The edge devices connected to the Internet of Things (IoT) infrastructures are increasingly susceptible to piracy. These pirated edge devices pose a serious threat to security, as an adversary can get access to the private network through these non-authentic devices. It is necessary to authenticate an edge device over an unsecured channel to safeguard the network from being infiltrated through these fake devices. The implementation of security features demands extensive computational power and a large hardware/software overhead, both of which are difficult to satisfy because of inherent resource limitation in the IoT edge devices. This paper presents a low-cost authentication protocol for IoT edge devices that exploits power-up states of built-in SRAM for device fingerprint generations. Unclonable ID generated from the on-chip SRAM could be unreliable, and to circumvent this issue, we propose a novel ID matching scheme that alleviates the need for enhancing the reliability of the IDs generated from on-chip SRAMs. Security and different attack analysis show that the probability of impersonating an edge device by an adversary is insignificant. The protocol is implemented using a commercial microcontroller, which requires a small code overhead. However, no modification of device hardware is necessary.
This is an open access article distributed under the Creative Commons Attribution License
which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited