{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,5]],"date-time":"2026-03-05T15:28:26Z","timestamp":1772724506297,"version":"3.50.1"},"reference-count":36,"publisher":"MDPI AG","issue":"1","license":[{"start":{"date-parts":[[2016,11,25]],"date-time":"2016-11-25T00:00:00Z","timestamp":1480032000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Cryptography"],"abstract":"<jats:p>This paper describes an authentication protocol using a Hardware-Embedded Delay PUF called HELP. HELP derives randomness from within-die path delay variations that occur along the paths within a hardware implementation of a cryptographic primitive, such as AES or SHA-3. The digitized timing values which represent the path delays are stored in a database on a secure server (verifier) as an alternative to storing PUF response bitstrings. This enables the development of an efficient authentication protocol that provides both privacy and mutual authentication. The security properties of the protocol are analyzed using data collected from a set of Xilinx Zynq FPGAs.<\/jats:p>","DOI":"10.3390\/cryptography1010003","type":"journal-article","created":{"date-parts":[[2016,11,25]],"date-time":"2016-11-25T08:18:15Z","timestamp":1480061895000},"page":"3","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":50,"title":["A Privacy-Preserving, Mutual PUF-Based Authentication Protocol"],"prefix":"10.3390","volume":"1","author":[{"given":"Wenjie","family":"Che","sequence":"first","affiliation":[{"name":"Department of Electrical and Computer Engineering, University of New Mexico, Albuquerque, NM 87131, USA"}]},{"given":"Mitchell","family":"Martin","sequence":"additional","affiliation":[{"name":"Department of Electrical and Computer Engineering, University of New Mexico, Albuquerque, NM 87131, USA"}]},{"given":"Goutham","family":"Pocklassery","sequence":"additional","affiliation":[{"name":"Department of Electrical and Computer Engineering, University of New Mexico, Albuquerque, NM 87131, USA"}]},{"given":"Venkata","family":"Kajuluri","sequence":"additional","affiliation":[{"name":"Department of Electrical and Computer Engineering, University of New Mexico, Albuquerque, NM 87131, USA"}]},{"given":"Fareena","family":"Saqib","sequence":"additional","affiliation":[{"name":"Department of Electrical and Computer Engineering, Florida Institute of Technology, Melbourne, FL 32901, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1876-117X","authenticated-orcid":false,"given":"Jim","family":"Plusquellic","sequence":"additional","affiliation":[{"name":"Department of Electrical and Computer Engineering, University of New Mexico, Albuquerque, NM 87131, USA"}]}],"member":"1968","published-online":{"date-parts":[[2016,11,25]]},"reference":[{"key":"ref_1","unstructured":"Menezes, A.J., van Oorschot, P.C., and Vanstone, S.A. (1996). Handbook of Applied Cryptography, CRC Press."},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Areno, M., and Plusquellic, J. (2013, January 24\u201327). Secure Mobile Association and Data Protection with Enhanced Cryptographic Engines. Proceedings of the International Conference on Privacy and Security in Mobile Systems (PRISMS), Atlantic City, NJ, USA.","DOI":"10.1109\/PRISMS.2013.6927180"},{"key":"ref_3","doi-asserted-by":"crossref","unstructured":"Van Herrewege, A., Katzenbeisser, S., Maes, R., Peeters, R., Sadeghi, A.R., Verbauwhede, I., and Wachsmann, C. (2012). Reverse Fuzzy Extractors: Enabling Lightweight Mutual Authentication for PUF-enabled RFIDs, Springer. Lecture Notes in Computer Science.","DOI":"10.1007\/978-3-642-32946-3_27"},{"key":"ref_4","doi-asserted-by":"crossref","unstructured":"Suh, G.E., and Devadas, S. (2007, January 4\u20138). Physical Unclonable Functions for Device Authentication and Secret Key Generation. Proceedings of the 44th ACM\/IEEE Design Automation Conference, San Diego, CA, USA.","DOI":"10.1109\/DAC.2007.375043"},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Ganji, F., Tajik, S., and Seifert, J.P. (2015, January 24\u201326). Why Attackers Win: On the Learnability of XOR Arbiter PUFs. Proceedings of the International Conference on Trust & Trustworthy Computing, Heraklion, Greece.","DOI":"10.1007\/978-3-319-22846-4_2"},{"key":"ref_6","first-page":"17","article-title":"HELP: A Hardware-Embedded Delay-Based PUF","volume":"30","author":"Aarestad","year":"2013","journal-title":"Des. Test Comput."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Aysu, A., Gulcan, E., Moriyama, D., Schaumont, P., and Yung, M. (2015, January 13\u201316). End-to-end Design of a PUF-based Privacy Preserving Authentication Protocol. Proceedings of the International Workshop on Cryptographic Hardware and Embedded Systems, Saint-Malo, France.","DOI":"10.1007\/978-3-662-48324-4_28"},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Che, W., Saqib, F., and Plusquellic, J. (2015, January 2\u20136). PUF-Based Authentication. Proceedings of the 2015 IEEE\/ACM International Conference on Computer-Aided Design, Austin, TX, USA.","DOI":"10.1109\/ICCAD.2015.7372589"},{"key":"ref_9","unstructured":"Li, J., and Lach, J. (2008, January 9). At-Speed Delay Characterization for IC Authentication and Trojan Horse Detection. Proceedings of the IEEE International Workshop on Hardware-Oriented Security and Trust, Anaheim, CA, USA."},{"key":"ref_10","first-page":"1173","article-title":"An Improved Ownership Transfer and Mutual Authentication for Lightweight RFID Protocols","volume":"18","author":"Cui","year":"2016","journal-title":"Int. J. Netw. Secur."},{"key":"ref_11","first-page":"374","article-title":"ECPB: Efficient Conditional Privacy-Preserving Authentication Scheme Supporting Batch Verification for VANETs","volume":"18","author":"Wang","year":"2016","journal-title":"Int. J. Netw. Secur."},{"key":"ref_12","first-page":"1089","article-title":"Octopus: An Edge-fog Mutual Authentication Scheme","volume":"18","author":"Ibrahim","year":"2016","journal-title":"Int. J. Netw. Secur."},{"key":"ref_13","unstructured":"Pappu, R.S. (2001). Physical One-Way Functions. [Ph.D. Thesis, MIT]."},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Gassend, B., Clarke, D.E., van Dijk, M., and Devadas, S. (2002, January 18\u201322). Silicon Physical Random Functions. Proceedings of the 9th ACM Conference on Computer and Communications Security, Washington, DC, USA.","DOI":"10.1145\/586110.586132"},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Bolotny, L., and Robins, G. (2007, January 19\u201323). Physically Unclonable Function-based Security and Privacy in RFID Systems. Proceedings of the Fifth IEEE International Conference on Pervasive Computing and Communications, White Plains, NY, USA.","DOI":"10.1109\/PERCOM.2007.26"},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Ozturk, E., Hammouri, G., and Sunar, B. (2008, January 19\u201323). Towards Robust Low Cost Authentication for Pervasive Devices. Proceedings of the Fifth IEEE International Conference on Pervasive Computing and Communications, White Plains, NY, USA.","DOI":"10.1109\/PERCOM.2008.54"},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"807","DOI":"10.1016\/j.pmcj.2008.07.001","article-title":"A Tamper-Proof and Lightweight Authentication Scheme","volume":"4","author":"Hammouri","year":"2008","journal-title":"Pervasive Mob. Comput."},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Kulseng, L., Yu, Z., Wei, Y., and Guan, Y. (2010, January 14\u201319). Lightweight Mutual Authentication and Ownership Transfer for RFID Systems. Proceedings of the IEEE INFOCOM, San Diego, CA, USA.","DOI":"10.1109\/INFCOM.2010.5462233"},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Sadeghi, A.R., Visconti, I., and Wachsmann, C. (2010). Enhancing RFID Security and Privacy by Physically Unclonable Functions, Springer. Information Security and Cryptography.","DOI":"10.1007\/978-3-642-14452-3_13"},{"key":"ref_20","unstructured":"Katzenbeisser, S., Kocabas, U., van der Leest, V., Sadeghi, A., Schrijen, G.J., Schroder, H., and Wachsmann, C. (Octorber, January 28). Recyclable PUFs: Logically Recongurable PUFs. Proceedings of the Workshop on Cryptographic Hardware and Embedded Systems, Nara, Japan."},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Kocabas, U., Peter, A., Katzenbeisser, S., and Sadeghi, A. (2012, January 13\u201315). Converse PUF-Based Authentication. Proceedings of the 5th International Conference on Trust and Trustworthy Computing, Vienna, Austria.","DOI":"10.1007\/978-3-642-30921-2_9"},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Lee, Y.S., Kim, T.Y., and Lee, H.J. (2012, January 26\u201329). Mutual Authentication Protocol for Enhanced RFID Security and Anti-counterfeiting. Proceedings of the 2012 26th International Conference on Advanced Information Networking and Applications Workshops (WAINA), Fukuoka, Japan.","DOI":"10.1109\/WAINA.2012.12"},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Jin, Y., Xin, W., Sun, H., and Chen, Z. (2012). PUF-Based RFID Authentication Protocol against Secret Key Leakage, Springer. Lecture Notes in Computer Science.","DOI":"10.1007\/978-3-642-29253-8_27"},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Majzoobi, M., Rostami, M., Koushanfar, F., Wallach, D.S., and Devadas, S. (2012, January 24\u201325). Slender PUF Protocol: A Lightweight, Robust, and Secure Authentication by Substring Matching. Proceedings of the 2012 IEEE Symposium on Security and Privacy Workshop, San Francisco, CA, USA.","DOI":"10.1109\/SPW.2012.30"},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Xu, Y., and He, Z. (2012, January 21\u201323). Design of a Security Protocol for Low-Cost RFID. Proceedings of the 2012 8th International Conference on Wireless Communications, Networking and Mobile Computing (WiCOM), Shanghai, China.","DOI":"10.1109\/WiCOM.2012.6478482"},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Lee, Y.S., Lee, H.J., and Alasaarela, E. (2013, January 1\u20135). Mutual Authentication in Wireless Body Sensor Networks Based on Physical Unclonable Function. Proceedings of the 2013 9th International Wireless Communications and Mobile Computing Conference (IWCMC), Sardinia, Italy.","DOI":"10.1109\/IWCMC.2013.6583746"},{"key":"ref_27","doi-asserted-by":"crossref","unstructured":"Yu, M.D., M\u2019Rahi, D., Verbauwhede, I., and Devadas, S. (2014, January 6\u20137). A Noise Bifurcation Architecture for Linear Additive Physical Functions. Proceedings of the 2014 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), Arlington, VA, USA.","DOI":"10.1109\/HST.2014.6855582"},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Konigsmark, S.T.C., Hwang, L.K., Chen, D., and Wong, M.D.F. System-of-PUFs: Multilevel Security for Embedded Systems. Proceedings of the 2014 International Conference on Hardware\/Software Codesign and System Synthesis, 1\u201310.","DOI":"10.1145\/2656075.2656099"},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Delvaux, J., Gu, D., Peeters, R., and Verbauwhede, I. (2015). A Survey on Lightweight Entity Authentication with Strong PUFs. J. ACM Comput. Surv., 48.","DOI":"10.1145\/2818186"},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"232","DOI":"10.1049\/iet-ifs.2015.0401","article-title":"Compact and Low-power ASIP Design for Lightweight PUF-based Authentication Protocols","volume":"10","author":"Aysu","year":"2016","journal-title":"IET Inf. Secur."},{"key":"ref_31","unstructured":"AES-Wikipedia. Available online: https:\/\/en.wikipedia.org\/wiki\/AES."},{"key":"ref_32","unstructured":"Tiri, K., and Verbauwhede, I. (2004, January 16\u201320). A Logic Level Design Methodology for a Secure DPA Resistant ASIC or FPGA Implementation. Proceedings of the Conference on Design, Automation and Test in Europe, Paris, France."},{"key":"ref_33","unstructured":"NIST Website, Available online: http:\/\/csrc.nist.gov\/groups\/ST\/toolkit\/rng\/documentation_software.html."},{"key":"ref_34","unstructured":"Xilinx Zedboard Website. Available online: http:\/\/zedboard.org\/product\/zedboard."},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"249","DOI":"10.1007\/s13389-016-0119-4","article-title":"PAC Learning of Arbiter PUFs","volume":"6","author":"Ganji","year":"2016","journal-title":"J. Cryptogr. Eng."},{"key":"ref_36","doi-asserted-by":"crossref","unstructured":"R\u00fchrmair, U., Sehnke, F., S\u00f6lter, J., Dror, G., Devadas, S., and Schmidhuber, J. (2010, January 4\u20138). Modeling Attacks on Physical Unclonable Functions. Proceedings of the 17th ACM conference on Computer and communications security, Chicago, IL, USA.","DOI":"10.1145\/1866307.1866335"}],"container-title":["Cryptography"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2410-387X\/1\/1\/3\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T19:27:25Z","timestamp":1760210845000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2410-387X\/1\/1\/3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,11,25]]},"references-count":36,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2017,6]]}},"alternative-id":["cryptography1010003"],"URL":"https:\/\/doi.org\/10.3390\/cryptography1010003","relation":{},"ISSN":["2410-387X"],"issn-type":[{"value":"2410-387X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2016,11,25]]}}}