How to Secure the Communication and Authentication in the IIoT: A SRAM-based Hybrid Cryptosystem

Christoph Lipps, Pascal Ahr, Hans Dieter Schotten

In: European Conference on Cyber Warfare and Security. European Conference on Cyber Warfare and Security (ECCWS) June 25-26 Chester United Kingdom ISBN 978-1-912764-61-7 Academic Conferences and Publishing International Ltd 6/2020.


Currently, the developments of the Fourth Industrial Revolution are taking place, accompanied by the advancements of the Industrial Internet of Things (IIoT). This includes, among others, the interconnection of different industrial spheres, devices and use-cases up to Machine-to-Machine (M2M) and Machine-to-Service (M2S) communication. However, especially this communication is critical because of the partly sensitive content as well as the amount to data transmitted. Furthermore, the reliability and integrity of the data, in particular with regard to industrial applications, an important issue. But as the IIoT devices are designed for low energy consumption rather than to handle with complex cryptographic approaches, new lightweight but nevertheless sound and secure techniques are required. Furthermore, a strong authentication with a power optimized technique and an access control management is necessary. To guarantee both, a secure communication and a strong authentication, a Physical Layer Security (PhySec) based system, in particular a Static Random-Access Memory (SRAM) related approach is a promising opportunity. Especially because most Microcontroller Units (MCUs) are already equipped with SRAM, which requires no additional implementation effort. In this work the ability of SRAMs to use them as a Physical Unclonable Function (PUF) as well as the inherent given characteristics are examined. For instance, the start-up value - the hardware fingerprint of the device – is taken into account. Despite the reputation of PUFs to enable a hardware related deviation of cryptographic keys for secure communication and device authentication, the lack of practical usability if often criticized. To face this, in this work a practical application for PUFs with its potential with respect to the IIoT is presented. Therefore, within a M2M communication scenario the application of a SRAM-PUF driven hybrid cryptosystem is demonstrated. A secure asymmetric cryptosystem is applied to exchange synchronisation data, followed by the PUF-based cryptography. The individual key is calculated from their PUF sequence in conjunction with pre-transmitted helper data. As another benefit of the approach, there is no need to store any cryptographic credentials on the device itself, because the key is regenerated every time required. This enables not only completely new applications in IIoT environments but is also a resource saving, lightweight and powerful security primitive.


Deutsches Forschungszentrum für Künstliche Intelligenz
German Research Center for Artificial Intelligence