ASSURE: A Hardware-Based Security Protocol for Resource-Constrained IoT Systems
Open Access
- 4 September 2020
- journal article
- research article
- Published by Springer Science and Business Media LLC in Journal of Hardware and Systems Security
- Vol. 5 (1), 1-18
- https://doi.org/10.1007/s41635-020-00102-0
Abstract
The Internet of Things technology is expected to generate tremendous economic benefits; this promise is undermined by major security threats. This is mainly due to the ubiquitous nature of this technology, which makes it easy for potential adversities to have access to IoT devices and carry well-established attacks. The development of defence mechanisms, in this case, is a challenging task; this is due to the fact that most IoT devices have limited computing and energy resources, which makes it hard to implement classic cryptographic algorithms. This paper addresses this challenge by proposing a lightweight mutual authentication and key agreement protocol named ASSURE based on Rivest Cipher (RC5) and physically unclonable functions (PUFs). To understand the effectiveness of this protocol, a rigorous security analysis under various cyber-attack scenarios is performed. In order to evaluate the overheads of the proposed solution, a wireless sensor network using typical IoT devices called Zolertia Zoul re-mote is constructed. The functionality of the proposed scheme is verified using a server-client configuration. Then, energy consumption and memory utilization are estimated and compared with the existing solutions, namely, the DTLS (datagram transport layer security) handshake protocol in pre-shared secret (key) mode and UDP (user datagram protocol). Experimental analysis results indicate that the proposed protocol can save up to 39.5% energy and uses 14% less memory compared with the DTLS handshake protocol.Keywords
Funding Information
- University of Southampton
This publication has 36 references indexed in Scilit:
- A Survey on Lightweight Entity Authentication with Strong PUFsACM Computing Surveys, 2015
- Security as a CoAP resource: An optimized DTLS implementation for the IoTPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2015
- TCO-PUF: A subthreshold physical unclonable functionPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2015
- DTLS based security and two-way authentication for the Internet of ThingsAd Hoc Networks, 2013
- End-to-end security for sleepy smart object networksPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2012
- Converse PUF-Based AuthenticationLecture Notes in Computer Science, 2012
- Reverse Fuzzy Extractors: Enabling Lightweight Mutual Authentication for PUF-Enabled RFIDsLecture Notes in Computer Science, 2012
- Robust Authentication Using Physically Unclonable FunctionsLecture Notes in Computer Science, 2009
- Software-based sensor node energy estimationPublished by Association for Computing Machinery (ACM) ,2007
- TinySecPublished by Association for Computing Machinery (ACM) ,2004