IoT device authentication using physical unclonable functions and enhanced fuzzy extractors with integrated RSA-AES encryption
摘要
Internet of Things (IoT) refers to the integration of physical devices with embedded software, communication networks, and information technologies, enabling automatic data sharing and service optimization without manual intervention. Since many IoT devices are deployed in public or unsecured environments, they are vulnerable to physical attacks. Additionally, their limited computational and storage capabilities make it challenging to implement traditional security solutions. Therefore, lightweight and efficient authentication mechanisms are essential. To address the problems, the proposed structure has built an enhanced fuzzy extractor with hybrid cryptography for safe and unclonable IoT device authentication. Initially, the IoT device is enrolled with both external and internal noises, including environmental activities and PUF (Physical Unclonable Functions). By producing a secret key, these noises are encrypted and error corrected using the Low Density Parity Check (LDPC) and hybrid Rivest-Shamir-Adleman (RSA)-Advanced Encryption Standard (AES) method. The helper data consists of the secret key and the noises that are generated at the time of the enrolment, which is used to compare with the user-acknowledged noises while transmitting data from the IoT device to the user. Performance evaluation of the proposed system demonstrates superior results, achieving an accuracy of 0.992, with encryption time of 0.05 s, execution time of 0.13 s, and decryption time of 0.08 s. These evaluated values of the proposed method are better than those of the existing model. Thus, the transmission of data from the IoT device to the user is secured by the designed authentication of IoT device based on improved fuzzy extractor.