基于PUF和IPI的可穿戴设备双因子认证协议

doi:10.11959/j.issn.1000-436x.2017125

通信学报 ›› 2017, Vol. 38 ›› Issue (6): 127-135.doi: 10.11959/j.issn.1000-436x.2017125

基于PUF和IPI的可穿戴设备双因子认证协议

王俊^1,²,刘树波^1,²,梁才^1,²,李永凯^1,²

¹ 武汉大学空天信息安全与可信计算教育部重点实验室，湖北武汉 430072
² 武汉大学计算机学院，湖北武汉 430072

修回日期:2017-04-24 出版日期:2017-06-25 发布日期:2017-06-30
作者简介:王俊（1983-），男，湖北潜江人，武汉大学博士生，主要研究方向为信息安全、隐私保护等。|刘树波（1970-），男，蒙古族，黑龙江齐齐哈尔人，博士，武汉大学教授、博士生导师，主要研究方向为信息安全、隐私保护、嵌入式系统等。|梁才（1993-），男，湖北仙桃人，武汉大学硕士生，主要研究方向为隐私保护。|李永凯（1988-），男，山东临沂人，武汉大学博士生，主要研究方向为信息安全、隐私保护等。
基金资助:
国家自然科学基金资助项目(41371402);国家自然科学基金资助项目(41671443);中央高校基本科研业务费专项基金资助项目(2015211020201);中央高校基本科研业务费专项基金资助项目(2042017gf0038)

Two-factor wearable device authentication protocol based on PUF and IPI

Jun WANG^1,²,Shu-bo LIU^1,²,Cai LIANG^1,²,Yong-kai LI^1,²

¹ Key Laboratory of Aerospace Information Security and Trusted Computing Ministry of Education,Wuhan University,Wuhan 430072,China
² School of Computer,Wuhan University,Wuhan 430072,China

Revised:2017-04-24 Online:2017-06-25 Published:2017-06-30
Supported by:
The National Natural Science Foundation of China(41371402);The National Natural Science Foundation of China(41671443);Fundamental Research Funds for the Central Universities(2015211020201);Fundamental Research Funds for the Central Universities(2042017gf0038)

摘要/Abstract

摘要：

可穿戴设备正推进着移动医疗的快速发展，但无线体域网的开放式结构也给用户数据安全带来了更多威胁。为了数据安全，基于物理不可克隆函数和脉搏间隔，提出一种设备节点和数据中心之间的双因子认证协议。此协议利用设备物理特征和用户生物特征双重唯一性，有效地阻止了妥协和假冒等攻击，且适用于体域网环境下资源受限的医疗设备。与现有方案相比，增强了认证协议安全性。FPGA平台上实验证明了所提协议的实用性和有效性。

关键词: 认证协议, 双因子, 物理不可克隆函数, 脉搏间隔

Abstract:

Wearable device is pushing the rapid development of mobile health,however,the open architecture of wireless body area network has brought challenges for the security of user data.In order to protect the security of user data,a two-factor authentication protocol between device note and data hub was proposed based on physically unclonable function and interpulse interval.Using dual uniqueness of device physical characteristic and user biometric trait,the protocol can resist compromise and impersonation attacks and was specially suitable for resource constrained wearable devices under body area network.Compared with the existing authentication schemes,the security of the proposed protocol was enhanced.The practicability and effectiveness of the protocol are confirmed by hardware implementation on FPGA.

Key words: authentication protocol, two-factor, physically unclonable function, interpulse interval

中图分类号:

TP309.2

王俊,刘树波,梁才,李永凯. 基于PUF和IPI的可穿戴设备双因子认证协议[J]. 通信学报, 2017, 38(6): 127-135.

Jun WANG,Shu-bo LIU,Cai LIANG,Yong-kai LI. Two-factor wearable device authentication protocol based on PUF and IPI[J]. Journal on Communications, 2017, 38(6): 127-135.

图/表 18

图1

图2

图3

图4

图5

图6

图7

表1

图8

图9

图10

图11

图12

图13

表2

图14

表3

表4

参考文献 30

[1]	METIN A . Wiley encyclopedia of biomedical engineering,6-volume set[M]. United States: John Wiley and Sons,Inc pressPress, 2006.
[2]	ALAA A , AMR M , TAREK E . Energy-cost distortion optimization for delay-sensitive m-health applications[C]// Wireless Telecommunications Symposium(WTS). 2015: 1-5.
[3]	SAXENA D , RAYCHOUDHURY V , NALLURI S . SmarthealthNDNoT:named data network of things for healthcare services[C]// Proc 2015 Workshop on Pervasive Wireless Healthcare Mobilehealth. 2015: 45-50.
[4]	FRANCIS T , MADIAJAGAN M , KUMAR V . Privacy issues and techniques in e-health systems[C]// 2015 ACM SIGMIS Conference on Computers and People Research. 2015: 113-115.
[5]	POON C C Y , ZHANG Y T , BAO S D . A novel biometrics method to secure wireless body area sensor networks for telemedicine and m-health[J]. IEEE Communications Magazine, 2006,44(4): 73-81.
[6]	KONG J , KOUSHANFAR F , PENDYALA P ,et al. PUFatt:embedded platform attestation based on novel processor-based PUFs[C]// 51st Annual Design Automation Conference. 2014: 1-6.
[7]	MAJZOOBI M , ROSTAMI M , KOUSHANFAR F ,et al. Slender PUF protocol:a lightweight,robust,and secure authentication by substring matching[C]// 2012 IEEE Symposium on Security and Privacy Workshops. 2012: 33-44.
[8]	PAPPU R , RECHT B , TAYLOR J ,et al. Physical one-way functions[J]. Science, 2002,297(5589): 2026-2030.
[9]	SUH G E , DEVADAS S . Physical unclonable functions for device authentication and secret key generation[C]// 44th Annual Design Automation Conference. 2007: 9-14.
[10]	BASSIL R , EL-BEAINO W , KAYSSI A ,et al. A PUF-based ultra-lightweight mutual authentication RFID protocol[C]// Internet Technology and Secured Transactions. 2011: 495-499.
[11]	JIN Y M , XIN W , SUN H P ,et al. PUF-based RFID authentication protocol against secret key leakage[C]// 14th Asia-Pacific Web Conference. 2012: 318-329.
[12]	AKGüN M , CAGLAYAN M U . Providing destructive privacy and scalability in RFID systems using PUFs[J]. Ad Hoc Networks, 2015,32: 32-42.
[13]	ROSTAMI M , MAJZOOBI M , KOUSHANFAR F ,et al. Robust and reverse engineering resilient PUF authentication and key exchange by substring matching[J]. IEEE Transactions on Emerging Topics in Computing, 2014,2(1): 37-49.
[14]	DELVAUX J , PEETERS R , GU D ,et al. A survey on lightweight entity authentication with strong PUFs[J]. ACM Computing Surveys, 2015,48(2): 1-42.
[15]	BAO S D , ZHANG Y T , SHEN L F . Physiological signal based entity authentication for body area sensor networks and mobile healthcare systems[C]// 27th Annual International Conference of the Engineering in Medicine and Biology Society (EMBS). 2005: 2455-2458.
[16]	ZHENG G L , FANG G F , SHANKARAN R ,et al. An ECG-based secret data sharing scheme supporting emergency treatment of implantable medical devices[C]// 2014 International Symposium on Wireless Personal Multimedia Communications(WPMC). 2014: 624-628.
[17]	ZHENG G L , FANG G F , SHANKARAN R ,et al. A non-key based security scheme supporting emergency treatment of wireless implants[C]// 2014 IEEE International Conference on Communications(ICC). 2014: 647-652.
[18]	ZHANG G H , POON C C , ZHANG Y T . A fast key generation method based on dynamic biometrics to secure wireless body sensor networks for p-health[C]// Annual International Conference of the IEEE Engineering in Medicine and Biology Society (EMBS). 2010: 2034-2036.
[19]	ZHANG G H , POON C C , ZHANG Y T . Analysis of using interpulse intervals to generate 128-bit biometric random binary sequences for securing wireless body sensor networks[J]. IEEE Transactions on Information Technology in Biomedicine, 2012,16(1): 176-182.
[20]	VENKATASUBRAMANIAN K K , BANERJEE A , GUPTA S K S . EKG- based key agreement in body sensor networks[C]// IEEE INFOCOM Workshops. 2008: 1-6.
[21]	TEHRANIPOOR M , WANG C . Introduction to hardware security and trust[M]. New York: Springer pressPress, 2012.
[22]	LIM D , LEE J W , GASSEND B ,et al. Extracting secret keys from integrated circuits[J]. IEEE Transactions on Very Large Scale Intergration (VLSI) Systems, 2005,13(10): 1200-1205.
[23]	RüHRMAIR U , SEHNKE F , S?LTER J ,et al. Modeling attacks on physical unclonable functions[C]// 17th ACM Conference on Computer and Communications Security(CCS). 2010: 237-249.
[24]	BHARGAVA M , MAI K . An efficient reliable PUF-based cryptographic key generator in 65nm CMOS[C]// Design,Automation and Test in Europe Conference and Exhibition(DATE). 2014: 1-6.
[25]	CAPOVILLA J , CORTES M , ARAUJO G . Improving the statistical variability of delay-based physical unclonable functions[C]// 28th Symposium on Integrated Circuits and Systems Design(SBCCI). 2015: 1-7.
[26]	DELVAUX J , VERBAUWHEDE I . Fault injection modeling attacks on 65 nm arbiter and RO sum PUFs via environmental changes[J]. IEEE Transactions on Circuits and Systems I:Regular Papers, 2014,61(6): 1701-1713.
[27]	CHE W J , SAQIB F , PLUSQUELLIC J . PUF-based authentication[C]// 2015 IEEE/ACM International Conference on Computer-Aided Design(ICCAD). 2015: 337-344.
[28]	CHERIF Z , DANGER J L , LOZAC H F ,et al. Evaluation of delay PUFs on CMOS 65 nm technology:ASIC vs FPGA[C]// 2nd International Workshop on Hardware and Architectural Support for Security and Privacy(HASP). 2013: 1-8.
[29]	DAS M L . Two-factor user authentication in wireless sensor networks[J]. IEEE Transactions on Wireless Communications, 2009,8(3): 1086-1090.
[30]	SHELTON J , JENKINS J , ROY K ,et al. Genetic based local ternary pattern feature extraction for mitigating replay attacks[C]// SoutheastCon 2016. 2016: 1-2.

参数符号	描述
IPI’	数据中心记录的用户脉搏间隔，如969 813 μs
IPI	认证节点记录的用户脉搏间隔
cha’	IPI’生成激励，为64位二进制编码序列
cha	IPI生成激励，为64位二进制编码序列
res’	数据中心输出结果，为64位二进制序列
res	认证节点输出结果，为64位二进制序列
T	汉明距离阈值，为协议是否认证成功的判断参数

T	FRR	FAR (同一用户)	FAR(不同用户)
28	12.8%	14.2%	10.2%
25	19.8%	6.4%	2.8%
23	23.8%	2.5%	0.4%
21	25.4%	0.5%	0
19	25.4%	0	0

安全性比较	文献[5]	文献[7]	文献[13]	文献[15]	TFAP
建模攻击	×	T	T	×	T
妥协攻击	T	F	F	T	T
假冒攻击	F	T	T	F	T
重放攻击	T	T	T	T	T

协议	脉搏传感器	ASCII encoder	Gray encoder	PUF电路/模型	随机数发生器
文献[7,13]	×	√	×	√	√
文献[5,15]	√	√	×	×	×
TFAP	√	√	√	√	×

基于PUF和IPI的可穿戴设备双因子认证协议

Two-factor wearable device authentication protocol based on PUF and IPI

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 18

参考文献 30

相关文章 15

Metrics

推荐阅读 0

[1]	王圣宝, 周鑫, 文康, 翁柏森. 适用于智能电网的三方认证密钥交换协议[J]. 通信学报, 2023, 44(2): 210-218.
[2]	王振宇, 郭阳, 李少青, 侯申, 邓丁. 面向轻量级物联网设备的高效匿名身份认证协议设计[J]. 通信学报, 2022, 43(7): 49-61.
[3]	曹进, 卜秋雨, 杨元元, 李晖, 刘樵, 马懋德. 基于位置密钥的增强型北斗用户设备接入认证协议[J]. 通信学报, 2022, 43(11): 80-89.
[4]	常相茂, 占俊, 王志伟. 低开销的NB-IoT节点群组身份安全认证协议[J]. 通信学报, 2021, 42(12): 152-162.
[5]	黄春光,程海,丁群. 基于PUF的Logistic混沌序列发生器[J]. 通信学报, 2019, 40(3): 182-189.
[6]	朱智强,林韧昊,胡翠云. 基于数字证书的openstack身份认证协议[J]. 通信学报, 2019, 40(2): 188-196.
[7]	潘耀民,单征,戴青,岳峰. 大规模RFID系统中基于CPK-ECC的双向认证协议[J]. 通信学报, 2017, 38(8): 165-171.
[8]	张兴，韩冬，曹光辉，贾旭. 基于PRESENT算法的RFID安全认证协议[J]. 通信学报, 2015, 36(Z1): 65-74.
[9]	吴志军，赵婷，雷缙. 基于改进的diameter/EAP-MD5的SWIM认证方法[J]. 通信学报, 2014, 35(8): 1-7.
[10]	吴志军,赵婷,雷缙. 基于改进的Diameter/EAP-MD5的SWIM认证方法[J]. 通信学报, 2014, 35(8): 1-7.
[11]	陈兵，郑嘉琦. 轻型的RFID安全认证协议LAP[J]. 通信学报, 2013, 34(Z1): 1-7.
[12]	郭渊博，张紫楠，杨奎武. 基于PUFS的不经意传输协议[J]. 通信学报, 2013, 34(Z1): 6-43.
[13]	刘礼才1,2，殷丽华2，郭云川2，孙燕1,2. 基于CSP方法的移动自组织网络认证协议TAM的分析与改进[J]. 通信学报, 2013, 34(Z1): 8-66.
[14]	陈兵,郑嘉琦. 轻型的RFID安全认证协议LAP[J]. 通信学报, 2013, 34(Z1): 1-7.
[15]	郭渊博,张紫楠,杨奎武. 基于PUFS的不经意传输协议[J]. 通信学报, 2013, 34(Z1): 38-43.