Designing secure PUF-based authentication protocols for constrained environments.
| Autor: | Lee SW; Pattern Recognition and Machine Learning Lab, Gachon University, 1342 Seongnamdaero, Sujeonggu, Seongnam, 13120, Republic of Korea., Safkhani M; Department of Computer Engineering, Shahid Rajaee Teacher Training University, Tehran, 16788-15811, Iran.; School of Computer Science, Institute for Research in Fundamental Sciences (IPM), P. O. Box 19395-5746, Tehran, Iran., Le Q; Institute of Research and Development, Duy Tan University, Da Nang, Vietnam., Ahmed OH; Department of Information Technology, University of Human Development, Sulaymaniyah, Iraq., Hosseinzadeh M; Institute of Research and Development, Duy Tan University, Da Nang, Vietnam. mehdihosseinzadeh@duytan.edu.vn.; School of Medicine and Pharmacy, Duy Tan University, Da Nang, Viet Nam. mehdihosseinzadeh@duytan.edu.vn., Rahmani AM; Future Technology Research Center, National Yunlin University of Science and Technology, Yunlin, Taiwan. rahmania@yuntech.edu.tw., Bagheri N; School of Computer Science, Institute for Research in Fundamental Sciences (IPM), P. O. Box 19395-5746, Tehran, Iran. Nbagheri@sru.ac.ir.; Department of Electrical Engineering, Shahid Rajaee Teacher Training University, 16788-15811, Tehran, Iran. Nbagheri@sru.ac.ir. |
|---|---|
| Jazyk: | angličtina |
| Zdroj: | Scientific reports [Sci Rep] 2023 Dec 07; Vol. 13 (1), pp. 21702. Date of Electronic Publication: 2023 Dec 07. |
| DOI: | 10.1038/s41598-023-48464-z |
| Abstrakt: | Physical Unclonable Functions (PUFs) are widely used in cryptographic authentication and key-agreement protocols due to their unique physical properties. This article presents a comprehensive cryptanalysis of two recently developed authentication protocols, namely PLAKE and EV-PUF, both relying on PUFs. Our analysis reveals significant vulnerabilities in these protocols, including susceptibility to impersonation and key leakage attacks, which pose serious threats to the security of the underlying systems. In the case of PLAKE, we propose an attack that can extract the shared secret key with negligible complexity by eavesdropping on consecutive protocol sessions. Similarly, we demonstrate an efficient attack against EV-PUF that enables the determination of the shared key between specific entities. Furthermore, we highlight the potential for a single compromised client in the EV-PUF protocol to compromise the security of the entire network, leaving it vulnerable to pandemic attacks. These findings underscore the critical importance of careful design and rigorous evaluation when developing PUF-based authentication protocols. To address the identified vulnerabilities, we present an improved PUF-based authentication protocol that ensures robust security against all the attacks described in the context of PLAKE and EV-PUF. Through this research, we contribute to the field by exposing vulnerabilities in existing PUF-based authentication protocols and offering an improved protocol that enhances security and safeguards against various attack vectors. This work serves as a valuable reference for researchers and practitioners involved in the design and implementation of secure authentication schemes for IoT systems and dynamic charging systems for electric vehicles. (© 2023. The Author(s).) |
| Databáze: | MEDLINE |
| Externí odkaz: |
|
| Nepřihlášeným uživatelům se plný text nezobrazuje | K zobrazení výsledku je třeba se přihlásit. |