Abstract

The Internet of Things (IoT) is becoming a revolutionary paradigm, moving toward ubiquity in day-to-day life and used in several applications such as smart healthcare systems, industry 4.0, critical infrastructure, etc. As with any concept that relies on wireless communication, authentication is of paramount importance in regards to security considerations. Devices in many IoT applications are severely constrained in terms of computational resources and are thus unable to utilize many modern cryptographic methods for security purposes. Physically unclonable functions (PUFs) propose to solve this issue by allowing devices to generate unique and secure digital fingerprints at extremely low computational cost. However, PUFs are vulnerable to machine learning based modeling attacks that can mathematically clone the PUFs in order to impersonate them. To address these requirements, this article introduces a new lightweight and practical anonymous authentication protocol for IoT that is resilient against machine learning attacks on PUFs.