MC-Multi PUF based lightweight Authentication Framework for Internet of Medical Things

Abstract

With the recent advancement of the Internet of Things (IoT) in the field of healthcare and wearable devices, integration enables all objects to connect to the internet and exchange biomedical data of patients. However, due to the openness of communication channels and data sensitivity, severe security and privacy leakage along with concerns about patient identity and data privacy are raised as collected health data contains sensitive information. Therefore, security incorporation is demanded to restrict unauthorized entities playing with the data. Recently, many authentication mechanisms are proposed for the Internet of Medical Things (IoMT) system but most of the protocols cannot fulfill the security demands completely to protect users' data due to the low efficiency and knowledge-based property of conventional password-based systems and cryptographic approaches. To enhance the security of the IoMT system, this paper proposes machine learning (ML) and multiple physical unclonable function (PUF), MC-Multi PUF, based lightweight authentication framework. Due to the use of lightweight operations, the computation cost is ∼1.5 ms, and the communication cost is 68 bytes. Moreover, the framework shows resistance against modeling attacks (6.4% modeling accuracy using ∼0.5 Mn responses). Furthermore, security features are discussed using informal security proof.