Lightweight and Privacy-Preserving Two-Factor Authentication Scheme for IoT Devices

Device authentication is an essential security feature for Internet of Things (IoT). Many IoT devices are deployed in the open and public places, which makes them vulnerable to physical and cloning attacks. Therefore, any authentication protocol designed for IoT devices should be robust even in cases when an IoT device is captured by an adversary. Moreover, many of the IoT devices have limited storage and computational capabilities. Hence, it is desirable that the security solutions for IoT devices should be computationally efficient. To address all these requirements, in this paper, we present a lightweight and privacy-preserving two-factor authentication scheme for IoT devices, where physically uncloneable functions have been considered as one of the authentication factors. Security and performance analysis show that our proposed scheme is not only robust against several attacks, but also very efficient in terms of computational efficiently.


I. INTRODUCTION
T HE Internet of Things refers to the environment or framework which enables everyday objects in our world to have network connectivity and the ability to send and receive data. Usually, devices in IoT systems have limited power, storage, and processing capabilities. In addition, IoT devices are often deployed in the open and public places, which may cause them to be vulnerable to physical and cloning attacks. Therefore, it is important that any security solution designed for IoT devices should not only be efficient but also detect any violations of physical security of the IoT devices. In these scenarios, conventional password-based or secret-keybased authentication schemes, in which a shared secret is the only authentication factor, is not enough for addressing the security problems. In this context, an adversary who has physical access to an IoT device can launch various physical or side-channel attacks to acquire the device's secret, and thus compromise the device and the entire system. To overcome the above problem, we need a two-factor authentication scheme that can ensure a layered defense and at the same time, make it harder for unauthorized individuals to gain control of the IoT devices. The major benefit of two-factor authentication is to provide a more resilient way of authenticating IoT devices.
From the attackers' perspective, multiple barriers have to be overcome in order to break the security of the IoT devices.
To provide two-factor authentication to IoT devices, in addition to a password or a shared secret key as the first authentication factor, this paper proposes the use of physically uncloneable functions [1][2] as the second authentication factor. PUFs have emerged as a promising cryptographic primitive and already gained popularity in the security domain, and their practicality has also been demonstrated in many recent works. PUFs are the result of the manufacturing process of Integrated Circuits (ICs) which introduces random physical variations into the micro-structure of an IC, making it unique. It is impossible to control these variations in the micro-structure of an IC during the manufacturing process. In addition, the outputs are derived from intrinsic characteristics of the PUF's physical elements, and are therefore difficult to predict and almost impossible to clone. In this regard, PUF uses their internal structure to provide a one-way function that cannot be duplicated. The fact that PUFs are hard to predict but easy to construct and evaluate makes them a good choice for use as a security primitive for IoT devices.

A. Related Work
Many two-factor authentication schemes have been proposed in the recent years. However, majority of these schemes [22][23][24] are user centric. In these schemes, passwords and smart cards/devices are used as two-factor security. Since smart cards are not tamper proof, these schemes are often vulnerable to several physical attacks. On the other hand, recently a few interesing PUF-based authentication schemes have been proposed for IoT systems [3][4][5][6]. However, most of them are based on computationally inefficient public key systems. More recently, some PUF-based authentication protocols using symmetric key cryptosystems have been proposed. Most of these works are mainly focused on reliably computing a PUF response to a challenge [7][8]. Similarly, some literature describe techniques for implementing authentication protocols on reconfigurable hardware for the purpose of intellectual property (IP) protection [9][10]. On the other hand, PUFs are also used for designing authentication protocols for wireless sensor networks (WSNs) and radio frequency identification (RFID) systems [11][12][13]. Recently Aman et al. proposed two PUF-based mutual authentication protocols for IoT systems [14]. However, their scheme cannot ensure the privacy of the IoT devices. In addition, noise and sensitivity to environmental factors are still important factors in PUF design, which may result in one or several of the output bits of the PUF being incorrect for any challenge. However, the scheme presented in [14] does not support noisy PUF environment.
To address all the above issues, in this article we propose a lightweight and privacy-preserving two-factor authentication scheme for IoT devices. In our proposed scheme, PUFs have been considered as one of the authentication factors. Moreover, to address the issue of noise during the PUF's operation, the concept of reverse fuzzy extractor has been exploited. In a nutshell, this article makes the following three major contributions: A novel privacy-preserving two-factor authentication protocol for IoT devices. (ii) Consideration of noise factor in the PUF design. (iii) A computationally efficient security solution, which is feasible for resource constraint IoT devices.
The rest of the article is organized as follows. In Section II, we first provide a brief introduction to PUFs and fuzzy extractors. This section ends with the description of the system model of our proposed system. In Section III, we present our proposed privacy-preserving two-factor authentication protocol for IoT devices. Security of the proposed scheme is analyzed in Section IV. Performance analysis of the proposed protocol is then provided in Section V. In Section VI, we formaly analyzed the security odf our proposed scheme using BAN logic. Finally, conclude our article with concluding remarks in Section VII. The symbols and cryptographic functions used in the proposed scheme are defined in Table I.

A. Fuzzy Extractor
A fuzzy extractor (d, λ) [15][16][17][18] is composed with two algorithms: FE.Gen and FE.Rec. FE.Gen is a probabilistic key generation algorithm, which takes a bit string R as input and outputs a key K and helper data hd , i.e., (K, hd) = FE.Gen(R). On the other hand, FE.Rec is a deterministic reconstruction algorithm that recovers the key K from the noisy input variable R and the helper data hd i.e., K = FE.Rec (R , hd), if the Hamming distance between R and R is at most d. A fuzzy extractor (FE) ensures security in the extraction of a strong cryptographic key if the min-entropy of the input R is at the minimum λ, and K is close to a uniformly random distribution in {0, 1} k . Since repeated exposure of the helper data may result in additional min-entropy loss [17][18], the helper data should not be exposed during the execution of the authentication protocol.

B. Physically Uncloneable Function
A PUF is characterized by a challenge-response pair (CRP). It is an IC which takes a string of bits as an input challenge and produces a arbitrary string of bits called the response. The response R of a PUF PUF D to a challenge C can be represented as follows: R = PUF D (C). We say PUF D is a (d, n, l, λ, )-secure PUF if the following requirements hold: 1) For any two PUFs PUF D1 (·) and PUF D2 (·), and Here, HD represents the Hamming distance. 2) For any PUF PUF D (·) and for any input which denotes that the min-entropy of the PUF output is always larger than λ with high probability, when the intra-distance, i.e., the distance between two PUF responses from the same PUF instance and using the same challenge is smaller than d, and the interdistance, i.e., the distance between two PUF responses from different PUF instances using the same challenge is greater than d.

C. System Model
In this paper, we consider the same system model as that proposed in Aman et al.'s scheme [14]. The system model is composed of two major entities: a set of IoT devices and a server located in a data and control unit. Here, IoT devices can communicate and send their data to the server of a data and control unit by using the Internet. It is assumed that all the IoT devices are equipped with a PUF, where any attempt to tamper with the PUF will change the behavior of the device and render the PUF useless. In addition, here we also assume that IoT devices have limited resources while the server in the data center is trusted and has no such resource limitation. Our system model is depicted in Fig. 1.

III. PROPOSED SCHEME
In this section, we present a practical anonymous authentication scheme, which consists of two phases: Setup, and Authentication.

A. Setup Phase
The operations of the setup phase are carried out over a secure channel. To start the setup phase, an IoT device D i sends its identity along with a registration request to the server. Upon receiving the request, the server first randomly generates a challenge C for the next interaction with the device D i . Then the server also generates a set of new challenges C syn = {c 1 , · · · , c n } for resynchronization with device D i and sends {C, C syn } to the device. After receiving the challenges {C, C syn }, the device extracts the PUF outputs R = PUF Di (C) and R syn = PUF Di (C syn ), and sends {R, R syn } to the server. Hereafter, the server first generates a one-time alias identity AID = h(R||MK ), and a secret key K ds , which will be used as the first authentication factor for proving the legitimacy of the IoT device D i . Here, MK denotes the master key of the server. Next, the server also generates a set of unique fake identity and synchronization key pairs (FID, K syn ) = {(fid 1 , k 1 ), · · · , (fid n , k n )} and sends {(AID, K ds ), (FID, K syn )} to device D i . Finally, for IoT device D i , the server will store {(AID, K ds ), (C, R), (C syn , R syn ), (FID, K syn )} in its database and the device stores {(AID, K ds ), (FID, K syn )}. Details of this phase are depicted in Fig. 2.

B. Authentication Phase
Our authentication phase consists of the following steps: Step 1 (Request for Interaction): When a IoT device D i wants to interact with the server, then the device first selects the one-time alias identity AID. It then generates a random number N d and computes N * d = N d ⊕K ds . Finally, the device composes a request message M 1 : {AID, N * d } and sends it to the server for interaction.
Step 2 (Server Response): After receiving the authentication request message M 1 , the server first locates one-time alias identity AID in its database and subsequently reads and loads {(C, R), K ds } into its memory. Hereafter, the server generates a nonce N s and computes N * s = K ds ⊕ N s , a keyhash response V 0 = h(N d ||K ds ||N * s ) and then composes a response message M 2 : {C, N * s , V 0 } and sends it to the device.
Step 3 (Server Authentication): Next, upon receiving response message M 2 , the device extracts the PUF output R = PUF Di (C) and subsequently computes then checks the key-hash response V 0 . If it is not valid, the device terminates the execution of the protocol. Otherwise, the device authenticates the server and decodes N s = K ds ⊕ N * s , obtains the key-element and heper data from the helper data generation algorithm FE.Gen i.e., (k, hd ) = FE.Gen(R ). After that the device calculates hd * = h(K ds ||N s ) ⊕ hd , Then, the device forms a message M 3 : {R * new , V 1 , hd * } and sends it to the server.
Step 4 (Device Authentication): After receiving message M 3 , the server first computes and decodes the helper data hd = h(K ds ||N s ) ⊕ hd * , and obtains the key-element k = FE.Rec(R, hd ) from the reconstruction algorithm FE.Rec. Hereafter the server verifies the key-hash response V 1 . If the verification is successful, then the server authenticates the device and calculates the session key sk = h(K ds ||k||N d ). After that, the server computes the new challenge C new = h(C||k), and decodes the new PUF output R new = k ⊕ R * new and updates the alias identity AID new = h(AID||k), and the K ds = h(k||K ds ). Finally, the server stores {(AID new , K ds ), (C new , R new )} for the next interaction with the device. Now, if the server cannot recognize the IoT device in Step 2, then the server asks the device to try again by using one of the unused pairs of (fid x , k x ) ∈ (FID, K syn ). Once a pair is used up, it must be deleted from both the ends. In this case, the server will select one of the unused CRPs from (C syn , R syn ) and a new alias identity will be provided to the device. Finally, the CRP for this resynchronization also needs to be deleted from (C syn , R syn ). In this way, the proposed scheme can handle the desynchronization problem without compromising anonymity support. Details of this phase are depicted in Fig.  3.

IV. SECURITY MODEL AND ANALYSIS
In this section, we first define our security and privacy model and subsequently, we use them to analyze the security of the proposed scheme.

A. Security Model
Consider a set of IoT devices D = {D 1 , D 2 , · · · , D n } that communicate with the trustworthy server S of the data and control unit. The server executes a setup algorithm Setup(1 k ) for enrolling into a trusted environement and a public parameter pp and secret key K ds are generated for initialization.
Here, pp denotes all the available public parameters (crypto suites) of the environment (e.g., PUF output length, coding mode, pseudo-random function (PRF) algorithm name, etc.) In the authentication phase of the proposed scheme, these parties communicate through an insecure network and mutually authenticate each other. At the end of the authentication process, the parties output 1 (Accept) or 0 (Reject) as the outcome of the authentication process, respectively. We call the communication sequence between the two parties (the server, and the IoT device) is a unique session and a session identifier sid is used for distinguishing each session. We say that a session has a matching session if the messages exchanged between S and devices in D are honestly transferred until they authenticate each other.
We now consider the following security game (denoted by Exp Sec Π,A (λ)) between a challenger C and adversary A against a mutual authentication protocol Π: At the end of the setup phase, A can issue the following oracle queries: The advantage of the adversary A against Π, denoted by Adv Sec Π,A (λ), is defined as the probability that Exp Sec Π,A (λ) outputs 1 when sid * of P has no matching session. Definition 1. An authentication protocol Π is resilience to the man-in-the-middle attacks with key compromise if for any probabilistic polynomial time adversary A, Adv Sec Π,A (λ) is negligible, i.e., Adv Sec Π,A (λ) ≤ , (for large enough λ).

B. Privacy Model
Now we consider the indistinguishability-based privacy. In that case, the adversary selects two IoT devices and tries to distinguish the communication derived from the two devices. The privacy experiment between the challenger C and adversary A := (A 1 , A 2 , A 3 ) is then described as follows: After the execution of the setup phase, the adversary A 1 issues the oracle queries and sends the queries with IoT device identities (D * 0 , D * 1 ) to challenger C. After that, C flips a random coin b U ← − {0, 1} and allows the adversary to communicate with D * b in an anonymous way. For the accomplishment of anonymous access, A 2 calls the SendD query with intermediate algorithm I as the input to honestly transfer the communication message between A 2 and D * b . After the challenge phase, A 3 can continuously interact with all devices, including (D * 0 , D * 1 ), as A 1 . Next, D * 0 and D * 1 call the Execute query to avoid trivial attacks (e.g. man-in-themiddle attacks) in the symmetric key based construction, and after that, they send their transcripts (Π 0 , Π 1 ) and (Π 0 , Π 1 ) to the adversary. The advantage of the adversary in guessing the correct tag bit can be defined as

C. Security Analysis of the Proposed Authentication Protocol
Next we consider the above models for analyzing the security of the proposed authentication protocol.
Theorem 1:Let h be a secure pseudorandom function, FE be a (d, λ)-fuzzy extractor, and consider a (d, n, l, λ, )-secure physically uncloneable function. Then, the proposed mutual authentication protocol is secure against man-in-the-middle attacks with memory leakage.
Proof. The goal of the adversary A is to violate the security experiment and convince the device and the server to accept the session without a corresponding matching session, while communication is modified by the adversary. Now we consider the following game transformations. Let X i be the advantage that the adversary wins the game in Game i.
Game 0: It represents the original game between the challenger C and the adversary.
Game 1: C randomly guesses the identity of the device D * U ← − {D 1 , · · · , D n }. If the adversary does not impersonate D * , then C aborts the game.
Game 2: Assume that l is the upper bound on the number of sessions that the adversary can establish in the game. For 1 ≤ j ≤ l, we evaluate or change the related variables in the session between the server unit and D * as per following games and its variations: • Game 2(j, 1): In the j-th session, C evaluates the output of the PUF implemented in D * . If the output of the PUF does not have enough entropy or is correlated to the other outputs derived from the inputs to the PUF, C aborts the game. • Game 2(j, 2): The output from the fuzzy extractor (k, hd ) is turned into a random variable. • Game 2(j, 3): In this game the output from the pseudorandom functions (PRF) h(k, ·) and h(K ds , ·) is derived from a truly random function.
• Game 2(j, 4): In this game the output from the PRF h(K syn , ·) is derived from a truly random function. • Game 2(j, 5): In this game, we alter the XORed output R * new = k ⊕ R new , and hd * = h(K ds ||N s ) ⊕ hd to arbitrarily chosen R * new , hd * U ← − {0, 1} |R * i+1 ,hd * | . The main idea of the security proof is to modify the messages corresponding to the IoT device D * to arbitrary strings. We proceed with the game transformation starting with the first call of the device D * . After that, we gradually change the communication message from Game 2(j, 1) to Game 2(j, 5). We move to the next section, once these transformations are finished. Through these game transformations, we show that the advantage of the adversary against the authentication protocol can be limited to negligible values as shown in the results of Lemma 1 through 5.
Lemma 1: If the numbers of IoT devices is n, then X 0 = nX 1 .
Proof. We say the adversary wins the game when she/can can convince the device or server to accepts the session while communication is modified by the adversary. Since we consider that there are n IoT devices, C correctly guess the related session with probability 1/n. Lemma 2: If PUF Di is a (d, n, l, λ, )-secure PUF, then X 1 = X 2(j,1) and X 2(j,5) = X 2(j,1) for any 2 ≤ j ≤ l.
Proof. Given that the PUF is (d, n, l, λ, )-secure, its intradistance is less than d, its inter-distance is larger than d, and the min-entropy of the PUF is lager than λ. In addition, the PUF also has the property that even if the input to the PUF is exposed, the output derived from the input maintains sufficient min-entropy property and the outputs are thus uncorrelated. Now, if an adversary issues the reveal query and obtains the stored information from the PUF's memory, then, since the games in X 1 , X 2(j,1) and X 2(j−1,5) are based on the above condition, the gap between them is bounded by . Therefore, we can write X 1 − X 2(j,1) ≤ and X 2(j,5) − X 2(j,1) ≤ . This means there is no effect on proceeding with the game transformations.
Lemma 3:If the FE algorithm is a (d, λ)secure fuzzy extractor, then no attacker can distinguish the difference between the game X 2(j,1) and X 2(j,2) , ∀ 0 ≤ j ≤ l Proof. As mentioned in the proof of Lemma 2, the PUF used in the protocol ensures a min-entropy of λ. Then the operation of the (d, λ) fuzzy extractor ensures that the output of the fuzzy extractor is close to random and no adversary can distinguish the difference between Game 2(j, 1) and Game 2(j, 2). Therefore, the advantage of the adversary in distinguishing between these two games can be represented as X 2(j,2) − X 2(j,1) ≤ .
Lemma 4: Let Adv PRF h(·),β (k) denote the advantage of β to break the security of the PRF h(·). Then, ∀ 1 ≤ j ≤ l, we have X 2(j,2) − X 2(j,3) ≤ Adv PRF h(·),β (k). Proof. Now, an algorithm β is constructed which breaks the security of the PRF h(·). β sets up all the security credentials and simulates our protocol except for the i-th session (the current session). β can access the real PRF h(k, ·) or a truly random function. When the adversary invokes the i-th session, β sends the uniformly random challenge {N * s U ← − {0, 1} k } as the output of the server. When A sends N # s to the device, β continues the computations as per the protocol specification and issues N # s to the oracle instead of the normal computation of h(·). After receiving V 1 , β outputs {R * new , hd * , V 1 } as the response of the device. When the adversary sends {R # new , hd # , V # 1 }, β issues N # s to the oracle and obtains V 1 , which is used to authenticate the device.
If β accesses the real PRF, this simulation is equivalent to the Game 2(j, 2). Otherwise, the oracle query issued by β is completely random, and its distribution is equivalent to that in Game 2(j, 3). Therefore, we can write |X 2(j,2) − X 2(j,3) | ≤ Adv PRF h(·),β .
The proof for lemma follows along the lines of the proof for Lemma 4.
Proof. In the three games considered in this lemma, the fuzzy extractor FE and the PRF h(·) are changed to the truly random function. Therefore, k and h(K ds ||N s ) are used as effective one-time pads to encode R new and hd new , respectively. Therefore, no adversary can differentiate R * new = k ⊕ R new , and hd * = h(K ds ||N s ) ⊕ hd from a randomly chosen string.
Theorem 2: Let FE be a (d, λ) fuzzy extractor and consider a (d, n, l, λ, )-secure physically uncloneable function. Also, let h be a secure pseudorandom function. Then the proposed protocol satisfies indistinguishability-based privacy.
Proof. The proof for this theorem is similar to that for Theorem 1, where we have shown that the proposed authentication protocol holds security against forgery attacks. According to the game transformation described in the proof of Theorem 1, if we continuously modify the communication messages for device D * 0 and D * 1 , then the whole transcript will be identical to a random string. Thus, no information that identifies the challenger's coin will be leaked. Since all the identity related parameters stored in the memory such as {(AID, K ds ), (FID, K syn )} are randomly generated and each pair can only be used once, these parameters do not provide any information about the real identity of the device. The probability that the challenger can identify D * 0 and D * 1 so the game transformation is finished within a polynomial time is 1/n 2 . Therefore, we can argue that the proposed scheme holds indistinguishability-based privacy.

D. Informal Security Analysis
We now provide an intuitive reasoning to demonstrate how the proposed protocol fulfills some of the security requirements such as mutual authentication, privacy of the IoT devices, etc. 1) Mutual Authentication: In the proposed scheme, only the legitimate device D i with the correct two factors (i.e., secret key K ds , and PUF PUF Di ) can obtain N s = K ds ⊕ N * s , R = PUF Di (C), and (k, hd ) = FE.Gen(R ) to generate a valid key-hash response V 1 = h(N s ||k||R * new ||hd * ). Thus, the server can authenticate the device by using the parameter V 1 . On the other hand, only the server who knows the secret key K ds can compose a valid respond message M 2 . Thus, the device can authenticate the server when it can successfully validate the key-hash output V 0 = h(N d ||K ds ||N * s ). Therefore, the proposed protocol is able to provide mutual authentication. 2) Session Key Agreement: In the proposed scheme, at the end of the mutual authentication phase, both the device and the server share the identical session key sk = h (K ds ||k||N d ). Therefore, the proposed scheme is able to provide session key agreement. 3) Privacy of the IoT Devices: During the execution of the proposed authentication protocol, for each session, a device needs to use a valid one-time alias identity AID which cannot be used twice. Therefore, no one except the server can recognize the activity of the IoT device. Besides, in case of loss of synchronization, the device needs to use one of the unused fake identities fid j from FID = {fid 1 , · · · , fid n }. After that, the device needs to delete this identity from its memory. Therefore, changing the identities in each session ensures identity intractability. This approach of the proposed scheme is quite useful for achieving privacy against eavesdropper (PAE). 4) Protection Against Physical Attacks: Suppose an adversary wants to perform physical tampering on an IoT device in order to compromise it or influence its behavior. However, any such attempt to tamper with the device changes the behavior of the PUF embedded in it and renders the PUF useless. Consequently, during the execution of the proposed authentication protocol, the PUF will not be able to produce the desired output R = PUF Di (C). Therefore, the server can comprehend such attempts at tampering. On the other hand, since PUFs are safe against cloning and a PUF cannot be recreated [19], the proposed scheme can be considered safe against cloning attack. 5) Protection Against Impersonation Attacks: The proposed protocol has the ability to prevent the impersonation attacks, which can be shown as follows. An attacker cannot impersonate an legitimate IoT device D i , since he/she does know the shared key K ds and also cannot obtain the PUF ouput R =PUF Di (C ). Without the knowledge of R and K ds the attacker cannot compute (k ,hd ) = FE.Gen(R ), V 1 = h(N s ||k||R * new ||hd * ), and the session key sk =h(K ds ||k||N d ) and thus cannot construct the valid response in message M 3 . Similarly, an attacker cannot impersonate the server since he/she cannot obtain a valid CRP (C , R) and the shared key K ds . Without a valid CRP and shared key K ds the attacker cannot construct a valid response as in message M 2 . Moreover, even if the attacker captures the IoT device he/she cannot obtain a valid CRP because any attempt to remove the PUF from the IoT device destroys. 6) Protection Against Message Tampering Attacks: The proposed protocol uses the key-hash function and the concept of challenge-response to verify the source, integrity, and freshness of the messages. The intended receiver can identify any alteration of a received message using the key-hash output. For instance, if an attacker attempts to change the contents of message M 2 of the protocol, i.e., N * s = K ds ⊕N s , the device can identify that by using the key-hash response V 0 = h(N d || K ds ||N * s ) which can not be constructed without knowledge of the secret key K ds . On the other hand, if the attacker attempts to change the contents of message M 3 , the server can easily comprehend that by checking the keyhash response V 1 = h(N s ||k||R * new ||hd * ), where only the legitimate server can reconstruct the keying element k =FE.Rec(R, hd ). 7) Protection Against Replay Attacks: In the proposed scheme, an adversary cannot replay the message M 1 : {AID, N * d } since AID changes in each session. The adversary cannot reuse the message M 2 since a new challenge C is used in each session. Similarly, an adversary also cannot resend the message M 3 since a new response R new is used in each session. In this way, we ensure the security against replay attacks.

V. PERFORMANCE ANALYSIS AND COMPARISON
To show the advantage of our proposed scheme, now we first compare the proposed scheme with three recently proposed user's centric two factor authentication schemes. From Table  II, we can see that, the proposed scheme is secure against all the imperative security threats and accomplishes diverse features. On the other hand, according to [24] the scheme presented in [23] cannot ensure the untracebility support and the scheme presented in [22] is vulnerable to password guessing attacks. In addition, since to ensure prevention against replay attacks the schemes presented in [22] and [24] are merely rely upon the timestamp. Hence, they are susceptible to clock synchronization problem. Nevertheless, none of these schemes ( [22][23][24]) can guarantee the security of the user's device, where the devices are vulnerable to physical and cloning attacks. On the other hand, Table II also shows that all these user's centric authentication protocols ( [22][23][24]) are based on the computationally expensive elliptic-curve cryptosystem (ECC). Whereas our proposed scheme is based on the computationally efficient symmetric key crypto-systems such as PUF and fuzzy extractor, etc. which are suitable to resource limited IoT devices.
Next, we compare the proposed lightweight and privacypreserving two-factor authentication scheme with a recently proposed PUF-based mutual authentication scheme for IoT devices [14]. In [14], the IoT devices only use PUFs and do not maintain any secret key for authentication. Hence, it does not provide two-factor secrecy. Moreover, in the scheme presented in [14], the devices use their original identity during the execution of the authentication phase. Accordingly, an outside adversary can monitor the activities of the IoT devices. Therefore, Aman et al.'s scheme cannot guarantee the privacy of the IoT devices. Furthermore, even though differential design methodologies can improve reliability, noise is still an important factor in PUF design [19]. In this regard, for any given challenge, noise may result in one or several bits of the output to be incorrect. However, this important issue has been overlooked in [14].   On the contrary, in the proposed scheme, each IoT device maintains two factors (i.e., secret key K ds , and its PUF PUF Di ) for proving its legitimacy to the server. In addition, in the proposed scheme, the devices use their one-time alias identity or unused fake identity for each session. Therefore, it will be difficult for an outside adversary to comprehend the activities of the IoT devices. Furthermore, we address the noise issue in PUF operation in the proposed scheme by using the concept of reverse fuzzy extractor. From Table II and Table  III, we can see that the proposed scheme can support all the desirable security properties, which are of great importance for the security of IoT devices.
Next, we consider the computation cost for comparing the proposed scheme with respect to [14]. Table IV [14]. Now, for rigorously analyzing the performance of the proposed protocol with respect to [14], we conducted simulations of the cryptographic operations used in the proposed scheme and [14] on an Ubuntu 12.04 virtual machine with an Intel Core i5-4300 dual-core 2.60 GHZ CPU (operating as a server). To simulate an IoT device, we used a single core 798 MHz CPU with 256 MB of RAM. Our simulations used the JCE library [20] to evaluate the execution time of the cryptographic primitives (shown in Table IV) used in the proposed scheme and [14]. For these results, we considered the 128-bit arbiter PUF for PUF operation and for FE.Gen and FE.Rec operations, we adopted the code offset mechanisms using BCH [21].
Based on the simulation results of Table IV, we see that in [14] an IoT device takes 9.36 ms to compute 2N H +3N MAC + N SD + 2N PUF operations and the server takes 3.85 ms for executing 2N H + 3N MAC + N SE operations. Therefore, the overall computational cost of the scheme presented in [14] is 13.21 ms. On the other hand, in the proposed scheme the computation cost at the IoT devices is 2.92 ms for executing 5N H +N FE .Gen +2N PUF operations and server takes 3.39 ms to compute 5N H + N FE .Rec operations. Therefore, the overall computational cost of the proposed scheme is 6.31 ms, which is significantly lower than [14]. Hence, it can be argued that the proposed scheme is secure and more efficient for resource limited IoT devices.

VI. FORMAL ANALYSIS OF THE PROPOSED SCHEME USING BAN LOGIC
In this section, we present a formal analysis of the proposed scheme using the Burrows-Abadi-Needham logic [25], generally known as BAN logic. The BAN logic model provides primitives that describes the beliefs of the principles involved in a crypto system.

A. BAN logic and its Enhancement
The BAN logic is based on the a set of postulates and assumptions and it uses three objects: principals, encryption keys, and logic formulas. The main construction of BAN logic is described as follows.
• P | ≡ X represents P believes X.
• P X represents P sees X. • P | ∼ X represents P said X. • P | ⇒ X represents P has jurisdiction over X. • #(X) represents that the formula X is fresh and X has not been sent in a message at any time before the current execution of the proposed scheme. • P K ← → Q represents P and Q share a secret K. • P X represents P is capable of processing formula X.
• {X} K represents that formula X is encoded/encrypted using key K. The set of inference rules of BAN logic that are required in the analysis of our proposed scheme are described below.
1) Message-meaning rule R1: 2) Nonce-verification rule R2: P |≡ #(X), P |≡ Q |∼ X P |≡ Q |≡ X ; 3) Jurisdiction rule R3: P |≡ Q |⇒ X, P |≡ Q |≡ X P |≡ X ; 4) Seeing rules R4: P (X,Y ) P X ; R5: P |≡ P K ← → Q, P {X} K P X ; 5) Fresh rule R6: P |≡ #(X) P |≡(X,Y ) ; 6) Belief rule R7: P |≡(X,Y ) P |≡ X ; To analyze the properties of the proposed scheme, we need to extend the conventional BAN logic with the following rules: ER1: P |≡ Q K ← → P, P f (X,Y ) P |≡ Q |∼ Y and ER2: P |≡ X − → Q, P X P |≡ Q |∼ X . Extension rule ER1 specifies that if key K is shared between P and Q, and function f that compares formulas X and Y is satisfied, then it also verifies the originality of principle Y . Extension rule ER2 denotes that the verification root of X.
Next, we note that S | ≡ D i | ∼{AID} since S | ⇒ AID and S | ∼ AID. Therefore, using ER1 and R3 we can show that , the proposed scheme achieves identity authentication with the following statements: This proves the correctness of the proposed two-factor authentication scheme.

VII. CONCLUSIONS
In this paper we presented a novel privacy-preserving twofactor authentication protocol for IoT devices, which allows an IoT device to anonymously communicate with the server located at the data and control unit. We showed that the proposed scheme remains secure even if an adversary has physical access to an IoT device. The proposed protocol provides the desired security characteristics efficiently by exploiting the inherent security features of PUFs. Hence, we argue that the proposed scheme is be a viable and promising solution for the security of IoT devices.