Lightweight and Anonymous Mutual Authentication Protocol for Edge IoT Nodes with Physical Unclonable Function

Internet of Things (IoT) has been widely used in many fields, bringing great convenience to people’s traditional work and life. IoT generates tremendous amounts of data at the edge of network. However, the security of data transmission is facing severe challenges. In particular, edge IoT nodes cannot run complex encryption operations due to their limited computing and storage resources. Therefore, edge IoT nodes are more susceptible to various security attacks. To this end, a lightweight mutual authentication and key agreement protocol is proposed to achieve the security of IoT nodes’ communication. The protocol uses the reverse fuzzy extractor to acclimatize to the noisy environment and introduces the supplementary subprotocol to enhance resistance to the desynchronization attack. It uses only lightweight cryptographic operations, such as hash function, XORs, and PUF. It only stores one pseudo-identity. The protocol is proven to be secure by rigid security analysis based on improved BAN logic. Performance analysis shows the proposed protocol has more comprehensive functions and incurs lower computation and communication cost when compared with similar protocols.

Improved two factor fuzzy commitment scheme for securing IoT device

Purpose Generally, Internet-of-Things (IoT) is quite small sized with limited resource and low cost that may be vulnerable for physical and cloned attacking. All kind of authentication protocols designed to IoT devices are robust despite which it is prone to attack by hackers. In order to resolve this issue, there are various researches that have introduced the best method for obscuring the cryptographic key. However, the studies have majorly aimed to generate the key dynamically from noise data by Fuzzy Extractor (FE) or Fuzzy Commitment (FC). Hence, these methods have utilized this kind of data with noisy source namely Physical Unclonable Function (PUF) or biometric data. There are several IoT devices that get operated over undermined environment in which biometric data is not available but the technique utilized with biometric data can't be used to undermined IoT devices. Even though, the PUF technique is implemented for the undermined IoT devices this is quite vulnerable over physical attacks inclusive of accidental move and theft. Design/methodology/approach This paper has proposed an advanced scheme in fuzzy commitment over IoT devices which is said to be Improved Two Factor Fuzzy Commitment Scheme (ITFFCS) and this proposed ITFFCS has used two kind of noisy factors present inside and outside the IoT devices. Though, an intruder has accomplished the IoT devices with an access to the internal noisy source, the intruder can't select an exact key from the available data which have been compared using comparable module as an interest. Findings Moreover, the proposed ITFFC method results are compared with existing Static Random Accessible Memory (SRAM) PUF in enterprises application which illustrated the proposed ITFFC method with PUF has accomplished better results in parameters such as energy consumption, area utilization, False Acceptance Ratio (FAR) and Failure Rejection Ratio (FRR). Originality/value Thus, the proposed ITFFCS-PUF is comparatively better than existing method in both FAR and FRR with an average of 0.18% and 0.28%.

Estimation during Design Phases of Suitable SRAM Cells for PUF Applications Using Separatrix and Mismatch Metrics

Physically unclonable functions (PUFs) are used as low-cost cryptographic primitives in device authentication and secret key creation. SRAM-PUFs are well-known as entropy sources; nevertheless, due of non-deterministic noise environment during the power-up process, they are subject to low challenge-response repeatability. The dependability of SRAM-PUFs is usually accomplished by combining complex error correcting codes (ECCs) with fuzzy extractor structures resulting in an increase in power consumption, area, cost, and design complexity. In this study, we established effective metrics on the basis of the separatrix concept and cell mismatch to estimate the percentage of cells that, due to the effect of variability, will tend to the same initial state during power-up. The effects of noise and temperature in cell start-up processes were used to validate the proposed metrics. The presented metrics may be applied at the SRAM-PUF design phases to investigate the impact of different design parameters on the percentage of reliable cells for PUF applications.

Development of biometric systems for passenger identification based on noise-resistant coding means

The paper deals with the issues of using the biometric technologies to establish identity of a passenger. The purpose of the article is to analyze the techniques of enhancing reliability of various biometric identification facilities by means of using error correction codes. The basic elements and the principle of the classical biometric system functioning are presented. On the basis of the International Civil Aviation Organization (ICAO) recommendations, the procedure features of pattern recognition are presented. The versions to adopt the biometric passenger authentication procedures are under consideration. The conclusion is drawn that with the centralized biometric databases the issues of confidentiality and information security exist. The problems are characterized by the possibility of biometric images compromise, which can potentially lead to the loss of their confidentiality and the impossibility of their further usage for personal identification. The passenger authentication procedure involving the simultaneous use of biometric parameters and contact-free SMART cards seems more reliable. SMART cards are used for distributed storage of biometric and other additional data, thus neutralizing the disadvantages of access to the centralized databases. It is shown that the subsequent step in the development of this domain is the application of biometric cryptography proposing "linking" encryption keys and passwords with the biometric parameters of the subject. Consideration is given to the principle of "fuzzy extractor" operation as one of the variants for the "biometrics-code" converter. Feasibility and necessity of upgrading the means of noise-resistant coding in the systems being studied are shown. The use of permutation decoding data algorithms capable of adequately corresponding to the particular problems of biometric identification is proposed. On the basis of the results of optical communication channels statistical modeling, the necessary and sufficient conditions for application of the permutation decoding tools for binary codes are determined. The problem to minimize memory amount for the permutation decoder cognitive map due to the permutation orbits allocation and usage of the generated loops combinations as pointers of reference plane is solved. The resulting algorithm for finding a unique orbit number and its corresponding reference plane by means of receiver formation of arbitrary parameters permutation from the set of permissible permutations is proposed.

Lightweight and Anonymous Mutual Authentication Protocol for IoT Devices With Physical Unclonable Functions

The past few years have seen the topic of Internet of Things (IoT) rush into the forefront of various industries, which is changing people’s conventional production methods and lifestyles. Connected to the Internet, the physical devices could be as fluffy as kids’ teddy bears or as balky as driverless cars. However, the security related to the IoT is faced with some serious challenges simultaneously. Confronted with these issues, we propose a mutual authentication protocol for devices in the IoT system. It is lightweight that just hash functions, XORs as well as PUFs are utilized and there is no need to store plenty of pseudo-identities. Furthermore, not only does it use the reverse fuzzy extractor to acclimatize to the noisy environment, but it also introduces the supplementary sub-protocol to enhance the resistance to the desynchronization attack. Besides, the security analysis based on the improved BAN logic by Mao and Boyd presents the higher security and reliability of the proposed protocol, and the performance analysis shows its more comprehensive functions as well as lower computation and communication overhead.