Abstract

Internet of things (IoT) technologies have recently gained much interest from numerous industries, where devices, machines, sensors, or simply things are linked with each other over open communication networks. However, such an operation environment brings new security threats and technology challenges in securing and stabilizing such large systems in the IoT world. Device identity in such an environment is an essential security requirement as a secure anchor for most applications towards clone-resistant resilient operational security. This paper analyzes different contemporary authenticated identification techniques and discusses possible future technologies for physically clone-resistant IoT units. Two categories of identification techniques to counteract cloning IoT units are discussed. The first category is inherently cloneable and includes the classical identification mechanisms based on secret and public key cryptography. Such techniques deploy mainly secret keys stored permanently somewhere in the IoT devices as classical means to make units clone-resistant. However, such techniques are inherently cloneable as the manufacturer or device personalizers can clone them by re-using the same secret key (which must be known to somebody) or reveal keys to third parties to create cloned entities. In contrast, the second, more resilient category is inherently unclonable because it deploys unknown and hard to predict born analog modules such as physical unclonable functions (PUFs) or mutated digital modules and so-called secret unknown ciphers (SUCs). Both techniques are DNA-like identities and hard to predict and clone even by the manufacturer itself. Born PUFs were introduced two decades ago; however, PUFs as analog functions failed to serve as practically usable unclonable electronic identities due to being costly, unstable/inconsistent, and non-practical for mass application. To overcome the drawbacks of analog PUFs, SUCs techniques were introduced a decade ago. SUCs, as mutated modules, are highly consistent, being digital modules. However, as self-mutated digital modules, they offer only clone-resistant identities. Therefore, the SUC technique is proposed as a promising clone-resistant technology embedded in emerging IoT units in non-volatile self-reconfiguring devices. The main threats and expected security requirements in the emerging IoT applications are postulated. Finally, the presented techniques are analyzed, classified, and compared considering security, performance, and complexity given future expected IoT security features and requirements.

Highlights

  • Introduction distributed under the terms andThe Internet of things (IoT) is an essential enabler of the industrial revolution in the digital world

  • Device certificate including certified signature (Sign) by CA, device identity (ID), and device public key (Pub). Implicit certificates are another variant of the public key certificate, where all the certificate components such as identification data, a public key, and digital signatures are superimposed on one another in such a way that the size of the certificate is equal to the size of the public key [26]

  • We defined the role of identity in the IoT device lifecycle and introduced the identity-related security threats and challenges in IoT

Read more

Summary

Introduction distributed under the terms and

The Internet of things (IoT) is an essential enabler of the industrial revolution in the digital world. IoT allows everyday objects (or things) to be connected to the open internet network by equipping such devices with various sensing, networking, and processing capabilities. Resilient physical unclonable identifiers of IoT devices are needed to secure the system against dangerous replacement attacks. The second is inherently-unclonable and includes the analog physical unclonable functions (PUFs) [4], in addition to our proposed clone-resistant digital secret unknown cipher (SUC) technique [5]. PUF and SUC provide hardwired unknown fingerprints without storing any secrets known to a person SUC provide hardwired unknown fingerprints without storing any secrets known to a person

IoT Security and Identity in Real Field Applications
The Role of Identity in IoT Device Lifecycle
Identity-Related Security Threats and Challenges in IoT
IoT Security Requirements
Security Requirements on Network Layer
Security Requirements on the Application Layer
Device Identification
Inherently-Clonable
Inherently-Cloneable Identification Mechanisms
Stored Key as Identity Embodiment
Symmetric Key-Based Identity
Asymmetric Key-Based Identity
Identity-based cryptographic
Public
D ADverifies thethe public key of the device public key of the device
Discussing Inherently-Clonable Identification Mechanisms
Inherently-Unclonable Identification Mechanisms
Identification Based on Analog Physical Unclonable Functions
PUF-Based Identification Protocol
Evaluation of of
PUF for IoT Device Identification and Authentication
PUF-Based IoT Identification Protocols
PUF-Based Identification Discussion
Clone-Resistant IoT Identity Based on Digital Secret Unknown Cipher
1: TA uploads a cipher called “GENIE”
3: Device by using
15. Mutual
SUC Hardware Complexity
SUC-Based IoT Device Identity Discussion
PUF-Based Unclonability Versus Digital Clone-Resistant SUC Techniques
Conclusions
Introduction
Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Physically Unclonable Function (PUF) a Lightweight Security Primitive for IoT: Scope and Challenges
Mahabub Hasan Mahalat ... Bibhash Sen
-
Mahabub Hasan Mahalat, et. al.Mahabub Hasan Mahalat ... Bibhash Sen
01 Aug 2022
A Cost-Efficient Reversible-Based Reconfigurable Ring Oscillator Physical Unclonable Function
Frederic Rizk ... Rodrigue Rizk
-
Frederic Rizk, et. al.Frederic Rizk ... Rodrigue Rizk
28 May 2022
Lessons Learned: Analysis of PUF-based Authentication Protocols for IoT
Karim Lounis ... Mohammad Zulkernine
Digital Threats: Research and Practice | VOL. 4
Karim Lounis, et. al.Karim Lounis ... Mohammad Zulkernine
18 Feb 2022
Securing the Internet of Medical Things with ECG‐based PUF encryption
Biagio Boi ... Christian Esposito
IET Cyber-Physical Systems: Theory & Applications | VOL. 9
Biagio Boi, et. al.Biagio Boi ... Christian Esposito
08 Mar 2024
View more papers

More From: Cryptography

Paper Title
Journal
Date
Author
Combined and General Methodologies of Key Space Partition for the Cryptanalysis of Block Ciphers
Mijail Borges-Quintana ... Guillermo Sosa-Gómez
Cryptography | VOL. 8
Mijail Borges-Quintana, et. al.Mijail Borges-Quintana ... Guillermo Sosa-Gómez
11 Oct 2024
Partial Exposure Attacks on a New RSA Variant
Mohammed Rahmani ... Mhammed Ziane
Cryptography | VOL. 8
Mohammed Rahmani, et. al.Mohammed Rahmani ... Mhammed Ziane
06 Oct 2024
CHAM-CLAS: A Certificateless Aggregate Signature Scheme with Chameleon Hashing-Based Identity Authentication for VANETs
Ahmad Kabil ... Mohamed Rasslan
Cryptography | VOL. 8
Ahmad Kabil, et. al.Ahmad Kabil ... Mohamed Rasslan
17 Sep 2024
A Multi-Candidate Self-Tallying Voting Scheme Based on Smart Contracts
Xingan Dai ... Chao Hong
Cryptography | VOL. -
Xingan Dai, et. al.Xingan Dai ... Chao Hong
12 Sep 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.