Litcius/Paper detail

Lessons Learned: Analysis of PUF-based Authentication Protocols for IoT

Karim Lounis, Mohammad Zulkernine

2021Digital Threats Research and Practice33 citationsDOIOpen Access PDF

Abstract

The service of authentication constitutes the spine of all security properties. It is the phase where entities prove their identities to each other and generally establish and derive cryptographic keys to provide confidentiality, data integrity, non-repudiation, and availability. Due to the heterogeneity and the particular security requirements of IoT (Internet of Things), developing secure, low-cost, and lightweight authentication protocols has become a serious challenge. This has excited the research community to design and develop new authentication protocols that meet IoT requirements. An interesting hardware technology, called PUFs (Physical Unclonable Functions), has been the subject of many subsequent publications on lightweight, low-cost, and secure-by-design authentication protocols. This has turned our attention to investigate the most recent PUF-based authentication protocols for IoT. In this article, we review the security of these protocols. We first provide the necessary background on PUFs, their types, and related attacks. Also, we discuss how PUFs are used for authentication. Then, we analyze the security of PUF-based authentication protocols to identify and report common security issues and design flaws, as well as to provide recommendations for future authentication protocol designers.

Topics & Concepts

Authentication protocolComputer scienceAuthentication (law)Computer securityLightweight Extensible Authentication ProtocolCryptographic protocolChallenge–response authenticationCryptographyConfidentialityInternet of ThingsPhysical Unclonable Functions (PUFs) and Hardware SecurityAdvanced Memory and Neural ComputingSecurity and Verification in Computing
Lessons Learned: Analysis of PUF-based Authentication Protocols for IoT | Litcius