Toward Designing a Secure Authentication Protocol for IoT Environments

Hosseinzadeh, Mehdi; Malik, Mazhar Hussain; Safkhani, Masoumeh; Bagheri, Nasour; Le, Quynh Hoang; Tightiz, Lilia; Mosavi, Amir

doi:10.3390/su15075934

Cited by 2 publications

(1 citation statement)

References 75 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A privileged insider adversary is assumed to have more capability compared to an inherent adversary. A common capability could be its access to the stored data in the memory of the transferred data through secure channels, for example during the registration phase of a protocol 37 , 38 . Following this fact, we evaluate the security of EV-PUF.…”

Section: Security Analysis Of Ev-pufmentioning

confidence: 99%

Designing secure PUF-based authentication protocols for constrained environments

Lee,

Safkhani,

et al. 2023

Sci Rep

Self Cite

View full text Add to dashboard Cite

Physical Unclonable Functions (PUFs) are widely used in cryptographic authentication and key-agreement protocols due to their unique physical properties. This article presents a comprehensive cryptanalysis of two recently developed authentication protocols, namely PLAKE and EV-PUF, both relying on PUFs. Our analysis reveals significant vulnerabilities in these protocols, including susceptibility to impersonation and key leakage attacks, which pose serious threats to the security of the underlying systems. In the case of PLAKE, we propose an attack that can extract the shared secret key with negligible complexity by eavesdropping on consecutive protocol sessions. Similarly, we demonstrate an efficient attack against EV-PUF that enables the determination of the shared key between specific entities. Furthermore, we highlight the potential for a single compromised client in the EV-PUF protocol to compromise the security of the entire network, leaving it vulnerable to pandemic attacks. These findings underscore the critical importance of careful design and rigorous evaluation when developing PUF-based authentication protocols. To address the identified vulnerabilities, we present an improved PUF-based authentication protocol that ensures robust security against all the attacks described in the context of PLAKE and EV-PUF. Through this research, we contribute to the field by exposing vulnerabilities in existing PUF-based authentication protocols and offering an improved protocol that enhances security and safeguards against various attack vectors. This work serves as a valuable reference for researchers and practitioners involved in the design and implementation of secure authentication schemes for IoT systems and dynamic charging systems for electric vehicles.

show abstract

Section: Security Analysis Of Ev-pufmentioning

confidence: 99%