A PUF-based mutual authentication scheme for Cloud-Edges IoT systems

With the exponential growth of generated and processed Internet of Things (IoT) data, the Cloud-Edges (CE) paradigm, which distributes part of the intelligence and computation burden among edge nodes while adopting cloud services only for heavyweight computation, has emerged as a valuable solution to lower latency and improve efficiency. Despite the clear benefits, the lack of centralized control and the exposure of user sensitive data make CE architectures particularly prone to data tampering and spoofing attacks, thus urging the implementation of effective security mechanisms, including in particular authentication. Unfortunately, due to the relatively small computing resources of involved nodes, implementing traditional cryptography-based security solutions is often not viable. To overcome this issue, in this paper we propose a mutual authentication scheme relying upon the adoption of Physically Unclonable Functions (PUFs), special integrated circuits provided with unclonability, uniqueness and tamper-evident properties. The proposed scheme was specifically designed to meet the computation and storage capabilities of the different devices that are typically involved in a CE system, and was proven to be effective against several known attacks while introducing a relatively low overhead.