Open Access

The ongoing development towards the Industrial Internet of Things (IIoT) and the industrial metaverse pose several challenges for both, customers and manufacturers. These relate mainly to security, usability and energy consumption of the utilized hardware. As most industrial use-cases are referring on traditional communication scenarios and considering data generated and exchanged between producer and consumers, there is a fundamental need for confidentially, integrity and authenticity within the systems. A worthwhile approach to meeting these requirements are Physically Unclonable Functions (PUFs): Semiconductors, which are - based on nano-scale and uncontrollable imperfections occurring during manufacturing of the microchip - in particular suitable for resource-constrained and lightweight applications. Potential implementations for PUF thereby range from unique device’s fingerprint, to secret key derivation, to seeds for True Random Number Generators (TRNGs). This work proposes another potential application of SRAM-PUFs, specifically as an additional source of entropy for a Password-Based Key Derivation Function (PBKDF) communication scheme. Apart from an evaluation of the proposed concept, the suitability of SRAM cells is demonstrated by a dependence study on the effects of supply voltage fluctuation.

Physically unclonable functions (PUFs) are a promising way of introducing hardware-based security primitives into widely used digital systems such as Internet of Things (IoT) devices or Industry 4.0 production plants. Former research attempts focused on conceptually evaluating SRAM PUFs in particular, thus forming the theoretical basis for this paper. The real-world applicability of the proposed SRAM PUFs has hardly been shown before. Therefore, this paper contributes an SRAM PUF implementation based on commodity off-the-shelf (CoTS) hardware, in particular an ESP32 microcontroller. Most notably, the proposed concept does not require any additional hardware. This is a decisive factor for the overall applicability in real-world scenarios since it can be executed on every general-purpose ESP32 microcontroller. Furthermore, this paper provides a detailed PUF algorithm overview which has also been implemented in soft- and hardware. To support the various theoretical benefits of the proposed system, a statistical evaluation of the robustness and overall performance of the PUF concept is also part of this paper. The results show, that the ESP32 SRAM PUF concept allows for a secure on-device authentication based on nanoscale hardware variations during the manufacturing of the ESP32 SRAM cells.

Modern Public Key Infrastructures (PKIs) allow users to create and maintain centrally stored cryptographic certificates. These infrastructures use a so-called certificate chain. At the root of the chain, a root Certification Authority (CA) is responsible for issuing the base certificate. Every verification and certification step within the chain is based upon the security of said root CA. Thus, its operation security is of great concern. Since the root certificates are stored locally on the root CA, any Denial of Service (DoS) attack may render the whole certificate chain, which is based on of the attacked root CA, inoperable. Therefore, this article evaluates different approaches to a decentralized data storage system that is based on the Distributed Ledger Technology (DLT). To show the real-world potential of the proposed approaches, we also evaluate the different technologies using a novel PKI mechanism called Near Field Communication Key Exchange (NFC-KE). The results indicate that modern distributed data storage solutions such as Interplanetary Filesystem (IPFS) and SIA can have significant performance and decentralization benefits in comparison to purely Blockchain-based technologies like Hyperledger Fabric. However, they lack any Smart Contract functionality, which requires a software developer to implement verification mechanisms in centralized software solutions.

Since the introduction of the first cryptocurrency, Bitcoin, in 2008, the gain in popularity of distributed ledger technologies (DLTs) has led to an increasing demand and, consequently, a larger number of network participants in general. Scaling blockchain-based solutions to cope with several thousand transactions per second or with a growing number of nodes has always been a desirable goal for most developers. Enabling these performance metrics can lead to further acceptance of DLTs and even faster systems in general. With the introduction of directed acyclic graphs (DAGs) as the underlying data structure to store the transactions within the distributed ledger, major performance gains have been achieved. In this article, we review the most prominent directed acyclic graph platforms and evaluate their key performance indicators in terms of transaction throughput and network latency. The evaluation aims to show whether the theoretically improved scalability of DAGs also applies in practice. For this, we set up multiple test networks for each DAG and blockchain framework and conducted broad performance measurements to have a mutual basis for comparison between the different solutions. Using the transactions per second numbers of each technology, we created a side-by-side evaluation that allows for a direct scalability estimation of the systems. Our findings support the fact that, due to their internal, more parallelly oriented data structure, DAG-based solutions offer significantly higher transaction throughput in comparison to blockchain-based platforms. Although, due to their relatively early maturity state, fully DAG-based platforms need to further evolve in their feature set to reach the same level of programmability and spread as modern blockchain platforms. With our findings at hand, developers of modern digital storage systems are able to reasonably determine whether to use a DAG-based distributed ledger technology solution in their production environment, i.e., replacing a database system with a DAG platform. Furthermore, we provide two real-world application scenarios, one being smart grid communication and the other originating from trusted supply chain management, that benefit from the introduction of DAG-based technologies.