An Improved Lightweight PUF-PKI Digital Certificate Authentication Scheme for the Internet of Things

Zeeshan Siddiqui, Jiechao Gao, Muhammad Khurram Khan

Research output: Contribution to journalArticlepeer-review

Abstract

Prosanta and Biplab presented a lightweight two-factor authentication scheme for the Internet of Things (IoT) devices based on Physical Unclonable Function (PUF). Their presented scheme was based on Fuzzy Extractor and analyzed various security reasonings, such as mutual authentication, session key agreement, privacy and protection against impersonation, message tampering and replay attacks. In this paper, we present sufficient security analysis to demonstrate that the scheme has various security and privacy issues in its setup and authentication phases. We propose a highly secure and robust authentication protocol based on a PKI digital certificate based on two Certificate Authority (CA) for cloud IoT systems. The proposed authentication method is verified and validated using Tamarin Prover and supported with a detailed security and performance analysis discussion. The scheme security and privacy attributes are compared with other IoT authentication schemes. The analysis has proved that the proposed authentication scheme is more secure and highly reliable as compared to Prosanta and Biplab authentication scheme.
Original languageEnglish
Number of pages14
JournalIEEE Internet of Things Journal
Early online date19 Apr 2022
DOIs
Publication statusE-pub ahead of print - 19 Apr 2022

Fingerprint

Dive into the research topics of 'An Improved Lightweight PUF-PKI Digital Certificate Authentication Scheme for the Internet of Things'. Together they form a unique fingerprint.

Cite this