Lightweight multi-factor mutual authentication protocol for IoT devices
- PDF / 955,346 Bytes
- 16 Pages / 595.276 x 790.866 pts Page_size
- 68 Downloads / 279 Views
REGULAR CONTRIBUTION
Lightweight multi-factor mutual authentication protocol for IoT devices Reem Melki1
· Hassan N. Noura1,2 · Ali Chehab1
© Springer-Verlag GmbH Germany, part of Springer Nature 2019
Abstract The Internet-of-Things (IoT), which refers to the interconnection of heterogeneous devices, has gained a lot of interest lately, and it witnessed a large growth in the number of IoT devices due to the importance of such systems in today’s communication networks. On the other hand, the authentication of entities (devices) is a major concern and a main security challenge in IoT systems since any weakness in the identification or authentication process will allow a compromised entity to establish communication, inject false data and launch dangerous attacks leading to system malfunction. Currently, most IoT authentication mechanisms are based on single-factor cryptographic solutions. These techniques are not practical for IoT devices that have limited computational capabilities. In this paper, we propose a lightweight and secure multi-factor device authentication protocol for IoT devices. The scheme is based on two concepts, configurable physical unclonable functions (PUF) within IoT devices, and channel-based parameters. It uses few and simple cryptographic operations such as the bit-wise exclusive-OR operation and a one-way hash function. The unique PUF value serves as the mutual secret identifier between a pair of users, which frequently changes for every session. Moreover, the proposed protocol exploits the random channel characteristics to provide high robustness against different kinds of attacks, while maintaining low complexity. To the best of the authors’ knowledge, this is the first work that combines physical layer security with PUFs to authenticate communicating devices, dynamically. Security and performance analysis prove the security and efficiency of the proposed protocol, which is designed with minimum overhead in terms of computations and communication costs. Keywords Lightweight mutual authentication · PUF · Dynamic keys · AVISPA · Physical layer security
1 Introduction Recently, IoT technology has been introduced as a new paradigm that enables different physical devices that feature an IP (Internet Protocol) address, to communicate and interact with each other via the Internet. A large class of these devices uses wireless channels to connect to the network and relay data. However, the broadcast nature of wireless
B
Reem Melki [email protected] Hassan N. Noura [email protected] Ali Chehab [email protected]
1
Department of Electrical and Computer Engineering, American University of Beirut, Beirut, Lebanon
2
Department of Computer Sciences, Arab Open University, Beirut, Lebanon
channels makes it easier for adversaries to eavesdrop and conduct different attacks, which exposes the IoT system to a wide range of threats (vulnerabilities) and compromises the communication among IoT devices. Hence, ensuring robust security is of utmost importance for realizing and deploying IoT systems [1]. So
Data Loading...
