信息安全研究2026,Vol.12Issue(1):33-42,10.DOI:10.12379/j.issn.2096-1057.2026.01.04
零信任中基于PUF的物联网抗机器学习攻击身份认证
PUF-based Identity Authentication for Internet of Things Against Machine Learning Attacks in Zero-trust Architecture
摘要
Abstract
To enable scalable IoT systems,edge computing,as a new decentralized model,is introduced into IoT scenarios.Zero trust architecture(ZTA)is well-suited for cloud-edge-end systems with blurred boundaries,offering continuous dynamic authentication and improved security.Due to their lightweight and unclonable properties,physical unclonable functions(PUFs)are often used to generate hardware fingerprint identities for devices.PUFs exploit inherent randomness introduced during hardware fabrication processes to generate unique and non-predictable challenge-response pairs.If an attacker collects many plaintext CRPs during continuous authentication,he may model and predict future responses,enabling machine learning attacks.This paper proposes a PUF-based authentication solution(PAML-CA).It enhances privacy protection against machine learning attacks by leveraging oblivious pseudorandom function techniques to obfuscate CRP transmission.The solution combines static and continuous multi-layer dynamic verification protocols,limiting implicit trust domains within a session.Security analysis and performance comparisons demonstrate that PAML-CA offers better security,functionality,communication,and computational efficiency compared to other related solutions.关键词
物联网/零信任/身份认证/物理不可克隆函数/隐私保护Key words
Internet of things/zero trust/identity authentication/physical unclonable function/privacy preservation分类
信息技术与安全科学引用本文复制引用
Si Xuege,Jia Hongyong,Zeng Junjie,Li Yuncong..零信任中基于PUF的物联网抗机器学习攻击身份认证[J].信息安全研究,2026,12(1):33-42,10.基金项目
河南省重点研发专项(231111211900) (231111211900)
