A PUF based Light Weight Protocol for Secure WiFi Authentication of IoT devices

摘要

In the diverse, chaotic environment of the Internet of Things (IoT), the overlooked security issues in device design invite the biggest threat to adopt IoT due to its botnet. Being resource and computation intensive the traditional encryption based protocols are not suitable for low-end IoT devices. The most uncontrolled environment of IoT application makes it vulnerable to tampering and invasive attacks leading IoT-bots. In this context, Physically Unclonable Functions (PUFs) can provide the desired security at the hardware level to ensure the root of trust extracting the intrinsic physical variation of devices. Most of the IoT devices utilize WiFi technology for connectivity. However, current WiFi protocols are not sufficient to provide the desired security against the various threats, like MAC-spoofing, de-authentication, rogue access point, etc. Since IoT devices are deployed mostly in the uncontrolled environment, they are highly susceptible to those threats. Few PUF based authentication protocols are investigated towards the IoT security. However, these are not viable due to its resource and computation constraints in the context of WiFi. In this paper, a PUF based lightweight protocol is proposed which establishes the secure connection utilizing three pairs of challenge-response and generates a random number as a seed key used by the underlying WiFi protocol. Security analysis of the proposed protocol proves its effectiveness while incurs less resource and computation overhead.