A Privacy-Aware PUFs-Based Multi-Server Authentication Protocol in Cloud-Edge IoT Systems Using Blockchain

Zhang, Y; Li, B; Liu, B; Hu, Y; Zheng, H

A Privacy-Aware PUFs-Based Multi-Server Authentication Protocol in Cloud-Edge IoT Systems Using Blockchain

Zhang, Y Li, B Liu, B

Hu, Y Zheng, H

Permalink

Publisher:: Institute of Electrical and Electronics Engineers
Publication Type:: Journal Article
Citation:: IEEE Internet of Things Journal, 2021, 8, (19), pp. 13958-13974
Issue Date:: 2021-01-01

Closed Access

	Filename	Description	Size
	A_Privacy-Aware_PUFs-Based_Multiserver_Authentication_Protocol_in_Cloud-Edge_IoT_Systems_Using_Blockchain.pdf	Published version	5.97 MB	Adobe PDF	View/Open

Copyright Clearance Process

Recently Added
In Progress
Closed Access

This item is closed access and not available.

Full metadata record

Field	Value	Language
dc.contributor.author	Zhang, Y
dc.contributor.author	Li, B
dc.contributor.author	Liu, B https://orcid.org/0000-0002-3603-6617
dc.contributor.author	Hu, Y
dc.contributor.author	Zheng, H
dc.date.accessioned	2021-09-12T05:21:04Z
dc.date.available	2021-09-12T05:21:04Z
dc.date.issued	2021-01-01
dc.identifier.citation	IEEE Internet of Things Journal, 2021, 8, (19), pp. 13958-13974
dc.identifier.issn	2327-4662
dc.identifier.issn	2327-4662
dc.identifier.uri	http://hdl.handle.net/10453/150482
dc.description.abstract	The combination of the Internet of Things (IoT) and Cloud-Edge (CE) paradigm promises to be an efficient system to aggregate and further process huge volumes of data from IoT nodes. Physical Unclonable Functions (PUFs) emerge as a prospective primitive to provide IoT nodes with lightweight physical identities for authentication. However, when integrating PUFs into multi-server authentication protocols to improve security, the following problems occur: 1) the challenge-response pairs (CRPs) of PUFs generated by devices need to be explicitly stored by each edge-server. This will cause the privacy leakage of CRPs; 2) the reliability is reduced resulting from the single point failure; 3) existing PUFs-based authentication protocols would need to put great efforts into synchronizing CRPs, to ensure consistency in multi-server systems. To overcome these problems, in this paper, we propose a privacy-aware authentication protocol for the multi-server CE-IoT systems by combining PUFs and the blockchain technique. The real correlations of CRPs are double-encoded into mapping correlations (MCs) by a one-time physical identity and the keyed-hash function. The blockchain is leveraged to store MCs, synchronize them efficiently, and incorporate the multi-receiver encryption to share the physical identity securely. The security of our protocol is formally proved by a random oracle model, and security features are discussed to show that our protocol resists various attacks. Moreover, a prototype was implemented to prove the efficiency of the protocol, and the comparison results present that our protocol accommodates CE-IoT systems. Finally, the simulation of the smart contract evaluates the scalability of our protocol.
dc.language	en
dc.publisher	Institute of Electrical and Electronics Engineers
dc.relation.ispartof	IEEE Internet of Things Journal
dc.relation.isbasedon	10.1109/JIOT.2021.3068410
dc.rights	info:eu-repo/semantics/closedAccess
dc.subject	0805 Distributed Computing, 1005 Communications Technologies
dc.title	A Privacy-Aware PUFs-Based Multi-Server Authentication Protocol in Cloud-Edge IoT Systems Using Blockchain
dc.type	Journal Article
utslib.citation.volume	8
utslib.for	0805 Distributed Computing
utslib.for	1005 Communications Technologies
pubs.organisational-group	/University of Technology Sydney
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology/School of Computer Science
utslib.copyright.status	closed_access	*
pubs.consider-herdc	false
dc.date.updated	2021-09-12T05:21:01Z
pubs.issue	19
pubs.publication-status	Published
pubs.volume	8
utslib.citation.issue	19

Abstract:

The combination of the Internet of Things (IoT) and Cloud-Edge (CE) paradigm promises to be an efficient system to aggregate and further process huge volumes of data from IoT nodes. Physical Unclonable Functions (PUFs) emerge as a prospective primitive to provide IoT nodes with lightweight physical identities for authentication. However, when integrating PUFs into multi-server authentication protocols to improve security, the following problems occur: 1) the challenge-response pairs (CRPs) of PUFs generated by devices need to be explicitly stored by each edge-server. This will cause the privacy leakage of CRPs; 2) the reliability is reduced resulting from the single point failure; 3) existing PUFs-based authentication protocols would need to put great efforts into synchronizing CRPs, to ensure consistency in multi-server systems. To overcome these problems, in this paper, we propose a privacy-aware authentication protocol for the multi-server CE-IoT systems by combining PUFs and the blockchain technique. The real correlations of CRPs are double-encoded into mapping correlations (MCs) by a one-time physical identity and the keyed-hash function. The blockchain is leveraged to store MCs, synchronize them efficiently, and incorporate the multi-receiver encryption to share the physical identity securely. The security of our protocol is formally proved by a random oracle model, and security features are discussed to show that our protocol resists various attacks. Moreover, a prototype was implemented to prove the efficiency of the protocol, and the comparison results present that our protocol accommodates CE-IoT systems. Finally, the simulation of the smart contract evaluates the scalability of our protocol.

Please use this identifier to cite or link to this item:

http://hdl.handle.net/10453/150482