A PUF-based Mutual Authentication Protocol for Internet of Things

Abstract

Internet of Things (IoT) has revolutionized the world with its innovative and precise solutions catering a broad spectrum of applications. Smart cities, smart financial services, smart logistics, smart agriculture systems, smart healthcare management system are few applications worth mentioning. Device authentication and data security is a major concern in IoT networks as the devices used in these networks have inadequate computational processing and memory storage resources. Privacy is of paramount importance in applications such as healthcare and finance. As complex algorithms cannot be implemented on the resource-constrained IoT devices, research in the aforementioned areas is still an active subject. In this paper, we propose a mutual device and server authentication protocol using Physical Unclonable Functions (PUFs) for IoT devices. PUFs can be used to uniquely identify the devices and can also be used to generate random keys. As the name suggests, the keys generated by the PUFs cannot be reproduced. Using this unclonability feature, an authentication protocol has been developed. An IoT based temperature and humidity sensing module is developed to integrate the protocol and validate its effectiveness in providing the device authentication and data security.