The Internet of Things (IoT) represents all physical devices that can be connected to the Internet With low computational power and limited memory space billions of IoT devices provide great amount of information and services However the dramatically increasing number of the IoT devices cause various security and privacy concerns to the users Hence several lightweight user authentication schemes have been proposed recently to achieve two imperative privacy features user anonymity and message confidentiality Unfortunately most of these proposals employ only on trusted third party (TTP) to maintain both features which let the adversary obtain private information of both identity and content for all users by breaking into the TTP Although other proposals distribute of user identities into several parties to support anonymity the following massive cost makes them not attractive to be implemented in IoT environment Here we propose that identity protection can be an independent service provided with only a semi-trusted TP (STTP) in IoT environment This paper proposes a lightweight revocable anonymous authentication scheme using only lightweight cryptographic primitives such as Physically Unclonable Function (PUF) one-way hash function exclusive-or operations Through decentralized trust the proposed scheme fulfills stronger security and privacy guarantee compared to the previous works
Date of Award | 2020 |
---|
Original language | English |
---|
Supervisor | Tzone-Lih Hwang (Supervisor) |
---|
Lightweight Revocable Anonymous PUF-based Authentication in IoT environment
至柔, 高. (Author). 2020
Student thesis: Doctoral Thesis