since disregarded ternary state, it broadens the avenue of PUF cryptography in a new direction. Public Key Exchange that is Addressable (PKA) is a recent scheme that proposes a solution to the vulnerability of current generation public key infrastructures. In particular, currently employed PKIs are vulnerable to future quantum computers due to their reliance on the discrete logarithm problem. PKA sidesteps the issue by utilizing cryptographic hash functions and a "crypto table" to secure the generate the same symmetric key between two entities. However, the scheme only exists in concept, and no implementation has yet to be proposed. Here, the first known implementation of PKA is proposed. This is referred to as Ternary Addressable Public Key Infrastructure (TAPKI). In TAPKI, the original PKA's proposed crypto table is imrpvoed by introducing a third state of uncertainty: a ternary state. Traditionally, crytpographic functions are only designed with binary computing in mind. By adding a third state, an attacker cannot easily reverse engineer the structure of the crypto table. Furthermore, ternary naturally lends itself to the concept of cells that may contain errors. As PUFs have an inherent level of physical randomness, TAPKI can be further strengthened by replacing the crypto table with a PUF-based device altogether. While there exists previous cryptosystems that take advantage of PUFs, all of them must manage errors in some way. Usually, this is in the form of an error correction code or helper function that must be sent amongst peers. However, this places more responsibility and vulnerability on behalf of the client in context of server-client relationships. These clients, particularly those designed around IoT devices, do not have much in the way of compute power and resources to implement such error correction. For illustrative purposes, this concept is referred to as ?challenge-based cryptography." An alternative error correction approach is proposed, where instead the key issuer searches through different possible message digests based on previous knowledge of a user's PUF. This is innovated upon by describing an algorithm that is capable of searching through possible key errors in an efficiently parallel manner. In direct contrast with "challenge-based cryptography," this approach will be referred to as "response-based cryptography (RBC)." Experimentally, it will be shown that this solution is able to search through 5 bit errors in a 256-bit cryptographic key under 1.65 seconds using 512 ranks with 91.77% parallel efficiency. This algorithm can be further optimized by the splitting up the key into even n-bit chunks and padding each chunk with mutually-known secret information. Lastly, the overarching design is completed with post-quantum cryptographic digital signature algorithms, such as CRYSTALS-Dilithium. Rather than having the DSA generate the public-private key via a cryptographically secure pseudo-random number generator, it is replaced by the deterministic, but still secure, output of TAPKI. This cryptosystem combines the use of ternary, hash functions, PUFs, RBC, and PQC to form a cohesive public key infrastructure that is reliable, sufficiently random, and post-quantum safe for server-client architecture. Finally, it will be shown its real world practicality by implementing it around the use of SRAM-based PUFs, both with server-to-client and peer-to-peer communication.
Item Type: | Thesis (Doctoral) |
---|---|
Publisher’s Statement: | © Copyright is held by the author. Digital access to this material is made possible by the Cline Library, Northern Arizona University. Further transmission, reproduction or presentation of protected items is prohibited except with permission of the author. |
Keywords: | cryptography; cyber systems; cybersecurity; physical unclonable functions; public key infrastructure; ternary |
Subjects: | Q Science > QA Mathematics Q Science > QA Mathematics > QA76 Computer software |
NAU Depositing Author Academic Status: | Student |
Department/Unit: | Graduate College > Theses and Dissertations College of Engineering, Informatics, and Applied Sciences > School of Informatics, Computing, and Cyber Systems |
Date Deposited: | 13 Jun 2023 17:42 |
Last Modified: | 13 Jun 2023 17:42 |
URI: | https://openknowledge.nau.edu/id/eprint/6013 |
Actions (login required)
IR Staff Record View |
Downloads
Downloads per month over past year