A secure lightweight authentication mechanism for IoT devices in generic domain

The Internet of Things prompt deployment enhances the security concerns of these systems in recent years. The enormous exchange of sensory information between devices raises the necessity for a secure authentication scheme for Internet of Things devices. Despite many proposed schemes, providing authenticated and secure communication for Internet of Things devices is still an open issue. This research addresses challenges pertaining to the Internet of Things authentication, verification, and communication, and proposes a new secure lightweight mechanism for Internet of Things devices in the generic domain. The proposed authentication method utilizes environmental variables obtained by sensors to allow the system to identify genuine devices and reject anomalous connections

A PUF-based cryptographic security solution for IoT systems on chip

The integration of multicore processors and peripherals from multiple intellectual property core providers as hardware components of IoT multiprocessor systems-on-chip (SoC) represents a source of security vulnerabilities for the in-chip communication. This paper describes the concept and the practical results of a SoC security implementation that is illustrative for IoT applications. The mechanism employed in this approach uses physically unclonable functions (PUF) and symmetric cryptography in order to encrypt the transferred messages within the SoC between the microprocessor and its peripherals. The mechanism is experimentally validated at FPGA level, the paper describing also an implementation scenario for an IoT ARM based device

Authenticating IoT Devices with Physically Unclonable Functions Models

Wirelessly connected smart embedded devices, forming the so called Internet of Things network, have achieved unprecedented levels of diffusion as they are adopted in many application domains, ranging from goods transportation to eHealth monitoring infrastructure. As they are always inherently connected, hence exposed to attacks, and as they densely populate our daily life collecting, managing and elaborating data, security has drawn a lot of attention in the literature. In a crowded network, classical security approaches may be not adequate, since they require secret sharing or public key distribution infrastructures. Physically Unclonable Functions (PUFs), introduced so far, are exploitable as security primitives, providing easy authentication and secure key storage mechanisms. Traditional PUF authentication schemes rely on the enrollment of some challenge/response pairs (CRPs), extracted before each device is issued, as it is not feasible to retrieve the whole CRPs set. Moreover, accomplishing such a procedure may introduce a significant overhead due to the cardinality of extracted CRPs and due to size of the device population. To avoid these issues, in this paper we exploit the knowledge of a PUF model in order to make available the whole CRPs set, and, by adopting an encryption scheme, we hide it to avoid model based attacks which can be performed on CRPs sent in clear. To this aim, we show an implementation based on the Anderson PUF and on AES, realized on a Xilinx Zynq-7000 Field Programmable Gate Array