Abstract
The exponential growth in the number of Internet of Things (IoT) devices, the sensitive nature of data they produce, and the simple nature of these devices makes IoT systems vulnerable to a wide range cyber-threats. Physical attacks are one of the major concerns for IoT device security. Security solutions for the IoT have to be accurate and quick since many real time applications depend on the data generated by these devices. In this article, we undertake the IoT authentication problem by proposing a fast protocol RapidAuth, which also restricts physical attacks. The proposed protocol uses Physical Unclonable Functions to achieve the security goals and requires the exchange of only two messages between the server and an IoT device. The analysis of RapidAuth proves its’ robustness against various types of attacks as well as its’ efficiency in terms of computation, communication, memory overheads and energy consumption.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Aman, M.N., Chua, K.C., Sikdar, B.: Physically secure mutual authentication for IoT. In: Proceedings of IEEE Conference on Dependable and Secure Computing, Taipei, pp. 310–317 (2017). https://doi.org/10.1109/DESEC.2017.8073853
Aman, M.N., et al.: HAtt: hybrid remote attestation for the internet of things with high availability. IEEE Internet Things J. 7(8), 7220–7233 (2020). https://doi.org/10.1109/JIOT.2020.2983655
Kamal, M., Tariq, M.: Light-weight security and blockchain based provenance for advanced metering infrastructure. IEEE Access 7, 87345–87356 (2019). https://doi.org/10.1109/ACCESS.2019.2925787
Chaudhry, S.A., Yahya, K., Al-Turjman, F., Yang, M.: A secure and reliable device access control scheme for IoT based sensor cloud systems. IEEE Access 8, 139244–139254 (2020). https://doi.org/10.1109/ACCESS.2020.3012121
Chaudhry, S.A., Shon, T., Al-Turjman, F., Alsharif, M.H.: Correcting design flaws: an improved and cloud assisted key agreement scheme in cyber physical systems. Comput. Commun. 153, 527–537 (2020). https://doi.org/10.1016/j.comcom.2020.02.025
Aman, M.N., Sikdar, B.: ATT-auth: a hybrid protocol for industrial IoT attestation with authentication. IEEE Internet Things J. 5(6), 5119–5131 (2018). https://doi.org/10.1109/JIOT.2018.2866623
Kerry, C.F.: Digital signature standard (DSS). National Institute of Standards and Technology (2013)
Liu, A., Ning, P.: TinyECC: a configurable library for elliptic curve cryptography in wireless sensor networks. In: Proceedings of IPSN, SPOTS Track, pp. 245–256, April 2008)
Shivraj, V., et al.: One time password authentication scheme based on elliptic curves for Internet of Things (IoT). In: Proceedings of NSITNSW, Riyadh, KSA, pp. 1–6, February 2015
Porambage, P., et al.: Two-phase authentication protocol for wireless sensor networks in distributed IoT applications. In: Proceedings of IEEE WCNC, Istanbul, Turkey, pp. 2728–2733, April 2014
Kim, Y., et al.: DAoT: dynamic and energy-aware authentication for smart home appliances in internet of things. In: Proceedings of IEEE ICCE, Las Vegas, NV, pp. 196–197, January 2015
Suh, G.E., Devadas, S.: Physical unclonable functions for device authentication and secret key generation. In: Proceedings of IEEE/ACM DAC, San Diego, CA, pp. 9–14, June 2007
Cotese, P., et al.: Bernardo, efficient and practical authentication of PUF-based rfid tags in supply chains. In: Proceedings of IEEE RFIDTA, Guangzhou, China, pp. 182–188, June 2010
Lee, Y.S., et al.: Mutual authentication in wireless body sensor networks (WBSN) based on physical unclonable function (PUF). In: Proceedings of IEEE IWCMC, Sardinia, Italy, pp. 1314–1318, July 2013
Frikken, K.B., Blanton, M., Atallah, M.J.: Robust authentication using physically unclonable functions. In: Samarati, P., Yung, M., Martinelli, F., Ardagna, C.A. (eds.) ISC 2009. LNCS, vol. 5735, pp. 262–277. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04474-8_22
Aman, M.N., Sikdar, B., Chua, K.C., Ali, A.: Low power data integrity in IoT systems. IEEE Internet Things J. 5(4), 3102–3113 (2018). https://doi.org/10.1109/JIOT.2018.2833206
Kamal, M., Tariq, S.: Light-weight security and data provenance for multi-hop internet of things. IEEE Access 6, 34439–34448 (2018). https://doi.org/10.1109/ACCESS.2018.2850821
Aman, M.N., Basheer, M.H., Sikdar, B.: Two-factor authentication for IoT with location information. IEEE Internet Things J. 6(2), 3335–3351 (2019). https://doi.org/10.1109/JIOT.2018.2882610
Bohm, C., Hofer, M.: Physical Unclonable Functions in Theory and Practice. Springer, Heidelberg (2012). https://doi.org/10.1007/978-1-4614-5040-5
Aman, M.N., Basheer, M.H., Sikdar, B.: Data provenance for IoT with light weight authentication and privacy preservation. IEEE Internet Things J. 6(6), 10441–10457 (2019). https://doi.org/10.1109/JIOT.2019.2939286
Guilley, S., Pacalet, R.: SoCs security: a war against side-channels. Ann. Telecommun. 59(7), 998–1009 (2004)
Aman, M.N., Basheer, M.H., Sikdar, B.: A lightweight protocol for secure data provenance in the internet of things using wireless fingerprints. IEEE Syst. J. https://doi.org/10.1109/JSYST.2020.3000269
Hankerson, D., et al.: Guide to Elliptic Curve Cryptography, 1st edn. Springer, Heidelberg (2010)
Sidhu, D.P.: Authentication protocols for computer networks: I. Comput. Netw. ISDN Syst. 11, 287–310 (1986)
Varadharajan, V.: Verification of network security protocols. Comput. Secur. 8(8), 693–708 (1989)
Mao, W., Boyd, C.: Towards formal analysis of security protocols. In: Proceedings of Computer Security Foundations Workshop VI, pp. 147–158 (1993)
Aman, M.N., Chua, K.C., Sikdar, B.: Mutual authentication in IoT systems using physical unclonable functions. IEEE Internet Things J. 4(5), 1327–1340 (2017). https://doi.org/10.1109/JIOT.2017.2703088
Krovetz, T.: UMAC: message authentication code using universal hashing. IETF RFC 4418, March 2006
Babka, M.: Properties of universal hashing. Charles University in Prague, Master thesis (2010)
Mansour, Y., et al.: The computational complexity of universal hashing. Theoret. Comput. Sci. 107(1), 121–133 (1993)
Kivinen, T., Kojo, M.: More modular exponential (MODP) Diffie-Hellman groups for internet key exchange (IKE). IETF RFC 3526, May 2003
Karatsuba, A.: The complexity of computations. In: Proceedings of the Steklov Institute of Mathematics, vol. 211, pp. 169–183 (1995)
Kim, P.: IoT specific IPv6 stateless address autoconfiguration with modified EUI-64. IETF Internet-Draft, July 2015
Whiting, D., et al.: Counter with CBC-MAC (CCM). IETF RFC 3610, September 2003
Katagi, M., Moriai, S.: The 128-bit blockcipher CLEFIA. IETF RFC 6114, March 2011
Montenegro, G., et al.: Transmission of IPv6 packets over IEEE 802.15.4 networks. IETF RFC 4944, September 2007
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Aman, M.N., Chaudhry, S.A., Al-Turjman, F. (2021). RapidAuth: Fast Authentication for Sustainable IoT. In: Ever, E., Al-Turjman, F. (eds) Forthcoming Networks and Sustainability in the IoT Era. FoNeS-IoT 2020. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 353. Springer, Cham. https://doi.org/10.1007/978-3-030-69431-9_7
Download citation
DOI: https://doi.org/10.1007/978-3-030-69431-9_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-69430-2
Online ISBN: 978-3-030-69431-9
eBook Packages: Computer ScienceComputer Science (R0)