Internet of Things Device Authentication Scheme Using Hardware Serialization

Devices in the Internet of Things (IoT) are often placed ubiquitously so that they can sense, process and communicate data in real time. IoT devices come in varying shapes and sizes with a range of features and resources. When devices are placed ubiquitously the importance of fundamental security goals like authentication increases considerably. Research has mostly studied various aspects of the IoT environment but often miss out on the essential authentication security goal. This paper first studies the latest methods through which authentication is achieved in the IoT. Analysis has shown that the devices lack resources to implement complex authentication algorithms. Another issue with many authentication algorithms is that they are not universally applicable to IoT devices. Based on these findings a novel authentication algorithm is proposed that is based on using device serialization chip. The designed algorithm resists a range of attacks like man-in-the middle, masquerading, device cloning and replay. The scheme is composed of lightweight security primitives that are universally applicable to different types of devices in the IoT for the provision of both authentication and session key generation. The paper presents a security analysis of the proposed scheme to show that the security primitives are a suitable fit and strongly support the system design goals.