Collusion-resistant PUF-based Distributed Device Authentication Protocol for Internet of Things

Thumbnail Image

Files

a722-lalouani final.pdf (806.04 KB)

Links to Files

https://ieeexplore.ieee.org/document/10001256

Permanent Link

https://doi.org/10.1109/GLOBECOM48099.2022.10001256
 http://hdl.handle.net/11603/26796

Collections

UMBC Computer Science and Electrical Engineering Department
UMBC Faculty Collection
UMBC Student Collection

Author/Creator

Author/Creator ORCID

https://orcid.org/0000-0001-6831-8339
 https://orcid.org/0000-0002-5825-6637

Date

2023-01-11

Type of Work

conference papers and proceedings
Text

Department

Program

Citation of Original Publication

W. Lalouani, M. Younis, M. Ebrahimabadi and N. Karimi, "Collusion-resistant PUF-based Distributed Device Authentication Protocol for Internet of Things," GLOBECOM 2022 - 2022 IEEE Global Communications Conference, Rio de Janeiro, Brazil, 2022, pp. 4328-4333, doi: 10.1109/GLOBECOM48099.2022.10001256.

Rights

© 2023 IEEE.  Personal use of this material is permitted.  Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

Subjects

Abstract

The scale, unattended-operation and ad-hoc nature of an Internet-of-Things (IoT) make the network vulnerable to device impersonation, message replay, and Sybil attacks by either external actors or compromised nodes. This paper opts to tackle such vulnerability and presents a novel and effective solution for mutual authentication of IoT nodes. The proposed solution calls for embedding a Physically Unclonable Function (PUF) on each device, and employs a lightweight protocol for validating the identity of the individual devices based on querying the PUF. To authenticate a “prover” node, a verifier node will send a challenge bit-stream to the prover, where the latter provides the response of its PUF to such a challenge to be matched by what the verifier expects. To prevent the PUF of a prover from being modeled by an eavesdropper or a collusive set of compromised verifiers, the proposed protocol makes the response to a challenge dependent on the verifier. In addition, our protocol combines such an identitybased response generation with a simple Elliptic curve to thwart any attempts by a compromised verifier to reverse engineer the response generation process. The robustness of our PUF-based IoT Device Authentication (PIDA) protocol, is validated using data collected from an FPGA-based implementation.