TY - JOUR
T1 - PUF Based Authenticated Key Exchange Protocol for IoT without Verifiers and Explicit CRPs
AU - Chuang, Yun Hsin
AU - Lei, Chin Laung
N1 - Funding Information:
This work was supported in part by the Ministry of Science and Technology, Taiwan, under Grant 110-2221-E-002-073-MY2 and Grant 108-2221-E-002-073-MY3.
Publisher Copyright:
© 2013 IEEE.
PY - 2021
Y1 - 2021
N2 - A Physical Unclonable Function (PUF) provides a physical device a unique output for a given input, which can be regarded as the device's digital fingerprint. Thus, PUFs can provide unique identities for billions of connected devices in Internet of Things (IoT) architectures. Plenty of PUF based authenticated key exchange (AKE) protocols have been proposed. However, most of them are designed for the authentication between an IoT node and the specific server/verifier, whom the IoT node registered with. Only a few of them are designed for the authentication between IoT nodes, and all these protocols need verifiers or explicit Challenge-Response Pairs (CRPs). In this paper, we propose the first PUF based AKE protocol for IoT without verifiers and explicit CRPs, which IoT nodes can freely authenticate each other and create a session key on their own without the help of any server or verifier. We compare the proposed protocol with 27 relevant PUF based AKE protocols to show the superiority, and analyze the computational cost of each entity in the proposed protocol to show the efficiency. We define the adversarial model of a PUF based AKE protocol for IoT and formally prove the security of the proposed protocol in random oracle model. The security of the proposed protocol is based on the Elliptic Curve Discrete Logarithm (ECDL), Elliptic Curve Computational Diffie-Hellman (ECCDH), and Decisional Bilinear Diffie-Hellman (DBDH) assumptions.
AB - A Physical Unclonable Function (PUF) provides a physical device a unique output for a given input, which can be regarded as the device's digital fingerprint. Thus, PUFs can provide unique identities for billions of connected devices in Internet of Things (IoT) architectures. Plenty of PUF based authenticated key exchange (AKE) protocols have been proposed. However, most of them are designed for the authentication between an IoT node and the specific server/verifier, whom the IoT node registered with. Only a few of them are designed for the authentication between IoT nodes, and all these protocols need verifiers or explicit Challenge-Response Pairs (CRPs). In this paper, we propose the first PUF based AKE protocol for IoT without verifiers and explicit CRPs, which IoT nodes can freely authenticate each other and create a session key on their own without the help of any server or verifier. We compare the proposed protocol with 27 relevant PUF based AKE protocols to show the superiority, and analyze the computational cost of each entity in the proposed protocol to show the efficiency. We define the adversarial model of a PUF based AKE protocol for IoT and formally prove the security of the proposed protocol in random oracle model. The security of the proposed protocol is based on the Elliptic Curve Discrete Logarithm (ECDL), Elliptic Curve Computational Diffie-Hellman (ECCDH), and Decisional Bilinear Diffie-Hellman (DBDH) assumptions.
UR - http://www.scopus.com/inward/record.url?scp=85113964366&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85113964366&partnerID=8YFLogxK
U2 - 10.1109/ACCESS.2021.3103889
DO - 10.1109/ACCESS.2021.3103889
M3 - Article
AN - SCOPUS:85113964366
SN - 2169-3536
VL - 9
SP - 112733
EP - 112743
JO - IEEE Access
JF - IEEE Access
M1 - 9509506
ER -