An FPGA Implementation of Privacy Preserving Data Provenance Model Based on PUF for Secure Internet of Things

SN Computer Science (2021) 2:65 https://doi.org/10.1007/s42979-020-00428-0 ORIGINAL RESEARCH An FPGA Implementation of Privacy Preserving Data Provenance Model Based on PUF for Secure Internet of Things Hala Hamadeh1 · Akhilesh Tyagi1 Received: 2 June 2020 / Accepted: 11 December 2020 © The Author(s), under exclusive licence to Springer Nature Singapore Pte Ltd. part of Springer Nature 2021 Abstract Data provenance to maintain data integrity and authenticity is a significant challenge in the Internet of Things (IoT) environments. Data provenance protocols must communicate provenance metadata while preserving its privacy. This enables trust in IoT systems expanding its acceptance within society. In this paper, we present a scheme to combine data provenance and privacy-preserving solutions. Our scheme utilizes Physical Unclonable Functions (PUFs) with non-interactive zero knowledge proof to provide trustworthy and dependable IoT systems. An IoT device can anonymously send data to the corresponding server associated with the proof of ownership. We propose a privacy-preserving data provenance protocol. This protocol was synthesized with Altera Quartus. It was implemented on an Altera Cyclone IV FPGA to demonstrate its practicality and feasibility. Most of the protocol steps take time of the order of 40 μ s establishing its practicality. Keywords Data provenance · Privacy-preserving · Internet of thing · PUF Introduction The Internet of Things (IoT) deployment has been growing exponentially over the last decade [1–3]. Nowadays IoT devices are everywhere; they are in smart connected homes, hospitals, military, and agriculture [4–6]. This is still the proverbial tip of an iceberg. The ceiling for IoT deployment still has much further to go. This growth brings along several challenges, specially in the area of cybersecurity. Provenance and privacy preservation are considered two important factors within IoT cybersecurity domain due to the fact that the data is transmitted over communication channels. More specifically, in an IoT system, data provenance refers to the metadata that describes the ownership, creation process, and modification of data. Providing secure data This article is part of the topical collection “Technologies and Components for Smart Cities” guest edited by Himanshu Thapliyal, Saraju P. Mohanty, Srinivas Katkoori and Kailash Chandra Ray. * Hala Hamadeh Akhilesh Tyagi 1 Department of Electrical and Computer Engineering, Iowa State University, Ames, USA provenance aims to establish the trust in the data collected among the IoT devices [7]. Moreover, IoT networks are ideally open systems to allow plug-in functionality extension. This implies that data provenance should be communicated in a way so that the privacy of the provenance provider is not violated by leaking un-necessary information. This capabillity is what a privacy preserving data provenance model seeks to establish. Physical Unclonable Functions (PUF) are good candidates for providing a unique device-specific identity. Such unique silicon biometric identities can be a good source of data provenance. Software PUF (SW-PUF) [8] composes the silicon fabrication process variation with the software input defined execution paths to generate reproducible randomness that is both device and software dependent to serve as a hardware-software fingerprint. This functionality allows the SW-PUF to provide unique metadata to certify if a specific IoT device executed a specific data creation or modification program [8]. Privacy-preservation deals with protection of the IoT devices’ identities. One mechanism to keep the identity private is based on non-interactive zero knowledge proof [9]. The integration of data provenance with the privacy-preserving protocols is expected to provide a significant benefit in many IoT scenarios. For instance, consider health-care monitoring in an elder care center. Many vital signs for the SN Computer Science Vol.:(0123456789) 65 Page 2 of 11 elderly patients, such as heart rate, respiration flow rates, and temperature, could be tracked. In this case, trust in the received data could derive from trust in the identity of properly registered IoT sensors. However, if the data transmission protocol reveals the identity of the specific IoT sensors, it automatically reveals the patient identity. Any exposure of such sensitive data by unauthorized parties is considered a violation of federal health insurance portability and accountability act rules. Moreover, any tampering or modification of this data can lead to fatal outcomes [10]. This makes trust in the received data and its integrity from the IoT sensors very critical. We believe a privacy preserving data provenance model provides backbone for such a trust model. In this work, we propose a novel privacy preserving data provenance model based on Physical Unclonable Functions and Non-Interactive Zero Knowledge Proof systems. This framework guarantees that the received data from an IoT device is collected from a registered authorized device. Specifically, the proposed method can verify that the said authorized device ran an authorized data creation or modification program. Moreover, the preceding two properties can be established without revealing the device identity. The proposed solution contributes to achieving the following security goals: • Source Identity Authenticity Guarantees that the data originated from the specific IoT device that sent it. • Privacy-Preserving Identity Ensures that the real identity of the owner of the data is not unveiled. • Data Integrity Confirms that the data transmitted is not tampered with. • Device Trust Ensures that the device state is not exploited by a malicious code. The remainder of the paper is structured as follows. In Sect. “Related Work”, the existing work on data provenance in the IoT field is summarized. Software PUF is introduced in Sect. “ Software PUF”. Section “ Privacy Preserving Data Provenance Protocol” presents the proposed data provenance protocol. A brief description of threat models is given in Sect. “Threat Model”. Section “Implementation” explains the implementation of the proposed scheme. In Sect. “Results”, the performance results of our design are presented. Finally, we conclude the paper in Sect. “Conclusions”. Related Work Recently, several protocols for securing data provenance in an IoT system have been investigated in literature [11–13]. Most of these protocols can be classified into SN Computer Science SN Computer Science (2021) 2:65 three broad classes: block-chain-based, logging-based, and cryptography-based. Block-chain offers a decentralized and distributed immutable ledger. It provides secure data provenance in the IoT systems by recording a sequence of events or history for transactions in a verifiable block-chain. Such block-chainbased solutions [14, 15] can provide a high level of trust, accountability, and transparency. However, they a (...truncated)