PUF-derived IoT identities in a zero-knowledge protocol for blockchain
As the internet of things moves into increasingly sensitive domains, connected devices need to be secured against data manipulation and counterfeiting. Where the underlying business processes involve multiple independent parties, a blockchain platform can provide a common source of truth. If changes...
| Autores: | , , , , |
|---|---|
| Tipo de recurso: | artículo |
| Estado: | Versión enviada para evaluación y publicación |
| Fecha de publicación: | 2020 |
| País: | España |
| Institución: | Universidad de Sevilla (US) |
| Repositorio: | idUS. Depósito de Investigación de la Universidad de Sevilla |
| OAI Identifier: | oai:idus.us.es:11441/169131 |
| Acceso en línea: | https://hdl.handle.net/11441/169131 https://doi.org/10.1016/j.iot.2019.100057 |
| Access Level: | acceso abierto |
| Palabra clave: | Authentication Blockchain IoT Microcontroller PUF SRAM Zero-knowledge proof |
| Sumario: | As the internet of things moves into increasingly sensitive domains, connected devices need to be secured against data manipulation and counterfeiting. Where the underlying business processes involve multiple independent parties, a blockchain platform can provide a common source of truth. If changes to the common state depend on IoT devices, the authenticity and integrity of the IoT input must be ensured. Employing a blockchain platform for authenticating devices makes the process independent of the device manufacturer. This paper shows how cryptographic keys derived from a device's physical fingerprint can be employed in a zero-knowledge protocol to authenticate a device. As the keys are regenerated at boot time rather than stored, the approach does not need an expensive secure element. An efficient implementation enables even lightweight devices to prove their identity and sign messages. Experimental results demonstrate the robustness of the approach. |
|---|