Next Article in Journal
Safety Control Technology and Monitoring Analysis for Shield-Tunnel-Stacked Underpass High-Speed Rail Bridge Excavation
Next Article in Special Issue
Special Issue on Information Security and Cryptography: The Role of Advanced Digital Technology
Previous Article in Journal
Pose Measurement Method Based on Machine Vision and Novel Directional Target
Previous Article in Special Issue
Binary-Tree-Fed Mixnet: An Efficient Symmetric Encryption Solution
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Applied Sciences
Volume 14
Issue 5
10.3390/app14051700
applsci-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles thumb_up
...
Endorse textsms
...
Comment
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Review

Strengthening Internet of Things Security: Surveying Physical Unclonable Functions for Authentication, Communication Protocols, Challenges, and Applications

by
Raed Ahmed Alhamarneh
1,2,* and
Manmeet Mahinderjit Singh
1,*
1
School of Computer Sciences, University Sains Malaysia (USM), Minden 11800, Penang, Malaysia
2
College of Applied Sciences, Department of Computer Science and Information Systems, AlMaarefa University, Diriyah, Riyadh 13713, Saudi Arabia
*
Authors to whom correspondence should be addressed.
Appl. Sci. 2024, 14(5), 1700; https://doi.org/10.3390/app14051700
Submission received: 31 December 2023 / Revised: 13 February 2024 / Accepted: 14 February 2024 / Published: 20 February 2024
(This article belongs to the Special Issue Cryptography and Information Security)
Browse Figures
Versions Notes

Abstract

:
The spectrum of Internet of Things (IoT) applications is vast. It serves in various domains such as smart homes, intelligent buildings, health care, emergency response, and many more, reflecting the exponential market penetration of the IoT. Various security threats have been made to modern-day systems. Cyberattacks have seen a marked surge in frequency, particularly in recent times. The growing concern centers around the notable rise in cloning attacks, persisting as a significant and looming threat. In our work, an in-depth survey on the IoT that employs physically unclonable functions (PUFs) was conducted. The first contribution analyzes PUF-based authentication, communication protocols, and applications. It also tackles the eleven challenges faced by the research community, proposes solutions to these challenges, and highlights cloning attacks. The second contribution suggests the implementation of a framework model known as PUF3S-ML, specifically crafted for PUF authentication in the Internet of Things (IoT), incorporating innovative lightweight encryption techniques. It focuses on safeguarding smart IoT networks from cloning attacks. The key innovation framework comprises three stages of PUF authentication with IoT devices and an intelligent cybersecurity monitoring unit for IoT networks. In the methodology of this study, a survey relevant to the concerns was conducted. More data were provided previously regarding architecture, enabling technologies, and IoT challenges. After conducting an extensive survey of 125 papers, our analysis revealed 23 papers directly relevant to our domain. Furthermore, within this subset, we identified 11 studies specifically addressing the intersection of communication protocols with PUFs. These findings highlight the targeted relevance and potential contributions of the existing literature to our research focus.

1. Introduction

In today’s digital age of interconnection, technology plays a significant role in transforming and affecting the daily lives of individuals in all dimensions, including traveling, shopping, and household electronics. There are many changes around us because of technology. Sophisticated sensors are embedded in many of the objects that surround us. Each sensor conveys crucial data that allow us to understand the functioning and interaction of these things. By 2025, it is estimated that the number of Internet of Things (IoT) devices will increase to more than 64 billion, approximately eight times the Earth’s human population [1]. The IoT is a system of interconnected computing devices [2] that can transfer data (by sensing/acquiring) without human intervention. Unique identifiers are used to distinguish IoT devices. The IoT has revolutionized lives by enabling individuals and businesses to work more intelligently with enhanced control. It automates processes and significantly reduces labor costs and human errors. Nevertheless, challenges persist when deploying IoT networks.
At the forefront of these challenges is the conundrum posed by multiple, heterogeneous IoT frameworks and existing standards. This intricacy necessitates a clarion call for enhanced standardization and a re-evaluation of compliance in device development [3]. The second challenge emanates from the ubiquity of miniature sensors and microcontrollers, defaulting to an “ON” state, potentially laying the groundwork for unauthorized access. However, the paramount concern lies in the realm of security and privacy, where IoT-sensitive data become vulnerable to the prying eyes of intruders and hackers [4]. The specter of data leakage looms large, with attacks stemming from impersonation and interceptions. Impersonation involves hackers masquerading as authorized users, while interception entails seizing communication channels to pilfer sensitive data, exemplified by a hacker infiltrating an intelligent home IoT application to steal personal information. Moreover, identification, authentication, encryption, confidentiality, jamming [5], cloning [6], hijacking [7], and privacy are among the IoT security challenges. Several systems employ encryption to secure their messages from being intercepted by hackers.
To counteract these threats, encryption becomes the linchpin of IoT security, with cryptographic approaches serving as the vanguard. While encryption fortifies message security, its efficacy is not absolute. Malevolent third parties can still dispatch encrypted packets over the network [8], laying bare the need for additional protective measures. Authentication mechanisms emerge as a potent shield [9], with studies [10,11] and proposals abounding to authenticate users or devices within the IoT ecosystem.
One of the technologies adopted to protect IoT devices is PUFs. A PUF is a form of hardware that embraces challenge–response authentication [12]. It changes the input challenge into an output response with the help of a physical system. The scheme adopted to calculate the answer is designed to be exact to the hardware instance (unique) and cannot be replicated (unclonable). PUF authentication is based on users and devices. There are four different types of user authentication (password, token, and biometrics—hard and soft), the machines are cryptographic [13], and the PUFs have authentication protocols. The benefits of PUFs make them good candidates for IoT applications and systems.
This paper embarks on a comprehensive exploration of PUFs in the context of IoT security. Building upon prior reviews, we delve into the characteristics, classifications, and relationships of various PUF technologies. A survey scrutinizes low-power System-on-Chip (SoC) designs, illuminating suitable hardware defenses in mobile and embedded systems operating under power constraints [14]. A retrospective analysis of proposed PUFs between 2001 and 2014 uncovers security issues, motivating further research to bolster PUF strength. In the face of conventional cryptographic key generation methods, this paper advocates protocols leveraging strong PUFs, complemented by resistance to side-channel attacks and a machine learning block for physical attack resilience [15].
Amidst the landscape of the existing literature on this subject, this survey distinguishes itself through its unparalleled scope, depth, and comprehensiveness. While prior works touch on select attributes, our survey encompasses the entirety of PUF design, implementation, and the challenges arising from these attributes. Our conceptual model, PUF3S-ML, not only encapsulates a taxonomy of IoT-enabled PUF authentication but also proposes a framework adept at safeguarding smart IoT networks against cloning attacks (Table 1).
The objectives of the paper are as follows:
  • The presentation of a comprehensive PUF design and implementation attributes and a complete survey and taxonomy on PUF authentication revolving around PUF architecture, PUF communication protocols, and security challenges.
  • The proposal of a framework model on PUF authentication for the IoT known as PUF3S-ML, capable of protecting smart IoT networks against cloning attacks. The scope of our survey and taxonomy is specifically in the domain of the IoT.

1.1. Innovative Contributions

In this manuscript, the principal contributions include presenting an extensive taxonomy of IoT-enabled PUF authentication and introducing a conceptual framework for authentication using IoT-enabled PUFs. The significant benefits of this model, PUF3S-ML are as follows:

1.1.1. Detecting Cloning Attacks and Mitigation

Our study is centered on the mitigation of cloning attacks, particularly addressing replay attacks, etc. The model employs unique algorithms during the data processing phase to identify irregularities that may indicate cloning attempts. These algorithms analyze challenge–response pairs (CRPs) and flag bit packets and utilize specific parameters, such as C, R to detect deviations from regular behavior. The model suggests a new approach to thwarting cloning attempts by introducing a lightweight Cipher PRESENT algorithm. This encryption method ensures secure communication and data exchange, adding an additional layer of protection against cloning attacks.

1.1.2. Efficient Resource Utilization

We turn our focus to the imperative aspect of optimizing resource allocation within our proposed model. Efficient resource utilization is paramount for ensuring the overall effectiveness, scalability, and sustainability of the system. Our approach aims to strike a balance between performance and resource consumption, enhancing the model’s efficiency.

1.1.3. Reliability and Resilience

Reliability is supported by the presence of a specialized unit of vigilant monitoring mechanisms that examine network behaviors and patterns. In case of any deviations from the norm, alerts are triggered, allowing proactive responses to potential threats or abnormal activities. Following an attack or system crash, the model employs specific strategies to quickly restore the system without significant problems. This involves maintaining data, configurations, and personal files, ensuring a swift return to operational status.

1.1.4. Lightweight Cipher for Secure Communication

Our model incorporates the Lightweight Cipher PRESENT algorithm as a cornerstone for secure communication. This ultra-lightweight block cipher, with options for 80-bit and 128-bit key lengths, strikes an optimal balance between robust encryption and minimal resource consumption. The PRESENT algorithm operates on 64-bit plaintext blocks, providing efficient encryption without compromising the processing speed. Its streamlined design enables swift execution, making it particularly suitable for resource-constrained IoT devices.

1.2. Organization

The outline of this paper is as follows. Section 2 presents a detailed background of IoT design and architecture and the IoT framework. Section 3 presents a survey on PUF authentication revolving around the PUF architecture, PUF communication protocols, and security challenges. Section 4 presents an in-depth analysis of PUF-based authentication and its applications, discusses the challenges involved, and proposes a solution to each problem. Finally, a conceptual framework or model is offered to solve the major issues, revolving around the PUF architecture, PUF communication protocols, and security challenges.

2. Background

In this section, the background of Internet of Things (IoT) will be presented. The description includes the overview, the architecture, the framework, challenges, and security issues. Apart from that, a detailed overview of the authentication process is presented.

2.1. IoT Definition, Benefits, and Type of Applications

There are several definitions of the IoT available in the literature. Based on [24], the IoT is a platform that involves the process of gathering raw data from smart devices and allowing communication between devices and humans. In the context of business, the IoT is defined as technology that involves devices that not only communicate among themselves but also solve issues and challenges [25]. The IoT is also called the “Internet of the Future” [26].
The prime benefits of the Internet of Things are as follows.
  • Cost reduction: The IoT reduces costs by setting priorities, assigning specialized work to specialized people, and improving the production process by reducing internal processes so that they are efficient and effective.
  • Business opportunities: With the Fourth Industrial Revolution, the Internet of Things has become an indispensable entity in the modern world, and companies rely mainly on artificial intelligence and smart networks. IoT solutions have a substantial role in the development of companies and large organizations.
  • Improved safety and security: The IoT provides safety and security solutions as it provides password services to protect against intrusion and illegal access and provides multifactor authentication. Applications of the IoT are countless and are in all walks of life. In Table 2, major applications of the IoT are discussed regarding Industrial Revolution 4.0 and beyond.

2.2. Architecture of IoT

The Internet of Things is made up of four major components [24]:
  • Sensors/devices: these help to collect data from the surrounding environment in a pre-defined manner.
  • Connectivity: this ensures that the stored data are transferred to a cloud infrastructure, and for transportation, either wired or wireless communication is required.
  • Data processing: after the data are collected and made readily available on the cloud, the acquired data are processed via the management system.
  • User interface: the data are accessible to the end-user.
Our view of the IoT structure is demonstrated in Figure 1, which shows the important components of the IoT.
As shown in Figure 1, the data collection is performed with the help of sensors (which can be of various types). The collected raw data are transmitted via communication channels such as Wi-Fi or wired local area networks (LANs). The transmission involves an internet gateway as an intermediary node between the sensor and the edge analytics. The network layer serves as a communication channel between the sensors and edge analytics. This stage may involve routers, switches, smart cameras, analog-to-digital conversion of the data, etc. Edge analytics are responsible for automated analytical computations. The last stage involves data storage in the data center/cloud. The end-user requires accurate data and integrity for application success. Backup data and cloud computing are essential elements in this stage.

2.3. IoT Challenges

Discussion of IoT technology is imperative because of the rapid development of the technology and many existing issues.

2.3.1. Connectivity Technology

The Internet of Things (IoT) demands the creation of connections across short, medium, and long distances. IoT solutions are expected to fulfill diverse transmission needs, such as responding quickly (ultra-low latency), repeating tasks (recurrence), operating asynchronously, storing and forwarding data, supporting mobility, and facilitating streaming. To meet these requirements effectively, these solutions may need optimization for specific circumstances [32,33].

2.3.2. Platform Technology

IoT systems consist of apps, tools, and data that users can access at each station to perform various tasks. Platforms with fewer restrictions can be customized to enhance connectivity, reduce delays, and optimize overall size. Additionally, these less restrictive IoT platforms offer versatility for different applications [32].

2.3.3. IoT Security

With the steady increase over the last decade in IoT devices, IoT security has become imperative, and security can be categorized as the largest challenge of the IoT. The major security challenges are as follows:
  • Confidentiality: Making the data secure ensures that only authorized individuals have access, thus preventing access by unauthorized personnel [32].
  • Heterogeneity: Many companies around the world are actively working on the IoT, producing products and devices. Due to non-standardization, different protocols and operating systems are being developed, and the configuration of these devices is also different. Thus, there is a need for uniformity and homogeneity [32].
  • Integrity: Data integrity involves accuracy and completeness. When the data are transferred between devices based on a wired or wireless network, messages may be garbled during wireless IoT transmission owing to attenuation, distortion, or noise [32].
  • Availability: Availability is one of the main factors in the elevation and improvement of the IoT based on the hardware or network; however, the IoT is still vulnerable to massive cyberattacks [32].

2.4. Authentication Overview

After the COVID-19 pandemic, IoT device adoption has increased exponentially, but cybersecurity has been a concern for all people and professionals. User authentication refers to the process of establishing a user’s identity while using a computer device (for example, a mobile phone) or an online service [13]. Users are required to authenticate themselves to prevent others from gaining access to the system. Identification, the initial stage in verifying a user’s identity by asking for their credentials, is a different process. For example, to access a system, a user must provide an ID (username), which serves as the system’s unique identifier. The various types of authentication, their definitions, along with their shortcomings are described in Table 3.

2.5. Types of Authentication

There are five types of authentication, which are presented in Figure 2:
One of the most well-known methods, single sign-on (SSO), allows a valid user to efficiently access a wide range of service providers by employing a unique key [1,34].
  • Factors: An authentication factor is a kind of security identification that is used to authenticate the identity and authorization of a user who is seeking to obtain access, transmit messages, or request data from a secure network, system, or application. There are two types: multifactor and single-factor [35,36].
  • Three-way authentication: There are three different stages of authentication in the general transaction between server and client.
  • Mutual authentication: Multifactor authentication is slightly more complicated since it requires an additional step from the user, such as the well-known out-of-band (OOB) management or zero-knowledge password proof (ZPP) [37].
  • Biometrics: Biometric authentication is the technique of identifying persons based on physiological and behavioral characteristics. There are two types (multi-modal biometrics and single-mode biometrics) [13].

3. Overview of Physical Unclonable Functions

3.1. PUF Definition and Functionality

PUFs are physical, random functions that offer particular physical outputs that are easy to generate but difficult to construct without gaining access to the object. Figure 3 shows the PUF functionality. PUFs work by implementing challenge–response authentication. The input to the PUF module serves as a challenge, and, based on the input and transfer function of the PUF, a digital fingerprint is produced, which is termed as the response. In other words, for a given PUF, there is a specific input known as a “challenge” that produces an output response that is distinctive to the particular PUF and, hence, unclonable.

3.2. PUF Implementation

3.2.1. Optical PUF

An optical PUF is a physical one-way function (POWF) comprising translucent matter doped with light-dispersing particles. As the laser beam falls on the matter, a unique and random speckle pattern is generated, and this process is shown in Figure 4. For the case of optical PUFs, the challenge is the light source, and the response is a speckle pattern. As the process of light falling on the material and then generating a speckle pattern is an uncontrolled process, replicating such a pattern is quite difficult.

3.2.2. Ring Oscillator (RO)

Ring oscillator (RO) PUFs, as shown in Figure 5, are built on frequency deviation, while switch-based/arbiter PUFs are based on propagation delay. There are odd numbers of NOT gates in an RO. The output of the oscillator varies between two levels of voltage, and these two levels can be classified as true and false. Such an oscillator operates in a feedback manner where the output of last NOT gate is the feedback to the input to the RO. The advantage of the RO is the ease of implementation.

3.2.3. Arbiter PUF

This type of PUF includes multiplexers coupled in succession, as portrayed in Figure 6. In the case of an RO-PUF design, there is an issue with the frequency oscillation, which is dependent on multiple factors. In the arbiter PUF, the transistors in multiplexers are responsible for producing variable delays. The last part of such a PUF is a D flip-flop. The signal from the top multiplexers is used as an input to the D flip-flop. The wave from the bottom multiplexers is given to the clock signal of the D flip-flop.

3.2.4. SRAM-PUF (Static Random-Access Memory PUF)

SRAM-PUF utilizes the random variations in the state of memory cells in static RAM. The start-up values of the SRAM cells are sensitive to manufacturing differences and environmental conditions, creating a unique and unpredictable pattern.

3.2.5. Butterfly PUF

Butterfly PUFs exploit the variations in delay paths within a symmetric structure. The structure consists of two paths that resemble a butterfly shape, and the delays through these paths are sensitive to manufacturing variations.

3.3. PUF Types

The following are the various types of PUFs as shown in Figure 7. Broadly speaking, PUFs can be classified into two categories, i.e., all-electronic and hybrid. Due to uniqueness causing randomness to arise, both types of PUFs can be further classified into implicit and explicit categories. If the variations are produced because of an external force/action, then we term such PUFs as explicit, and if the variations are created internally, then PUFs can be classified as implicit. Explicit hybrid PUFs can be optical or RF-based, and implicit hybrid PUFs can be optical or magnetic-based. Explicit, all-electronic PUFs can be based on direct characterization or non-volatile memory, whereas implicit all-electronic PUFs can be classified as a racetrack, volatile, transient, or direct characterization type.
Table 4 comprehensively lists the types of PUFs, their brief descriptions, and their limitations. From the table, we can see that different types of PUFs work on different principles. Based on the strength and uniqueness of the principle, different levels of security are provided. Some PUFs are easy to hack, while some PUFs generate a response that is difficult to replicate. The details for each PUF can be found.

3.4. PUF Attack

PUF attacks aim to compromise the integrity and security of systems relying on PUF, thereby diminishing their effectiveness. Referred to as “PUF attacks” by researchers and academics, these incursions strategically exploit weaknesses in the implementation or design of security measures based on PUFs. PUFs capitalize on the inherent uniqueness and unpredictability arising from variations in device production, making them resistant to traditional cloning methods. As these attacks pose a potential threat to the integrity of PUFs, it is crucial to understand the diverse tactics employed. PUF attacks manifest in various forms, each targeting specific elements of the PUF architecture. Examples of these attacks include:
Cloning Attacks: In a modeling attack, an adversary tries to create a mathematical model or replica of the PUF. This model could be based on measurements or observations of the PUF’s responses to various challenges. If the attacker successfully models the PUF, they may be able to simulate its behavior and bypass security measures [71].
Side-Channel Attacks: Side-channel attacks involve analyzing unintended information leakage from the PUF, such as power consumption or electromagnetic radiation. By monitoring these side channels, attackers may gain insights into the PUF’s behavior and potentially extract sensitive information [72].
Fault Injection Attacks: Attackers intentionally inject faults into the PUF or surrounding circuitry to disrupt normal operation. Techniques like voltage glitching or laser attacks may be employed to manipulate PUF responses and compromise their security [73].

4. Analysis and Discussion

PUFs are adopted in applications and cryptographic-based systems; however, PUFs fail to provide proper protection because they can be completely broken using computational models and other non-invasive methodologies [12]. Since the PUF is one of the main components of cryptography, it can achieve all goals of security protection for various companies, businesses, and other essential organizations. Some research has mentioned how PUFs are suitable for hardware security and protocol authentication. PUF entities, namely, the authentication, protocol, classification, and model, are shown in Figure 8.

4.1. Analysis of PUF-Based Authentication and Its Applications

We explain all the terms in Table 5 before describing Table 6. A detailed analysis of PUF-based authentication and its applications is given in Table 6. This table describes the differences between protocols in PUF-based authentication protocols.
Table 6 also shows the differences between researchers working on PUF-based authentication protocols. This extensive and detailed table delineates various aspects, including authentication schema, secure storage of keys, storage of CRPs, encryption methods, platform used, issues, and the advantages of each protocol. We can observe that Things to Things (T2T) is the most popular authentication scheme used in PUFs. The most popular encryption method used in a hash function is primarily used because of its simplicity and low computational power, and the advanced encryption key (AES) is also a popular technique. A range of platforms are used in order to evaluate the performance of the protocols. Simulation software, field-programmable gate arrays (FPGAs), and Arduino are popular choices to evaluate the performance of the protocols.
One of the most important characteristics that must be studied further by the research community is “Secure store key”. These keys are vulnerable to attacks and hacking, especially those which are stored in memory. Although secure keys have been designed [11], the developed keys are still weak because the method functions are not strong enough for decryption. We believe the authors used traditional methods, which mean that they are always displayed and thus vulnerable to machine learning attacks. Another major concern for users is trust in the data regarding their origin and location. This is especially true for IoT devices, which are typically low-cost. A lightweight protocol for data provenance in the IoT was given [74]. PUFs are used to give physical security and uniquely identify IoT devices. Channel impairments and characteristics are used to uniquely identify the communication link between the server and the IoT device.
Next, the key agreement between two constrained IoT devices is essential to establish trust between the devices, and PUFs can play a role in this regard as well. The existing key agreement protocols are exposed to man-in-the-middle, impersonation, and replay attacks, as has been demonstrated [8]. Also, a proposed alternative scheme offers identity-based authentication and repudiation. Another challenge with PUFs is that they are prone to attacks if several PUFs’ challenge–response pairs (CRPs) are subjected to an intrusion attack. A PUF-based, insubstantial, reliable authentication mechanism using binary string shuffling was proposed [85]. The key feature of this technique is that it is inexpensive yet secure. The server authentication is carried out before the underlying PUF becomes exposed, thus preventing it from being brute-forced.
Finally, most researchers, such as [76,77], when designing PUFs with IoT devices/servers use five methods of encryption that still suffer from cyberattacks, which are as follows:
1: XOR gate encryption;
2: Hash function methods;
3: Block cipher methods;
4: Elliptic-curve methods;
5: AES methods.
The significant vulnerability of these methods is a cloning cyberattack that puts the network/system under attack, so we must develop a smart framework with PUF technology that is able to keep IoT ecosystems safe. Any novel method must be strong and lightweight to face these challenges.

4.2. Analysis of PUF-Based Authentication and Its Communication Protocol

We explain all the terms in Table 7 to presenting Table 8. A detailed analysis of PUF-based authentication and its communication protocol follows.
Eleven studies discussing PUF-based authentication and communication protocols were reviewed and analyzed. The detailed analysis is shown in Table 5. Table 5 describes the IoT protocols that are being developed or adopted in the literature. AMQP and MQTT are the most widely adopted protocols that are being used in the literature and are being deployed and tested for wired as well as wireless technologies. Wireshark and Raspberry Pi are the two popular choices in terms of hardware testbeds to observe the performance of the proposed protocols. Based on further analysis, it can be found that the above-mentioned researchers did not use or suggest a method for assessing the challenges facing security. This is a drawback, as a real assessment of security is necessary. Most researchers, such as [39,40], have used MQTT because it is lightweight and the mechanism is simple in a network. Chaudhary et al. designed a new protocol [87] and a new schema, which was different in metrics and key performance indicators (KPIs) [42].

4.3. PUF with MQTT Communication Protocols

MQTT is a robust standard messaging protocol, and it has been adopted widely because of it is lightweight and low cost. Nevertheless, authentication is still a major issue where authentication criteria are provided. In other words, it uses username/password verification, which cannot provide necessary security [107]. To address this issue, in [107], it was proposed that each client/end-device must generate a unique output/response using a PUF. This response is applied as encryption/decryption key and identification of devices. Each broker is allowed a node in the blockchain that ensures that only permitted brokers can add a block for data/device validation values like device ID and PUF response. The system comprises chains. One records the devices’ PUF response and device ID (Chain A). The second one saves the data transmitted among the devices.
A secure MQTT PUF-based key exchange protocol was proposed in [108], allowing smart health device verification [28]. The protocol was designed with one handshake process and three authentication processes to handle replay and eavesdropping attacks. A new method was built with a PUF called the OSCORE Security Protocol using a key exchange on PUF-based SRAM [109]. A key exchange solution to OSCORE key material based on the PUF-based verification principle, which is unique in its features, is also proposed.

4.4. PUF-Based Authentication Challenges and Solutions

4.4.1. Challenge 1: Delay Gates

In electronics and digital circuits, the propagation delay, also called the gate delay, is the amount of time between when the input to a logic gate becomes stable and valid to change and when the output of that logic gate becomes constant and rational to change [110]. The time that passes during normal operation when the PUF unit receives the input and when it begins producing output is referred to as the stabilization time. The critical and emergency systems at this location cannot tolerate this kind of delay. It is a very significant research challenge for scholars to design novel PUFs that can affect the initiation and handling times [111]. Recent studies have shown that unbalanced ternary logic gates and arithmetic circuits can help reduce the delay [112,113].

4.4.2. Challenge 2: Bit Size of PUF

PUFs are thought to be safer when the pattern of outputs (the number of different responses) is larger. The 192-bit response is more secure because it has more bits than one with 128 bits. However, the length of each bit is shortened because some bits of the response are different (random). Therefore, there is a need to utilize mismatch size to produce an additional stable bit so that PUFs become safer.

4.4.3. Challenge 3: Power Efficiency

Power consumption is a major challenge for PUFs. The authentication process, stages of logical gates, and growth of CRPs consume previous components with too low power. However, some resistors employing PUFs require more power. In addition, using modern encryption and complex authentication lead to increased power consumption. There is a need to design ultra-low-power and aging-tolerant PUFs. In addition to that, performance optimization is a solution to improve power efficiency.

4.4.4. Challenge 4: Cost Efficiency

The cost of production in the design, structure, and authentication process should account for negligible resources of all kinds, including memory, energy consumption, and communication bandwidth. Cost reduction in design and structure is generally associated with the maturity of the product. However, lightweight authentication algorithms can be designed to improve cost efficiency. This will assist the further penetration of PUFs in the consumer market.

4.4.5. Challenge 5: Memory Consumption

Conventional security protocols cannot be implemented on IoT devices as they have small ROM, RAM, and processing power. Apart from that, they have power constraints. Therefore, there is a need for the development of power—as well as memory-efficient algorithms. A lightweight PUF-based authentication system was proposed and tested on a wireless sensor network [81]. The performance analysis shows that the proposed algorithm saves up to 45% power and uses 12% less memory compared to datagram transport layer security (DTLS) handshake authentication.

4.4.6. Challenge 6: Eavesdropping

It is challenging to implement intricate security algorithms on cost-sensitive devices because they have limited computational capacity. As a result of this restriction, the likelihood of espionage and other intrusions increases. In [114], the authors introduced the concept of PUF sensors, which work on authenticated sensing protocols, thus reducing the chances of eavesdropping and man-in-the-middle attacks. An experimental demonstration of this concept was carried out with the help of a ring oscillator PUF.

4.4.7. Challenge 7: Black Box Adversaries

PUFs can simply be treated as black boxes with the challenge considered as an input of the transfer function and the response considered as the output of the transfer function. To detect these adversaries, sensors are used, and the solution to avoid this adversary is physical protection [115].

4.4.8. Challenge 8: Distributed Denial-of-Service (DDoS) Attack

A distributed denial-of-service (DDoS) attack is an attempt to disturb the regular traffic flow of a particular server by overcrowding the infrastructure with a flood of Internet traffic. The SOM algorithm with the addition of the packet-per-flow feature can be the answer to the various weaknesses of other methods [116].

4.4.9. Challenge 9: Secret Key Two-Pair CRPs and ID for Devices Stored in Memory

Regarding spoofing and splicing/relocation attacks, a partial solution was provided in [79,82] via authentication of the protocol without CRPs. A stored key method was used in conjunction with encryption methods such as hash functions and Advanced 5.9 Encryption Standard (AES) [11].

4.4.10. Challenge 10: Limited Encryption Methods

Several works [16,19,26,79,117] have emphasized that PUF authentication protocols still require lightweight and strong methods, i.e., less power and less memory usage are required. However, all protocols used are still vulnerable to cyberattacks, as they use the hash function and some notations like the concatenation of a random number generator. The solution to this existing problem is the usage of a neural network method for encryption, which is lightweight.

4.4.11. Challenge 11: Noise

PUFs offer a lightweight replacement for high-cost encryption methods and secure key storage. Noise can flip one or more of the PUF output bits, which means the server will not accept a valid client. This is called a “false negative authentication”. Environmental effects such as temperature, voltage variation, and temporal effects (aging) can introduce noise. Machine learning and artificial intelligence can play a role in overcoming noise issues in PUFs.

5. Proposed Framework of IoT-Enabled Authentication PUF

Our framework adopts the IoT layer shown in Figure 9, which consists of five layers that fit into the model attack; we explain each layer and the significant components related to the layer.

5.1. Physical Layer

For this layer, during data collection, we collected all CRPs to evaluate a new design for a PUF that is a hybrid of NAND gate and multiplexers. Moreover, we used the JK flip-flop that results in the output Q for a normal situation and Q‘ for a cloning attack. The output is 0 or 1, which can be used to evaluate the PUF’s attributes. The results are aggregated and compared with ideal values.

5.2. Communication Layer

In the second phase, known as the data processing phase, there are three distinct stages. Specifically, two of these stages operate within this layer, while the remaining stage is situated in the middle layer. Each stage has an algorithm; these algorithms are unique and provide solutions to an attack. We divided this phase into three stages:
Stage 1: preregister stage. We proposed an algorithm that checks all packets from IoT devices. If any spoofing station scans/reads the packet, the target station drops the packet (it is read only once). In addition, the algorithm collects all details of a network (IP, MAC, Flage bit, and latency time) as the input. A temporary database is created to store the details
(IP, MAC, response times for a packet) as the output. The main outcome of this algorithm is creating a temporary database with these parameters, as illustrated in Figure 10.
Stage 2: In this stage, we wrote unique algorithms that regard temporary databases and CRPs as the input. They allow IoT devices to access the network/server to be trusted devices through CRPs. They must check whether the devices are legitimate using ID/IP devices, MAC addresses, and latency time. This phase must be used to increase security and protection. Moreover, two parameters, C and R, are used to create a trusted database on the server/cloud. This provides a solution to cloning attacks where C and R are collected and used to build mathematical methods. We can detect attacks from non-regular behavior stations, record response time, and scan packets a second time. In this case, we suggest a new thrust reverser method for a PUF, sending dummy CRPs to an attacker. At the end of this stage, we can register devices (D) in a network and build a trusted database. Figure 11 illustrates the process of registration with a focus on the registration process and the associated parameters

5.3. Middle Layer

Stage 3: This stage is important for network communication with the connection of other stations/devices. The third algorithm participants communicate using a trusted database as the input. The device (Dj) sends R to confirm with the trusted database in the server. We utilized Cipher PRESENT algorithms because they are lightweight. PRESENT is an ultra-lightweight block cipher consisting of 31 rounds in this algorithm. This lightweight cipher takes a plaintext block of 64 bits as the input and outputs a ciphertext block of the same length. The algorithm of PRESENT supports two key sizes of length 80 bits and 120 bits, named PRESENT-80 with an 80-bit key length and PRESENT-128 with a 128-bit key length. At the end of the algorithm, which can exchange data/files using intelligent cybersecurity monitoring, this component is responsible for detecting cloning attacks with the PUF3S-ML model. We used the best-fitting algorithms with a dataset from a model that can classify attacks. Figure 12 presents the authentication process with parameters.

5.4. Application Layer

Reliability is a well-established analysis method reserved for a typical attack. As its name indicates, reliability is the main reference point for the detection model, but the consequences of failure are also evaluated, which means that the framework runs and adapts to PUF3S-ML. Also, for resilient preservation that integrates with the innovative PUF technology, we designed a novel model for our deployment methods in Figure 13.
In the first phase, we must understand all target attacks on IoT devices in the smart network, understanding the environments of networks and focusing on generating CRPs with complete safety within the novel structure of PUFs that can protect IoT devices from attack.
In the second phase, we must take action after protecting our model from attack through the new design; it consists of three steps, and each step has unique algorithms and PUF-based authentication that provide solutions. In addition, intelligent cybersecurity monitoring is used to detect and classify all targeted attacks. In this component, we included machine learning algorithms that can analyze all data before, during, and after an attack. Using our responses in this model, when an attack happens and the PUF design is a failure, the structure must be renewed and made more robust and resilient.
The last phase connects two-layer application and business layers. Recovery is the core of these phases. After the attacks are closed, the data, configurations, and profiles are stored effectively, and the database is strong and updated. The new structure can work again without any issues or repair requirements. In this phase, a dashboard and the actual value of the network, the number of attacks, and the type of attack are provided.

5.5. Business Layer

All network values are monitored and compared with typical values, such as bandwidth, latency (delay), bandwidth—delay product throughput, and jitter. At the end of this stage, a thorough report is built and sent to users and administrators.

6. Conclusions

In the age of wireless communication, the connectivity between devices and their seamless communication plays a pivotal role in shaping a more interconnected world. However, this interconnectedness introduces vulnerabilities in the transmission of sensitive data across shared channels as the data are susceptible to potential intruders and cyberthreats.
This paper delves into a comprehensive survey of IoT networks integrating PUFs and examines the means of fortifying security against cyberattacks. Regarding the limitations of traditional security protocols for such networks, this study highlights the necessity of developing specifically tailored lightweight algorithms to meet the demands of IoT devices. By exploring the IoT field, its advantages, architectural applications, and associated challenges, this paper extensively researches the functionality and varied types of PUFs. It meticulously examines PUF-based authentication, communication protocols, and their diverse applications. Furthermore, it addresses eleven crucial challenges encountered in this domain along with proposed solutions.
This survey uniquely contributes to the literature by providing a comprehensive analysis encompassing eleven studies concerning PUF-based authentication and communication protocols. Notably, MQTT and AMQP emerge as widely adopted technologies, having undergone rigorous testing across both wired and wireless platforms. Innovative solutions are proposed to tackle the challenges related to PUFs, address propagation delay, bit stability, power consumption, cost efficiency, encryption methods, and security concerns such as DDoS attacks. This study focuses on revolution around three key aspects: authentication, encryption, and PUFs within communication protocols. The aim is to fortify security within IoT systems.
In summary, the proposed PUF-based authentication and communication protocols offer a multifaceted solution to an array of challenges faced in this domain. They strive to enhance security, reliability, and efficiency within IoT networks. By highlighting the importance of tailored algorithms and robust security measures, this study contributes to the ongoing discourse surrounding the integrity and resilience of IoT systems.

Author Contributions

Conceptualization, R.A.A. and M.M.S.; methodology, R.A.A. and M.M.S.; investigation, R.A.A.; resources, R.A.A.; data curation, R.A.A.; writing—original draft preparation, M.M.S.; writing—review and editing, M.M.S.; supervision, M.M.S. All authors have read and agreed to the published version of the manuscript.

Funding

This work was supported by the Ministry of Higher Education Malaysia under the Fundamental Research Grant Scheme with project Code: FRGS/1/2020/ICT07/USM/02/2. The authors also would like to express sincere gratitude to AlMaarefa University, Riyadh, Saudi Arabia, for providing funding to conduct this research.

Informed Consent Statement

Not applicable.

Conflicts of Interest

The authors declare no conflicts of interest. The funders had no role in the design of the study; in the collection, analyses, or interpretation of data; in the writing of the manuscript; or in the decision to publish the results.

References

  1. Al-Naji, F.H.; Zagrouba, R. A survey on continuous authentication methods in Internet of Things environment. Comput. Commun. 2020, 163, 109–133. [Google Scholar] [CrossRef]
  2. Mrabet, H.; Belguith, S.; Alhomoud, A.; Jemai, A. A survey of IoT security based on a layered architecture of sensing and data analysis. Sensors 2020, 20, 3625. [Google Scholar] [CrossRef]
  3. Ali, O.; Ishak, M.K.; Bhatti, M.K.; Khan, I.; Kim, K.-I. A comprehensive review of Internet of Things: Technology stack, middlewares, and Fog/Edge computing interface. Sensors 2022, 22, 995. [Google Scholar] [CrossRef]
  4. Adat, V.; Gupta, B.B. Security in Internet of Things: Issues, challenges, taxonomy, and architecture. Telecommun. Syst. 2018, 67, 423–441. [Google Scholar] [CrossRef]
  5. Dubey, A.K.; Meena, D.C.; Gaur, S. A survey in hello flood attack in wireless sensor networks. Int. J. Eng. Res. Technol. 2014, 3, 1882–1887. [Google Scholar]
  6. Elhoseny, M.; Thilakarathne, N.N.; Alghamdi, M.I.; Mahendran, R.K.; Gardezi, A.; Weerasinghe, H.; Welhenge, A.M. Security and privacy issues in medical Internet of Things: Overview, countermeasures, challenges and future directions. Sustainability 2021, 12, 11645. [Google Scholar] [CrossRef]
  7. Attkan, A.; Ranga, V. Cyber-physical security for IoT networks: A comprehensive review on traditional, blockchain and artificial intelligence based key-security. Complex Intell. Syst. 2022, 8, 3559–3591. [Google Scholar] [CrossRef]
  8. Braeken, A. PUF based authentication protocol for IoT. Symmetry 2018, 10, 352. [Google Scholar] [CrossRef]
  9. Baig, A.F.; Eskeland, S. Security, privacy, and usability in continuous authentication: A survey. Sensors 2021, 21, 5967. [Google Scholar] [CrossRef] [PubMed]
  10. Mahmod, M.J.a.; Guin, U. A robust, low-cost and secure authentication scheme for IoT applications. Cryptography 2020, 4, 8. [Google Scholar] [CrossRef]
  11. Mostafa, A.; Lee, S.J.; Peker, Y.K. Physical unclonable function and hashing are all you need to mutually authenticate IoT devices. Sensors 2020, 20, 4361. [Google Scholar] [CrossRef]
  12. Joshi, S.; Mohanty, S.P.; Kougianos, E. Everything you wanted to know about PUFs. IEEE Potentials 2017, 36, 38–46. [Google Scholar] [CrossRef]
  13. Shah, S.W.; Kanhere, S.S. Recent trends in user authentication—A survey. IEEE Access 2019, 7, 112505–112519. [Google Scholar] [CrossRef]
  14. Badr, Y.; Zhu, X.; Alraja, M.N. Security and privacy in the Internet of Things: Threats and challenges. Serv. Oriented Comput. Appl. 2021, 15, 257–271. [Google Scholar] [CrossRef]
  15. Chatterjee, U.; Chatterjee, S.; Mukhopadhyay, D.; Chakraborty, R.S. Machine learning assisted PUF calibration for trustworthy proof of sensor data in IoT. ACM Trans. Des. Autom. Electron.Syst. 2020, 25, 32. [Google Scholar] [CrossRef]
  16. Babaei, A.; Schiele, G. Physical Unclonable Functions in the Internet of Things: State of the Art and Open Challenges. Sensors 2019, 19, 3208. [Google Scholar] [CrossRef] [PubMed]
  17. Kulkarni, S.; Vani, R.M.; Hunagund, P.V. A study on physical unclonable functions based security for Internet of Things applications. In Intelligent Data Communication Technologies and Internet of Things; Springer: Berlin, Germany, 2019; pp. 607–614. [Google Scholar] [CrossRef]
  18. Garcia-Bosque, M.; Díez-Señorans, G.; Sánchez-Azqueta, C.; Celma, S. Introduction to physically unclonable fuctions: Properties and applications. In Proceedings of the 2020 European Conference on Circuit Theory and Design (ECCTD), Sofia, Bulgaria, 7–10 September 2020. [Google Scholar] [CrossRef]
  19. El-Hajj, M.; Fadlallah, A.; Chamoun, M.; Serhrouchni, A. A taxonomy of PUF schemes with a novel arbiter-based PUF resisting machine learning attacks. Comput. Netw. 2021, 194, 108133. [Google Scholar] [CrossRef]
  20. Al-Meer, A.; Al-Kuwari, S. Physical unclonable functions (PUF) for IoT devices. arXiv 2022, arXiv:2205.08587. [Google Scholar] [CrossRef]
  21. Gebali, F.; Mamun, M. Review of physically unclonable functions (PUFs): Structures, models, and algorithms. Front. Sens. 2022, 2, 751748. [Google Scholar] [CrossRef]
  22. Shamsoshoara, A.; Korenda, A.; Afghah, F.; Zeadally, S. A survey on physical unclonable function (puf)-based security solutions for internet of things. Comput. Netw. 2020, 183, 107593. [Google Scholar] [CrossRef]
  23. Mall, P.; Amin, R.; Das, A.K.; Leung, M.T.; Choo, K.-K.R. PUF-based Authentication and Key Agreement Protocols for IoT, WSNS, and Smart Grids: A Comprehensive Survey. IEEE Internet Things J. 2022, 9, 8205–8228. [Google Scholar] [CrossRef]
  24. Gillis, A.S. What Is the Internet of Things (IoT)? Available online: https://www.techtarget.com/iotagenda/definition/Internet-of-Things-IoT (accessed on 22 April 2023).
  25. Rashidah Funke, O.; Burhan Ul Islam, K.; Aisha Hassan Abdalla, H.; Khairul Azami, S.; Zuhani Ismail, K.; Hamdan, D. The Internet of Things vision: A comprehensive review of architecture, enabling technologies, adoption challenges, research open issues and contemporary applications. J. Adv. Res. Appl. Sci. Eng. Technol. 2022, 26, 51–77. [Google Scholar] [CrossRef]
  26. Wazid, M.; Das, A.K.; Lee, J.-H. User authentication in a tactile internet based remote surgery environment: Security issues, challenges, and future research directions. Pervasive Mob. Comput. 2019, 54, 71–85. [Google Scholar] [CrossRef]
  27. Kim, S.; Kim, S. User preference for an IoT healthcare application for lifestyle disease management. Telecommun. Policy 2018, 42, 304–314. [Google Scholar] [CrossRef]
  28. Gharaibeh, A.; Salahuddin, M.A.; Hussini, S.J.; Khreishah, A.; Khalil, I.; Guizani, M.; Al-Fuqaha, A. Smart cities: A survey on data management, security, and enabling technologies. IEEE Commun. Surv. Tutor. 2017, 19, 2456–2501. [Google Scholar] [CrossRef]
  29. Jose, A.C.; Malekian, R. Improving smart home security: Integrating logical sensing into smart home. IEEE Sen. J. 2017, 17, 4269–4286. [Google Scholar] [CrossRef]
  30. Swain, K.B.; Santamanyu, G.; Senapati, A.R. Smart industry pollution monitoring and controlling using LabVIEW based IoT. In Proceedings of the 2017 Third International Conference on Sensing, Signal Processing and Security (ICSSS), Chennai, India, 4–5 May 2017; pp. 74–78. [Google Scholar] [CrossRef]
  31. Alodib, M. QoS-Aware approach to monitor violations of SLAs in the IoT. J. Innov. Digit. Ecosyst. 2016, 3, 197–207. [Google Scholar] [CrossRef]
  32. Cheruvu, S.; Kumar, A.; Smith, N.; Wheeler, D.M. Demystifying Internet of Things Security, 1st ed.; Apress: Berkeley, CA, USA, 2020. [Google Scholar] [CrossRef]
  33. Kumar, C.; Prakash, S. Chapter 6—Routing protocols: Key security issues and challenges in IoT, ad hoc, and sensor networks. In Security and Privacy Issues in IoT Devices and Sensor Networks; Sharma, S.K., Bhushan, B., Debnath, N.C., Eds.; Academic Press: Cambridge, MA, USA, 2021; pp. 105–132. [Google Scholar] [CrossRef]
  34. Singh, S.; Pandey, N.; Datta, M.; Batra, S. Stress, internet use, substance use and coping among adolescents, young-adults and middle-age adults amid the ‘new normal’ pandemic era. Clin. Epidemiol. Glob. Health 2021, 12, 100885. [Google Scholar] [CrossRef] [PubMed]
  35. Dasgupta, D.; Roy, A.; Nag, A. Advances in User Authentication, 1st ed.; Springer: Cham, Switzerland, 2017. [Google Scholar] [CrossRef]
  36. Shepherd, J. What Is Authentication? The Ultimate Authentication Playbook. Available online: https://www.okta.com/uk/blog/2019/02/the-ultimate-authentication-playbook/ (accessed on 15 February 2023).
  37. Melki, R.; Noura, H.N.; Chehab, A. Lightweight multi-factor mutual authentication protocol for IoT devices. Int. J. Inf. Secur. 2020, 19, 679–694. [Google Scholar] [CrossRef]
  38. McGrath, T.; Bagci, I.E.; Wang, Z.M.; Roedig, U.; Young, R.J. A PUF Taxonomy. Appl. Phys. Rev. 2019, 6, 011303. [Google Scholar] [CrossRef]
  39. Koeberl, P.; Ünal, K.; Sadeghi, A.R. Memristor PUFs: A new generation of memory-based physically unclonable functions. In Proceedings of the 2013 Design, Automation & Test in Europe Conference & Exhibition (DATE), Grenoble, France, 18–22 March 2013; pp. 428–431. [Google Scholar] [CrossRef]
  40. Zhang, L.; Kong, Z.H.; Chang, C.H. PCKGen: A phase change memory based cryptographic key generator. In Proceedings of the 2013 IEEE International Symposium on Circuits and Systems (ISCAS), Beijing, China, 19–23 May 2013; pp. 1444–1447. [Google Scholar] [CrossRef]
  41. Zhang, L.; Fong, X.; Chang, C.H.; Kong, Z.H.; Roy, K. Highly reliable memory-based physical unclonable function using spin-transfer torque MRAM. In Proceedings of the 2014 IEEE International Symposium on Circuits and Systems (ISCAS), Melbourne, VIC, Australia, 1–5 June 2014; pp. 2169–2172. [Google Scholar] [CrossRef]
  42. Vrijaldenhoven, S. Acoustical Physical Uncloneable Functions. Master’s Thesis, Eindhoven University of Technology, Eindhoven, The Netherlands, 2004. [Google Scholar]
  43. Hwang, K.-M.; Park, J.-Y.; Bae, H.; Lee, S.-W.; Kim, C.-K.; Seo, M.; Im, H.; Kim, D.-H.; Kim, S.-Y.; Lee, G.-B.; et al. Nano-electromechanical switch based on a physical unclonable function for highly robust and stable performance in harsh environments. ACS Nano 2017, 11, 12547–12552. [Google Scholar] [CrossRef]
  44. DeJean, G.; Kirovski, D. RF-DNA: Radio-frequency certificates of authenticity. In Proceedings of the Cryptographic Hardware and Embedded Systems, CHES 2007, Vienna, Austria, 10–13 September 2007; pp. 346–363. [Google Scholar] [CrossRef]
  45. Guajardo, J.; Škorić, B.; Tuyls, P.; Kumar, S.S.; Bel, T.; Blom, A.H.M.; Schrijen, G.-J. Anti-counterfeiting, key distribution, and key storage in an ambient world via physical unclonable functions. Inf. Syst. Front. 2009, 11, 19–41. [Google Scholar] [CrossRef]
  46. Pappu, R.; Recht, B.; Taylor, J.; Gershenfeld, N. Physical one-way functions. Science 2002, 297, 2026–2030. [Google Scholar] [CrossRef]
  47. Chong, C.N.; Jiang, D.; Zhang, J.; Guo, L. Anti-counterfeiting with a random pattern. In Proceedings of the 2008 Second International Conference on Emerging Security Information, Systems and Technologies, Cap Esterel, France, 25–31 August 2008; pp. 146–153. [Google Scholar] [CrossRef]
  48. Kim, J.; Yun, J.M.; Jung, J.; Song, H.; Kim, J.-B.; Ihee, H. Anti-counterfeit nanoscale fingerprints based on randomly distributed nanowires. Nanotechnology 2014, 25, 155303. [Google Scholar] [CrossRef]
  49. Lenzini, G.; Ouchani, S.; Roenne, P.; Ryan, P.Y.A.; Geng, Y.; Lagerwall, J.; Noh, J. Security in the shell: An optical physical unclonable function made of shells of cholesteric liquid crystals. In Proceedings of the 2017 IEEE Workshop on Information Forensics and Security (WIFS), Rennes, France, 4–7 December 2017; pp. 1–6. [Google Scholar] [CrossRef]
  50. Cao, Y.; Robson, A.J.; Alharbi, A.; Roberts, J.; Woodhead, C.S.; Noori, Y.J.; Bernardo-Gavito, R.; Shahrjerdi, D.; Roedig, U.; Fal’ko, V.I.; et al. Optical identification using imperfections in 2D materials. 2D Mater. 2017, 4, 045021. [Google Scholar] [CrossRef]
  51. Alharbi, A.; Armstrong, D.; Alharbi, S.; Shahrjerdi, D. Physically unclonable cryptographic primitives by chemical vapor deposition of layered MoS2. ACS Nano 2017, 11, 12772–12779. [Google Scholar] [CrossRef]
  52. Carro-Temboury, M.R.; Arppe, R.; Vosch, T.; Sørensen, T.J. An optical authentication system based on imaging of excitation-selected lanthanide luminescence. Sci. Adv. 2018, 4, e1701384. [Google Scholar] [CrossRef] [PubMed]
  53. National Research Council. Counterfeit Deterrent Features for the Next-Generation Currency Design; The National Academies Press: Washington, DC, USA, 1993; p. 144. [CrossRef]
  54. Hammouri, G.; Dana, A.; Sunar, B. CDs have fingerprints too. In Proceedings of the Cryptographic Hardware and Embedded Systems, CHES 2009, Lausanne, Switzerland, 6–9 September 2009; pp. 348–362. [Google Scholar] [CrossRef]
  55. Indeck, R.S.; Muller, M.W. Method and Apparatus for Fingerprinting Magnetic Media. U.S. Patent 5365586A, 15 November 1994. [Google Scholar]
  56. Bossuet, L.; Ngo, X.T.; Cherif, Z.; Fischer, V. A PUF based on a transient effect ring oscillator and insensitive to locking phenomenon. IEEE Trans. Emerg. Top. Comput. 2014, 2, 30–36. [Google Scholar] [CrossRef]
  57. Lee, J.W.; Daihyun, L.; Gassend, B.; Suh, G.E.; Dijk, M.v.; Devadas, S. A technique to build a secret key in integrated circuits for identification and authentication applications. In Proceedings of the 2004 Symposium on VLSI Circuits. Digest of Technical Papers (IEEE Cat. No.04CH37525), Honolulu, HI, USA, 17–19 June 2004; pp. 176–179. [Google Scholar] [CrossRef]
  58. Yao, Y.; Kim, M.; Li, J.; Markov, I.L.; Koushanfar, F. ClockPUF: Physical unclonable functions based on clock networks. In Proceedings of the 2013 Design, Automation & Test in Europe Conference & Exhibition (DATE), Grenoble, France, 18–22 March 2013; pp. 422–427. [Google Scholar] [CrossRef]
  59. Jeon, D.; Baek, J.H.; Kim, D.K.; Choi, B.D. Towards zero bit-error-rate physical unclonable function: Mismatch-based vs. Physical-based approaches in standard CMOS technology. In Proceedings of the 2015 Euromicro Conference on Digital System Design, Madeira, Portugal, 26–28 August 2015; pp. 407–414. [Google Scholar] [CrossRef]
  60. Lofstrom, K.; Daasch, W.R.; Taylor, D. IC identification circuit using device mismatch. In Proceedings of the 2000 IEEE International Solid-State Circuits Conference. Digest of Technical Papers (Cat. No.00CH37056), San Francisco, CA, USA, 9 February 2000; pp. 372–373. [Google Scholar] [CrossRef]
  61. Helinski, R.; Acharyya, D.; Plusquellic, J. A physical unclonable function defined using power distribution system equivalent resistance variations. In Proceedings of the 2009 46th ACM/IEEE Design Automation Conference, San Francisco, CA, USA, 26–31 July 2009; pp. 676–681. [Google Scholar] [CrossRef]
  62. Guajardo, J.; Kumar, S.S.; Schrijen, G.-J.; Tuyls, P. FPGA intrinsic PUFs and their use for IP protection. In Proceedings of the Cryptographic Hardware and Embedded Systems, CHES 2007, Vienna, Austria, 10–13 September 2007; pp. 63–80. [Google Scholar] [CrossRef]
  63. Chen, Q.; Csaba, G.; Lugli, P.; Schlichtmann, U.; Rührmair, U. The bistable ring PUF: A new architecture for strong physical unclonable functions. In Proceedings of the 2011 IEEE International Symposium on Hardware-Oriented Security and Trust, San Diego, CA, USA, 5–6 June 2011; pp. 134–141. [Google Scholar] [CrossRef]
  64. Krishna, A.R.; Narasimhan, S.; Wang, X.; Bhunia, S. MECCA: A robust low-overhead PUF using embedded memory array. In Proceedings of the Cryptographic Hardware and Embedded Systems, CHES 2011, Nara, Japan, 28 September–1 October 2011; pp. 407–420. [Google Scholar] [CrossRef]
  65. Tehranipoor, F.; Karimian, N.; Xiao, K.; Chandy, J. DRAM based intrinsic physical unclonable functions for system level security. In Proceedings of the 25th edition on Great Lakes Symposium on VLSI, Association for Computing Machinery, Pittsburgh, PA, USA, 20–22 May 2015; pp. 15–20. [Google Scholar] [CrossRef]
  66. Anderson, J.H. A PUF design for secure FPGA-based embedded systems. In Proceedings of the 2010 15th Asia and South Pacific Design Automation Conference (ASP-DAC), Taipei, Taiwan, 18–21 January 2010; pp. 1–6. [Google Scholar] [CrossRef]
  67. Tuyls, P.; Schrijen, G.J.; Skoric, B.; van Geloven, J.; Verhaegh, N.; Wolters, R. Read-proof hardware from protective coatings. In Cryptographic Hardware and Embedded Systems (CHES); Springer: Berlin, Germany, 2006. [Google Scholar]
  68. Konigsmark, S.T.C.; Hwang, L.K.; Chen, D.; Wong, M.D.F. CNPUF: A carbon nanotube-based physically unclonable function for secure low-energy hardware design. In Proceedings of the 2014 19th Asia and South Pacific Design Automation Conference (ASP-DAC), Singapore, 20–23 January 2014; pp. 73–78. [Google Scholar] [CrossRef]
  69. Roberts, J.; Bagci, I.E.; Zawawi, M.A.M.; Sexton, J.; Hulbert, N.; Noori, Y.J.; Young, M.P.; Woodhead, C.S.; Missous, M.; Migliorato, M.A.; et al. Using quantum confinement to uniquely identify devices. Sci. Rep. 2015, 5, 16456. [Google Scholar] [CrossRef] [PubMed]
  70. Hu, Z. Physically unclonable cryptographic primitives using self-assembled carbon nanotubes. Nat. Nanotechnol. 2016, 11, 559. [Google Scholar] [CrossRef] [PubMed]
  71. Duan, S.; Sai, G. Bti aging-based physical cloning attack on SRAM PUF and the countermeasure. Analog Integr. Circuits Signal Process. 2023, 117, 45–55. [Google Scholar] [CrossRef]
  72. Delvaux, J.; Verbauwhede, I. Side channel modeling attacks on 65nm ARBITER PUFs exploiting CMOS device noise. In Proceedings of the 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), Austin, TX, USA, 2–3 June 2013. [Google Scholar]
  73. Delvaux, J.; Verbauwhede, I. Fault injection modeling attacks on 65 nm arbiter and Ro sum PUFs via environmental changes. IEEE Trans. Circuits Syst. I Regul. Papers 2014, 61, 1701–1713. [Google Scholar] [CrossRef]
  74. Aman, M.N.; Chua, K.C.; Sikdar, B. A lightweight mutual authentication protocol for IoT systems. In Proceedings of the 2017 IEEE Global Communications Conference, Singapore, 4–8 December 2017; pp. 1–6. [Google Scholar] [CrossRef]
  75. Chatterjee, U.; Go1vindan, V.; Sadhukhan, R.; Mukhopadhyay, D.; Chakraborty, R.S.; Mahata, D.; Prabhu, M.M. Building PUF based authentication and key exchange protocol for IoT without explicit CRPs in verifier database. IEEE Trans. Dependable Secure Comput. 2019, 16, 424–437. [Google Scholar] [CrossRef]
  76. Qureshi, M.A.; Munir, A. PUF-RLA: A PUF-based reliable and lightweight authentication protocol employing binary string shuffling. In Proceedings of the 2019 IEEE 37th International Conference on Computer Design (ICCD), Abu Dhabi, United Arab Emirates, 17–20 November 2019; pp. 576–584. [Google Scholar] [CrossRef]
  77. Nimmy, K.; Sankaran, S.; Achuthan, K. A novel lightweight PUF based authentication protocol for IoT without explicit CRPs in verifier database. J. Ambient Intell. Hum. Comput. 2023, 14, 6227–6242. [Google Scholar] [CrossRef]
  78. Lounis, K.; Zulkernine, M. T2T-MAP: A PUF-based thing-to-thing mutual authentication protocol for IoT. IEEE Access 2021, 9, 137384–137405. [Google Scholar] [CrossRef]
  79. Farha, F.; Ning, H.; Ali, K.; Chen, L.; Nugent, C. SRAM-PUF-based entities authentication scheme for resource-constrained IoT devices. IEEE Internet Things J. 2021, 8, 5904–5913. [Google Scholar] [CrossRef]
  80. Clupek, V.; Zeman, V. Robust mutual authentication and secure transmission of information on low-cost devices using Physical unclonable functions and Hash functions. In Proceedings of the 2016 39th International Conference on Telecommunications and Signal Processing (TSP), Vienna, Austria, 27–29 June 2016; pp. 100–103. [Google Scholar] [CrossRef]
  81. Yilmaz, Y.; Gunn, S.R.; Halak, B. Lightweight PUF-based authentication protocol for IoT devices. In Proceedings of the2018 IEEE 3rd International Verification and Security Workshop (IVSW), Costa Brava, Spain, 2–4 July 2018; pp. 38–43. [Google Scholar] [CrossRef]
  82. Nozaki, Y.; Yoshikawa, M. Secret sharing schemes based secure authentication for physical unclonable function. In Proceedings of the 2019 IEEE 4th International Conference on Computer and Communication Systems (ICCCS), Singapore, 23–25 February 2019; pp. 445–449. [Google Scholar] [CrossRef]
  83. Huang, Z.; Wang, Q. A PUF-based unified identity verification framework for secure IoT hardware via device authentication. World Wide Web 2020, 23, 1057–1088. [Google Scholar] [CrossRef]
  84. Son, S.; Park, Y.; Park, Y. A secure, lightweight, and anonymous user authentication protocol for IoT environments. Sustainability 2021, 13, 9241. [Google Scholar] [CrossRef]
  85. Li, S.; Zhang, T.; Yu, B.; He, K. A provably secure and practical PUF-based end-to-end mutual authentication and key exchange protocol for IoT. IEEE Sens. J. 2021, 21, 5487–5501. [Google Scholar] [CrossRef]
  86. Mahalat, M.H.; Saha, S.; Mondal, A.; Sen, B. A PUF-Based Lightweight Protocol for Secure WIFI Authentication of IoT Devices. In Proceedings of the 2018 8th International Symposium on Embedded Computing and System Design (ISED), Cochin, India, 13–15 December 2018. [Google Scholar] [CrossRef]
  87. Yoon, S.; Kim, B.; Kang, Y.; Choi, D. PUF-based authentication scheme for IoT devices. In Proceedings of the 2020 International Conference on Information and Communication Technology Convergence (ICTC), Jeju, Republic of Korea, 21–23 October 2020; pp. 1792–1794. [Google Scholar] [CrossRef]
  88. Adeli, M.; Bagheri, N.; Martín, H.; Peris-Lopez, P. Challenging the security of “A PUF-based hardware mutual authentication protocol”. J. Parallel Distrib. Comput. 2022, 169, 199–210. [Google Scholar] [CrossRef]
  89. Idriss, T.A.; Idriss, H.A.; Bayoumi, M.A. A lightweight PUF-based authentication protocol using secret pattern recognition for constrained IoT devices. IEEE Access 2021, 9, 80546–80558. [Google Scholar] [CrossRef]
  90. Muhal, M.A.; Luo, X.; Mahmood, Z.; Ullah, A. Physical unclonable function based authentication scheme for smart devices in Internet of Things. In Proceedings of the 2018 IEEE International Conference on Smart Internet of Things (SmartIoT), Xi’an, China, 17–19 August 2018; pp. 160–165. [Google Scholar] [CrossRef]
  91. Song, J.; Xiao, M.; Zhang, T.; Zhou, H. Proving authentication property of PUF-based mutual authentication protocol based on logic of events. Soft Comput. 2022, 26, 841–852. [Google Scholar] [CrossRef]
  92. Trinh, C.; Huynh, B.; Lansky, J.; Mildeova, S.; Safkhani, M.; Bagheri, N.; Kumari, S.; Hosseinzadeh, M. A novel lightweight block cipher-based mutual authentication protocol for constrained environments. IEEE Access 2020, 8, 165536–165550. [Google Scholar] [CrossRef]
  93. Wu, T.-Y.; Kong, F.; Wang, L.; Chen, Y.-C.; Kumari, S.; Pan, J.-S. Toward smart home authentication using PUF and edge-computing paradigm. Sensors 2022, 22, 9174. [Google Scholar] [CrossRef] [PubMed]
  94. Chen, Z.; Li, B.; Zhang, Y.; Gu, M.; Yuan, P.; Cheng, X. Lightweight and modeling attack resistant PUFs authentication based on portion mapping. In Proceedings of the 2020 IEEE 5th International Conference on Signal and Image Processing (ICSIP), Nanjing, China, 23–25 October 2020; pp. 975–979. [Google Scholar] [CrossRef]
  95. Zerrouki, F.; Ouchani, S.; Bouarfa, H. Towards a foundation of a mutual authentication protocol for a robust and resilient PUF-based communication network. Procedia Comput. Sci. 2021, 191, 215–222. [Google Scholar] [CrossRef]
  96. Gaba, G.S.; Hedabou, M.; Kumar, P.; Braeken, A.; Liyanage, M.; Alazab, M. Zero knowledge proofs based authenticated key agreement protocol for sustainable healthcare. Sustain. Cities Soc. 2022, 80, 103766. [Google Scholar] [CrossRef]
  97. Chaudhary, A.; Peddoju, S.K.; Kadarla, K. Study of Internet-of-Things messaging protocols used for exchanging data with external sources. In Proceedings of the 2017 IEEE 14th International Conference on Mobile Ad Hoc and Sensor Systems (MASS), Orlando, FL, USA, 22–25 October 2017; pp. 666–671. [Google Scholar] [CrossRef]
  98. Anusha, M.; Babu, E.S.; Reddy, L.S.M.; Krishna, A.V.; Bhagyasree, B. Performance analysis of data protocols of Internet of Things: A qualitative review. Int. J. Pure Appl. Math. 2017, 115, 37–47. [Google Scholar]
  99. Chen, Y.; Kunz, T. Performance evaluation of IoT protocols under a constrained wireless access network. In Proceedings of the 2016 International Conference on Selected Topics in Mobile & Wireless Networking (MoWNeT), Cairo, Egypt, 11–13 April 2016; pp. 1–7. [Google Scholar] [CrossRef]
  100. Uy, N.Q.; Nam, V.H. A comparison of AMQP and MQTT protocols for Internet of Things. In Proceedings of the 2019 6th NAFOSTED Conference on Information and Computer Science (NICS), Hanoi, Vietnam, 12–13 December 2019; pp. 292–297. [Google Scholar] [CrossRef]
  101. Al-Masri, E.; Kalyanam, K.; Batts, J.; Kim, J.; Singh, S.; Vo, T.; Yan, C. Investigating messaging protocols for the Internet of Things (IoT). IEEE Access 2020, 8, 94880–94911. [Google Scholar] [CrossRef]
  102. Dizdarevic, J.; Carpio, F.; Jukan, A.; Masip-Bruin, X. A survey of communication protocols for Internet of Things and related challenges of Fog and cloud computing integration. ACM Comput. Surv. 2018, 51, 116. [Google Scholar] [CrossRef]
  103. Sarafov, V. Comparison of IoT data protocol overhead. In Proceedings of the Seminars of Future Internet (FI) and Innovative Internet Technologies and Mobile Communication (IITM), Winter Semester 2017/2018, Munich, Germany, 1 August 2017–26 February 2018; pp. 7–14. [Google Scholar]
  104. Yang, S.-J.; Wei, T.-C. Design issues for communication protocols conversion scheme of IoT devices. J. Internet Technol. 2021, 22, 657–667. [Google Scholar]
  105. Kondoro, A.; Ben Dhaou, I.; Tenhunen, H.; Mvungi, N. Real time performance analysis of secure IoT protocols for microgrid communication. Future Gen. Comput. Syst. 2021, 116, 1–12. [Google Scholar] [CrossRef]
  106. Hassan, R.; Qamar, F.; Hasan, M.K.; Aman, A.H.M.; Ahmed, A.S. Internet of Things and its applications: A comprehensive survey. Symmetry 2020, 12, 1674. [Google Scholar] [CrossRef]
  107. Tabassum, K.A.; Hossain, A.; Rahman, M.H. Trident: A M2M Communication Solution for IoT Devices Using Blockchain Fused MQTT and PUF Based Authentication Scheme. Bachelor’s Thesis, Islamic University of Technology, Gazipur, Bangladesh, 2021. [Google Scholar]
  108. Pahlevi, R.R.; Sukarno, P.; Erfianto, B. Secure MQTT PUF-based key exchange protocol for smart healthcare. Jurnal Rekayasa Elektrika 2021, 17, 107–114. [Google Scholar] [CrossRef]
  109. Díaz, J.P.; Almenares, F. A PUF-based authentication mechanism for OSCORE. In Proceedings of the 18th ACM Symposium on Performance Evaluation of Wireless Ad Hoc, Sensor, & Ubiquitous Networks, Association for Computing Machinery, Alicante, Spain, 22–26 November 2021; pp. 65–72. [Google Scholar]
  110. Yamamoto, D.; Sakiyama, K.; Iwamoto, M.; Ohta, K.; Takenaka, M.; Itoh, K. Variety enhancement of PUF responses using the locations of random outputting RS latches. J. Cryptogr. Eng. 2013, 3, 197–211. [Google Scholar] [CrossRef]
  111. Ning, H.; Farha, F.; Ullah, A.; Mao, L. Physical unclonable function: Architectures, applications and challenges for dependable security. IET Circuits Devices Syst. 2020, 14, 407–424. [Google Scholar] [CrossRef]
  112. Jooq, M.K.Q.; Moaiyeri, M.H.; Tamersit, K. Ultra-compact ternary logic gates based on negative capacitance carbon nanotube FETs. IEEE Trans. Circuits Syst. II Express Briefs 2021, 68, 2162–2166. [Google Scholar] [CrossRef]
  113. Vijay, V.; Pittala, S.C.; Koteshwaramma, K.C.; Shaik, A.S.; Chaitanya, K.; Birru, S.G.; Medapalli, S.R.; Thoranala, V.R. Design of unbalanced ternary logic gates and arithmetic circuits. J. VLSI Circuits Syst. 2022, 4, 20–26. [Google Scholar] [CrossRef]
  114. Gao, Y.; Ma, H.; Abbott, D.; Al-Sarawi, S.F. PUF sensor: Exploiting PUF unreliability for secure wireless sensing. IEEE Trans. Circuits Syst. I Regul. Papers 2017, 64, 2532–2543. [Google Scholar] [CrossRef]
  115. Halak, B. Physically Unclonable Functions, 1st ed.; Springer: Cham, Switzerland, 2018. [Google Scholar] [CrossRef]
  116. Sanmorino, A.; Gustriansyah, R. An alternative solution to handle ddos attacks. J. Theor. Appl. Inf. Technol. 2018, 96, 657–667. [Google Scholar]
  117. Hertz, J. An Introduction to Physically Unclonable Functions. 2021. Available online: https://www.allaboutcircuits.com/technical-articles/an-introduction-to-physically-unclonable-functions/ (accessed on 1 March 2022).
Applsci 14 01700 g001
Figure 1. IoT framework.
Figure 1. IoT framework.
Applsci 14 01700 g001
Applsci 14 01700 g002
Figure 2. Taxonomy of user authentication methods.
Figure 2. Taxonomy of user authentication methods.
Applsci 14 01700 g002
Applsci 14 01700 g003
Figure 3. Challenges and response of PUF [11].
Figure 3. Challenges and response of PUF [11].
Applsci 14 01700 g003
Applsci 14 01700 g004
Figure 4. Optical PUF [12].
Figure 4. Optical PUF [12].
Applsci 14 01700 g004
Applsci 14 01700 g005
Figure 5. Ring oscillator (RO) [12].
Figure 5. Ring oscillator (RO) [12].
Applsci 14 01700 g005
Applsci 14 01700 g006
Figure 6. Arbiter PUF [12].
Figure 6. Arbiter PUF [12].
Applsci 14 01700 g006
Applsci 14 01700 g007
Figure 7. Types of PUFs [38].
Figure 7. Types of PUFs [38].
Applsci 14 01700 g007
Applsci 14 01700 g008
Figure 8. PUF entities.
Figure 8. PUF entities.
Applsci 14 01700 g008
Applsci 14 01700 g009
Figure 9. Framework of IoT-enabled authentication PUF.
Figure 9. Framework of IoT-enabled authentication PUF.
Applsci 14 01700 g009
Applsci 14 01700 g010
Figure 10. Process of pre-register.
Figure 10. Process of pre-register.
Applsci 14 01700 g010
Applsci 14 01700 g011
Figure 11. Process of registration.
Figure 11. Process of registration.
Applsci 14 01700 g011
Applsci 14 01700 g012
Figure 12. Process of authentication.
Figure 12. Process of authentication.
Applsci 14 01700 g012
Applsci 14 01700 g013
Figure 13. Framework reliability and resilience.
Figure 13. Framework reliability and resilience.
Applsci 14 01700 g013
Table 1. Contributions of previous surveys and comparison.
Table 1. Contributions of previous surveys and comparison.
Paper/ArticleType StudyArchitecturesImplementationCommunication ProtocolsOpen IssuesConceptual Design Framework/Solution to Cloning AttacksHighlights Cloning Attacks
[16]SurveyYesNoNoYesNoNo
[17]SurveyYesYesNoNoNoNo
[18]TaxonomyYesYesNoNoNoNo
[19]TaxonomyNoYesNoYesNoNo
[20]SurveyYesYesNoNoNoNo
[21]ReviewYesNoNoYesNoNo
[22]SurveyYesYesYesYesNoNo
[23]SurveyYesYesNoNoNoNo
This paperSurvey and TaxonomyYesYesYesYesYesYes
Table 2. Applications of the IoT in various domains.
Table 2. Applications of the IoT in various domains.
PaperDomainContribution
[27]Medical fieldThe authors propose important entities that can possibly influence users’ acceptance of IoT-based disease management services.
[28]Smart cityThe authors explain the data security and privacy techniques that can be used in future smart cities. Salient features of smart cities are discussed along with the technology supporting that paradigm shift. The paper also highlights the research challenges in this journey.
[29]Home automationIn this paper, the authors used a grouping of sensors, microcontrollers, and various communication protocols to detect user conduct at different access points and execute a sensing algorithm.
[30]Smart industryIn this work, the authors have proposed the use of an Arduino ATmega 2560 board that gathers the temperature and humidity parameters from sensors and records them in an online database. This application is useful in realizing smart industries.
[31]Commercial applicationsIn this work, a novel method is given with the aim of systematizing the generation of a quality of service (QoS)-aware service, offering real-time checking that is beneficial in various commercial applications.
Table 3. Types of authentication, definitions, and examples.
Table 3. Types of authentication, definitions, and examples.
DefinitionExampleMajor Disadvantages
UserChecks a user’s identity by allowing human-to-machine transfer.Signal sign-on (SSO), multi-factor, three-way authentication.Vulnerable to spoofing attacks
DeviceDetects and checks users accessing a device. This method of authentication uses a device’s metadata or an app.PUF, mobile.No standardization of IoT device authentication
Software/protocolUsers or devices are authenticated through a software application that verifies access to objects.Challenged response; mutual authentication; out-of-band management; one-, two-, and three-way authentication; zero-knowledge authentication.Limited cryptographic authentication
Table 4. The relationship between type of PUFs, benefits, and limitations.
Table 4. The relationship between type of PUFs, benefits, and limitations.
StudyYearType of PUFDescriptionLimitations
[39]2013Memristor PUFMemristors are potential future-generation memory technologies.Process variation.
[40]2013PCKGENA phase change memory-based cryptographic key generator (PCKGEN) is a technology used to create updated cryptographic keys whenever it is desired to enhance the security of a system.Highly hackable.
[41]2014STT-MRAM PUFSpin-transfer torque magnetic random-access memory (STT-MRAM)-based PUF that utilizes orientation of a magnetic layer to generate unique patterns.Read disturb errors in MLC NAND flash memory.
[42]2004Acoustical PUFIn an acoustical PUF (APUF), delay lines are applied to estimate the feasibility of creating an APUF.Highly hackable.
[43]2017NEMS PUFA PUF utilizing a nano-electromechanical (NEM) switch is termed as a NEMS PUF. A particular property of the NEM-switch-based PUF is its application of stiction.Highly hackable.
[44]2007RF-DNA PUFRF-DNA PUFs comprise an array of antennas with an analog or digital backend. Every individual antenna can act as a transmitter or receiver of RF waves in a particular frequency band backed by the backend process.Special requirements.
[45]2009LC PUFSuch PUFs are based on resonance peaks in the frequency response of inductor–capacitor circuits.Increased storage cost for noise issues.
[46]2002Optical PUFThe process of light scattering by particles is unrestrained, and the contact between the laser and the particles is quite complex. This attribute can be used for creating unique patterns that can enhance the security of the system.Building complex physical structures for authentication.
[47]2008Phosphor PUFPhosphor PUFs are made up of phosphorescent particles of arbitrary shape and dimensions that are blended randomly.Vulnerable to invasive human factors and environmental factors, including scratching, temperature, and humidity.
[48]2014Nanowire Distro PUFFingerprint patterns can be physically validated in an easy and straightforward way by using an optical microscope.Weak for spoofing attack.
[49]2017Liquid Crystal PUFA liquid crystal PUF uses μm scale diameter shells of cholesteric liquid crystals (CLCs) at the surface of the physical object to be verified.The challenge of the PUF is the number or position of the liquid crystal in the array, and the response is the frequency of reflected light.
[50]2017Q-OPUFA Q-OPUF uses nanometer-scale imperfections in pieces of 2D materials to achieve the functionality of a PUF.Defect-free fabrication of monolayers is not possible, which results in bandgap alteration.
[51]2017Monolayer Deposition PUFThe monolayer deposition PUF assesses the existence or deficiency of monolayer matter in different positions along with a growth substrate.This technique examines only the variation in physical position on layers.
[52]2018Lanthanide PUFThe lanthanide PUF explores the locations of zeolites doped with lanthanide (III) ions through a substrate via a photoluminescence dimension.The random pattern generated by this method is difficult to replicate.
[53]1993Paper PUFThe paper PUF utilizes the distinctive marks of physical fibers such as currency to generate fingerprints.Unique fingerprint can be established just by scanning the fiber/paper.
[54]2009CD PUFThe CD PUF utilizes the distinctive marks of the compact disk medium. It works by determining the length of the lands and pits of the CD.A photodetector can be used for the determination of pits and lands.
[55]1994Magnetics PUFThe magnetic PUF uses randomness in ferromagnetic particle arrangement to generate unique magnetic swipe cards.The inherit randomness in ferromagnetic particle arrangement is used to distinguish cards present in the database.
[56]2014Ring Oscillator PUFA ring oscillator PUF works by analyzing the changes in the delay, which results in frequency of a signal propagating across an oscillator circuit formed of logic gates.Simple circuitry. Can be implemented with the help of basic logic gates.
[57]2004Arbiter PUFAn arbiter PUF determines a system by analyzing the variations in the travel time of two electrical signals traveling through symmetrical paths.Built from the on/off technique of the routing switches, giving a binary response depending on the faster path after this switching.
[58]2013Clock PUFThis type of PUF measures the changes in clock signal traveling velocity among signal lines, centered on the fabrication variation in these signal lines.Now, due to the improvement in the design process, clock skew variations are almost negligible.
[59]2015VIA PUFSuch PUFs employ direct categorization of electronic modules. The VIA PUF uses the probability of physical connection between the electrical layers.Approximately 50% uniformity and uniqueness can be achieved.
[60]2000TV-PUFThe main idea of the threshold voltage (TV)-PUF is to quantify the discrepancy in threshold voltage of ICs at the point of production.Number of transistors required.
[61]2009Power Distribution PUFThe power distribution PUF works by defining the disparity in resistance of the power distribution system during the process of manufacturing an IC.Additional components are added to each branch.
[62]2007SRAM-PUFThe static random-access memory (SRAM) PUF operates by finding the differences of transistor branches within SRAM.Complexity of implementation as a fuzzy extractor on an FPGA is not known.
[63]2011Bistable Ring PUFBased on the variation in a series of logic gates.The BR-PUF oscillates for a relatively significant period before it stabilizes.
[64]2011MECCA PUFA memory cell-based chip authentication (MECCA) PUF comprises an arrangement of SRAM elements just like the SRAM-PUF and is based on the essential transistor deviation.Additional hardware required.
[65]2015DRAM PUFAnalyzing difference in the elements’ dynamic random-access memory (DRAM) cells.Performance is temperature-dependent.
[66]2010Glitch PUFThe glitch PUF works by analyzing the complicated variation in glitches that are created because of the delay-based circuits.N/A
[56]2014TERO-PUFA new silicon PUF based on a transient effect ring oscillator.N/A
[67]2006Coating PUFSuch PUFs work by measuring the capacitance across a pair of comb-shaped sensors in the top layer of an integrated circuit.Eliminating/reducing the resistance in this type of construction against side-channel attacks is challenging.
[68]2014CNPUFCarbon nanotube field-effect transistors (CNFETs) have excellent electrical properties. These distinguished physical features that can be used to create a CNPUF.There is a trade-off between power consumed and security.
[69]2015Q-EPUFThe Q-EPUF PUF uses fluctuations in tunneling widths through quantum wells in resonant tunneling diodes.N/A
[70]2016Self-Assembly PUFThese PUFs use the physical phenomenon of molecular self-assembly.Limited semiconducting purity and non-ideal assembly.
Table 5. An explanation of termsof PUF-Based Authentication and Its Applications.
Table 5. An explanation of termsof PUF-Based Authentication and Its Applications.
SymbolExplanationSymbolExplanation
PKIPublic Key InfrastructureCRPsChallenge–response pairs
T2MThings-to-MachineT2TThings to Things
AESThe Advanced Encryption StandardECCElliptic-curve cryptography
XORExclusive OR GateLBRAPSLightweight blockchain-enabled RFID-based authentication protocol
Table 6. Summary of the differences of PUF-based authentication protocols.
Table 6. Summary of the differences of PUF-based authentication protocols.
ProtocolPUFAuthentication SchemaSecure Storage of KeysStorage of
CRPs		Encryption MethodsPlatform UsedMajor IssuesMajor Advantages
[8]UnspecifiedT2TNoYesHash-High storage costSecure communication
[10]SARAM-PUFT2TNoYesHashArduino Mega RaspberryIneffective spoofing attackLow cost
[11]APUFT2TYesYesAES, hashSimulationLimited machine learning attackLow computational complexity
[74]XOR-PUFT2TNoYes-SimulationLimited resourcesTempo-blocking free
[75]UnspecifiedT2TNoYesPKIArtix-7 FPGALimited resourcesVerifier database without CRPs
[76]APUFT2TNoYesECCXilinx zynq:7000 zc706Limited database securityStrong logic control
[77]XOR-PUFT2MNoNoHashSimulationInfective spoofing attackVerifying without CRPs
[78]UnspecifiedT2TNoYesHashArduino Mega 2560/dueHigh cost of storing eCRPsAutomated authenticate
[79]SRAM-PUFT2TNoYesHashArduino Mega 2560/dueUnstable cell in SRAMEffects of memory storage
[80]UnspecifiedT2TNoNoHash-Limited encryptionLow-cost devices using PUFs
[81]UnspecifiedT2MNoYesHashZolertia Zoul RemoteLimited encryptionLess constrained resources
[82]UnspecifiedT2TNoYes--Limited encryptionPrevents machine learning attack
[83]RO-PUFT2TNoYesHashFPGA platformLimited evaluation and attackImproved CRO PUF circuits with latch structure.
[84]UnspecifiedT2TNoNoHash + XOR(AVISPA) simulation tool + BAN logicCommunication cost is undesirableLight weight
[14]SRAMT2TYesNo-MSP430 controllersTime is not mentionedSecure channel
[85]UnspecifiedT2TNoYesElliptic curveCC2538 SoC modelStorage costSecure channel
[86]UnspecifiedT2TNoNoXOR-Benchmark not clear-
[87]UnspecifiedT2TNoYesXOR+hash-Limited encryptionLight weight
[18]SPUFT2TYesYes-Xilinx XC7A35-T FPGALimited encryptionDoes not utilize cryptography
[88]UnspecifiedT2TNoYesXOR, hash, and ECCXilinx FPGA Zynq-7Limited encryptionGood resistance
[89]APUFT2TNoNo---Very high resilience
[90]UnspecifiedT2TNoNoHash-Easy to attack session keyGood communication overhead
[91]UnspecifiedT2TYesYesHash-Does not support PUF interference attack
caused by noise		Covers various types of cryptographic protocols
[92]UnspecifiedT2TYesYesLBRAPS--Vulnerable to
secret disclosure attack and desynchronization attack
[17]UnspecifiedT2TYesYes-NodeMCU
v3 and Raspberry Pi 3B		Too many stages in authenticationGood resistance
[93]XOR-PUFT2TYesYesXORXilinx XC5LVX110TExcessive storage space to store e-CRPsGood resistance
[94]UnspecifiedT2TYesYesHash, XOR-Excessive storage spaceIntegrity
[95]UnspecifiedT2TYesYesHash, XOR--Evaluates PUF attributes
[96]UnspecifiedT2TYesYesEC, Hash -Many parameters-
Table 7. An explanation of terms of PUF-Based Authentication and Its Communication Protocol.
Table 7. An explanation of terms of PUF-Based Authentication and Its Communication Protocol.
SymbolExplanationSymbolExplanation
CoAPConstrained Application ProtocolAMQPAdvanced Message Queuing Protocol
MQTTMessage Queuing Telemetry TransportHTTPHypertext Transfer Protocol
DDSData Distribution ServiceUDP-basedUser Datagram Protocol
XMPPExtensible Messaging and Presence ProtocolModbus-TCPModbus Communication Protocol
Table 8. PUF-based authentication and its communication protocols.
Table 8. PUF-based authentication and its communication protocols.
FeatureCurrent IoT ProtocolsObjectivesResultsEvaluation MethodsMajor Disadvantages
StudyAnalyzer Tools (Hardware + Software)Metrics
[97]CoAP, MQTT, AMQPDesign and build an application layer framework to assess and discover how these protocols work. Experiments were performed on a realistic testbed with wired, Wi-Fi, and 2/3/4G networks.CoAP performs reliably during connection and is less network-dependent.Wireshark, RabbitMQ, Eclipse Mosquitto, Libcoap Server, PythonNumber of messages, number of packets, bandwidth utilizationLimited client/server approach.
[98]MQTT, CoAP, AMQP, HTTPReview MQTTSN, MQTT, CoAP, AMQP, DDS, and XMPP data protocols of the IoT and evaluate these protocols with demanding issues such as caching, security, support to QoS, and resource discovery.In system control, instant messaging, and VoIP for communication,
XMPP exhibits superior results due to its XML stanza-based transmission and lightweight carrying of messages with lower propagation delay.		ContikiNetwork message size, packet loss rate, latency bandwidth consumptionMissed performance metrics.
[99]MQTT, CoAP, DDS, custom UDP-basedProvide a quantitative comparison of the performance of IoT protocols.DDS demonstrates greater bandwidth utilization than MQTT and superior operation regarding data latency and reliability.NetEM, Wireshark, Hacks, eHealth sensor, Raspberry Pi, central ServerBandwidth consumption, system latency, system packet lossMissed performance metrics.
[100]AMQP, MQTTFocus on two protocols, AMQP and MQTT, which are the foundation for the effective functioning of the entire IoT system.MQTT is an efficient protocol and use of the transmission line. AMQP is a recent, advanced, reliable, and superior security protocol.Python, laptop with 2GB RAM, NetEm, Fanout ExchangePacket transmission timeInsufficient metrics.
[101]HTTP, MQTT, AMQP, CoAP, XMPPPresent a comprehensive review of the existing messaging protocols that can be used in deploying IoT systems.Basic protocol characteristics that need to be studied when making and deploying IoT systems.NoNoNo metrics for security.
[102]MQTT, AMQP, XMPP DDS, HTTP, CoAPPresent potential protocol candidates and compare between them in performance metrics.The two most mature choices to consider, which are also favored by developers, are MQTT and RESTful HTTP.NoLatency, bandwidth consumption and throughput, energy consumption securityNo metrics for security.
[103]WebSocket, CoAP, and MQTTConstruct a conceptual model for obtaining and evaluating WebSocket, CoAP, and MQTT protocols.MQTT with QoS demonstrates the second-best overhead. WebSocket demonstrates almost the same throughput as MQTT with QoS 0.Raspberry Pi model B, WiresharkPacket lossNo metrics for security.
[104]MQTT, CoAP, Modbus-TCPDesign a new scheme for communication protocols of IoT devices and incorporate the formats of the data gathered by numerous IoT devices.A new model was assessed with three key performance indicators, and the proposed IoT-CPCS method can enhance the application affinity of the IoT to facilitate wider promotion.WireShark, Amazon AWS platform, Python 3.7Conversion time, average latency, system throughputKPI for security was not included.
[105]CoAP, MQTT, XMPP, TLSInvestigate three IoT communication protocols: MQTT/TLS, CoAP/DTLS, and XMPP/TLS.Overhead and latency both increased at least threefold for each protocol.Arduino Uno Rev3, WireShark, Raspberry Pi 3 Model BPacket overhead, latency, scalabilityIncreased latency time.
[106]MQTT, AMQP, CoAP, XMPPPresent the functions of the IoT and its applications in various domains such as smart cities, health care, environmental, Industry 4.0, and beyond and infrastructural applications.This paper reviews modern IoT technologies and use cases, future-generation protocol. IoT disputes were examined to enhance R&D in the fields.N/AApplication focus areaFew metrics.
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Alhamarneh, R.A.; Mahinderjit Singh, M. Strengthening Internet of Things Security: Surveying Physical Unclonable Functions for Authentication, Communication Protocols, Challenges, and Applications. Appl. Sci. 2024, 14, 1700. https://doi.org/10.3390/app14051700

AMA Style

Alhamarneh RA, Mahinderjit Singh M. Strengthening Internet of Things Security: Surveying Physical Unclonable Functions for Authentication, Communication Protocols, Challenges, and Applications. Applied Sciences. 2024; 14(5):1700. https://doi.org/10.3390/app14051700

Chicago/Turabian Style

Alhamarneh, Raed Ahmed, and Manmeet Mahinderjit Singh. 2024. "Strengthening Internet of Things Security: Surveying Physical Unclonable Functions for Authentication, Communication Protocols, Challenges, and Applications" Applied Sciences 14, no. 5: 1700. https://doi.org/10.3390/app14051700

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop