PUFchain 4.0: Integrating PUF-based TPM in Distributed Ledger for Security-by-Design of IoT

This work presents a sustainable cybersecurity solution using Physical Unclonable Functions (PUF), Trusted Platform Module (TPM), and Tangle Distributed Ledger Technology (DLT) for sustainable device and data security. Security-by-Design (SbD) or Hardware-Assisted Security (HAS) solutions have gained much prominence due to the requirement of tamper-proof storage for hardware-assisted cryptography solutions. Designing complex security mechanisms can impact their efficiency as IoT applications are more decentralized. In the proposed architecture, we presented a novel TPM-enabled PUF-based security mechanism with effective integration of PUF with TPM. The proposed mechanism is based on the process of sealing the PUF key in the TPM, which cannot be accessed outside the TPM and can only be unsealed by the TPM itself. A specified NV-index is assigned to each IoT node for sealing the PUF key to TPM using the Media Access Control (MAC) address. Access to the TPM's Non-Volatile Random Access Memory (NVRAM) is defined by the TPM's Enhanced Authorization policies as specified by the Trust Computing Group (TCG). The proposed architecture uses Tangle for sustainable data security and storage in decentralized IoT systems through a Masked Authentication Messaging (MAM) scheme for efficient and secure access control to Tangle. We validated the proposed approach through experimental analysis and implementation, which substantiates the potential of the presented PUFchain 4.0 for decentralized IoT-driven security solutions.

Automated summary

This work presents a sustainable cybersecurity solution using Physical Unclonable Functions (PUF), Trusted Platform Module (TPM), and Tangle Distributed Ledger Technology (DLT) for secure device and data storage in IoT systems. The proposed architecture combines PUF and TPM to protect the PUF key by sealing it in the TPM. Each IoT node is assigned a specific NV-index for sealing the PUF key to TPM using the MAC address. The architecture also utilizes Tangle and a Masked Authentication Messaging (MAM) scheme for efficient and secure access control to Tangle in decentralized IoT systems.