摘要 |
A resilient device authentication system for use with managed devices each including a physically-unclonable function ("PUF"), comprising verification authorities ("VAs") including a complete verification set ("loaded CVS") that includes hardware part-specific data associated with the PUFs of the managed devices, each VA configured to create a limited verification set ("LVS") that includes representation of CVS data to redundantly verify all hardware parts associated with the LVS and configured to construct a replacement LVS; and provisioning entities ("PEs") connectable to VAs and to the managed devices, each PE including a LVS, and configured to select a subset of the loaded LVS to create an application limited verification set; wherein the loaded CVS includes metadata, and eac of the one or more VAs is configured to perform one-way algorithmic transformation of hardware part-specific data together with metadata from the loaded CVS to create a LVS representing both metadata and hardware part-specific data. |