Lessons Learned: Analysis of PUF-based Authentication Protocols for IoT

Physical Unclonable Functions ◽

Security Issues ◽

Cryptographic Keys ◽

Security Properties ◽

The Subject ◽

The service of authentication constitutes the spine of all security properties. It is the phase where entities prove their identities to each other and generally establish and derive cryptographic keys to provide confidentiality, data integrity, non-repudiation, and availability. Due to the heterogeneity and the particular security requirements of IoT (Internet of Things), developing secure, low-cost, and lightweight authentication protocols has become a serious challenge. This has excited the research community to design and develop new authentication protocols that meet IoT requirements. A recent technology, called PUFs (Physical Unclonable Functions), has been the subject of many subsequent publications on lightweight, low-cost, and secure-by-design authentication protocols. This has turned our attention to investigate the most recent PUF-based authentication protocols for IoT. In this paper, we review the security of these protocols. We first provide the necessary background on PUFs, their types, and related attacks. Also, we discuss how PUFs are used for authentication. Then, we analyze the security of PUF-based authentication protocols to identify and report common security issues and design flaws, as well as to provide recommendations for future authentication protocol designers.

Comparative Study on Various Authentication Protocols in Wireless Sensor Networks

The Scientific World JOURNAL ◽

10.1155/2016/6854303 ◽

2016 ◽

Vol 2016 ◽

pp. 1-16 ◽

Cited By ~ 7

Author(s):

S. Raja Rajeswari ◽

V. Seenivasagam

Keyword(s):

Wireless Sensor Networks ◽

Sensor Networks ◽

Key Management ◽

Low Cost ◽

Wireless Sensor ◽

Security Services ◽

Management Schemes ◽

Active Research ◽

Wireless sensor networks (WSNs) consist of lightweight devices with low cost, low power, and short-ranged wireless communication. The sensors can communicate with each other to form a network. In WSNs, broadcast transmission is widely used along with the maximum usage of wireless networks and their applications. Hence, it has become crucial to authenticate broadcast messages. Key management is also an active research topic in WSNs. Several key management schemes have been introduced, and their benefits are not recognized in a specific WSN application. Security services are vital for ensuring the integrity, authenticity, and confidentiality of the critical information. Therefore, the authentication mechanisms are required to support these security services and to be resilient to distinct attacks. Various authentication protocols such as key management protocols, lightweight authentication protocols, and broadcast authentication protocols are compared and analyzed for all secure transmission applications. The major goal of this survey is to compare and find out the appropriate protocol for further research. Moreover, the comparisons between various authentication techniques are also illustrated.

Achieving protection against man-in-the-middle attack in HB family protocols implemented in RFID tags

International Journal of Pervasive Computing and Communications ◽

10.1108/ijpcc-03-2016-0015 ◽

2016 ◽

Vol 12 (3) ◽

pp. 375-390 ◽

Cited By ~ 1

Author(s):

Aisha Aseeri ◽

Omaimah Bamasag

Keyword(s):

Resource Constraints ◽

Low Cost ◽

Rfid Tags ◽

Formal Proofs ◽

Content Type ◽

Security Issues ◽

Man In The Middle ◽

Identification Tags ◽

Purpose In the past few years, HB-like protocols have gained much attention in the field of lightweight authentication protocols due to their efficient functioning and large potential applications in low-cost radio frequency identification tags, which are on the other side spreading so fast. However, most published HB protocols are vulnerable to man-in-the-middle attacks such as GRS or OOV attacks. The purpose of this research is to investigate security issues pertaining to HB-like protocols with an aim of improving their security and efficiency. Design/methodology/approach In this paper, a new and secure variant of HB family protocols named HB-MP* is proposed and designed, using the techniques of random rotation. The security of the proposed protocol is proven using formal proofs. Also, a prototype of the protocol is implemented to check its applicability, test the security in implementation and to compare its performance with the most related protocol. Findings The HB-MP* protocol is found secure against passive and active adversaries and is implementable within the tight resource constraints of today’s EPC-type RFID tags. Accordingly, the HB-MP* protocol provides higher security than previous HB-like protocols without sacrificing performance. Originality/value This paper proposes a new HB variant called HB-MP* that tries to be immune against the pre-mentioned attacks and at the same time keeping the simple structure. It will use only lightweight operations to randomize the rotation of the secret.

Security of an RFID Based Authentication Protocol with Bitwise Operations for Supply Chain

10.21203/rs.3.rs-413438/v1 ◽

2021 ◽

Author(s):

Muhammad Arslan Akram ◽

Adnan Noor Mian

Keyword(s):

Supply Chain ◽

Low Cost ◽

Authentication Protocol ◽

Rfid Tags ◽

Physically Unclonable Functions ◽

Lightweight Authentication ◽

Secure Authentication ◽

Bitwise Operations

Abstract Due to the stringent computational capabilities of low-cost RFID tags, several lightweight secure authentication protocols have been proposed for an RFID-based supply chain using bitwise operations. In this paper, we study the vulnerabilities associated with bitwise operations by doing cryptanalysis of a secure lightweight authentication protocol for RFID tags. The bitwise operations like rotation and XOR show that the protocol is vulnerable to tag, reader, and supply chain node impersonation attacks. We find that the major cause of the vulnerability is bitwise operations and suggest using the physically unclonable functions rather than bitwise operations to secure such lightweight protocols.

A Set of Efficient Privacy Protection Enforcing Lightweight Authentication Protocols for Low-Cost RFID Tags

2015 IEEE Trustcom/BigDataSE/ISPA ◽

10.1109/trustcom.2015.426 ◽

2015 ◽

Author(s):

Pierre-Francois Bonnefoi ◽

Pierre Dusart ◽

Damien Sauveron ◽

Raja Naeem Akram ◽

Konstantinos Markantonakis

Keyword(s):

Privacy Protection ◽

Low Cost ◽

Rfid Tags ◽

Security Aspects in Radio Frequency Identification Systems

Next Generation Data Communication Technologies ◽

10.4018/978-1-61350-477-2.ch009 ◽

2012 ◽

pp. 187-225

Author(s):

Gyozo Gódor ◽

Sándor Imre

Keyword(s):

Radio Frequency ◽

Detailed Examination ◽

Point Of View ◽

Security Issues ◽

Frequency Identification ◽

And Performance ◽

Lightweight Authentication ◽

Secure Authentication

Radio frequency identification technology is becoming ubiquitous, and as an unfortunate side effect, more and more authentication solutions come with more security issues. In former contributions, the authors introduced a solely hash-based secure authentication algorithm that is capable of providing protection against most of the well-known attacks and performs exceptionally well even in very large systems. The authors gave a theoretical analysis of Simple Lightweight Authentication Protocol (SLAP) protocol from security and performance point of view. This chapter gives a detailed examination of small computational capacity systems from the point of view of security. The authors define the model of attacker and the well-known attacks which can be achieved in these kinds of environments. Furthermore, the chapter gives a summary of the significant RFID authentication protocols which are found in literature. The authors present several lightweight authentication protocols and some novel elliptic curve cryptography based methods. Besides, the chapter illustrates the SLAP protocol’s performance characteristics with measurements carried out in a simulation environment and compares with the theoretical results. The authors show the effects of numerous attacks and the system’s different parameters on the authentication time. Finally, the chapter examines the performance and security characteristics of two other protocols chosen from the literature in order to compare to SLAP algorithm and give proper explanation for the differences between them.

SKINNY-Based RFID Lightweight Authentication Protocol

Sensors ◽

10.3390/s20051366 ◽

2020 ◽

Vol 20 (5) ◽

pp. 1366 ◽

Cited By ~ 2

Author(s):

Liang Xiao ◽

He Xu ◽

Feng Zhu ◽

Ruchuan Wang ◽

Peng Li

Keyword(s):

Low Cost ◽

Rapid Development ◽

Denial Of Service ◽

Mutual Authentication ◽

Security Analysis ◽

Authentication Protocol ◽

Security Requirements ◽

Iot Devices ◽

With the rapid development of the Internet of Things and the popularization of 5G communication technology, the security of resource-constrained IoT devices such as Radio Frequency Identification (RFID)-based applications have received extensive attention. In traditional RFID systems, the communication channel between the tag and the reader is vulnerable to various threats, including denial of service, spoofing, and desynchronization. Thus, the confidentiality and integrity of the transmitted data cannot be guaranteed. In order to solve these security problems, in this paper, we propose a new RFID authentication protocol based on a lightweight block cipher algorithm, SKINNY, (short for LRSAS). Security analysis shows that the LRSAS protocol guarantees mutual authentication and is resistant to various attacks, such as desynchronization attacks, replay attacks, and tracing attacks. Performance evaluations show that the proposed solution is suitable for low-cost tags while meeting security requirements. This protocol reaches a balance between security requirements and costs.

A Novel Lightweight Authentication Scheme for RFID-Based Healthcare Systems

Sensors ◽

10.3390/s20174846 ◽

2020 ◽

Vol 20 (17) ◽

pp. 4846

Author(s):

Feng Zhu ◽

Peng Li ◽

He Xu ◽

Ruchuan Wang

Keyword(s):

Low Cost ◽

Security Analysis ◽

Healthcare Systems ◽

Authentication Scheme ◽

Security Requirements ◽

Security And Privacy ◽

Proper Solution ◽

Asset Tracking ◽

The Internet of Things (IoT) has been integrated into legacy healthcare systems for the purpose of improving healthcare processes. As one of the key technologies of IoT, radio frequency identification (RFID) technology has been applied to offer services like patient monitoring, drug administration, and medical asset tracking. However, people have concerns about the security and privacy of RFID-based healthcare systems, which require a proper solution. To solve the problem, recently in 2019, Fan et al. proposed a lightweight RFID authentication scheme in the IEEE Network. They claimed that their scheme can resist various attacks in RFID systems with low implementation cost, and thus is suitable for RFID-based healthcare systems. In this article, our contributions mainly consist of two parts. First, we analyze the security of Fan et al.’s scheme and find out its security vulnerabilities. Second, we propose a novel lightweight authentication scheme to overcome these security weaknesses. The security analysis shows that our scheme can satisfy the necessary security requirements. Besides, the performance evaluation demonstrates that our scheme is of low cost. Thus, our scheme is well-suited for practical RFID-based healthcare systems.

Revisiting silk: a lens-free optical physical unclonable function

Nature Communications ◽

10.1038/s41467-021-27278-5 ◽

2022 ◽

Vol 13 (1) ◽

Author(s):

Min Seok Kim ◽

Gil Ju Lee ◽

Jung Woo Leem ◽

Seungho Choi ◽

Young L. Kim ◽

...

Keyword(s):

Low Cost ◽

Data Encryption ◽

Objective Lens ◽

Coherent Light ◽

Physical Unclonable Function ◽

Physical Unclonable Functions ◽

Post Process ◽

Self Focusing ◽

Cryptographic Keys ◽

Coherent Light Source

AbstractFor modern security, devices, individuals, and communications require unprecedentedly unique identifiers and cryptographic keys. One emerging method for guaranteeing digital security is to take advantage of a physical unclonable function. Surprisingly, native silk, which has been commonly utilized in everyday life as textiles, can be applied as a unique tag material, thereby removing the necessary apparatus for optical physical unclonable functions, such as an objective lens or a coherent light source. Randomly distributed fibers in silk generate spatially chaotic diffractions, forming self-focused spots on the millimeter scale. The silk-based physical unclonable function has a self-focusing, low-cost, and eco-friendly feature without relying on pre-/post-process for security tag creation. Using these properties, we implement a lens-free, optical, and portable physical unclonable function with silk identification cards and study its characteristics and reliability in a systemic manner. We further demonstrate the feasibility of the physical unclonable functions in two modes: authentication and data encryption.

Model Checking M2M and Centralised IOT authentication Protocols.

Journal of Physics Conference Series ◽

10.1088/1742-6596/2161/1/012042 ◽

2022 ◽

Vol 2161 (1) ◽

pp. 012042

Author(s):

H Rekha ◽

M. Siddappa

Keyword(s):

Model Checking ◽

High Reliability ◽

Security Protocols ◽

Authentication Protocol ◽

Good Choice ◽

Security Protocol ◽

Security Requirements ◽

Security Properties ◽

Functional Correctness

Abstract It is very difficult to develop a perfect security protocol for communication over the IoT network and developing a reliable authentication protocol requires a detailed understanding of cryptography. To ensure the reliability of security protocols of IoT, the validation method is not a good choice because of its several disadvantages and limitations. To prove the high reliability of Cryptographic Security Protocols(CSP) for IoT networks, the functional correctness of security protocols must be proved secure mathematically. Using the Formal Verification technique we can prove the functional correctness of IoT security protocols by providing the proofs mathematically. In this work, The CoAP Machine to Machine authentication protocol and centralied IoT network Authentication Protocol RADIUS is formally verified using the well-known verification technique known as model checking technique and we have used the Scyther model checker for the verification of security properties of the respective protocols. The abstract protocol models of the IoT authentication protocols were specified in the security protocol description language and the security requirements of the authentication protocols were specified as claim events.

Bringing Security to The Smallest Embedded Systems

10.34048/2017.1.f5 ◽

2017 ◽

Author(s):

JOSEPH YIU

Keyword(s):

Internet Of Things ◽

Embedded Systems ◽

Low Cost ◽

Security Requirements ◽

The Internet ◽

Security Measures ◽

Significant Challenge ◽

Iot Devices

The increasing need for security in microcontrollers Security has long been a significant challenge in microcontroller applications(MCUs). Traditionally, many microcontroller systems did not have strong security measures against remote attacks as most of them are not connected to the Internet, and many microcontrollers are deemed to be cheap and simple. With the growth of IoT (Internet of Things), security in low cost microcontrollers moved toward the spotlight and the security requirements of these IoT devices are now just as critical as high-end systems due to: