Lightweight and Privacy-Preserving Reconfigurable Authentication Scheme for IoT Devices

IF 5.5 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Transactions on Services Computing Pub Date : 2025-01-29 DOI:10.1109/TSC.2025.3536314

Prosanta Gope;Fei Hongming;Biplab Sikdar

{"title":"Lightweight and Privacy-Preserving Reconfigurable Authentication Scheme for IoT Devices","authors":"Prosanta Gope;Fei Hongming;Biplab Sikdar","doi":"10.1109/TSC.2025.3536314","DOIUrl":null,"url":null,"abstract":"The Internet of Things (IoT) has revolutionized connectivity by enabling a large number of devices to autonomously exchange real-time data over the Internet. However, IoT devices used in public spaces are vulnerable to physical and cloning attacks. To address this issue, researchers have introduced the concept of physical-unclonable functions (PUFs) to enhance security in IoT applications. While PUF-based security solutions typically rely on static challenge-response behavior, many practical applications require dynamic or reconfigurable PUFs. For instance, PUF-based key storage may require updating or revoking secrets, and protection against modeling attacks, where an attacker can derive a PUF model from a set of challenge-response pairs (CRPs) using learning capabilities. In this paper, we introduce LR-OPUF, a reconfigurable one-time PUF, and propose a lightweight and privacy-preserving authentication scheme based on this LR-OPUF foundation. One notable feature of our authentication scheme is that it enables a device to prove its legitimacy to a semi-honest verifier without disclosing the CRPs. Through security and performance analyses, we demonstrate that our approach not only ensures vital security aspects but also exhibits high computational efficiency.","PeriodicalId":13255,"journal":{"name":"IEEE Transactions on Services Computing","volume":"18 2","pages":"912-925"},"PeriodicalIF":5.5000,"publicationDate":"2025-01-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Services Computing","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10857455/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

The Internet of Things (IoT) has revolutionized connectivity by enabling a large number of devices to autonomously exchange real-time data over the Internet. However, IoT devices used in public spaces are vulnerable to physical and cloning attacks. To address this issue, researchers have introduced the concept of physical-unclonable functions (PUFs) to enhance security in IoT applications. While PUF-based security solutions typically rely on static challenge-response behavior, many practical applications require dynamic or reconfigurable PUFs. For instance, PUF-based key storage may require updating or revoking secrets, and protection against modeling attacks, where an attacker can derive a PUF model from a set of challenge-response pairs (CRPs) using learning capabilities. In this paper, we introduce LR-OPUF, a reconfigurable one-time PUF, and propose a lightweight and privacy-preserving authentication scheme based on this LR-OPUF foundation. One notable feature of our authentication scheme is that it enables a device to prove its legitimacy to a semi-honest verifier without disclosing the CRPs. Through security and performance analyses, we demonstrate that our approach not only ensures vital security aspects but also exhibits high computational efficiency.

查看原文本刊更多论文

物联网设备的轻量级和保护隐私的可重构认证方案

物联网（IoT）使大量设备能够在互联网上自主交换实时数据，从而彻底改变了连接方式。然而，在公共场所使用的物联网设备容易受到物理攻击和克隆攻击。为了解决这个问题，研究人员引入了物理不可克隆功能（puf）的概念，以增强物联网应用的安全性。虽然基于puf的安全解决方案通常依赖于静态挑战响应行为，但许多实际应用需要动态或可重构的puf。例如，基于PUF的密钥存储可能需要更新或撤销秘密，并需要防止建模攻击，攻击者可以使用学习功能从一组挑战-响应对（challenge-response pairs, crp）派生出PUF模型。本文介绍了一种可重构的一次性PUF——LR-OPUF，并在此基础上提出了一种轻量级的保护隐私的身份验证方案。我们的身份验证方案的一个显著特征是，它使设备能够在不泄露crp的情况下向半诚实的验证者证明其合法性。通过安全性和性能分析，我们证明了我们的方法不仅保证了重要的安全性方面，而且具有很高的计算效率。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Transactions on Services Computing COMPUTER SCIENCE, INFORMATION SYSTEMS-COMPUTER SCIENCE, SOFTWARE ENGINEERING

CiteScore

11.50

自引率

6.20%

发文量

278

审稿时长

>12 weeks

期刊介绍： IEEE Transactions on Services Computing encompasses the computing and software aspects of the science and technology of services innovation research and development. It places emphasis on algorithmic, mathematical, statistical, and computational methods central to services computing. Topics covered include Service Oriented Architecture, Web Services, Business Process Integration, Solution Performance Management, and Services Operations and Management. The transactions address mathematical foundations, security, privacy, agreement, contract, discovery, negotiation, collaboration, and quality of service for web services. It also covers areas like composite web service creation, business and scientific applications, standards, utility models, business process modeling, integration, collaboration, and more in the realm of Services Computing.