HSC-IoT: A Hardware and Software Co-Verification Based Authentication Scheme for Internet of Things

The Internet of Things (IoT) have become popular in diverse domains because of their accessibility and mobility as well as cost-efficient manufacturing, deployment, and maintenance process. The widespread deployment of IoT devices makes them an attractive target for an attacker trying to gain unauthorized access to an IoT-based system. An adversary clones a real hardware device or compromises embedded software to impersonate a legitimate device, and thus gains unauthorized access to sensitive information and performs security-critical operations. The existing security schemes for the mobile systems cannot be applied directly to an IoT-enabled infrastructure since devices are resource constrained regarding storage, processing power, and communication bandwidth. Additionally, the current security approaches for the IoT systems are unable to identify physically compromised IoT devices. In this paper, we propose HSC-IoT, a resource-efficient Physical Unclonable Function (PUF)-based security protocol that ensures both software and hardware integrity of IoT devices. HSC-IoT also provides a lightweight mutual authentication scheme for the resource-limited devices based on Elliptic Curve Cryptography. We present a detailed analysis of the security strength of HSC-IoT. We implemented a prototype of HSC-IoT on IoT devices powered by Contiki OS and provided an extensive comparative analysis of HSC-IoT with contemporary IoT security protocols.

[1]  Antonio Iera,et al.  The Internet of Things: A survey , 2010, Comput. Networks.

[2]  Mohammad Hossein Yaghmaee,et al.  Monitoring approach for detection compromise attacks in smart meter , 2013 .

[3]  Andrei V. Gurtov,et al.  PAuthKey: A Pervasive Authentication Protocol and Key Establishment Scheme for Wireless Sensor Networks in Distributed IoT Applications , 2014, Int. J. Distributed Sens. Networks.

[4]  Souhwan Jung,et al.  HRP: A HMAC-based RFID mutual authentication protocol using PUF , 2013, The International Conference on Information Networking 2013 (ICOIN).

[5]  Michail Maniatakos,et al.  Malicious Firmware Detection with Hardware Performance Counters , 2016, IEEE Transactions on Multi-Scale Computing Systems.

[6]  Andrea Zanella,et al.  Internet of Things for Smart Cities , 2014, IEEE Internet of Things Journal.

[7]  Yier Jin,et al.  Privacy and Security in Internet of Things and Wearable Devices , 2015, IEEE Transactions on Multi-Scale Computing Systems.

[8]  G. Edward Suh,et al.  Physical Unclonable Functions for Device Authentication and Secret Key Generation , 2007, 2007 44th ACM/IEEE Design Automation Conference.

[9]  Willi Meier,et al.  Quark: A Lightweight Hash , 2010, Journal of Cryptology.

[10]  Ahmad-Reza Sadeghi,et al.  Security analysis on consumer and industrial IoT devices , 2016, 2016 21st Asia and South Pacific Design Automation Conference (ASP-DAC).

[11]  Mojtaba Vahidi-Asl,et al.  DMP-IOT: A distributed movement prediction scheme for IOT health-care applications , 2017, Comput. Electr. Eng..

[12]  Ramesh Karri,et al.  NumChecker: Detecting kernel control-flow modifying rootkits by using Hardware Performance Counters , 2013, 2013 50th ACM/EDAC/IEEE Design Automation Conference (DAC).

[13]  Óscar García-Morchón,et al.  Securing the IP-based internet of things with HIP and DTLS , 2013, WiSec '13.

[14]  JeongGil Ko,et al.  Sensor Virtualization Module: Virtualizing IoT Devices on Mobile Smartphones for Effective Sensor Data Management , 2015, Int. J. Distributed Sens. Networks.

[15]  Yong Guan,et al.  Lightweight Mutual Authentication and Ownership Transfer for RFID Systems , 2010, 2010 Proceedings IEEE INFOCOM.

[16]  Moti Yung,et al.  End-To-End Design of a PUF-Based Privacy Preserving Authentication Protocol , 2015, CHES.

[17]  Richard Han,et al.  Node Compromise in Sensor Networks: The Need for Secure Systems ; CU-CS-990-05 , 2005 .

[18]  Alexis Olivereau,et al.  HIP Tiny Exchange (TEX): A distributed key exchange scheme for HIP-based Internet of Things , 2012, Third International Conference on Communications and Networking.

[19]  Yu Wang,et al.  The Lightweight Ownership Transfer Protocol using Physically Unclonable Function , 2016 .

[20]  Fang Liu,et al.  Real-Time Detection of Clone Attacks in Wireless Sensor Networks , 2008, 2008 The 28th International Conference on Distributed Computing Systems.

[21]  Yang Xiang,et al.  Detection and Mitigation of Node Replication Attacks in Wireless Sensor Networks: A Survey , 2013, Int. J. Distributed Sens. Networks.

[22]  Thomas F. La Porta,et al.  SET: Detecting node clones in sensor networks , 2007, 2007 Third International Conference on Security and Privacy in Communications Networks and the Workshops - SecureComm 2007.

[23]  Arnab Raha,et al.  D-PUF: An intrinsically reconfigurable DRAM PUF for device authentication in embedded systems , 2016, 2016 International Conference on Compliers, Architectures, and Sythesis of Embedded Systems (CASES).

[24]  Maurizio Pizzonia,et al.  Efficient and practical authentication of PUF-based RFID tags in supply chains , 2010, 2010 IEEE International Conference on RFID-Technology and Applications.

[25]  Young-Sil Lee,et al.  Mutual authentication in wireless body sensor networks (WBSN) based on Physical Unclonable Function (PUF) , 2013, 2013 9th International Wireless Communications and Mobile Computing Conference (IWCMC).

[26]  John Ross Wallrabenstein Practical and Secure IoT Device Authentication Using Physical Unclonable Functions , 2016, 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud).

[27]  Klaus Wehrle,et al.  Towards viable certificate-based authentication for the internet of things , 2013, HotWiSec '13.

[28]  Ayman I. Kayssi,et al.  A PUF-based ultra-lightweight mutual-authentication RFID protocol , 2011, 2011 International Conference for Internet Technology and Secured Transactions.

[29]  Alexis Olivereau,et al.  D-HIP: A distributed key exchange scheme for HIP-based Internet of Things , 2012, 2012 IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM).

[30]  Ramesh Karri,et al.  Reusing Hardware Performance Counters to Detect and Identify Kernel Control-Flow Modifying Rootkits , 2016, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[31]  Klaus Wehrle,et al.  Delegation-based authentication and authorization for the IP-based Internet of Things , 2014, 2014 Eleventh Annual IEEE International Conference on Sensing, Communication, and Networking (SECON).

[32]  Georg Carle,et al.  DTLS based security and two-way authentication for the Internet of Things , 2013, Ad Hoc Networks.

[33]  Farinaz Koushanfar,et al.  FPGA Time-Bounded Unclonable Authentication , 2010, Information Hiding.

[34]  Ulrich Rührmair,et al.  SIMPL Systems: On a Public Key Variant of Physical Unclonable Functions , 2009, IACR Cryptol. ePrint Arch..