Skip to main content
SpringerLink
Log in

ASSURE: A Hardware-Based Security Protocol for Internet of Things Devices

  • Chapter
  • First Online:
Authentication of Embedded Devices

  • 519 Accesses

Abstract

This chapter discusses the design, implementation and evaluation of a hardware-based mutual authentication and the key agreement protocol. The latter combines a lightweight symmetric cipher with physically unclonable functions technology to provide an energy-efficient solution that is particularly useful for Internet of Things (IoT) systems. The security of the proposed protocol is rigorously analysed under various cyberattack scenarios. For overheads’ evaluation, a wireless sensor network using typical IoT devices, called Zolertia Zoul RE-mote, is constructed. The functionality of the proposed scheme is verified using a server–client configuration. Then energy consumption and memory utilisation are estimated and compared with the existing solutions, namely the DTLS (datagram transport layer security) handshake protocol in pre-shared secret (PSK) mode and UDP (user datagram protocol). Experimental analysis results indicate that the proposed protocol can save up to 39.5% energy and use 14% less memory compared to the DTLS handshake protocol.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 54.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 99.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. S. Raza, H. Shafagh, K. Hewage, R. Hummen, T. Voigt, Lithe: Lightweight secure CoAP for the internet of things. IEEE Sensors J. 13(10), 3711–3720 (Oct. 2013). https://doi.org/10.1109/JSEN.2013.2277656

    Article  Google Scholar 

  2. G. Arfaoui, X. Bultel, P. Fouque, A. Nedelcu, C. Onete, The privacy of the TLS 1.3 protocol, in Cryptology ePrint Archive, Report 2019/749, (2019), pp. 190–210. https://doi.org/10.2478/popets-2019-0065

    Chapter  Google Scholar 

  3. A. Capossele, V. Cervo, G. De Cicco, C. Petrioli, Security as a CoAP resource: An optimized DTLS implementation for the IoT, in IEEE International Conference on Communications, vol. 2015-September, (2015, June), pp. 549–554. https://doi.org/10.1109/ICC.2015.7248379

    Chapter  Google Scholar 

  4. G. Lessa dos Santos, V.T. Guimaraes, G. da Cunha Rodrigues, L.Z. Granville, L.M.R. Tarouco, A DTLS-based security architecture for the Internet of Things, in 2015 IEEE Symposium on Computers and Communication (ISCC), vol. 2016-February, (2015, July), pp. 809–815. https://doi.org/10.1109/ISCC.2015.7405613

    Chapter  Google Scholar 

  5. D. Mukhopadhyay, PUFs as promising tools for security in internet of things. IEEE Des. Test 33(3), 103–115 (2016, June). https://doi.org/10.1109/MDAT.2016.2544845

    Article  Google Scholar 

  6. J. Delvaux, R. Peeters, D. Gu, I. Verbauwhede, A survey on lightweight entity authentication with strong PUFs. ACM Comput. Surv. 48(2), 1–42 (Oct. 2015). https://doi.org/10.1145/2818186

    Article  Google Scholar 

  7. A.C.D. Resende, K. Mochetti, D.F. Aranha, Lightweight Cryptography for Security and Privacy, vol 9542 (Springer, Cham, 2016)

    Book  Google Scholar 

  8. K.B. Frikken, M. Blanton, M.J. Atallah, Robust authentication using physically unclonable functions, in Lecture Notes in Computer Science, vol. 5735 LNCS, (2009), pp. 262–277

    Google Scholar 

  9. Ü. Kocabaş, A. Peter, S. Katzenbeisser, A.-R. Sadeghi, Converse PUF-based authentication, in Lecture Notes in Computer Science, vol. 7344 LNCS, (2012), pp. 142–158

    Google Scholar 

  10. B. Halak, Physically Unclonable Functions From Basic Design Principles to Advanced Hardware Security Applications, 1st edn. (Springer, Cham, 2018)

    Google Scholar 

  11. Y. Gao, H. Ma, S.F. Al-Sarawi, D. Abbott, D.C. Ranasinghe, PUF-FSM: A controlled strong PUF. IEEE Trans. Comput. Des. Integr. Circuits Syst. 37(5), 1–1 (2017). https://doi.org/10.1109/TCAD.2017.2740297

    Article  Google Scholar 

  12. T. Kothmayr, C. Schmitt, W. Hu, M. Brünig, G. Carle, DTLS based security and two-way authentication for the Internet of Things. Ad Hoc Netw. 11(8), 2710–2723 (2013, November). https://doi.org/10.1016/j.adhoc.2013.05.003

    Article  Google Scholar 

  13. P. Wouters, E.H. Tschofenig, J. Gilmore, S. Weiler, T. Kivinen, Using raw public keys in Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS). RFC 5741, 1–18 (2014) doi: 2070-1721

    Google Scholar 

  14. M. Bafandehkar, S.M. Yasin, R. Mahmod, Z.M. Hanapi, Comparison of ECC and RSA algorithm in resource constrained devices, in 2013 International Conference on IT Convergence and Security (ICITCS), (2013, December), pp. 1–3. https://doi.org/10.1109/ICITCS.2013.6717816

    Chapter  Google Scholar 

  15. C.S. Park, W.S. Park, A group-oriented DTLS handshake for secure IoT applications. IEEE Trans. Autom. Sci. Eng. 15(4), 1920–1929 (2018, October). https://doi.org/10.1109/TASE.2018.2855640

    Article  Google Scholar 

  16. S. Raza, L. Seitz, D. Sitenkov, G. Selander, S3K: Scalable security with symmetric keys—DTLS key establishment for the internet of things. IEEE Trans. Autom. Sci. Eng. 13(3), 1270–1280 (2016, July). https://doi.org/10.1109/TASE.2015.2511301

    Article  Google Scholar 

  17. J. Granjal, E. Monteiro, J.S. Silva, On the effectiveness of end-to-end security for internet-integrated sensing applications, in 2012 IEEE International Conference on Green Computing and Communications, (2012, November), pp. 87–93. https://doi.org/10.1109/GreenCom.2012.23

    Chapter  Google Scholar 

  18. J. Granjal, E. Monteiro, J.S. Silva, End-to-end transport-layer security for Internet-integrated sensing applications with mutual and delegated ECC public-key authentication, in 2013 IFIP Networking Conference, IFIP Networking 2013, (2013), pp. 1–9

    Google Scholar 

  19. Z. Shelby, K. Hartke, C. Bormann, The Constrained Application Protocol (CoAP). RFC7252, 3 (2014, June). https://doi.org/10.17487/rfc7252

  20. Tinydtls URL: https://projects.eclipse.org/proposals/tinydtls

  21. J. Lee, K. Kapitanova, S.H. Son, The price of security in wireless sensor networks. Comput. Netw. 54(17), 2967–2978 (2010, December). https://doi.org/10.1016/j.comnet.2010.05.011

    Article  Google Scholar 

  22. R. Maes, Physically Unclonable Functions Constructions, Properties and Applications (Springer, Berlin/Heidelberg, 2013)

    Book  Google Scholar 

  23. M. Burrows, M. Abadi, R. Needham, A logic of authentication. ACM Trans. Comput. Syst. 8(1), 18–36 (1990, February). https://doi.org/10.1145/77648.77649

    Article  MATH  Google Scholar 

  24. C. Cremers, S. Mauw, Operational semantics and verification of security protocols (Springer, Berlin/Heidelberg, 2012, November)

    Book  Google Scholar 

  25. C.J.F. Cremers, P. Lafourcade, P. Nadeau, Comparing state spaces in automatic security protocol analysis. Lect. Notes Comput. Sci. (including Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinformatics) 5458, 74–94 (2009). https://doi.org/10.1007/978-3-642-02002-5-5

    Article  MATH  Google Scholar 

  26. C.J.F. Cremers, The Scyther tool: Verification, falsification, and analysis of security protocols, in Computer Aided Verification, vol. 5123 LNCS, (Springer, Berlin/Heidelberg, 2008), pp. 414–418

    Chapter  Google Scholar 

  27. R. Patel, B. Borisaniya, A. Patel, D. Patel, M. Rajarajan, A. Zisman, Comparative analysis of formal model checking tools for security protocol verification, in Communications in computer and information science, vol. 89 CCIS, (2010), pp. 152–163

    Google Scholar 

  28. A. Armando et al., The AVISPA tool for the automated validation of internet security protocols and applications, in Computer Aided Verification, vol. 3576, (2005), pp. 281–285

    Chapter  Google Scholar 

  29. B. Blanchet, An efficient cryptographic protocol verifier based on prolog rules, in Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001, vol. 96, (2005), pp. 82–96. https://doi.org/10.1109/CSFW.2001.930138

    Chapter  Google Scholar 

  30. G.E. Suh, S. Devadas, Physical unclonable functions for device authentication and secret key generation, in 2007 44th ACM/IEEE Design Automation Conference, vol. 129, (2007, June), pp. 9–14. https://doi.org/10.1109/DAC.2007.375043

    Chapter  Google Scholar 

  31. L. Daihyun, J.W. Lee, B. Gassend, G.E. Suh, M. van Dijk, S. Devadas, Extracting secret keys from integrated circuits. IEEE Trans. Very Large Scale Integr. Syst. 13(10), 1200–1205 (2005, October). https://doi.org/10.1109/TVLSI.2005.859470

    Article  Google Scholar 

  32. U. Ruhrmair et al., PUF Modeling attacks on simulated and silicon data. IEEE Trans. Inf. Forensics Secur. 8(11), 1876–1891 (2013, November). https://doi.org/10.1109/TIFS.2013.2279798

    Article  Google Scholar 

  33. M. Barbareschi, P. Bagnasco, A. Mazzeo, Authenticating IoT devices with physically unclonable functions models, in 2015 10th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC), vol. 2015, November, pp. 563–567. https://doi.org/10.1109/3PGCIC.2015.117

  34. W. Che, PUF-based authentication invited paper, in IEEE/ACM international conference on Computer-aided design, (2015), pp. 337–344

    Google Scholar 

  35. A. Perrig, R. Szewczyk, V. Wen, D. Culler, J.D. Tygar, SPINS: Security protocols for sensor networks, in Proceedings of the 7th annual international conference on Mobile computing and networking - MobiCom’01, (2001), pp. 189–199. https://doi.org/10.1145/381677.381696

    Chapter  Google Scholar 

  36. M.S. Mispan, B. Halak, Z. Chen, M. Zwolinski, TCO-PUF: A subthreshold physical unclonable function, in 2015 11th Conference on Ph.D. Research in Microelectronics and Electronics (PRIME), (2015, June), pp. 105–108. https://doi.org/10.1109/PRIME.2015.7251345

    Chapter  Google Scholar 

  37. M.S. Mispan, B. Halak, M. Zwolinski, Lightweight obfuscation techniques for modeling attacks resistant PUFs, in 2017 IEEE 2nd International Verification and Security Workshop (IVSW), (2017, July), pp. 19–24. https://doi.org/10.1109/IVSW.2017.8031539

    Chapter  Google Scholar 

  38. “Zolertia RE-Mote Revision B,” 2016.

    Google Scholar 

  39. A. Velinov, A. Mileva, Running and testing applications for Contiki OS using Cooja simulator, in International Conference on Information Technology and Development of Education, (2016), pp. 279–285

    Google Scholar 

  40. M. Sethi, J. Arkko, A. Keranen, End-to-end security for sleepy smart object networks, in Proceedings – Conference on Local Computer Networks, LCN, (2012, October), pp. 964–972. https://doi.org/10.1109/LCNW.2012.6424089

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Southampton, Southampton, UK

    Yildiran Yilmaz, Leonardo Aniello & Basel Halak

Authors
  1. Yildiran Yilmaz
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Leonardo Aniello
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Basel Halak
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Basel Halak .

Editor information

Editors and Affiliations

  1. University of Southampton, Southampton, UK

    Basel Halak

A. Appendix A

A. Appendix A

Energest Module

// Project : Energest values printing // Program name : PrintEnergest.c // Author : yy6e14 // Date created : 20/7/2019 // Purpose : To print processing time of each components on the device. static unsigned long convto_milliseconds(uint64_t time) { return (unsigned long)(time*1000 / RTIMER_ARCH_SECOND); } void printEnergest() { energest_flush(); printf("\nEnergest-values:\n"); printf(" CPU_mode %lums LPM_mode %lums \n", convto _milliseconds(energest_type_time(ENERGEST_TYPE_CPU)), convto _milliseconds(energest_type_time(ENERGEST_TYPE_LPM))); printf(" Radio LISTEN_mode %lums TRANSMIT_mode %lums \n", convto _milliseconds(energest_type_time(ENERGEST_TYPE_LISTEN)), convto _milliseconds(energest_type_time(ENERGEST_TYPE_TRANSMIT))); unsigned long total_time= to_milliseconds(energest_type_time (ENERGEST_TYPE_CPU)) + convto _milliseconds(energest_type_time(ENERGEST_TYPE_LPM)) + convto _milliseconds(energest_type_time(ENERGEST_TYPE_LISTEN)) + convto _milliseconds(energest_type_time(ENERGEST_TYPE_TRANSMIT)); printf("Completion time: %lu\n", total_time); printf("RTIMER_ARCH_SECOND= %lu",RTIMER_ARCH_SECOND); }

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Yilmaz, Y., Aniello, L., Halak, B. (2021). ASSURE: A Hardware-Based Security Protocol for Internet of Things Devices. In: Halak, B. (eds) Authentication of Embedded Devices. Springer, Cham. https://doi.org/10.1007/978-3-030-60769-2_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-60769-2_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-60768-5

  • Online ISBN: 978-3-030-60769-2

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation