The rapid development of the Internet of Things (IoT) has realized the mutual communication between intelligent devices such as sensors, smart phones and vehicles. However, it is a challenge to design an authentication and key agreement protocol suitable for resource-constrained Industrial Internet of Things (IIoT) environment. Recently, Zahednejad et al. proposed a robust three-factor authentication protocol based on Elliptic Curve Diffie-Hellman (ECDH), and claimed that the protocol can resist various attacks. However, we found that their scheme could not resist sensor node capture attack. In order to overcome this problem, we propose an improved three-factor authentication scheme based on physical unclonable function (PUF). Informal analysis shows that the scheme has the ability to resist multiple attacks. In addition, we employed the Real or Random (ROR) model to conduct a formal analysis of the scheme, and the results indicate that the scheme is secure. Finally, compared with other similar schemes, this scheme has advantages in computation and communication costs, and is more practical.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

An Improved PUF-Based Three-Factor Authentication Scheme for Industrial IoT

  • Qingyun Liu,
  • Fengtong Wen

摘要

The rapid development of the Internet of Things (IoT) has realized the mutual communication between intelligent devices such as sensors, smart phones and vehicles. However, it is a challenge to design an authentication and key agreement protocol suitable for resource-constrained Industrial Internet of Things (IIoT) environment. Recently, Zahednejad et al. proposed a robust three-factor authentication protocol based on Elliptic Curve Diffie-Hellman (ECDH), and claimed that the protocol can resist various attacks. However, we found that their scheme could not resist sensor node capture attack. In order to overcome this problem, we propose an improved three-factor authentication scheme based on physical unclonable function (PUF). Informal analysis shows that the scheme has the ability to resist multiple attacks. In addition, we employed the Real or Random (ROR) model to conduct a formal analysis of the scheme, and the results indicate that the scheme is secure. Finally, compared with other similar schemes, this scheme has advantages in computation and communication costs, and is more practical.