Internet of Things (IoT), Identity-Based Encryption (IBE), Physically Unclonable Functions (PUFs)
Remote authentication is a safe and verifiable mechanism. In the Internet of Things (IoT), remote hosts need to verify the legitimacy of identity of terminal devices. However, embedded devices can hardly afford sufficient resources for the necessary trusted hardware components. Software authentication with no hardware guarantee is generally vulnerable to various network attacks. In this paper, we propose a lightweight remote verification protocol. The protocol utilizes the unique response returned by Physical Unclonable Function (PUF) as legitimate identity basis of the terminal devices and uses quadratic residues to encrypt the PUF authentication process to perform a double identity verification scheme. Our scheme is secure against middleman attacks on the attestation response by preventing conspiracy attacks from forgery authentication.
Tsinghua University Press
Bo Zhao, Pengyuan Zhao, Peiru Fan. ePUF: A Lightweight Double Identity Verification in IoT. Tsinghua Science and Technology 2020, 25(05): 625-635.