PUF Based Authenticated Key Exchange Protocol for IoT without Verifiers and Explicit CRPs

Yun Hsin Chuang, Chin Laung Lei

Research output: Contribution to journalArticlepeer-review

10 Citations (Scopus)

Abstract

A Physical Unclonable Function (PUF) provides a physical device a unique output for a given input, which can be regarded as the device's digital fingerprint. Thus, PUFs can provide unique identities for billions of connected devices in Internet of Things (IoT) architectures. Plenty of PUF based authenticated key exchange (AKE) protocols have been proposed. However, most of them are designed for the authentication between an IoT node and the specific server/verifier, whom the IoT node registered with. Only a few of them are designed for the authentication between IoT nodes, and all these protocols need verifiers or explicit Challenge-Response Pairs (CRPs). In this paper, we propose the first PUF based AKE protocol for IoT without verifiers and explicit CRPs, which IoT nodes can freely authenticate each other and create a session key on their own without the help of any server or verifier. We compare the proposed protocol with 27 relevant PUF based AKE protocols to show the superiority, and analyze the computational cost of each entity in the proposed protocol to show the efficiency. We define the adversarial model of a PUF based AKE protocol for IoT and formally prove the security of the proposed protocol in random oracle model. The security of the proposed protocol is based on the Elliptic Curve Discrete Logarithm (ECDL), Elliptic Curve Computational Diffie-Hellman (ECCDH), and Decisional Bilinear Diffie-Hellman (DBDH) assumptions.

Original languageEnglish
Article number9509506
Pages (from-to)112733-112743
Number of pages11
JournalIEEE Access
Volume9
DOIs
Publication statusPublished - 2021

All Science Journal Classification (ASJC) codes

  • General Computer Science
  • General Materials Science
  • General Engineering

Fingerprint

Dive into the research topics of 'PUF Based Authenticated Key Exchange Protocol for IoT without Verifiers and Explicit CRPs'. Together they form a unique fingerprint.

Cite this