Abstract

The widespread advent of Cyber-Physical Systems~(CPS), intertwined with the Internet of Things~(IoT), allows billions of resource-constrained embedded devices to be connected at the same time. While this significantly enhances the scope for productivity, it also throws up security issues which, unless addressed, could lead to catastrophic consequences. The biggest challenge in an IoT network is to ensure inter-device authentication and secure key-exchange, while taking into account the heterogeneous nature of the participating devices in terms of processing capacity and memory bandwidth. In this paper, we propose a secure and operationally asymmetric authenticated key-exchange protocol targeting oT networks and CPS. Our protocol balances security and efficiency, delegates complex cryptographic operations to the resource-equipped servers, and carefully manages the workload on the resource- constrained nodes via the use of unconventional lightweight primitives such as Physically Unclonable Functions (PUFs). The security of our protocol is based on well-established cryptographic assumptions.