Fuzzy extraction and PUF based three party authentication protocol using USB as mass storage device

Abstract Due to the rapid advancement in on-demand communication and information technologies, the peripheral connection of computers through Universal Serial Bus (USB) is considered as a remarkable interface standard that is extensively used in Mass Storage Devices (MSDs) of consumers. The MSDs of current USB consumers are easy to carry as they facilitate with relatively advance transmission speed, however, use of the USB MSDs is restricted in many sensitive commercial environments due to extreme security concerns. Therefore, to resist against illegal access, the storage devices of consumers are protected using numerous security measures. However, still these devices are vulnerable to various security attacks. In this regard, many security protocols for USB have been presented previously, but they all are not appropriate for fully satisfying all the security needs. Therefore, in order to protect stored confidential information of consumers, this article introduces an identity based three-party authentication and key exchange protocol using PUF that would be helpful to protect consumer’s confidential information in storage devices. Moreover, on the basis of the physically uncloneable function (PUF), this article further presents an efficient protocol for the USB MSDs using fuzzy extractor. Our proposed protocol has rigid security analysis that indicates the resistance of our protocol against many known attacks. All the cryptographic operations of the proposed protocol are implemented on the system having good specification using python programming language. Furthermore, performance analysis of our protocol with related protocols of USB MSDs endorses the usefulness of our protocol by maintaining least possible communication and computation overheads.