$4\mathrm{.}1$ Authentication Protocol

For the above$-$mentioned scenario, we propose an authentication protocol that

consists of two phases, as depicted in Fig. $8.$ In the enrollment phase, mea$-$

surements $M_{D_{ID}}$:$=\{M_{C_0},$dots,$M_{C_n}\},$ each corresponding to a memristor cell

from $C_0$ to $C_n$ of a smart device with an identifier $D_{ID},$ are captured and

transmitted to the IoT Hub over a secure channel, e$.$g$.$ by establishing a direct

connection between the IoT Hub and the device in a controlled environment

without any other network connection. Each cell is measured with multiple fre$-$

quencies $F$:$=\{f_0,$dots,$f_n\}$ and amplitudes $A$:$=\{a_0,$dots,$a_n\}.$ The IoT Hub stores

the model Model ${?}_{D_{ID}}$ of the smart device learned by the manufacturer along

with an identifier $D_{ID}.$ In the highly unlikely case that the CNN model fails

to be produced for a particular $D_{ID}$ after a few attempts, this $D_{ID}$ shall not

be used. Also, a public key is transmitted to the smart device, which is used in

the next steps of the protocol. There, lightweight algorithms using elliptic curve

cryptography are used.

In the authentication phase, a challenge$-$response protocol is executed.

First, the smart device sends a challenge with its identifier $D_{ID}$ to start an

authentication request. Here, $||$ describes the concatenation of the message, and

the first italicised segment, e$.$g$.,$ AuthRequest, is an identifier, allowing the IoT

Hub and the device involved to identify and parse the relevant messages correctly.

The server responds with a challenge containing a device ID $D_{ID}^{\text{'}},$ a nonce $N,$

a cell ID $C_{ID},$ an amplitude $a,$ and a frequency $f.N$ is used to prevent replay

attacks and can be implemented as a continuous counter or a random number.

The IoT device first checks if the requested device ID$,D_{ID}^{\text{'}},$ is equal to its own,

and then measures the cell $C_{ID}$ by applying the frequency $f$ and amplitude $a$ to

it$,$ resulting in a measurement $M_{\text{C}\text{I}\text{D}}.$ Afterwards, a message consisting of the

$D_{ID},$ the previously sent nonce $N,$ and the measurement $M_{\text{C}\text{I}\text{D}}$ is encrypted using the previously shared publicKey, and sent to the IoT Hub. Only the IoT

Hub can decrypt the message using its privateKey. The server checks if $N$ is

fresh, and chooses the right model, Model ${?}_{D_{ID}},$ based on $D_{ID}.$ If the CNN can

classify all measurements correctly using $Mode{l}_{D_{ID}},a,$ and $f,$ the IoT device

gets authenticated, otherwise it gets rejected. After a number of unsuccessful

authentication requests for the same $D_{ID},$ the use of that $D_{ID}$ may be disabled. First of have to come up with a secure protocol $($simplified one$)$ this protocol should be like this :

$-$First no neural network in the derived protocol

$-$this protocol should use DRAM PUFs $($different time different response and temperature$)$

$-$ I have to use response for authentication.Helper Data produce relevant key

$-$ Use produce key encrypted key for authentication$($can be public key$)$