AuthentiSafe: Lightweight and Future-Proof Device-to-Device Authentication for IoT
to appear in the 20th ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS 2025), (2025)Abstract
The Internet of Things (IoT) is permeating many aspects of every- day life, including homes, public spaces, and industrial settings. The growing popularity of IoT devices prompts an important challenge of ensuring secure and reliable communication. To support direct device-to-device communication among resource-constrained IoT devices, lightweight authentication techniques are needed that do not rely on trusted servers. One promising primitive for this pur- pose are Physical Unclonable Functions (PUFs), which utilize unique characteristics of hardware components (e.g., memory) inherent in the manufacturing of IoT devices. Given some input, a PUF gener- ates a unique secret value which facilitates secure and robust au- thentication. However, current PUF-based authentication schemes require a trusted server, incur substantial computational costs, or lack resilience against emerging quantum computing threats.
This paper introduces AuthentiSafe, a lightweight, scalable, and secure PUF-based authentication scheme for device-to-device au- thentication among mutually mistrusting IoT devices. AuthentiSafe integrates PUFs with one-time signatures and cryptographic accu- mulators, thus eliminating the need for a trusted server. By rely- ing exclusively on efficient cryptographic one-way hash functions, AuthentiSafe minimizes protocol costs and accommodates low com- putational power and very limited secure storage of IoT devices. It also ensures security in the post-quantum era, since one-way func- tions remain resilient to quantum attacks. We show AuthentiSafe’s resilience against various attacks. Experiments show that it appre- ciably outperforms three prior PUF-based authentication schemes.