A Privacy-Aware PUFs-Based Multi-Server Authentication Protocol in Cloud-Edge IoT Systems Using Blockchain
- Publisher:
- Institute of Electrical and Electronics Engineers
- Publication Type:
- Journal Article
- Citation:
- IEEE Internet of Things Journal, 2021, 8, (19), pp. 13958-13974
- Issue Date:
- 2021-01-01
Closed Access
Filename | Description | Size | |||
---|---|---|---|---|---|
A_Privacy-Aware_PUFs-Based_Multiserver_Authentication_Protocol_in_Cloud-Edge_IoT_Systems_Using_Blockchain.pdf | Published version | 5.97 MB |
Copyright Clearance Process
- Recently Added
- In Progress
- Closed Access
This item is closed access and not available.
The combination of the Internet of Things (IoT) and Cloud-Edge (CE) paradigm promises to be an efficient system to aggregate and further process huge volumes of data from IoT nodes. Physical Unclonable Functions (PUFs) emerge as a prospective primitive to provide IoT nodes with lightweight physical identities for authentication. However, when integrating PUFs into multi-server authentication protocols to improve security, the following problems occur: 1) the challenge-response pairs (CRPs) of PUFs generated by devices need to be explicitly stored by each edge-server. This will cause the privacy leakage of CRPs; 2) the reliability is reduced resulting from the single point failure; 3) existing PUFs-based authentication protocols would need to put great efforts into synchronizing CRPs, to ensure consistency in multi-server systems. To overcome these problems, in this paper, we propose a privacy-aware authentication protocol for the multi-server CE-IoT systems by combining PUFs and the blockchain technique. The real correlations of CRPs are double-encoded into mapping correlations (MCs) by a one-time physical identity and the keyed-hash function. The blockchain is leveraged to store MCs, synchronize them efficiently, and incorporate the multi-receiver encryption to share the physical identity securely. The security of our protocol is formally proved by a random oracle model, and security features are discussed to show that our protocol resists various attacks. Moreover, a prototype was implemented to prove the efficiency of the protocol, and the comparison results present that our protocol accommodates CE-IoT systems. Finally, the simulation of the smart contract evaluates the scalability of our protocol.
Please use this identifier to cite or link to this item: