PUF based Secure and Lightweight Authentication and Key-Sharing Scheme for Wireless Sensor Network

Mahalat, Mahabub Hasan; KarmakarDipankar,; MondalAnindan,; SenBibhash,

doi:10.1145/3466682

Cited by 14 publications

(10 citation statements)

References 43 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…PUF has been used for key generation [ 59 , 60 ], key sharing [ 61 ], group key establishment [ 62 ], and IP protection [ 63 , 64 ] in hardware security area. Also, PUF has become a viable work topic for IoT security and privacy due to resource constraints and access difficulties of IoT devices and found a wide variety of uses in the field [ 65 – 67 ]. Maurya and Bagchi propose a unilateral factor authentication mechanism for use in RFID systems [ 65 ].…”

Section: Physically Unclonable Functionmentioning

confidence: 99%

“…In a different field, due to resource constraints in IoT meters, Boyapally et al proposed a PUF-based authentication mechanism that performs cryptographic operations on the server to provide secure communication between smart meters at consumers and the servers at the utility operators [ 66 ]. There are also studies on the use of PUF in the authentication and key-sharing processes of sensors in the wireless sensor network (WSN) [ 67 ].…”

Section: Physically Unclonable Functionmentioning

confidence: 99%

See 1 more Smart Citation

P/Key: PUF based second factor authentication

Uysal

Akgün

2023

PLoS ONE

View full text Add to dashboard Cite

One-time password (OTP) mechanisms are widely used to strengthen authentication processes. In time-based one-time password (TOTP) mechanisms, the client and server store common secrets. However, once the server is compromised, the client’s secrets are easy to obtain. To solve this issue, hash-chain-based second-factor authentication protocols have been proposed. However, these protocols suffer from latency in the generation of OTPs on the client side because of the hash-chain traversal. Secondly, they can generate only a limited number of OTPs as it depends on the length of the hash-chain. In this paper, we propose a second-factor authentication protocol that utilizes Physically Unclonable Functions (PUFs) to overcome these problems. In the proposed protocol, PUFs are used to store the secrets of the clients securely on the server. In case of server compromise, the attacker cannot obtain the seeds of clients’ secrets and can not generate valid OTPs to impersonate the clients. In the case of physical attacks, including side-channel attacks on the server side, our protocol has a mechanism that prevents attackers from learning the secrets of a client interacting with the server. Furthermore, our protocol does not incur any client-side delay in OTP generation.

show abstract

Section: Physically Unclonable Functionmentioning

confidence: 99%

Section: Physically Unclonable Functionmentioning

confidence: 99%

P/Key: PUF based second factor authentication

Uysal

Akgün

2023

PLoS ONE

View full text Add to dashboard Cite

show abstract

“…Recently, lightweight PUF-based Authentication and Key Exchange protocols have received some attention in several IoT-related fields, including wireless sensor networks (WSNs) [16,18], Smart Homes [19], Remote Healthcare [20], Automotive Technology [21], and Internet of Drones [22]. Yet, the absence of formal verification, the need to maintain the CRP database at the Server end, and the use of complex cryptographic engines along with lightweight PUF instances render those protocols hostile and less suited for widespread implementation.…”

Section: Introductionmentioning

confidence: 99%

A Lightweight and Secure PUF-Based Authentication and Key-exchange Protocol for IoT Devices

Gupta,

Varshney

2024

Preprint

View full text Add to dashboard Cite

The Internet of Things (IoT) is rapidly becoming a common technology that will improve people's lives by seamlessly integrating into many facets of modern life and facilitating information sharing across platforms. Device Authentication is a significant challenge for IoT devices as they are placed in unprotected environments, vulnerable to physical attacks and common security risks. Large computational requirements and communication costs during Authentication make the existing methods, like Public Key Cryptography and Identity-based Encryption, unsuitable for resource-constrained IoT devices. Physical Unclonable Function (PUF) offers a lightweight security mechanism instead of traditional sophisticated cryptosystems by providing an unclonable and tamper-sensitive unique signature. Therefore, we use lightweight operations like bitwise XOR, hash function, and PUF, suitable for resource-constrained IoT devices to authenticate IoT devices. Despite several studies employing the PUF, to the authors' knowledge, existing solutions require an intermediary verifier/gateway and/or active internet by the IoT device to directly interact with a Server to authenticate itself and, hence, are not scalable when the IoT device works technologies like Bluetooth Low Energy, Zigbee, etc. To address the aforementioned issue, we present a system in which the IoT device does not require an active internet connection to communicate with the server. The results of a thorough security study are validated against adversarial attacks and PUF-modelling attacks. For formal security validation, the AVISPA verification tool is also used. Performance study recommends this protocol's lightweight characteristics. The proposed protocol's acceptability and defenses against various adversarial assaults are supported by a prototype developed with ESP32.

show abstract

“…If the user's identification is confirmed, the server enables the legitimate user to log in and access the services demanded. Several schemes [1][2][3][4] , have been proposed for authenticated wireless communication.…”

Section: Introductionmentioning

confidence: 99%

On the security of ring learning with error‐based key exchange protocol against signal leakage attack

Pursharthi

Mishra

2023

Security and Privacy

View full text Add to dashboard Cite

Due to the rapid development of mobile communication and hardware technologies, several mobile‐based web applications have gained popularity among mobile users. Mobile users can utilize these devices to access numerous services over the Internet. To ensure secure communication, different key exchange and authentication (KEA) protocols are proposed and frequently used. However, due to the advent of quantum computers, numerous quantum‐safe KEA protocols are also developed using various complex mathematical problems in ideal lattices. As it is an emerging and developing area, we analyze the security of recently suggested ring learning with error based KEA protocols. The goal of this study is to gain a comprehensive understanding of quantum‐safe KEA mechanisms. For our study, we have considered Dharminder's LWE‐based KEA mechanism and Dharminder and Chandran's LWE‐based KEA mechanism. These protocols enable effective communication and provide a better means for safely transmitting messages between user and server. However, we have discovered that a fundamental security weakness in these methods makes them vulnerable to signal leakage attacks (SLA). Based on our analysis, we demonstrated security weakness against SLA and provide the road‐map for secure construction.

show abstract

PUF based Secure and Lightweight Authentication and Key-Sharing Scheme for Wireless Sensor Network

Cited by 14 publications

References 43 publications

P/Key: PUF based second factor authentication

P/Key: PUF based second factor authentication

A Lightweight and Secure PUF-Based Authentication and Key-exchange Protocol for IoT Devices

On the security of ring learning with error‐based key exchange protocol against signal leakage attack

Contact Info

Product

Resources

About