Abstract
The Internet-of-Things (IoT), which refers to the interconnection of heterogeneous devices, has gained a lot of interest lately, and it witnessed a large growth in the number of IoT devices due to the importance of such systems in today’s communication networks. On the other hand, the authentication of entities (devices) is a major concern and a main security challenge in IoT systems since any weakness in the identification or authentication process will allow a compromised entity to establish communication, inject false data and launch dangerous attacks leading to system malfunction. Currently, most IoT authentication mechanisms are based on single-factor cryptographic solutions. These techniques are not practical for IoT devices that have limited computational capabilities. In this paper, we propose a lightweight and secure multi-factor device authentication protocol for IoT devices. The scheme is based on two concepts, configurable physical unclonable functions (PUF) within IoT devices, and channel-based parameters. It uses few and simple cryptographic operations such as the bit-wise exclusive-OR operation and a one-way hash function. The unique PUF value serves as the mutual secret identifier between a pair of users, which frequently changes for every session. Moreover, the proposed protocol exploits the random channel characteristics to provide high robustness against different kinds of attacks, while maintaining low complexity. To the best of the authors’ knowledge, this is the first work that combines physical layer security with PUFs to authenticate communicating devices, dynamically. Security and performance analysis prove the security and efficiency of the proposed protocol, which is designed with minimum overhead in terms of computations and communication costs.
Similar content being viewed by others
References
Aman, M., Chua, K., Sikdarb, B.: A lightweight mutual authentication protocol for IoT systems. In: Proceeding of IEEE Global Communications Conference (GLOBECOM), pp. 1–6. IEEE (2017)
Barbareschi, M., Bagnasco, P., Mazzeo, A.: Authenticating IOT devices with physically unclonable functions models. In: IEEE Proceeding of International Conference on P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC), pp. 563–567. IEEE (2015)
Granjal, J., Jorge, M., Monteiro, E., Silva, J.: Security for the internet of things: a survey of existing protocols and open research issues. IEEE Commun. Surv. Tutor 17(3), 1294–1312 (2015)
Zamfir, S., et al.: A security analysis on standard IoT protocols. In: IEEE Proceeding of International Conference on Applied and Theoretical Electricity (ICATE), pp. 1–6. IEEE (2016)
Bauer, T., Hamlet, J.: Physical unclonable functions: a primer. IEEE Secur. Priv. 6, 97–101 (2014)
Aman, M., Chua, K., Sikdar, B.: Secure data provenance for the internet of things. In: Proceedings of the 3rd ACM International Workshop on IoT Privacy, Trust, and Security, pp. 11–14. ACM (2017)
Wallrabenstein, J.: Practical and secure IoT device authentication using physical unclonable functions. In: IEEE Proceeding of International Conference on Future Internet of Things and Cloud (FiCloud), pp. 99–106. IEEE (2016)
Che, W., Saqib, F., Plusquellic, J.: PUF-based authentication. In: IEEE/ACM International Conference on Computer-Aided Design (ICCAD), pp. 337–344. IEEE (2015)
Xu, Q., Zheng, R., Saad, W., Han, Z.: Device fingerprinting in wireless networks: challenges and opportunities. IEEE Commun. Surv. Tutor. 18(1), 94–104 (2016)
Aman, M., Chua, K., Sikdar, B.: Physically secure mutual authentication for IoT. In: IEEE Proceeding Conference on Dependable and Secure Computing, pages 310–317. IEEE, 2017
Aman, M., Chua, K., Sikdar, B.B.: Mutual authentication in IoT systems using physical unclonable functions. IEEE Internet Things J. 4(5), 1327–1340 (2017)
Pospl, M., Mark, R.: Experimental study of wireless transceiver authentication using carrier frequency offset monitoring. In: International Conference on Radioelektronika (RADIOELEKTRONIKA), pp. 335–338 (2015)
Liu, M., et al.: TBAS: enhancing wi-fi authentication by actively eliciting channel state information. In: IEEE International Conference on Sensing, Communication, and Networking (SECON), pp. 1–9 (2016)
Du, X., et al.: Physical layer challenge-response authentication in wireless networks with relay. In: Proceeding IEEE International Conference on Computer Communications (INFOCOM), pp. 1276–1284 (2014)
Caparra, G., et al.: Energy-based anchor node selection for IoT physical layer authentication. In: Proceeding IEEE International Conference on Communications (ICC), pp. 1–6. IEEE (2016)
Wen, H., et al.: A novel framework for message authentication in vehicular communication networks. In: Proceeding IEEE Global Communications Conference (GLOBECOM), pp. 1–6. IEEE (2009)
Verma, G., et al.: Physical layer authentication via fingerprint embedding using software-defined radios. IEEE Access 3, 81–88 (2015)
Wu, X., et al.: A channel coding approach for physical-layer authentication. In: IEEE Proceeding of Wireless Communications and Signal Processing (WCSP), pp. 1–5. IEEE (2016)
Wu, X., et al.: Artificial-noise-aided physical layer phase challenge-response authentication for practical OFDM transmission. IEEE Trans. Wirel. Commun. 15(10), 6611–6625 (2016)
Babaei, A., et al.: Physical unclonable functions in the Internet of Things: state of the art and open challenges. Sensors 19, 3208 (2019)
Liu, F., et al.: A two dimensional quantization algorithm for CIR-based physical layer authentication. In: 2013 IEEE International Conference on Communications (ICC) pp. 4724–4728 (2013)
Zhang, J., et al.: Using basis expansion model for physical layer authentication in time-variant system. In: IEEE Conference on Communications and Network Security (CNS), pp. 348–349. IEEE (2016)
Wang, W., et al.: Privacy-preserving location authentication in Wi-Fi networks using fine-grained physical layer signatures. IEEE Trans. Wirel. Commun 15(2), 1218–1225 (2016)
Melki, R., et al.: A survey on OFDM physical layer security. Phys. Commun. 32, 1–30 (2019)
Gope, P., et al.: Lightweight and privacy-preserving RFID authentication scheme for distributed IoT infrastructure with secure localization services for smart city environment. In: Sloot, P., Cambria, E., Abramson, D., Altintas, I. (eds.) Future Generation Computer Systems, vol. 83, pp. 629–637. Elsevier, Amsterdam (2018)
Amin, R., et al.: A light weight authentication protocol for IoT-enabled devices in distributed Cloud Computing environment. In: Sloot, P., Cambria, E., Abramson, D., Altintas, I. (eds.) Future Generation Computer Systems, vol. 78, pp. 1005–1019. Elsevier, Amsterdam (2018)
Kunal, S., et al.: An overview of cloud-fog computing: architectures, applications with security challenges. In: Security and Privacy, vol. 2, pp. e72. Wiley, New York (2019)
Das, K., Wazid, M., Kumar, N., Khan, M., Choo, K., Park, Y.: Design of secure and lightweight authentication protocol for wearable devices environment. IEEE J. Biomed. Health Inform. 22(4), 1310–1322 (2018)
Li, X., et al.: A three-factor anonymous authentication scheme for wireless sensor networks in internet of things environments. J. Netw. Comput. Appl. 103, 194–204 (2018)
Das, A., et al.: Provably secure user authentication and key agreement scheme for wireless sensor networks. Secur. Commun. Netw. 9(16), 3670–3687 (2016)
Chang, C., Le, H.: A provably secure, efficient, and flexible authentication scheme for ad hoc wireless sensor networks. IEEE Trans. Wirel. Commun. 15(1), 357–366 (2016)
Atzori, L., et al.: The internet of things: a survey. Comput. Netw. 54(15), 2787–2805 (2010)
Van den Abeele, F., et al.: Scalability analysis of large-scale LoRaWAN networks in ns-3. IEEE Internet Things J. 4(6), 2186–2198 (2017)
Dolev, D., Yao, A.: On the security of public key protocols. IEEE Trans. Inform. Theory 29(2), 198–208 (1983)
Delignat-Lavaud, A.: On the security of authentication protocols on the web. PhD thesis, Paris Sciences et Lettres (2016)
Amin, R., et al.: A software agent enabled biometric security algorithm for secure file access in consumer storage devices. IEEE Trans. Consum. Electron. 63(1), 53–61 (2017)
Mesaritakis, C., et al.: Physical unclonable function based on a multi-mode optical waveguide. Sci. Rep. 8, 9653 (2018)
Hamamreh, J., Arslan, H.: Secure orthogonal transform division multiplexing (OTDM) waveform for 5g and beyond. IEEE Commun. Lett. 21(5), 1191–1194 (2017)
Badawy, A., et al.: Unleashing the secure potential of the wireless physical layer: secret key generation methods. Phys. Commun. 19, 1–10 (2016)
Szalachowski, P., Ksiezopolski, B., Kotulski, Z.: CMAC, CCM and GCM/GMAC: advanced modes of operation of symmetric block ciphers in wireless sensor networks. Inf. Process. Lett. 110(7), 247–251 (2010)
Abdalla, M., Fouque, P., Pointcheval, D.: Password-based authenticated key exchange in the three-party setting. In: International Workshop on Public Key Cryptography, pp. 65–84. Springer (2005)
Odelu, V., Das, A., Goswami, A.: SEAP: secure and efficient authentication protocol for NFC applications using pseudonyms. IEEE Trans. Consum. Electron. 62(1), 30–38 (2016)
Wazid, M., et al.: A novel authentication and key agreement scheme for implantable medical devices deployment. IEEE J. Biomed. Health Inform. 22(4), 1299–1309 (2018)
Wazid, M., et al.: Secure authentication scheme for medicine anti-counterfeiting system in IoT environment. IEEE Internet Things J. 4(5), 1634–1646 (2017)
Challa, S., et al.: Secure signature-based authenticated key establishment scheme for future IoT applications. IEEE Access 5, 3028–3043 (2017)
Chatterjee, S., et al.: Secure biometric-based authentication scheme using chebyshev chaotic map for multi-server environment. IEEE Trans. Dependable Secure Comput. 15(5), 824–839 (2018)
Amin, R., et al.: Design and analysis of bilinear pairing based mutual authentication and key agreement protocol usable in multi-server environment. Wirel. Pers. Commun. 84(1), 439–642 (2015)
Funding
This research is supported by the Maroun Semaan Faculty of Engineering and Architecture at the American University of Beirut.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no conflict of interest.
Ethical approval
This article does not contain any studies with human participants or animals performed by any of the authors.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Melki, R., Noura, H.N. & Chehab, A. Lightweight multi-factor mutual authentication protocol for IoT devices. Int. J. Inf. Secur. 19, 679–694 (2020). https://doi.org/10.1007/s10207-019-00484-5
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-019-00484-5