NFC Secure Element-Based Mutual Authentication and Attestation for IoT Access
Citations Over TimeTop 10% of 2018 papers
Abstract
Certain resourceful and powered Internet of Things (IoT) can become victims to launch cyber attacks. Near field communication (NFC) can be used for their secure on-demand access. In this paper, we present a novel framework for the NFC secure element (SE)-based mutual authentication and attestation for IoT access with a user device such as a mobile device using NFC-based Host Card Emulation (HCE) mode for the first time. HCE is robust as compared to the other NFC modes. A cloud-based Trusted Certified Authority (TCA) manages all cryptographic credentials and stores them in the tamper-resistant SE and Trusted Platform Module (TPM)-based attestation modules on the devices. It uses a newly proposed NFC SE-based mutual authentication and attestation (NSE-AA) protocol for proof-of-locality, end-to-end anonymous mutual authentication between the SEs and an associated remote attestation for trust. The protocol is robust and lightweight as compared to the existing schemes. We provide its informal and formal security analysis using the Real-Or-Random (ROR) model. A simulation on the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool proves its safety. We also briefly present the details of a prototype with a commercial mid-range priced mobile device and Single Board Computer (SBC)-based IoT device.
Related Papers
- → Research and application of trusted computing platform based on portable TPM(2009)7 cited
- → Trusted Attestation System for Cloud Computing Environment Using Trusted Platform Module(2017)4 cited
- Test and analysis of trusted platform module data protection(2010)
- Research on Trusted Platform Module(2006)
- Flexible Trusted PC and Its Realization(2007)