{"title":"为支持puf的物联网设备设计和实现具有成本效益的端到端认证协议","authors":"Sourav Roy;Mahabub Hasan Mahalat;Bibhash Sen","doi":"10.1109/TETC.2025.3563064","DOIUrl":null,"url":null,"abstract":"The ubiquitous presence of Internet of Things (IoT) prospers in every aspect of human life. The low-powered sensors, actuators, and mobile devices in IoT transfer a high volume of security-sensitive data. Unmonitored IoT devices are highly susceptible to security vulnerabilities. Their operating environment, with minimal or no safeguards, allows physical invasion. The conventional end-to-end authentications protocols are inadequate because of the limited resources and ambient working environment of IoT. In this direction, a lightweight and secure end-to-end authentication protocol is proposed for the Physically Unclonability Function (PUF) embedded IoT devices by processing them in pairs. PUF promises to be a unique hardware-based security solution for resource-constrained devices. The proposed protocol exploits the coherent conduct of public and private key-based cryptosystems with PUF. The protocol integrates the concept of ECC with ECDH and the cryptographic hash function. Security of the proposed protocol is validated using authentication validation, BAN logic, Scyther tool, and against different adversarial attacks. The performance evaluation and extensive comparative study of the proposed protocol highlight its lightweight feature. The practical feasibility of the proposed protocol is verified by an empirical evaluation using an Arbiter PUF implemented on Xilinx Spartan-3E FPGA and Raspberry Pi as an IoT device.","PeriodicalId":13156,"journal":{"name":"IEEE Transactions on Emerging Topics in Computing","volume":"13 3","pages":"1055-1067"},"PeriodicalIF":5.4000,"publicationDate":"2025-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Design and Implementation of Cost-Effective End-to-End Authentication Protocol for PUF-Enabled IoT Devices\",\"authors\":\"Sourav Roy;Mahabub Hasan Mahalat;Bibhash Sen\",\"doi\":\"10.1109/TETC.2025.3563064\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The ubiquitous presence of Internet of Things (IoT) prospers in every aspect of human life. The low-powered sensors, actuators, and mobile devices in IoT transfer a high volume of security-sensitive data. Unmonitored IoT devices are highly susceptible to security vulnerabilities. Their operating environment, with minimal or no safeguards, allows physical invasion. The conventional end-to-end authentications protocols are inadequate because of the limited resources and ambient working environment of IoT. In this direction, a lightweight and secure end-to-end authentication protocol is proposed for the Physically Unclonability Function (PUF) embedded IoT devices by processing them in pairs. PUF promises to be a unique hardware-based security solution for resource-constrained devices. The proposed protocol exploits the coherent conduct of public and private key-based cryptosystems with PUF. The protocol integrates the concept of ECC with ECDH and the cryptographic hash function. Security of the proposed protocol is validated using authentication validation, BAN logic, Scyther tool, and against different adversarial attacks. The performance evaluation and extensive comparative study of the proposed protocol highlight its lightweight feature. The practical feasibility of the proposed protocol is verified by an empirical evaluation using an Arbiter PUF implemented on Xilinx Spartan-3E FPGA and Raspberry Pi as an IoT device.\",\"PeriodicalId\":13156,\"journal\":{\"name\":\"IEEE Transactions on Emerging Topics in Computing\",\"volume\":\"13 3\",\"pages\":\"1055-1067\"},\"PeriodicalIF\":5.4000,\"publicationDate\":\"2025-04-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Transactions on Emerging Topics in Computing\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/10979278/\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Emerging Topics in Computing","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10979278/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
Design and Implementation of Cost-Effective End-to-End Authentication Protocol for PUF-Enabled IoT Devices
The ubiquitous presence of Internet of Things (IoT) prospers in every aspect of human life. The low-powered sensors, actuators, and mobile devices in IoT transfer a high volume of security-sensitive data. Unmonitored IoT devices are highly susceptible to security vulnerabilities. Their operating environment, with minimal or no safeguards, allows physical invasion. The conventional end-to-end authentications protocols are inadequate because of the limited resources and ambient working environment of IoT. In this direction, a lightweight and secure end-to-end authentication protocol is proposed for the Physically Unclonability Function (PUF) embedded IoT devices by processing them in pairs. PUF promises to be a unique hardware-based security solution for resource-constrained devices. The proposed protocol exploits the coherent conduct of public and private key-based cryptosystems with PUF. The protocol integrates the concept of ECC with ECDH and the cryptographic hash function. Security of the proposed protocol is validated using authentication validation, BAN logic, Scyther tool, and against different adversarial attacks. The performance evaluation and extensive comparative study of the proposed protocol highlight its lightweight feature. The practical feasibility of the proposed protocol is verified by an empirical evaluation using an Arbiter PUF implemented on Xilinx Spartan-3E FPGA and Raspberry Pi as an IoT device.
期刊介绍:
IEEE Transactions on Emerging Topics in Computing publishes papers on emerging aspects of computer science, computing technology, and computing applications not currently covered by other IEEE Computer Society Transactions. Some examples of emerging topics in computing include: IT for Green, Synthetic and organic computing structures and systems, Advanced analytics, Social/occupational computing, Location-based/client computer systems, Morphic computer design, Electronic game systems, & Health-care IT.