Abstract
Key agreement between two constrained Internet of Things (IoT) devices that have not met each other is an essential feature to provide in order to establish trust among its users. Physical Unclonable Functions (PUFs) on a device represent a low cost primitive exploiting the unique random patterns in the device and have been already applied in a multitude of applications for secure key generation and key agreement in order to avoid an attacker to take over the identity of a tampered device, whose key material has been extracted. This paper shows that the key agreement scheme of a recently proposed PUF based protocol, presented by Chatterjee et al., for Internet of Things (IoT) is vulnerable for man-in-the-middle, impersonation, and replay attacks in the Yao–Dolev security model. We propose an alternative scheme, which is able to solve these issues and can provide in addition a more efficient key agreement and subsequently a communication phase between two IoT devices connected to the same authentication server. The scheme also offers identity based authentication and repudiation, when only using elliptic curve multiplications and additions, instead of the compute intensive pairing operations.
Highlights
Internet of Things (IoT) is experiencing worldwide growth
This paper shows that the key agreement scheme of a recently proposed Physical Unclonable Functions (PUFs) based protocol, presented by Chatterjee et al, for Internet of Things (IoT)
For the key agreement between two IoT devices, e.g., in the case of sensor nodes in automobiles, smart home and smart cities, we assume that both devices are registered with the same trusted third party (TTP)
Summary
Classical computing and communication devices are connected, and a whole range of other gadgets that are used in our daily life, such as thermostats, light switches, door locks, refrigerators, etc. These devices are characterised by a very small amount of memory and computational power. PUF based protocol for the key agreement phase, which is even more efficient. Similar to [3], for the initialization phase, a large amount of challenges and responses is stored on the server side and used during the key agreement phase to construct a public key, certified by the authentication server
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
