Practical and Secure IoT Device Authentication Using Physical Unclonable Functions
Title | Practical and Secure IoT Device Authentication Using Physical Unclonable Functions |
Publication Type | Conference Paper |
Year of Publication | 2016 |
Authors | Wallrabenstein, J. R. |
Conference Name | 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud) |
ISBN Number | 978-1-5090-4052-0 |
Keywords | authentication, composability, cost-effective tamper resistance, cryptographic protocols, cryptography, decryption, device enrollment, digital signature generation, digital signatures, discrete logarithm problem, Elliptic curve cryptography, elliptic curve-based variant, Games, Hardware, input mapping, Internet of Things, output mapping, physical unclonable functions, practical IoT device authentication, private key cryptography, private key exposure, Protocols, pubcrawl, public key cryptography, PUF-based authentication protocol, resilience, Resiliency, secure IoT device authentication, Tamper resistance, tamper resistance solutions, tractable cryptographic protocols |
Abstract | Devices in the internet of things (IoT) are frequently (i) resource-constrained, and (ii) deployed in unmonitored, physically unsecured environments. Securing these devices requires tractable cryptographic protocols, as well as cost effective tamper resistance solutions. We propose and evaluate cryptographic protocols that leverage physical unclonable functions (PUFs): circuits whose input to output mapping depends on the unique characteristics of the physical hardware on which it is executed. PUF-based protocols have the benefit of minimizing private key exposure, as well as providing cost-effective tamper resistance. We present and experimentally evaluate an elliptic curve based variant of a theoretical PUF-based authentication protocol proposed previously in the literature. Our work improves over an existing proof-of-concept implementation, which relied on the discrete logarithm problem as proposed in the original work. In contrast, our construction uses elliptic curve cryptography, which substantially reduces the computational and storage burden on the device. We describe PUF-based algorithms for device enrollment, authentication, decryption, and digital signature generation. The performance of each construction is experimentally evaluated on a resource-constrained device to demonstrate tractability in the IoT domain. We demonstrate that our implementation achieves practical performance results, while also providing realistic security. Our work demonstrates that PUF-based protocols may be practically and securely deployed on low-cost resource-constrained IoT devices. |
URL | https://ieeexplore.ieee.org/document/7575850/ |
DOI | 10.1109/FiCloud.2016.22 |
Citation Key | wallrabenstein_practical_2016 |
- Internet of Things
- tractable cryptographic protocols
- tamper resistance solutions
- Tamper resistance
- secure IoT device authentication
- Resiliency
- resilience
- PUF-based authentication protocol
- public key cryptography
- pubcrawl
- Protocols
- private key exposure
- private key cryptography
- practical IoT device authentication
- physical unclonable functions
- output mapping
- authentication
- input mapping
- Hardware
- Games
- elliptic curve-based variant
- Elliptic curve cryptography
- discrete logarithm problem
- digital signatures
- digital signature generation
- device enrollment
- decryption
- Cryptography
- Cryptographic Protocols
- cost-effective tamper resistance
- composability