为支持puf的物联网设备设计和实现具有成本效益的端到端认证协议

IF 5.4 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Transactions on Emerging Topics in Computing Pub Date : 2025-04-28 DOI:10.1109/TETC.2025.3563064

Sourav Roy;Mahabub Hasan Mahalat;Bibhash Sen

{"title":"为支持puf的物联网设备设计和实现具有成本效益的端到端认证协议","authors":"Sourav Roy;Mahabub Hasan Mahalat;Bibhash Sen","doi":"10.1109/TETC.2025.3563064","DOIUrl":null,"url":null,"abstract":"The ubiquitous presence of Internet of Things (IoT) prospers in every aspect of human life. The low-powered sensors, actuators, and mobile devices in IoT transfer a high volume of security-sensitive data. Unmonitored IoT devices are highly susceptible to security vulnerabilities. Their operating environment, with minimal or no safeguards, allows physical invasion. The conventional end-to-end authentications protocols are inadequate because of the limited resources and ambient working environment of IoT. In this direction, a lightweight and secure end-to-end authentication protocol is proposed for the Physically Unclonability Function (PUF) embedded IoT devices by processing them in pairs. PUF promises to be a unique hardware-based security solution for resource-constrained devices. The proposed protocol exploits the coherent conduct of public and private key-based cryptosystems with PUF. The protocol integrates the concept of ECC with ECDH and the cryptographic hash function. Security of the proposed protocol is validated using authentication validation, BAN logic, Scyther tool, and against different adversarial attacks. The performance evaluation and extensive comparative study of the proposed protocol highlight its lightweight feature. The practical feasibility of the proposed protocol is verified by an empirical evaluation using an Arbiter PUF implemented on Xilinx Spartan-3E FPGA and Raspberry Pi as an IoT device.","PeriodicalId":13156,"journal":{"name":"IEEE Transactions on Emerging Topics in Computing","volume":"13 3","pages":"1055-1067"},"PeriodicalIF":5.4000,"publicationDate":"2025-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Design and Implementation of Cost-Effective End-to-End Authentication Protocol for PUF-Enabled IoT Devices\",\"authors\":\"Sourav Roy;Mahabub Hasan Mahalat;Bibhash Sen\",\"doi\":\"10.1109/TETC.2025.3563064\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The ubiquitous presence of Internet of Things (IoT) prospers in every aspect of human life. The low-powered sensors, actuators, and mobile devices in IoT transfer a high volume of security-sensitive data. Unmonitored IoT devices are highly susceptible to security vulnerabilities. Their operating environment, with minimal or no safeguards, allows physical invasion. The conventional end-to-end authentications protocols are inadequate because of the limited resources and ambient working environment of IoT. In this direction, a lightweight and secure end-to-end authentication protocol is proposed for the Physically Unclonability Function (PUF) embedded IoT devices by processing them in pairs. PUF promises to be a unique hardware-based security solution for resource-constrained devices. The proposed protocol exploits the coherent conduct of public and private key-based cryptosystems with PUF. The protocol integrates the concept of ECC with ECDH and the cryptographic hash function. Security of the proposed protocol is validated using authentication validation, BAN logic, Scyther tool, and against different adversarial attacks. The performance evaluation and extensive comparative study of the proposed protocol highlight its lightweight feature. The practical feasibility of the proposed protocol is verified by an empirical evaluation using an Arbiter PUF implemented on Xilinx Spartan-3E FPGA and Raspberry Pi as an IoT device.\",\"PeriodicalId\":13156,\"journal\":{\"name\":\"IEEE Transactions on Emerging Topics in Computing\",\"volume\":\"13 3\",\"pages\":\"1055-1067\"},\"PeriodicalIF\":5.4000,\"publicationDate\":\"2025-04-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Transactions on Emerging Topics in Computing\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/10979278/\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Emerging Topics in Computing","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10979278/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

物联网（IoT）无处不在，在人类生活的方方面面蓬勃发展。物联网中的低功耗传感器、执行器和移动设备传输大量安全敏感数据。不受监控的物联网设备极易受到安全漏洞的影响。他们的操作环境，很少或没有保护措施，允许物理入侵。由于物联网有限的资源和工作环境，传统的端到端认证协议是不够的。为此，提出了一种轻量级、安全的端到端认证协议，对具有物理不可克隆功能（physical Unclonability Function， PUF）的物联网设备进行配对处理。PUF承诺为资源受限的设备提供一种独特的基于硬件的安全解决方案。提出的协议利用了基于PUF的公钥和私钥密码系统的一致行为。该协议将ECC的概念与ECDH和加密哈希函数相结合。采用身份验证、BAN逻辑、Scyther工具和不同的对抗性攻击对协议的安全性进行了验证。对该协议的性能评估和广泛的比较研究突出了其轻量级的特点。通过使用Xilinx Spartan-3E FPGA和树莓派作为物联网设备实现的Arbiter PUF进行实证评估，验证了所提出协议的实际可行性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Design and Implementation of Cost-Effective End-to-End Authentication Protocol for PUF-Enabled IoT Devices

The ubiquitous presence of Internet of Things (IoT) prospers in every aspect of human life. The low-powered sensors, actuators, and mobile devices in IoT transfer a high volume of security-sensitive data. Unmonitored IoT devices are highly susceptible to security vulnerabilities. Their operating environment, with minimal or no safeguards, allows physical invasion. The conventional end-to-end authentications protocols are inadequate because of the limited resources and ambient working environment of IoT. In this direction, a lightweight and secure end-to-end authentication protocol is proposed for the Physically Unclonability Function (PUF) embedded IoT devices by processing them in pairs. PUF promises to be a unique hardware-based security solution for resource-constrained devices. The proposed protocol exploits the coherent conduct of public and private key-based cryptosystems with PUF. The protocol integrates the concept of ECC with ECDH and the cryptographic hash function. Security of the proposed protocol is validated using authentication validation, BAN logic, Scyther tool, and against different adversarial attacks. The performance evaluation and extensive comparative study of the proposed protocol highlight its lightweight feature. The practical feasibility of the proposed protocol is verified by an empirical evaluation using an Arbiter PUF implemented on Xilinx Spartan-3E FPGA and Raspberry Pi as an IoT device.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

IEEE Transactions on Emerging Topics in Computing Computer Science-Computer Science (miscellaneous)

CiteScore

12.10

自引率

5.10%

发文量

113

期刊介绍： IEEE Transactions on Emerging Topics in Computing publishes papers on emerging aspects of computer science, computing technology, and computing applications not currently covered by other IEEE Computer Society Transactions. Some examples of emerging topics in computing include: IT for Green, Synthetic and organic computing structures and systems, Advanced analytics, Social/occupational computing, Location-based/client computer systems, Morphic computer design, Electronic game systems, & Health-care IT.