206 research outputs found
End-to-end Design of a PUF-based Privacy Preserving Authentication Protocol
We demonstrate a prototype implementation of a provably secure protocol that supports privacy-preserving mutual authentication between a server and a constrained device. Our proposed protocol is based on a physically unclonable function (PUF) and it is optimized for resource-constrained platforms. The reported results include a full protocol analysis, the design of its building blocks, their integration into a constrained device, and finally its performance evaluation. We show how to obtain efficient implementations for each of the building blocks of the protocol, including a fuzzy extractor with a novel helper-data construction technique, a truly random number generator (TRNG), and a pseudo-random function (PRF). The prototype is implemented on a SASEBO-GII board, using the on-board SRAM as the source of entropy for the PUF and the TRNG. We present three different implementations. The first two execute on a MSP430 soft-core processor and have a security level of 64-bit and 128-bit respectively. The third uses a hardware accelerator and has 128-bit security level. To our best knowledge, this work is the first effort to describe the end-to-end design and evaluation of a privacy-preserving PUF-based authentication protocol
Security and privacy issues of physical objects in the IoT: Challenges and opportunities
In the Internet of Things (IoT), security and privacy issues of physical objects are crucial to the related applications. In order to clarify the complicated security and privacy issues, the life cycle of a physical object is divided into three stages of pre-working, in-working, and post-working. On this basis, a physical object-based security architecture for the IoT is put forward. According to the security architecture, security and privacy requirements and related protecting technologies for physical objects in different working stages are analyzed in detail. Considering the development of IoT technologies, potential security and privacy challenges that IoT objects may face in the pervasive computing environment are summarized. At the same time, possible directions for dealing with these challenges are also pointed out
Lightweight and privacy-preserving two-factor authentication scheme for IoT devices
Device authentication is an essential security feature for Internet of Things (IoT). Many IoT devices are deployed in the open and public places, which makes them vulnerable to physical and cloning attacks. Therefore, any authentication protocol designed for IoT devices should be robust even in cases when an IoT device is captured by an adversary. Moreover, many of the IoT devices have limited storage and computational capabilities. Hence, it is desirable that the security solutions for IoT devices should be computationally efficient. To address all these requirements, in this paper, we present a lightweight and privacy-preserving two-factor authentication scheme for IoT devices, where physically uncloneable functions have been considered as one of the authentication factors. Security and performance analysis show that our proposed scheme is not only robust against several attacks, but also very efficient in terms of computational efficiently
An Efficient Authentication Protocol for Smart Grid Communication Based on On-Chip-Error-Correcting Physical Unclonable Function
Security has become a main concern for the smart grid to move from research
and development to industry. The concept of security has usually referred to
resistance to threats by an active or passive attacker. However, since smart
meters (SMs) are often placed in unprotected areas, physical security has
become one of the important security goals in the smart grid. Physical
unclonable functions (PUFs) have been largely utilized for ensuring physical
security in recent years, though their reliability has remained a major problem
to be practically used in cryptographic applications. Although fuzzy extractors
have been considered as a solution to solve the reliability problem of PUFs,
they put a considerable computational cost to the resource-constrained SMs. To
that end, we first propose an on-chip-error-correcting (OCEC) PUF that
efficiently generates stable digits for the authentication process. Afterward,
we introduce a lightweight authentication protocol between the SMs and
neighborhood gateway (NG) based on the proposed PUF. The provable security
analysis shows that not only the proposed protocol can stand secure in the
Canetti-Krawczyk (CK) adversary model but also provides additional security
features. Also, the performance evaluation demonstrates the significant
improvement of the proposed scheme in comparison with the state-of-the-art
Key Management Systems for Smart Grid Advanced Metering Infrastructure: A Survey
Smart Grids are evolving as the next generation power systems that involve
changes in the traditional ways of generation, transmission and distribution of
power. Advanced Metering Infrastructure (AMI) is one of the key components in
smart grids. An AMI comprises of systems and networks, that collects and
analyzes data received from smart meters. In addition, AMI also provides
intelligent management of various power-related applications and services based
on the data collected from smart meters. Thus, AMI plays a significant role in
the smooth functioning of smart grids.
AMI is a privileged target for security attacks as it is made up of systems
that are highly vulnerable to such attacks. Providing security to AMI is
necessary as adversaries can cause potential damage against infrastructures and
privacy in smart grid. One of the most effective and challenging topic's
identified, is the Key Management System (KMS), for sustaining the security
concerns in AMI. Therefore, KMS seeks to be a promising research area for
future development of AMI. This survey work highlights the key security issues
of advanced metering infrastructures and focuses on how key management
techniques can be utilized for safeguarding AMI. First of all, we explore the
main features of advanced metering infrastructures and identify the
relationship between smart grid and AMI. Then, we introduce the security issues
and challenges of AMI. We also provide a classification of the existing works
in literature that deal with secure key management system in AMI. Finally, we
identify possible future research directions of KMS in AMI
- …