Physical Unclonable Functions (PUFs) have been shown to be a highly promising solution for enabling high security systems tailored for low-power devices. Commonly, PUFs are utilised to generate cryptographic keys on-the-fly, replacing the need to store keys in vulnerable, non-volatile memories. Due to the physical nature of PUFs, environmental variations cause noise, manifesting themselves as errors which are apparent in the initial PUF measurements. This necessitates expensive active error correction techniques which can run counter to the goal of lightweight security. ML-based techniques for authenticating noisy PUF measurements were explored as an alternative to error correction techniques, bringing about the concept of a PUF Phenotype, where PUF identity is considered as a structure agnostic representation of the PUF, with relevant noise encoding. This work proposes a full noise-tolerant authentication protocol based on the PUF Phenotype concept and methodology for an Internet-of-Things (IoT) network, demonstrating mutual authentication and forward secrecy in a setting suitable for device-to-device communication. Upon conducting security and performance analyses, it is evident that our proposed scheme demonstrates resilience against various attacks compared to the currently existing PUF protocols.

翻译：物理不可克隆函数（PUF）已被证明是为低功耗设备设计高安全性系统的一种极具前景的解决方案。通常，PUF被用于即时生成加密密钥，从而取代将密钥存储在易受攻击的非易失性存储器中的需求。由于PUF的物理特性，环境变化会引入噪声，这些噪声表现为初始PUF测量中出现的错误。这需要采用成本较高的主动纠错技术，而此类技术可能与轻量级安全的目标相悖。基于机器学习的噪声PUF测量认证技术作为纠错技术的替代方案被探索，由此引入了PUF表型的概念——将PUF身份视为一种与结构无关的PUF表征形式，并编码相关噪声。本文提出了一种基于PUF表型概念与方法的全噪声容忍认证协议，适用于物联网（IoT）网络，并在适合设备间通信的场景中实现了双向认证和前向保密性。通过安全性与性能分析可见，与现有PUF协议相比，我们提出的方案展现出了对多种攻击的鲁棒性。