Related papers: A Lightweight and Secure PUF-Based Authentication and Key-exchange Protocol for IoT Devices

A Lightweight and Secure PUF-Based Authentication and Key-exchange Protocol for IoT Devices

URL: http://arxiv.org/abs/2311.04078v1
Date: Tue, 7 Nov 2023 15:42:14 GMT
Title: A Lightweight and Secure PUF-Based Authentication and Key-exchange Protocol for IoT Devices
Authors: Chandranshu Gupta, Gaurav Varshney,
Abstract summary: Device Authentication and Key exchange are major challenges for the Internet of Things. PUF appears to offer a practical and economical security mechanism in place of typically sophisticated cryptosystems like PKI and IBE. We present a system in which the IoT device does not require a continuous active internet connection to communicate with the server in order to Authenticate itself.
Score: 0.0
License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
Abstract: The Internet of Things (IoT) has improved people's lives by seamlessly integrating into many facets of modern life and facilitating information sharing across platforms. Device Authentication and Key exchange are major challenges for the IoT. High computational resource requirements for cryptographic primitives and message transmission during Authentication make the existing methods like PKI and IBE not suitable for these resource constrained devices. PUF appears to offer a practical and economical security mechanism in place of typically sophisticated cryptosystems like PKI and IBE. PUF provides an unclonable and tamper sensitive unique signature based on the PUF chip by using manufacturing process variability. Therefore, in this study, we use lightweight bitwise XOR, hash function, and PUF to Authenticate IoT devices. Despite several studies employing the PUF to authenticate communication between IoT devices, to the authors' knowledge, existing solutions require intermediary gateway and internet capabilities by the IoT device to directly interact with a Server for Authentication and hence, are not scalable when the IoT device works on different technologies like BLE, Zigbee, etc. To address the aforementioned issue, we present a system in which the IoT device does not require a continuous active internet connection to communicate with the server in order to Authenticate itself. The results of a thorough security study are validated against adversarial attacks and PUF modeling attacks. For formal security validation, the AVISPA verification tool is also used. Performance study recommends this protocol's lightweight characteristics. The proposed protocol's acceptability and defenses against adversarial assaults are supported by a prototype developed with ESP32.

Related papers

LPUF-AuthNet: A Lightweight PUF-Based IoT Authentication via Tandem Neural Networks and Split Learning [2.37507453143459]
Internet of things (IoT) is projected to connect over 75 billion devices globally by 2025. Traditional cryptographic methods often struggle with the constraints of IoT devices. This paper considers physical unclonable functions (PUFs) as robust security solutions. Our proposed solution introduces a lightweight PUF mechanism, called LPUF-AuthNet, combining tandem neural networks (TNN) with a split learning (SL) paradigm.
arXiv Detail & Related papers (2024-10-16T03:25:04Z)
PhenoAuth: A Novel PUF-Phenotype-based Authentication Protocol for IoT Devices [9.608432807038083]
This work proposes a full noise-tolerant authentication protocol based on the PUF Phenotype concept. It demonstrates mutual authentication and forward secrecy in a setting suitable for device-to-device communication.
arXiv Detail & Related papers (2024-03-06T06:04:32Z)
zk-IoT: Securing the Internet of Things with Zero-Knowledge Proofs on Blockchain Platforms [0.0]
This paper introduces the zk-IoT framework, a novel approach to enhancing the security of Internet of Things (IoT) ecosystems. Our framework ensures the integrity of firmware execution and data processing in potentially compromised IoT devices.
arXiv Detail & Related papers (2024-02-13T09:34:23Z)
Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS) FLEKD enables a more flexible aggregation method than conventional model fusion techniques. Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
arXiv Detail & Related papers (2024-01-22T14:16:37Z)
Classification of cyber attacks on IoT and ubiquitous computing devices [49.1574468325115]
This paper provides a classification of IoT malware. Major targets and used exploits for attacks are identified and referred to the specific malware. The majority of current IoT attacks continue to be of comparably low effort and level of sophistication and could be mitigated by existing technical measures.
arXiv Detail & Related papers (2023-12-01T16:10:43Z)
Tamper-Evident Pairing [55.2480439325792]
Tamper-Evident Pairing (TEP) is an improvement of the Push-Button configuration (PBC) standard. TEP relies on the Tamper-Evident Announcement (TEA), which guarantees that an adversary can neither tamper a transmitted message without being detected, nor hide the fact that the message has been sent. This paper provides a comprehensive overview of the TEP protocol, including all information needed to understand how it works.
arXiv Detail & Related papers (2023-11-24T18:54:00Z)
Caveat (IoT) Emptor: Towards Transparency of IoT Device Presence (Full Version) [12.842258850026878]
Hidden IoT devices can snoop (via sensing) on nearby unsuspecting users, and impact the environment where unaware users are present, via actuation. This paper constructs a privacy-agileuation RootofTrust architecture for devices, called PAISA. It guarantees timely and secure announcements about IoT devices' presence and their capabilities.
arXiv Detail & Related papers (2023-09-07T09:08:31Z)
IoT Device Identification Based on Network Communication Analysis Using Deep Learning [43.0717346071013]
The risk of attacks on an organization's network has increased due to the growing use of less secure IoT devices. To tackle this threat and protect their networks, organizations generally implement security policies in which only white listed IoT devices are allowed on the network. In this research, deep learning is applied to network communication for the automated identification of IoT devices permitted on the network.
arXiv Detail & Related papers (2023-03-02T13:44:58Z)
The Internet of Senses: Building on Semantic Communications and Edge Intelligence [67.75406096878321]
The Internet of Senses (IoS) holds the promise of flawless telepresence-style communication for all human receptors' We elaborate on how the emerging semantic communications and Artificial Intelligence (AI)/Machine Learning (ML) paradigms may satisfy the requirements of IoS use cases.
arXiv Detail & Related papers (2022-12-21T03:37:38Z)
Technical Report-IoT Devices Proximity Authentication In Ad Hoc Network Environment [0.0]
Internet of Things (IoT) is a distributed communication technology system that offers the possibility for physical devices to connect and exchange data. authentication to the IoT devices is essential as it is the first step in preventing any negative impact of possible attackers. This paper implements an IoT devices authentication scheme based on something that is in the IoT devices environment.
arXiv Detail & Related papers (2022-10-01T03:07:42Z)
IoT Device Identification Using Deep Learning [43.0717346071013]
The growing use of IoT devices in organizations has increased the number of attack vectors available to attackers. The widely adopted bring your own device (BYOD) policy which allows an employee to bring any IoT device into the workplace and attach it to an organization's network also increases the risk of attacks. In this study, we applied deep learning on network traffic to automatically identify IoT devices connected to the network.
arXiv Detail & Related papers (2020-02-25T12:24:49Z)

This list is automatically generated from the titles and abstracts of the papers in this site.