Skip to main content
SpringerLink
Log in

Lightweight PUF based authentication scheme for fog architecture

  • Published:
Wireless Networks Aims and scope Submit manuscript

Abstract

Fog computing improves efficiency and reduces the amount of bandwidth to the cloud. In many use cases, the internet of things (IoT) devices do not know the fog nodes in advance. Moreover, as the fog nodes are often placed in open publicly available places, they can be easily captured. Therefore, it should be ensured that even if the key material is leaked from the fog devices, the previously generated session keys and the identity of the devices can be kept secret, i.e. satisfying anonymity, unlinkability, perfect forward secrecy and resistance against stolen devices attack. Such demands require a multi-factor authentication scheme, which is typically done by providing input of the user with password or biometric data. However, in real use case scenarios, IoT devices should be able to automatically start the process without requiring such manual interaction and also fog devices need to autonomously operate. Therefore, this paper proposes a physical unclonable function (PUF) based mutual authentication scheme, being the first security scheme for a fog architecture, capable of providing simultaneously all these suggested security features. In addition, we also show the resistance against other types of attacks like synchronization and known session specific temporary information attack. Moreover, the scheme only relies on symmetric key based operations and thus results in very good performance, compared to the other fog based security systems proposed in literature.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2

Similar content being viewed by others

References

  1. Bonomi, F., Milito, R., Zhu, J., & Addepalli, S. (2012). Fog computing and its role in the internet of things. In Proceedings of the First Edition of the MCC Workshop on Mobile Cloud Computing, ACM (pp. 13–16).

  2. Osanaiye, O. A., Chen, S., Yan, Z., Lu, R., Choo, K. K. R., & Dlodlo, M. E. (2017). From cloud to fog computing: A review and a conceptual live vm migration framework. IEEE Access, 5, 8284–8300.

    Article  Google Scholar 

  3. Farahani, B., Firouzi, F., Chang, V., Badaroglu, M., Constant, N., & Mankodiya, K. (2018). Towards fog-driven IoT ehealth: Promises and challenges of IoT in medicine and healthcare. Future Generation Computer Systems, 78, 659–676.

    Article  Google Scholar 

  4. Gia, T. N., Jiang, M., Rahmani, A. M., Westerlund, T., Liljeberg, P., & Tenhunen, H. (2015). Fog computing in healthcare internet of things: A case study on ECG feature extraction, In IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing (CIT/IUCC/DASC/PICOM), IEEE (pp. 356–363).

  5. Huang, C., Lu, R., & Choo, K. K. R. (2017). Vehicular fog computing: Architecture, use case, and security and forensic challenges. IEEE Communications Magazine, 55(11), 105–111.

    Article  Google Scholar 

  6. Stojmenovic, I. & Wen, S. (2014). The fog computing paradigm: Scenarios and security issues, In Federated Conference on Computer Science and Information Systems (FedCSIS), IEEE (pp. 1–8.)

  7. Hu, P., Dhelim, S., Ning, H., & Qiu, T. (2017). Survey on fog computing: Architecture, key technologies, applications and open issues. Journal of Network and Computer Applications, 98, 27–42.

    Article  Google Scholar 

  8. Khan, S., Parkinson, S., & Qin, Y. (2017). Fog computing security: A review of current applications and security solutions. Journal of Cloud Computing, 6(1), 19.

    Article  Google Scholar 

  9. Yi, S., Qin, Z., & Li, A. (2015). Security and privacy issues of fog computing: A survey. In International Conference on Wireless Algorithms, Systems, and Applications, Springer (pp. 685–695).

  10. Pappu, S. R. (2001). Physical One-way functions. Ph.D. thesis, Massachusetts Institute of Technology, USA.

  11. Tuyls, P., Schrijen, G. J., Skoric, B., Van Geloven, J., Verhaegh, N., & Wolters, R. (2006). Read-proof hardware from protective coatings. In Cryptographic Hardware and Embedded Systems (CHES), LNCS, Springer Verlag (pp. 369–383).

  12. Skoric, B., Schrijen, G.-J., Ophey, W., Wolters, R., Verhaegh, N. & Van Geloven, J. (2007). Experimental hardware for coating PUFs and optical PUFS, In security with noisy data: on private biometrics, secure key storage and anti-counterfeiting, Springer-Verlag, Chapter 15.

  13. Kursawe, K., Sadeghi, A.-R., Schellekens, D., Skoric, B., & Tuyls, P. (2009). Reconfigurable physical unclonable functions: Enabling technology for tamper resistant storage. IEEE International Workshop on Hardware-Oriented Security and Trust, HOST

  14. Delvaux, J. (2017). Security analysis of PUF-based key generation and entity authentication. PhD thesis, Katholieke Universiteit Leuven (KULeuven), Leuven, Belgium.

  15. Gope, P. (2020). PMAKE: Privacy-aware multi-factor authenticated key establishment scheme for advance metering infrastructure in smart grid. Computer Communications, 152, 338–344.

    Article  Google Scholar 

  16. Chatterjee, U., Chakraborty, R. S., & Mukhopadhyay, D. (2017). A PUF-based secure communication protocol for IoT. ACM Transactions on Embedded Computer Systems, 16(3), 25. Article 67.

    Article  Google Scholar 

  17. Braeken, A. (2019). PUF based authentication security for IoT. Symmetry, 10(8), 352.

    Article  Google Scholar 

  18. Jia, X., He, D., Kumar, N., & Choo, K. K. R. (2018). Authenticated key agreement scheme for fog-driven IoT healthcare system. Wireless Networks, 25, 4737–4750. https://doi.org/10.1007/s11276-018-1759-3

    Article  Google Scholar 

  19. Patonico, S., Braeken, A., & Steenhaut, K. (2019). Identity-based and anonymous key agreement protocol for fog computing resistant in the Canetti–Krawczyk security model. Wireless Networks, 362, 13.

    Google Scholar 

  20. Shabisha, P., Steenhaut, K. & Braeken, A. (2020). Anonymous symmetric key based key agreement protocol for fog computing. Internal Report, Vrije Universiteit Brussel, 2020.

  21. Xiong, L., Peng, D., Peng, T., Liang, H., & Liu, Z. (2017). A lightweight anonymous authentication protocol with perfect forward secrecy for wireless sensor networks. Sensors, 17, 2681.

    Article  Google Scholar 

  22. Gope, P., & Hwang, T. (2016). A realistic lightweight anonymous authentication protocol for securing realtime application data access in wireless sensor networks. IEEE Transactions in Industrial Electronics, 63, 7124–7132.

    Article  Google Scholar 

  23. Gong, L. (1993). Lower bounds on messages and rounds for network authentication Protocols. In Proceedings of the 1st ACM Conference on Computer and Communications Security (pp. 26–37).

  24. Lee, C. C., Chen, S. D., & Chen, C. L. (2012). A computation-efficient three-party encrypted key exchange protocol. Applied Mathematics and Information Sciences Letters, 6(3), 573–579.

    MathSciNet  Google Scholar 

  25. Li, X., Niu, J., Kumari, S., Khan, M. K., Liao, L., & Liang, W. (2015). Design and analysis of a chaotic maps-based three-party authenticated key agreement protocol. Nonlinear Dynamics, 80(3), 1209–1220.

    Article  MathSciNet  MATH  Google Scholar 

  26. Lee, T. F., & Hwang, T. (2017). Three-party authenticated key agreements for optimal communication. PloS ONE, 12(3), e0174473.

    Article  Google Scholar 

  27. Ni, L., Chen, G., & Li, J. (2013). Escrowable identity-based authenticated key agreement protocol with strong security. Computers and Mathematics with Applications, 65, 1339–1349.

    Article  MathSciNet  Google Scholar 

  28. Lu, Y., Ping, L., Peng, H., & Yang, Y. (2016). An energy efficient mutual authentication and key agreement scheme preserving anonymity for wireless sensor networks. Sensors, 16, 837.

    Article  Google Scholar 

  29. Canetti, R. & Krawczyk, H. (2001). Analysis of key-exchange protocols and their use for building secure channels. In International Conference on the Theory and Applications of Cryptographic Techniques, Springer-Verlag (pp. 453–373).

  30. Wang, D., & Wang, P. (2014). On the anonymity of two-factor authentication schemes for wireless sensor networks: Attacks, principle and solutions. Computer Networks, 73, 41–57.

    Article  Google Scholar 

  31. Dodis, Y., Reyzin, L., & Smith, A. (2004). Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. Advances in Cryptology EuroCrypt, LNCS, 3027, 523–540.

    MathSciNet  MATH  Google Scholar 

  32. Delvaux, J., Gu, D., Verbauwhede, I., Hiller, M., & Yu, M.-D. (2016). Efficient fuzzy extraction of PUF-induced secrets: Theory and applications. In Cryptographic Hardware for Embedded Systems (CHES), LNCS 8913, Springer (pp. 412–430).

  33. Delvaux, J., Gu, D., Schellekens, D., & Verbauwhede, I. (2015). Helper data algorithms for PUF-based key generation: Overview and analysis. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 34(6), 889–902.

    Article  Google Scholar 

  34. Dolev, D., & Yao, A. (1983). On the security of public key protocols. IEEE Transactions on Information Theory, 29(2), 198–208.

    Article  MathSciNet  MATH  Google Scholar 

  35. Khalafalla, M., & Gebotys, C. (2019). PUFs deep attacks: Enhanced modeling attacks using deep learning techniques to break the security of double arbiter PUFs. In Design, automation and test in Europe conference and exhibition (DATE).

  36. Rubin, A. D., & Honeyman, P. (1994). Nonmonotonic cryptographic protocols. In Proceedings of the Computer Security Foundation Workshop VII, Franconia, NH, USA (pp. 100–116).

  37. Yang, X., & Xiaoyao, X. (2008). Analysis of authentication protocols based on Rubin logic. In 4th International Conference on Wireless Communications. Networking and Mobile Computing, IEEE.

  38. Choi, Y., Lee, D., Kim, J., Jung, J., Nam, J., & Won, D. (2014). Security enhanced user authentication protocol for wireless sensor networks using elliptic curves cryptography, Sensors, 14(6), 10081–10106.

    Article  Google Scholar 

  39. Braeken, A., Liyanage, M., Kumar, P., & Muphy, J. (2019). Novel 5G authentication protocol to improve the resistance against active attacks and malicious serving Networks. IEEE Access, 7, 64040–64052.

    Article  Google Scholar 

  40. Nanjo, Y., Khandaker, M. A. A., Kusaka, T., & Nogami, Y. (2018). Efficient pairing-based cryptography on raspberry pi. Journal of Communications, 13(2), 88–93.

    Article  Google Scholar 

  41. Kim, T., & Barbulescu, R. (2016). Extended tower number field sieve: A new complexity for the medium prime case. Advances in Cryptolopgy: Crypto, Part I, 9814, 543–571.

    MathSciNet  MATH  Google Scholar 

  42. Barbulescu, R., & Duquesne, S. (2019). Updating key size estimations for pairings. Journal of Cryptology, 32, 1298–1336.

    Article  MathSciNet  MATH  Google Scholar 

Download references

Acknowledgements

This paper has been made thanks to the TETRA grant HBC.2019.2017—OpenCloudEdge provided by Vlaio (Flanders Innovation and Entrepreneurship).

Author information

Authors and Affiliations

  1. ETRO, Vrije Universiteit Brussel, Pleinlaan 2, Brussel, Belgium

    Ruben De Smet & Kris Steenhaut

  2. INDI, Vrije Universiteit Brussel, Pleinlaan 2, Brussel, Belgium

    Thibaut Vandervelden, Kris Steenhaut & An Braeken

Authors
  1. Ruben De Smet
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Thibaut Vandervelden
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kris Steenhaut
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. An Braeken
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to An Braeken.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

This work was supported by the Vlaio TETRA Project OpenCloudEdge (HBC.2019.2017).

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

De Smet, R., Vandervelden, T., Steenhaut, K. et al. Lightweight PUF based authentication scheme for fog architecture. Wireless Netw 27, 947–959 (2021). https://doi.org/10.1007/s11276-020-02491-0

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11276-020-02491-0

Keywords

Search

Navigation