Hide/Show Apps

A PUF-based lightweight group authentication and key distribution protocol

Yıldız, Hüsnü
Securing Internet of Things (IoT) applications that collect and transport sensitive data by guaranteeing authenticity, integrity, and confidentiality is a critical challenge. Reducing computation and communication overhead of security functions is also a key concern since a large number of constrained devices may take place in such applications. Our main focus in this thesis is group authentication and key management in IoT. The existing group authentication and key management protocols in the literature perform computations using asymmetric ciphers, which are costly for IoT. Therefore, applications generally employ simple security primitives that are prone to or lead to cyber-attacks by using IoT devices. In this thesis, we propose a physically unclonable function (PUF) based lightweight group authentication and key distribution (PLGAKD) protocol that employs PUF, factorial tree, and the Chinese Remainder Theorem (CRT). In PLGAKD, PUF facilitates lightweight authentication and key distribution for group members. Factorial tree and CRT help us reduce the number of keys stored in nodes and the number of communication messages contrary to the binary tree. The communication overhead in PLGAKD is reduced to almost half in comparison with binary trees for almost the same number of group members. Moreover, the computation overhead is significantly less since only symmetric encryption, hash functions, and XOR are performed for group operations.