Due to the rapid advancement in on-demand communication and information technologies, the peripheral connection of computers through Universal Serial Bus (USB) is considered as a remarkable interface standard that is extensively used in Mass Storage Devices (MSDs) of consumers. The MSDs of current USB consumers are easy to carry as they facilitate with relatively advance transmission speed, however, use of the USB MSDs is restricted in many sensitive commercial environments due to extreme security concerns. Therefore, to resist against illegal access, the storage devices of consumers are protected using numerous security measures. However, still these devices are vulnerable to various security attacks. In this regard, many security protocols for USB have been presented previously, but they all are not appropriate for fully satisfying all the security needs. Therefore, in order to protect stored confidential information of consumers, this article introduces an identity based three-party authentication and key exchange protocol using PUF that would be helpful to protect consumer’s confidential information in storage devices. Moreover, on the basis of the physically uncloneable function (PUF), this article further presents an efficient protocol for the USB MSDs using fuzzy extractor. Our proposed protocol has rigid security analysis that indicates the resistance of our protocol against many known attacks. All the cryptographic operations of the proposed protocol are implemented on the system having good specification using python programming language. Furthermore, performance analysis of our protocol with related protocols of USB MSDs endorses the usefulness of our protocol by maintaining least possible communication and computation overheads.

由于按需通信和信息技术的飞速发展，通过通用串行总线（USB）进行的计算机外围连接被认为是一种显着的接口标准，已广泛用于消费者的大容量存储设备（MSD）中。当前USB消费者的MSD易于携带，因为它们便于以相对较高的传输速度进行传输，但是由于极端的安全性考虑，在许多敏感的商业环境中限制了USB MSD的使用。因此，为了抵制非法访问，使用多种安全措施来保护消费者的存储设备。但是，这些设备仍然容易受到各种安全攻击。在这方面，先前已经介绍了许多用于USB的安全协议，但是它们都不适合完全满足所有安全需求。因此，为了保护存储的消费者机密信息，本文介绍了一种使用PUF的基于身份的三方身份验证和密钥交换协议，这将有助于保护存储设备中消费者的机密信息。此外，基于物理不可克隆函数（PUF），本文进一步提出了一种使用模糊提取器的USB MSD高效协议。我们提出的协议具有严格的安全性分析，表明我们的协议可以抵抗许多已知的攻击。使用python编程语言，在具有良好规范的系统上实现了所提出协议的所有密码操作。此外，