Litcius/Paper detail

Lightweight Group Authentication Scheme Leveraging Shamir's Secret Sharing and PUFs

Mouna Nakkar, Riham AlTawy, Amr Youssef

2024IEEE Transactions on Network Science and Engineering27 citationsDOI

Abstract

With the proliferation of edge-computing (EC), Internet-of-things (IoT), and smart applications, many challenging security scenarios arise. For example, a common scenario in the edge-computing paradigm is having many nodes requesting authentication from one edge-server. To this end, Group Authentication Schemes (GASs) were introduced recently in the literature. However, most of the proposed GAS are valid for one-time-authentication, lack of flexibility, and key-agreement feature. In this paper, we exploit the advantages of two security primitives, physically unclonable functions (PUFs) and Shamir's secret sharing scheme (SSS) to design a lightweight group authentication scheme (GAS) for edge-computing applications. Specifically, we apply PUFs on SSS and utilize the SSS-homomorphic property to achieve multiple-time group-authentications with the same set of shares. Our <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">PUF-GAS</i> scheme is lightweight, establishes a new group key-agreement per session, and supports efficient node-evicting mechanism. Furthermore, in <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">PUF-GAS</i> , the group nodes do not store any shares; instead, the nodes derive their secret-shares from their PUF-responses. We formally analyze our protocol theoretically and with AVISPA to show that our scheme achieves message secrecy and authenticity. Additionally, we evaluate our scheme in terms of storage, computational complexity, and communication overhead. Specifically, we evaluate the cryptographic operations used in <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">PUF-GAS</i> on an Arduino-Mega, an 8-bit RISC-based ATmega2560 micro-controller. Finally, we present a comparative evaluation of our scheme with others in terms of security and performance.

Topics & Concepts

Secret sharingComputer scienceSecure multi-party computationScheme (mathematics)Authentication (law)Shamir's Secret SharingGroup (periodic table)Computer securityHomomorphic secret sharingComputer networkCryptographyTheoretical computer scienceMathematicsPhysicsMathematical analysisQuantum mechanicsPhysical Unclonable Functions (PUFs) and Hardware Security
Lightweight Group Authentication Scheme Leveraging Shamir's Secret Sharing and PUFs | Litcius