Abstract
A Physical Unclonable Function (PUF) provides a physical device a unique output for a given input, which can be regarded as the device’s digital fingerprint. Thus, PUFs can provide unique identities for billions of connected devices in Internet of Things (IoT) architectures. Plenty of PUF based authenticated key exchange (AKE) protocols have been proposed. However, most of them are designed for the authentication between an IoT node and the specific server/verifier, whom the IoT node registered with. Only a few of them are designed for the authentication between IoT nodes, and all these protocols need verifiers or explicit Challenge-Response Pairs (CRPs). In this paper, we propose the first PUF based AKE protocol for IoT without verifiers and explicit CRPs, which IoT nodes can freely authenticate each other and create a session key on their own without the help of any server or verifier. We compare the proposed protocol with 27 relevant PUF based AKE protocols to show the superiority, and analyze the computational cost of each entity in the proposed protocol to show the efficiency. We define the adversarial model of a PUF based AKE protocol for IoT and formally prove the security of the proposed protocol in random oracle model. The security of the proposed protocol is based on the Elliptic Curve Discrete Logarithm (ECDL), Elliptic Curve Computational Diffie-Hellman (ECCDH), and Decisional Bilinear Diffie-Hellman (DBDH) assumptions.
Highlights
Internet of Things (IoT) is believed to play an important role of our daily life and is becoming a major part of smart home and smart city infrastructures in the near future
To the best of our knowledge, no Physical Unclonable Function (PUF) based authenticated key exchange (AKE) protocol without verifier and explicit Challenge-Response Pairs (CRPs) has been proposed for secure communication between IoT devices
We define the adversarial model of a PUF based AKE protocol for IoT and formally prove that the proposed protocol is secure under the Elliptic Curve Discrete Logarithm (ECDL), Elliptic Curve Computational Diffie-Hellman (ECCDH), and Decisional Bilinear Diffie-Hellman (DBDH) assumptions
Summary
Internet of Things (IoT) is believed to play an important role of our daily life and is becoming a major part of smart home and smart city infrastructures in the near future. A. RELATED WORK Many PUF based AKE protocols [8]–[27] have been proposed for the authentication between an IoT device and a specific verifier/server. Zalivaka et al [33] and Chatterjee et al [34] proposed PUF-based authentication schemes for secure communication between two IoT devices, which the IoT nodes enroll in a trusted third party (TTP). To the best of our knowledge, no PUF based AKE protocol without verifier and explicit CRPs has been proposed for secure communication between IoT devices. We define the adversarial model of a PUF based AKE protocol for IoT and formally prove that the proposed protocol is secure under the Elliptic Curve Discrete Logarithm (ECDL), Elliptic Curve Computational Diffie-Hellman (ECCDH), and Decisional Bilinear Diffie-Hellman (DBDH) assumptions.
Sign-in/Register to view highlights & summary 
Published Version (
Free)
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call