Search Results (560)

Physical unclonable function (PUF) based on intrinsic device randomness has emerged as promising hardware security primitives, yet combining secure encryption with neuromorphic recognition within a single device platform remains challenging. Here, we demonstrate a photosensing PUF based on an intrinsically random SnTe memristor capable of both image encryption and memristive neural network recognition. The SnTe memristor, fabricated with an In₂O₃:SnO₂/SnTe/Nb:SrTiO₃ structure, exhibits stable resistive switching and stable retention exceeding 4000 s. Synaptic biomimetic behaviors including learning-experience emulation, short-term plasticity and long-term plasticity are also realized. Notably, the device displays pronounced optical sensitivity that produces stochastic photocurrent fluctuations originating from unavoidable device-to-device variations under illumination. By quantizing these random photocurrents, an encryption key stream is generated and utilized for image scrambling and diffusion. A memristive neural network is constructed to classify the encrypted images, achieving a recognition accuracy of 95.1% with a loss of 0.15 after 300 training epochs. This work establishes a viable pathway from intrinsic optical randomness to secure neuromorphic computing, highlighting the multifunctional potential of SnTe memristors in integrated hardware security and brain-inspired computation. Full article

The Internet of Drones (IoD) has become an important platform for applications such as smart agriculture, industrial monitoring, and large-scale aerial sensing. However, securing IoD communications remains challenging because drones often operate in open environments and have limited computation, storage, and energy resources. Existing authentication and key agreement protocols still face practical limitations, including high computational overhead, exposure to physical capture attacks, and reliance on centralized servers for session-key generation. In this paper, we first analyze a recent IoD authentication scheme and show that it is vulnerable to session-key disclosure, offline identity/password guessing, and mobile device/drone impersonation attacks. To address these issues, we propose a lightweight Physically Unclonable Function (PUF)-based end-to-end authentication protocol for IoD environments. The proposed scheme avoids storing long-term secret keys in drone memory and enables the mobile device and drone to establish a session key directly, without involving the Ground Station Server in key derivation. The security of the proposed protocol is evaluated through informal analysis, BAN logic, the Real-or-Random model, and AVISPA simulation. The results show that the scheme resists common attacks, including replay, impersonation, stolen verifier, physical capture, and offline password guessing attacks. Performance evaluation further indicates that the protocol maintains low computational cost while providing stronger security guarantees, making it suitable for resource-constrained IoD deployments. Full article

In highly dynamic vehicular ad hoc networks (VANETs), vehicles frequently move across the coverage areas of multiple roadside units (RSUs), making secure and efficient continuous vehicle-to-infrastructure access essential. However, repeated full authentication and key agreement for each new RSU access impose considerable computational and communication overhead. This paper proposes a state-assisted privacy-preserving mutual authentication and key agreement scheme for lightweight multi-RSU access in VANETs. The proposed scheme consists of initial and subsequent authentication phases. In the initial phase, elliptic curve cryptography (ECC) is used to achieve anonymous mutual authentication and session key establishment between vehicles and RSUs. In the subsequent authentication phase, a vehicle leverages follow-up authentication state securely forwarded by the previous RSU to complete fast authentication with a neighboring RSU using only hash and XOR operations. In addition, physically unclonable functions (PUFs) are deployed on both vehicles and RSUs to protect critical secrets. Security analysis shows that the proposed scheme achieves mutual authentication, anonymity preservation, and resistance to common attacks. Performance evaluation shows that it reduces the computational cost of subsequent authentication by more than 90% while maintaining low communication overhead. Full article

While drones play important roles in areas such as communication and logistics delivery, they have certain limitations in emergency rescue scenarios due to their inability to carry passengers. Building on mature drone technologies such as autonomous flight and environmental perception, unmanned passenger Electric Vertical Take-off and Landing (eVTOL) aircraft are designed with a manned cabin, enabling them to operate without an onboard pilot while rapidly transporting injured people. Consequently, eVTOLs can play a significant role in emergency rescue that cargo-only drones cannot fulfill, as they are capable of rapidly reaching emergency scenes, effectively overcoming the delays caused by traditional ground traffic congestion. Despite their potential, eVTOLs still face several critical obstacles, including signal disruption, limited coverage of dispatching centers, mutual authentication among entities, and concerns related to security and privacy preservation. As a remedy, this paper presents a lightweight authentication protocol leveraging drone assistance to overcome these challenges for unmanned eVTOL emergency rescue. In scenarios where an unmanned eVTOL experiences signal blockage due to dense urban high-rise structures, neighboring drones can serve as a transmission relay to assist the unmanned eVTOL and the dispatch center (DC) in completing mutual authentication and session key negotiation, thereby enabling the unmanned eVTOL to safely complete its mission. To enhance security, physical unclonable functions (PUFs) are integrated into unmanned eVTOLs, drones, and the DC, safeguarding sensitive data against side-channel and physical capture attacks while preserving the confidentiality of unmanned eVTOL identities to mitigate privacy risks. Our protocol achieves provable security in the random oracle model while exhibiting strong resistance to various well-known attacks. Comparative analysis with the existing drone authentication and drone-assisted emergency rescue authentication protocols reveals that our protocol not only provides stronger security guarantees but also maintains a low computational overhead. Full article

The development of sensor and communication technology has enabled the Internet of Things in healthcare. In Medical Internet of Things (MIoT) environments, sensors support real-time patient monitoring, remote diagnosis, and early disease detection. However, communication between users and sensors over public channels is vulnerable to various security attacks, making secure and lightweight authentication with session key establishment essential for protecting medical data. Recently, a lightweight and anonymous authentication protocol for MIoT environments was proposed using Physical Unclonable Functions (PUFs); however, we show that their protocol is vulnerable to eavesdropping, stolen verifier, and ephemeral secret leakage attacks, and fails to guarantee untraceability. To address these weaknesses, we propose a secure and lightweight PUF-based authentication protocol for MIoT environments. The security of our protocol is formally verified using Burrows–Abadi–Needham logic, the Real-or-Random model, and the Scyther tool. Furthermore, the practical validation of the proposed protocol is conducted on a hardware platform along with an evaluation of energy consumption based on the MIRACL cryptographic library. Performance comparisons demonstrate that our protocol achieves enhanced security properties with minimal computational overhead and communication costs. Ultimately, this research provides a secure and robust architectural option for healthcare applications aiming to preserve patient privacy in resource-constrained MIoT. Full article

With the growing security requirements of sensor nodes in Internet of Things (IoT) systems, conventional silicon-circuit-based physical unclonable functions (PUFs) still face limitations in circuit overhead, design complexity, and system integration. To address these challenges, this paper proposes a lightweight gas sensor PUF (GS-PUF) design based on a Ni-doped SnO₂ nanoscale gas sensor array. The proposed method exploits both the unavoidable process randomness introduced during sensor fabrication and the device-to-device electrical response variations induced by gas–material interactions as entropy sources, thereby enabling high-quality PUF response generation. At the device level, Ni-SnO₂ nanomaterials are prepared by electrostatic spray deposition (ESD), and an indirectly heated gas sensor array is constructed to enhance the sensitivity and stability of the sensing response. At the algorithmic level, a random resistance balancing algorithm based on multi-sensor combinational comparison is proposed. By randomly comparing the summed resistances of multiple sensor clusters, a 128-bit multi-bit PUF response is generated, while the uniformity and independence of the output bits are effectively improved. Experimental results demonstrate that the proposed GS-PUF exhibits excellent randomness, uniqueness, and reliability: the information entropy of the PUF responses is greater than 0.99, approaching the ideal value; the probabilities of output bits “1” and “0” are 0.4988 and 0.5012, respectively, indicating a well-balanced distribution; the inter-device uniqueness reaches 49.8%, close to the ideal value of 50%; all items in the NIST randomness test suite are passed, with all p-values exceeding 0.01 and the minimum p-value being 0.0368, confirming a high level of statistical randomness confidence. In addition, long-term measurements under fixed laboratory conditions show that the PUF response reliability remains above 96%. Compared with other sensor-based PUFs, the proposed method provides a lightweight sensing-security integration approach for IoT sensor nodes by reusing intrinsic gas-sensor response variations and avoiding an additional dedicated silicon PUF circuit. Full article

Because smart microgrids can flexibly integrate distributed energy resources and support grid-connected and islanded operation modes, they enhance power supply reliability and promote the efficient utilization of renewable energy. However, the open communication environment and physically exposed infrastructure introduce critical security challenges, including risks of physical hijacking and data leakage. Many existing authentication protocols either fail to address these threats or rely on heavyweight cryptographic operations such as bilinear pairings and modular exponentiation, resulting in high computational and communicational overhead. To address these issues, a lightweight authentication and key agreement (AKA) protocol for smart microgrids is proposed. The protocol symmetrically integrates Physical Unclonable Functions (PUFs) into the smart meter (SM) and smart microgrid control center (SMC) to protect stored secret information against capture attacks. Meanwhile, the SM and SMC register with the data center (DC) in a symmetric manner. During the AKA phase, the DC only assists in authenticating the identities of the SM and SMC online in a symmetric way, without participating in session key computation, thereby reducing the trust burden and computational load on the smart meters and control center. Formal security proof and informal security analysis demonstrate that the proposed protocol can resist known attacks such as physical hijacking and data leakage. Compared with existing smart microgrid authentication protocols, the proposed protocol has performance advantages and the lowest computational cost, confirming its suitability for resource-constrained microgrid environments. Full article

The rapid growth of Intelligent Transportation Systems (ITSs) necessitates secure and efficient Vehicle-to-Everything (V2X) communication. However, existing Physical Unclonable Function (PUF)-based schemes often suffer from modeling vulnerabilities and high overheads. This paper proposes a decentralized, dynamic, anonymous authentication protocol tailored for Vehicular Ad Hoc Networks (VANETs). By integrating Elliptic Curve Cryptography (ECC) with highly reliable Self-Adaption Deviation Locking PUFs (SDL PUFs), we design a dynamic Challenge–Response Pair (CRP) obfuscation mechanism. This mechanism effectively mitigates modeling threats, reducing the prediction success rate of machine learning (ML) and deep learning (DL) attacks by approximately 35% compared to raw SDL PUFs. The protocol ensures identity untraceability and forward secrecy through anonymous identifiers and ephemeral session keys. Security is formally verified under the Real-or-Random (ROR) model and validated using the AVISPA tool. Simulations in SUMO and Omnetpp demonstrate that the protocol is highly efficient, achieving a low computational overhead of 6.77 ms per entity and a communication cost of 192 bytes. Compared to state-of-the-art approaches, our solution provides superior robustness against advanced modeling attacks and significantly reduces latency, making it suitable for resource-constrained V2X environments. Full article

Embedded Field-Programmable Gate Array (FPGA)-Advanced RISC Machine (ARM) systems used in industrial and Internet of Things (IoT) environments increasingly operate as network-connected edge devices. While such connectivity enables distributed processing and remote monitoring, it also exposes embedded vision nodes to security threats, including command injection, frame replay, data tampering, and abnormal communication traffic. This paper presents a hardware-assisted security architecture for an FPGA-ARM embedded vision system designed for high-speed image acquisition and network streaming. The proposed solution integrates several lightweight protection mechanisms directly into the FPGA processing pipeline, including frame replay detection, cyclic redundancy check (CRC)-based frame integrity verification, frame sequence monitoring, authenticated command execution, communication anomaly monitoring, and hardware-rooted trust primitives, such as a ring-oscillator physical unclonable function (PUF) and a pseudo-random generator. Optional secure communication is provided via a lightweight ASCON-authenticated encryption core. The architecture was implemented on a Cyclone V System-on-Chip (SoC) platform using an industrial Camera Link camera and evaluated in a low-latency image-acquisition setup operating at 100 fps, with data throughput exceeding 1 Gbps. Experimental results demonstrate that the proposed security architecture introduces only about 1.6% additional FPGA logic utilization while maintaining full real-time acquisition performance. The presented approach demonstrates that practical hardware-level security mechanisms can be integrated into FPGA-based embedded vision nodes with minimal architectural modifications and negligible performance overhead. Full article

Inherently, there exists a significant security hole in sensor networks. The majority of sensors are not high-end Internet of Things (IoT) devices with sufficient computing resources. Connected sensors (physical nodes in real networks) are allocated to logical nodes and managed remotely by a supervisor in a virtual network. Data acquired by sensors are then collected by a data center on which artificial intelligence operates. If an adversary spoofs a logical node (e.g., an account in a transport layer security (TLS) session) of a vulnerable sensor on the network, then it can manipulate data input to artificial intelligence. Artificial intelligence cannot verify the integrity of the data input for learning. It is difficult to stop data poisoning with no countermeasures against session spoofing. To avoid session spoofing, physical and logical nodes must be linked seamlessly. One might think this can be achieved by utilizing Hardware Root-of-Trust (HRoT) based on a Physically Unclonable Function (PUF). However, a PUF is based on an expensive System-on-a-Chip (SoC), which has been specifically designed for high-end devices, like expensive smartphones. Many sensors (low-end and middle-end IoT devices) can hardly be protected with existing PUFs. Since the number of IoT devices with a PUF is insufficient to cover the entirety of IoT devices, an attacker can find a vulnerable IoT device with no PUF to perform session spoofing. This is the problem of numbers. To resolve it, we propose Physical Cyber Authentication (PCA). A Blockchain account (a logical node in a TLS session) is anchored to an integrated circuit (IC) chip inside a sensor, allowing Blockchain to manage sensor networks, which provides necessary data to artificial intelligence, thus forming a Blockchain of sensors. Full article

The rapid proliferation of the Internet of Things (IoT) leaves terminal devices vulnerable to considerable security challenges, notably the absence of robust yet efficient identity authentication mechanisms. Traditional certificate-based approaches incur substantial management overhead and storage expenditure, whereas Identity-Based Cryptography poses inherent key escrow risks. To tackle these challenges, this paper proposes a PUF and SM2-based certificateless identity authentication mechanism that integrates SM2 Certificateless Public Key Cryptography (a Chinese national cryptographic standard) with Physical Unclonable Functions (PUFs). Initially, the proposed solution utilizes PUF technology to derive a unique hardware-generated “fingerprint” from an IoT device, which functions as a root key to generate a partial user private key. This approach essentially binds the terminal’s identity to its physical hardware, thereby effectively mitigating physical cloning attacks against nodes. Moreover, through the adoption of a Certificateless Public Key Cryptography (CLPKC) framework, the complete user private key is jointly generated by a semi-trusted Key Generation Centre (KGC) and the terminal device itself. The comprehensive security analysis proves that the proposed scheme is provably secure under the random oracle model, capable of resisting various common attacks such as physical cloning, man-in-the-middle, and replay attacks. Performance evaluation confirms that the implemented PUF + SM2 certificateless mechanism significantly reduces the size of user public key identifiers to within 64 bytes, offering a substantial advantage over the 1–2 KB certificates typically required in conventional PKI/CA systems, thereby enhancing efficiency in storage and communication. Full article

The proliferation of Internet of Things (IoT) devices has created unprecedented challenges in cybersecurity, as billions of interconnected devices generate, process, and transmit sensitive data across diverse networks. This study addresses critical security vulnerabilities in IoT ecosystems, focusing on the development of a comprehensive security framework that encompasses device authentication, an attribute access control mechanism, and privacy preservation. This work introduces HADA, a proposed hybrid authentication method that combines the validation of unique credentials and trust value. For the authentication of the data owner and user, the following credentials are validated: identity, certificate, reconfigurable physical unclonable function (PUF), and trust. Differential privacy is used to secure the credentials during information exchange. Then, the newly developed dynamic attribute access control method selects the number of attributes and matches the attributes; these two processes are performed using the Bi-Fuzzy logic and graph neural network (GNN) algorithms, respectively. After matching the data, the user is allowed to access them from the cloud server. For data encryption, the lightweight SKINNY algorithm is implemented in Hyperledger Fabric blockchain. The proposed system performs better than existing methods in terms of throughput, latency, and resource utilization. Full article

In this study, the chemical composition of highland barley (HB), microwave fluidization HB (HB-1), extrusion and puffing HB (HB-2), and ultrafine pulverization HB (HB-3) were investigated based on untargeted metabolomics. In addition, RNA-seq transcriptomics, real-time polymerase chain reaction (qRT-PCR) and Western blot (WB) analysis were used to investigate the lipid metabolism mechanism of HB-1, induced by a high fat and cholesterol diet (HFCD). The results indicated that a total of 1292 metabolites were detected and classified into 78 distinct classes in the untargeted metabolomics analysis including fatty acyls, carboxylic acids and derivatives, glycerophospholipids, organooxygen compounds, prenol lipids, and so on. HB-1, HB-2, and HB-3 all increased the levels of amino acids and their derivatives, phenols, and carboxylic acid and its derivatives compared with HB. Furthermore, RNA-seq transcriptomic results indicated that HB-1 significantly modulated key genes of Cyp2c38, Cyp2b13, and Cyp2b9 related to steroid hormone biosynthesis and CD36, Plin4, and Fabp4 related to the PPAR signaling pathway, which played key roles in lipid metabolism. Moreover, qRT-PCR and WB results indicated that HB-1 obviously enhanced ADIPOQ expression level, while it reduced SCD-1, CD36, Fabp4, and SREBP-1c expression levels, suggesting that the alleviation of lipid metabolic dysregulation by HB-1 in hyperlipidemia mice might be mediated via participating in the PPARγ pathway. This study provided essential theoretical insights for the development and utilization of HB. Full article

The Internet of Drones (IoD) has emerged as a critical extension of the Internet of Things, enabling unmanned aerial vehicles to support diverse applications, including precision agriculture, logistics, disaster monitoring, and security surveillance. Despite its rapid growth, securing IoD communications remains a significant challenge due to the open wireless environment, high drone mobility, and strict computational and energy constraints. Existing authentication mechanisms either rely on computationally expensive cryptographic operations or remain validated only at the protocol or simulation level, leaving a critical gap in practical, hardware-validated solutions suitable for resource-constrained drone platforms. This gap motivates the need for a lightweight, privacy-preserving authentication scheme that is both theoretically sound and experimentally deployable on real hardware. To address this, we propose a Physically Unclonable Functions (PUF)-assisted lightweight authentication scheme for IoD environments that binds cryptographic keys to each drone’s intrinsic hardware characteristics via PUFs. The scheme employs dynamically generated pseudo-identities to conceal permanent drone identities and prevent tracking, while authentication and key agreement are achieved using efficient symmetric cryptographic primitives, including SHA-256 for key derivation and updates, AES-256 for secure communication, and lightweight XOR operations to minimize overhead. Forward secrecy is ensured through rolling key updates, and periodic renewal of PUF challenges enhances resistance to replay and modeling attacks. To validate practicality, both software-based and hardware-based implementations were developed and evaluated. The software evaluation demonstrates a low communication overhead of 708.5 bytes and an average computation time of 18.87 ms. The hardware implementation on a Nexys A7-100T FPGA operates at 100 MHz with only 12.49% LUT utilization and low dynamic power consumption of approximately 182.5 mW. These results confirm that the proposed framework achieves an effective balance between security, privacy, and efficiency. The significance of this work lies in providing a fully hardware-validated, PUF-based authentication framework specifically tailored to the real-world constraints of IoD environments, offering a practical foundation for securing next-generation drone networks. Full article

Physically unclonable functions (PUFs) are critical security primitives used in authentication and cryptographic key generation. Among these, structural color-based PUFs offer distinct advantages, including fade resistance and the ability to conceal multi-dimensional information. However, current fabrication methods rely heavily on wet processes and laser ablation. Consequently, there is a significant need for flexible PUF labels capable of being produced through a facile and dry process. Here, we present stress-relief modulated photonic crystal PUF labels designed for multi-level dynamic encryption. We achieve random patterning of nanograting-based photonic crystals by leveraging curved pinning edge-induced interruptions and the uncontrolled bulking of the polymeric elastomer due to the uneven adhesion force from the tape. Using artificial intelligence-based deep learning algorithms, we authenticate the labels by extracting structural color, brightness, and saturation, which are determined by the grating periodicity, depth, and orderliness of each pixel. Furthermore, we integrated these photonic crystal patterns with dynamically modulated optical erasure to extend encryption capacity from the spatial to the temporal dimension. We anticipate this approach will enable advanced wearable anti-counterfeiting labels and multi-level digital encryption systems. Full article