PUF-Based Authentication and Key Agreement Protocols for IoT, WSNs, and Smart Grids: A Comprehensive Survey

Abstract

Physically unclonable function (PUF) is a physical unit fabricated inside a sensor and generally considered as an assurance anchor of resource inhibited device. Essentially, the function is based on the cryptographic approach, where a key is created and utilized such that it cannot be cloned. More specifically, it is an arbitrary function, which maps inherent properties of the hardware devices to a unique bit stream of information. Authentication and key agreement (AKA) protocols are widely used in electronic commerce, electronic stock trading, and many secured business transaction platforms, because they allow the communicating devices to mutually authenticate each other while exchanging authenticated session key (or secret key) that can be used subsequently to establish a secured communication channel. Yet, these protocols are also vulnerable to a broad range of security outbreaks. In light of these notions and practical applications, this article is intended to: 1) provide an overview of AKA protocols, PUF plus the combined PUF-based AKA; 2) systematically and taxonomically examine and discuss with pros and cons of AKA applications to the fast growing areas of Internet of Things, wireless sensor networks, and smart grids based on a meticulous survey of the existing literature; 3) summarize the challenges to deployment and potential security risks of the underlying technologies and possible remedies or mitigation strategies; and 4) to conduct and report a comparative performance and security analysis with respect to the three focused areas.