PDAKE: A Provably Secure PUF-Based Device Authenticated Key Exchange in Cloud Setting
In this paper, we study on how to construct an authenticated key exchange protocol in a device based authentication setting where an user who has a PUF-based device and its multi-factor authenticators desires to mutually authenticate a server. Generally, in a secure multi-factor authentication schem...
Main Author: | |
---|---|
Format: | Article |
Language: | English |
Published: |
IEEE
2019-01-01
|
Series: | IEEE Access |
Subjects: | |
Online Access: | https://ieeexplore.ieee.org/document/8924715/ |
id |
doaj-829c32f1a4af4550934590985cc376d9 |
---|---|
record_format |
Article |
spelling |
doaj-829c32f1a4af4550934590985cc376d92021-03-30T00:40:53ZengIEEEIEEE Access2169-35362019-01-01718116518117710.1109/ACCESS.2019.29577428924715PDAKE: A Provably Secure PUF-Based Device Authenticated Key Exchange in Cloud SettingJin Wook Byun0https://orcid.org/0000-0002-5450-3207Department of Information and Communication, Pyeongtaek University, Pyeongtaek, South KoreaIn this paper, we study on how to construct an authenticated key exchange protocol in a device based authentication setting where an user who has a PUF-based device and its multi-factor authenticators desires to mutually authenticate a server. Generally, in a secure multi-factor authentication schemes, any adversary cannot impersonates a valid users unless A fully corrupts all multi-factor authenticators. However, in recent PUF-based device authenticated key exchange schemes, we observe a new impersonation attack that any adversary with only PUF's output is always able to impersonate any user. We first analyze how recent schemes are vulnerable against the new attack. Then we build a secure PUF-based device authenticated key exchange (PDAKE) with provable result. Since in our PDAE, user's device is an important authenticator, it is well applicable to establish a secure channel in multi-factor based FIDO (fast identification online) or cloud setting service like storage and e-mail services.https://ieeexplore.ieee.org/document/8924715/PUFauthenticationkey exchangecloud computing |
collection |
DOAJ |
language |
English |
format |
Article |
sources |
DOAJ |
author |
Jin Wook Byun |
spellingShingle |
Jin Wook Byun PDAKE: A Provably Secure PUF-Based Device Authenticated Key Exchange in Cloud Setting IEEE Access PUF authentication key exchange cloud computing |
author_facet |
Jin Wook Byun |
author_sort |
Jin Wook Byun |
title |
PDAKE: A Provably Secure PUF-Based Device Authenticated Key Exchange in Cloud Setting |
title_short |
PDAKE: A Provably Secure PUF-Based Device Authenticated Key Exchange in Cloud Setting |
title_full |
PDAKE: A Provably Secure PUF-Based Device Authenticated Key Exchange in Cloud Setting |
title_fullStr |
PDAKE: A Provably Secure PUF-Based Device Authenticated Key Exchange in Cloud Setting |
title_full_unstemmed |
PDAKE: A Provably Secure PUF-Based Device Authenticated Key Exchange in Cloud Setting |
title_sort |
pdake: a provably secure puf-based device authenticated key exchange in cloud setting |
publisher |
IEEE |
series |
IEEE Access |
issn |
2169-3536 |
publishDate |
2019-01-01 |
description |
In this paper, we study on how to construct an authenticated key exchange protocol in a device based authentication setting where an user who has a PUF-based device and its multi-factor authenticators desires to mutually authenticate a server. Generally, in a secure multi-factor authentication schemes, any adversary cannot impersonates a valid users unless A fully corrupts all multi-factor authenticators. However, in recent PUF-based device authenticated key exchange schemes, we observe a new impersonation attack that any adversary with only PUF's output is always able to impersonate any user. We first analyze how recent schemes are vulnerable against the new attack. Then we build a secure PUF-based device authenticated key exchange (PDAKE) with provable result. Since in our PDAE, user's device is an important authenticator, it is well applicable to establish a secure channel in multi-factor based FIDO (fast identification online) or cloud setting service like storage and e-mail services. |
topic |
PUF authentication key exchange cloud computing |
url |
https://ieeexplore.ieee.org/document/8924715/ |
work_keys_str_mv |
AT jinwookbyun pdakeaprovablysecurepufbaseddeviceauthenticatedkeyexchangeincloudsetting |
_version_ |
1724188035719888896 |