Document Type : Research Article


School of Electrical and Computer Engineering, College of Engineering, University of Tehran, Tehran, Iran


This paper presents a novel RF-PUF-based authentication scheme, called RKM-PUF which takes advantage of a dynamic random key generation that depends upon both communication parties in the network to detect intrusion attacks. Unlike the existing authentication schemes, our proposed approach takes the physical characteristics of both involved parties into account to generate the secret key, resulting in securely mutual authentication of both nodes in a wireless network. The experimental results of the proposed authentication scheme show that the RKM-PUF can reach up to 99% in identification accuracy.


[1] Ahmad Shabani and Bijan Alizadeh. Enhancing hardware trojan detection sensitivity using partition-based shuffling scheme. IEEE Transactions on Circuits and Systems II: Express Briefs, 68(1):266–270, 2020.
[2] Mohammad Sabri, Ahmad Shabani, and Bijan Alizadeh. Sat-based integrated hardware trojan detection and localization approach through path-delay analysis. IEEE Transactions on Circuits and Systems II: Express Briefs, 68(8):2850–2854, 2021.
[3] Ahmad Shabani and Bijan Alizadeh. Podem: A low-cost property-based design modification for detecting hardware trojans in resource-constraint iot devices. Journal of Network and Computer Applications, 167:102713, 2020.
[4] Fatemeh Khormizi, Ahmad Shabani, and Bijan Alizadeh. Hardware patching methodology for neutralizing timing hardware trojans using vulnerability analysis and time borrowing scheme. IEEE Transactions on Circuits and Systems II: Express Briefs, 2022.
[5] Mauro Conti, Ali Dehghantanha, Katrin Franke, and Steve Watson. Internet of things security and forensics: Challenges and opportunities, 2018.
[6] Michelle S Henriques and Nagaraj K Vernekar. Using symmetric and asymmetric cryptography to secure communication between devices in iot. In 2017 International Conference on IoT and Application (ICIOT), pages 1–4. IEEE, 2017.
[7] Dania Qara Bala, Soumyadev Maity, and Sanjay Kumar Jena. Mutual authentication for iot smart environment using certificate-less public key cryptography. In 2017 third international conference on sensing, signal processing and security (ICSSS), pages 29–34. IEEE, 2017.
[8] Andrey Bogdanov, Lars R Knudsen, Gregor Leander, Christof Paar, Axel Poschmann, Matthew JB Robshaw, Yannick Seurin, and Charlotte Vikkelsoe. Present: An ultralightweight block cipher. In International workshop on cryptographic hardware and embedded systems, pages 450–466. Springer, 2007.
[9] Taizo Shirai, Kyoji Shibutani, Toru Akishita, Shiho Moriai, and Tetsu Iwata. The 128-bit blockcipher clefia. In International workshop on fast software encryption, pages 181–195. Springer, 2007.
[10] Peng Xu, Shuanghong He, Wei Wang, Willy Susilo, and Hai Jin. Lightweight searchable public-key encryption for cloud-assisted wireless sensor networks. IEEE Transactions on Industrial Informatics, 14(8):3712–3723, 2017.
[11] Xiong Li, Jianwei Niu, Md Zakirul Alam Bhuiyan, Fan Wu, Marimuthu Karuppiah, and Saru Kumari. A robust ecc-based provable secure authentication protocol with privacy preserving for industrial internet of things. IEEE Transactions on Industrial Informatics, 14(8):3599–3609, 2017.
[12] Rang Zhou, Xiaosong Zhang, Xiaojiang Du, Xiaofen Wang, Guowu Yang, and Mohsen Guizani. File-centric multi-key aggregate keyword searchable encryption for industrial internet of things. IEEE Transactions on Industrial Informatics,
14(8):3648–3658, 2018.
[13] Jafar A Alzubi, Ramachandran Manikandan, Omar A Alzubi, Issa Qiqieh, Robbi Rahim, Deepak Gupta, and Ashish Khanna. Hashed needham schroeder industrial iot based cost optimized deep secured data transmission in cloud. Measurement, 150:107077, 2020.
[14] SeungJae Na, DongYeop Hwang, WoonSeob Shin, and Ki-Hyung Kim. Scenario and countermeasure for replay attack using join request messages in lorawan. In 2017 international conference on information networking (ICOIN), pages 718–720. IEEE, 2017.
[15] Yuxiang Feng, Wenhao Wang, Yukai Weng, and Huanming Zhang. A replay-attack resistant authentication scheme for the internet of things. In 2017 IEEE international conference on computational science and engineering (CSE) and IEEE international conference on embedded and ubiquitous computing (EUC), volume 1, pages 541–547. IEEE, 2017.
[16] Madiha Khalid, Umar Mujahid, Muhammad Najam-ul Islam, and Binh Tran. Probabilistic full disclosure attack on iot network authentication protocol. In Future of Information and Communication Conference, pages 728–738. Springer,2019.
[17] Pavan Pongle and Gurunath Chavan. A survey: Attacks on rpl and 6lowpan in iot. In 2015 International conference on pervasive computing(ICPC), pages 1–6. IEEE, 2015.
[18] Eyal Ronen, Adi Shamir, Achi-Or Weingarten, and Colin O’Flynn. Iot goes nuclear: Creating a zigbee chain reaction. In 2017 IEEE Symposium on Security and Privacy (SP), pages 195–212. IEEE, 2017.
[19] Biswajit Kar, Anirban Mukherjee, and Pranab K Dutta. Stroke point warping-based reference selection and verification of online signature. IEEE Transactions On Instrumentation and Measurement, 67(1):2–11, 2017.
[20] Kevin Merchant, Shauna Revay, George Stantchev, and Bryan Nousain. Deep learning for rf device fingerprinting in cognitive communication networks. IEEE Journal of Selected Topics in Signal Processing, 12(1):160–167, 2018.
[21] P Padilla, JL Padilla, and JF Valenzuela-Vald´es. Radiofrequency identification of wireless devices based on rf fingerprinting. Electronics letters, 49(22):1409–1410, 2013.
[22] Oktay Ureten and Nur Serinken. Wireless security through rf fingerprinting. Canadian Journal of Electrical and Computer Engineering, 32(1):27–33, 2007.
[23] Baibhab Chatterjee, Debayan Das, Shovan Maity, and Shreyas Sen. Rf-puf: Enhancing iot security through authentication of wireless nodes using insitu machine learning. IEEE Internet of Things Journal, 6(1):388–398, 2018.
[24] Baibhab Chatterjee, Debayan Das, and Shreyas Sen. Rf-puf: Iot security enhancement through authentication of wireless nodes using in-situ machine learning. In 2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), pages 205–208. IEEE, 2018.
[25] Amir Ashtari, Ahmad Shabani, and Bijan Alizadeh. A new rf-puf based authentication of internet of things using random forest classification. In 2019 16th International ISC (Iranian Society of Cryptology) Conference on Information Security and Cryptology (ISCISC), pages 21–26. IEEE, 2019.
[26] Amir Ashtari, Ahmad Shabani, and Bijan Alizadeh. A comparative study of machine learning classifiers for secure rf-puf-based authentication in internet of things. Microprocessors and Microsystems, 93:104600, 2022.
[27] Mario Barbareschi, Alessandra De Benedictis, Erasmo La Montagna, Antonino Mazzeo, and Nicola Mazzocca. A puf-based mutual authentication scheme for cloud-edges iot systems. Future Generation Computer Systems, 101:246–261,
[28] Priyanka Mall, Ruhul Amin, Ashok Kumar Das, Mark T Leung, and Kim-Kwang Raymond Choo. Puf-based authentication and key agreement protocols for iot, wsns and smart grids: a comprehensive survey. IEEE Internet of Things Journal,2022.
[29] Karim Lounis and Mohammad Zulkernine. T2tmap: A puf-based thing-to-thing mutual authentication protocol for iot. IEEE Access, 9:137384–137405, 2021.
[30] Low-Energy Critical Infrastructure and Monitoring LECIM Physical Layer. Ieee standard for low-rate wireless networks. IEEE Stand, 2015:1–708, 2015.
[31] Chan Dai Truyen Thai, Jemin Lee, Jay Prakash, and Tony QS Quek. Secret group-key generation at physical layer for multi-antenna mesh topology. IEEE Transactions on Information Forensics and Security, 14(1):18–33, 2018.
[32] Abdelmoughni Toubal, Billel Bengherbia, Mohamed Ould Zmirli, and Abderrezak Guessoum. Fpga implementation of a wireless sensor node with built-in security coprocessors for secured key exchange and data transfer. Measurement, 153:107429, 2020.