LIGHTWEIGHT MUTUAL AUTHENTICATION PROTOCOLS FOR IOT SYSTEMS

Thumbnail Image

Files

Alkanhal_umbc_0434D_12862.pdf (2.1 MB)

Links to Files

Permanent Link

http://hdl.handle.net/11603/35332

Collections

UMBC Theses and Dissertations
UMBC Computer Science and Electrical Engineering Department
UMBC Graduate School
UMBC Student Collection

Author/Creator

Author/Creator ORCID

Date

2024-01-01

Type of Work

dissertation
Text
application:pdf

Department

Computer Science and Electrical Engineering

Program

Computer Science

Citation of Original Publication

Rights

This item may be protected under Title 17 of the U.S. Copyright Law. It is made available by UMBC for non-commercial research and education. For permission to publish or reproduce, please see http://aok.lib.umbc.edu/specoll/repro.php or contact Special Collections at speccoll(at)umbc.edu
Distribution Rights granted to UMBC by the author.

Subjects

Authentication
IoT
PUF

Abstract

The Internet of Things (IoT) refers to the large-scale internetworking of diverse devices, many of them with very limited computational resources. The IoT connects diverse, resource-limited devices, demanding robust authentication to thwart malicious nodes. Traditional asymmetric cryptography is impractical due to its resource demands. This dissertation opts to fulfill the aforementioned requirements by developing a library of lightweight authentication protocols that caterers forvariant IoT applications. We employ Physical Unclonable Functions (PUFs), leveraging manufacturing variations to create unique device signatures. However, using PUFs for distributed authentication among IoT nodes raises security concerns as the challenge-response exchange is among IoT nodes rather than the secure server and hence becomes subject to increased vulnerability to attacks. Eavesdroppers could exploit this exchange, collecting data for malicious purposes. Encrypting the challenge and response is impractical due to key management overhead. The dissertation tackles the aforementioned challenges. We first develop a novel authentication mechanism that is based on the incorporation of a PUF in each device. Our mechanism enables the challenge bit string intended by a verifier ?y to be inferred by a prover ?x rather than being explicitly sent. The proposed mechanism also obfuscates the shared information to safeguard it from eavesdroppers who strive to model the underlying PUF using machine learning techniques. Secondly, we further combine the advantage of PUFs, and the agility and configurability of physical-layer communication mechanisms, specifically the Multi-Input Multi Output (MIMO) method. We devise a protocol that utilizes an innovative method to counter attackers who might intercept the communication between ?y and ?x and uncover a set of CRPs to model ?x’s PUF. Our protocol encodes the challenge bit using MIMO antennas array in a manner that is controlled by the verifier and that varies overtime. Additionally, We derive a two-factor authentication protocol by pairing Radio Frequency (RF) fingerprints with PUFs, eliminating the need for traditional key-based methods. This approach enhances security by obfuscating PUF responses without cryptographic primitives. Since both the PUF and the RF-fingerprint are based on unintended variations caused by manufacturing, we aim to increase robustness and mitigate the potential effect of noise by applying the fuzzy extractor. Such a protocol omits CRP retention and cryptosystems. All the aforementioned techniques enable mutual authentication of two devices without the involvement of a trusted third party. The experimental results demonstrate the efficacy of the proposed protocols against modeling attacks and impersonation attempts.