PUF Based Authentication Protocol for IoT
AbstractKey agreement between two constrained Internet of Things (IoT) devices that have not met each other is an essential feature to provide in order to establish trust among its users. Physical Unclonable Functions (PUFs) on a device represent a low cost primitive exploiting the unique random patterns in the device and have been already applied in a multitude of applications for secure key generation and key agreement in order to avoid an attacker to take over the identity of a tampered device, whose key material has been extracted. This paper shows that the key agreement scheme of a recently proposed PUF based protocol, presented by Chatterjee et al., for Internet of Things (IoT) is vulnerable for man-in-the-middle, impersonation, and replay attacks in the Yao–Dolev security model. We propose an alternative scheme, which is able to solve these issues and can provide in addition a more efficient key agreement and subsequently a communication phase between two IoT devices connected to the same authentication server. The scheme also offers identity based authentication and repudiation, when only using elliptic curve multiplications and additions, instead of the compute intensive pairing operations. View Full-Text
Share & Cite This Article
Braeken, A. PUF Based Authentication Protocol for IoT. Symmetry 2018, 10, 352.
Braeken A. PUF Based Authentication Protocol for IoT. Symmetry. 2018; 10(8):352.Chicago/Turabian Style
Braeken, An. 2018. "PUF Based Authentication Protocol for IoT." Symmetry 10, no. 8: 352.
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.