Conference PaperPDF Available

Mutual Authentication for IoT in the Context of Fog Computing

Authors:

Abstract

Fog Computing is an area of Computer Science that is under constant construction and evolution, and in conjunction with information security, the paradigm becomes more reliable and secure for IoT’s edge platforms. The authentication of restricted memory devices has major problems because memory consumption is high when applied with other models that have the purpose of mutual authentication. This article proposes an authentication model that validates mutually the parties in an Internet of Things environment applied in the context of Fog Computing. Through the hypothetico-deductive methodology, the deductions and hypotheses are presented for the formal proof of the new proposed method. The results achieved in the research show that the approach of the authentication mechanism is optimized, the prototype was vali- dated in the AVISPA protocol evaluation tool and in a restricted memory controlled environment in a context of Fog and Cloud Computing.
6/20/19, 9)45 AMMutual Authentication for IoT in the Context of Fog Computing - IEEE Conference Publication
Page 1 of 6https://ieeexplore.ieee.org/document/8711402/references#references
Institutional Sign In
IEEE.org IEEE Xplore Digital Library
|IEEE-SA
|IEEE Spectrum
|More Sites
| Cart (0) Create Account
| Personal Sign In
|
Advertisement
Conferences > 2019 11th International Confe...
4Author(s)
Leandro Loffi ; Carla Merkle Westphall ; Lukas Detner Grüdtner ; Carlos B
View All Authors
Mutual Authentication for IoT in the Context of Fog Computing
Publisher: IEEE
9
Full
Text Views
Alerts
Manage
Content Alerts
Add to Citation
Alerts
Export to
Collabratec
Abstract
Document Sections
I. Introduction
II. Related Works
III. Proposed
Solution
IV. Evaluation
V. Conclusion and
Future Work
Authors
Figures
References
Keywords
Metrics
More Like This
Download
PDF
Abstract: The authentication of restricted memory devices has major problems
because memory consumption is high when applied with other protocols that have the
purpose of mutual au... View more
Metadata
Published in: 2019 11th International Conference on Communication Systems &
Networks (COMSNETS)
Abstract:
The authentication of restricted memory devices has major problems because memory
consumption is high when applied with other protocols that have the purpose of mutual
authentication. This article proposes an authentication model that validates mutually the
parties in an Internet of Things environment applied in the context of Fog Computing.
Through the hypothetic-deductive methodology, the deductions and hypotheses are
presented for the formal proof of the new proposed method. The results achieved in the
research show that the approach of the authentication mechanism is optimized, the
prototype was validated in the AVISPA protocol evaluation tool and in a restricted
memory controlled environment in a context of Fog Computing. However, this work is
more appropriate in Fog Computing environments because there are no route changes
as in Cloud Computing.
Advertisement
More Like This
Security in the Internet of Things: A Survey
on Application Layer Protocols
2017 21st International Conference on
Control Systems and Computer Science
(CSCS)
Published: 2017
Access Control on Internet of Things based
on Publish/Subscribe using Authentication
Server and Secure Protocol
2018 10th International Conference on
Information Technology and Electrical
Engineering (ICITEE)
Published: 2018
View More
Advertisement
Click to Expand
See the top organizations
patenting in technologies
mentioned in this article
My Settings Get Help
Browse Subscribe
Link to download the paper:
https://ieeexplore.ieee.org/document/8711402/references#references
6/20/19, 9)45 AMMutual Authentication for IoT in the Context of Fog Computing - IEEE Conference Publication
Page 2 of 6https://ieeexplore.ieee.org/document/8711402/references#references
Citation Map
Date of Conference: 7-11 Jan. 2019
Date Added to IEEE Xplore: 13 May 2019
ISBN Information:
ISSN Information:
INSPEC Accession Number: 18672211
DOI: 10.1109/COMSNETS.2019.8711402
Publisher: IEEE
Conference Location: Bengaluru, India,
India
1. F. Xia, L. T. Yang, L. Wang, A. Vinel, "Internet of things", International Journal of
Communication Systems, vol. 25, no. 9, pp. 1101-1102, 2012.
Show Context CrossRef Google Scholar
2. B. Schneier, Applied cryptography: protocols algorithms and source code in C, john
wiley & sons, 2007.
Show Context Google Scholar
3. P. Hu, H. Ning, T. Qiu, Y. Xu, X. Luo, A. K. Sangaiah, "A unified face identification and
resolution scheme using cloud computing in internet of things", Future Generation
Computer Systems, vol. 81, pp. 582-592, 2018.
Show Context CrossRef Google Scholar
4. P. Gope, R. Amin, S. H. Islam, N. Kumar, V. K. Bhalla, "Lightweight and privacy-
preserving rfid authentication scheme for distributed iot infrastructure with secure
localization services for smart city environment", Future Generation Computer Systems,
2017.
Show Context Google Scholar
5. S. Piramuthu, R. Doss, "On sensor-based solutions for simultaneous presence of
multiple rfid tags", Decision Support Systems, vol. 95, pp. 102-109, 2017.
Show Context CrossRef Google Scholar
6. A. Tewari, B. Gupta, "Cryptanalysis of a novel ultra-lightweight mutual authentication
protocol for iot devices using rfid tags", The Journal of Supercomputing, vol. 73, no. 3,
pp. 1085-1102, 2017.
Show Context CrossRef Google Scholar
7. K.-H. Wang, C.-M. Chen, W. Fang, T.-Y. Wu, "On the security of a new ultra-
lightweight authentication protocol in iot environment for rfid tags", The Journal of
Supercomputing, vol. 74, no. 1, pp. 65-70, 2018.
Show Context CrossRef Google Scholar
8. N. Li, D. Liu, S. Nepal, "Lightweight mutual authentication for iot and its applications",
IEEE Transactions on Sustainable Computing, vol. 2, no. 4, pp. 359-370, 2017.
Show Context View Article Full Text: PDF (604KB) Google Scholar
9. M. H. Ibrahim, "Octopus: An edge-fog mutual authentication scheme", IJ Network
Security, vol. 18, no. 6, pp. 1089-1101, 2016.
Show Context Google Scholar
6/20/19, 9)45 AMMutual Authentication for IoT in the Context of Fog Computing - IEEE Conference Publication
Page 3 of 6https://ieeexplore.ieee.org/document/8711402/references#references
Advertisement
Authors !
10. M. A. Jan, F. Khan, M. Alam, M. Usman, "A payload-based mutual authentication
scheme for internet of things", Future Generation Computer Systems, 2017.
Show Context Google Scholar
11. F. Wu, X. Li, L. Xu, S. Kumari, A. K. Sangaiah, "A novel mutual authentication
scheme with formal proof for smart healthcare systems under global mobility networks
notion", Computers & Electrical Engineering, vol. 68, pp. 107-118, 2018.
Show Context CrossRef Google Scholar
12. P. M. Kumar, U. D. Gandhi, "Enhanced dtls with coap-based authentication scheme
for the internet of things in healthcare application", The Journal of Supercomputing, pp.
1-21, 2017.
Show Context CrossRef Google Scholar
13. R. Amin, N. Kumar, G. Biswas, R. Iqbal, V. Chang, "A light weight authentication
protocol for iot-enabled devices in distributed cloud computing environment", Future
Generation Computer Systems, vol. 78, pp. 1005-1019, 2018.
Show Context CrossRef Google Scholar
14. M. Wazid, A. K. Das, M. K. Khan, A. A.-D. Al-Ghaiheb, N. Kumar, A. V. Vasilakos,
"Secure authentication scheme for medicine anti-counterfeiting system in iot
environment", IEEE Internet of Things Journal, vol. 4, no. 5, pp. 1634-1646, 2017.
Show Context View Article Full Text: PDF (1638KB) Google Scholar
15. A. Armando, D. Basin, J. Cuellar, M. Rusinowitch, L. Viganò, "Avispa: automated
validation of internet security protocols and applications", ERCIM News, vol. 64, 2006.
Show Context Google Scholar
16. V. Odelu, A. K. Das, A. Goswami, "A secure biometrics-based multi-server
authentication protocol using smart cards", IEEE Transactions on Information Forensics
and Security, vol. 10, no. 9, pp. 1953-1966, 2015.
Show Context View Article Full Text: PDF (2796KB) Google Scholar
I. Introduction
The evolution of Internet connected devices allowed the creation of a network of
intelligent objects. Each object has send and receive data functions between the
real world and the Internet, thus forming a network of things, or Internet of Things
(IoT). The main characteristic of an IoT network are devices that characterize a
network of sensors and actuators [1]. These devices must have adequate security
measures to provide trust in the use of the collected data.
Sign in to Continue Reading
Contents
6/20/19, 9)45 AMMutual Authentication for IoT in the Context of Fog Computing - IEEE Conference Publication
Page 4 of 6https://ieeexplore.ieee.org/document/8711402/references#references
Figures !
References "
Citation Map
1. F. Xia, L. T. Yang, L. Wang, A. Vinel, "Internet of things", International Journal of
Communication Systems, vol. 25, no. 9, pp. 1101-1102, 2012.
Show Context CrossRef Google Scholar
2. B. Schneier, Applied cryptography: protocols algorithms and source code in C,
john wiley & sons, 2007.
Show Context Google Scholar
3. P. Hu, H. Ning, T. Qiu, Y. Xu, X. Luo, A. K. Sangaiah, "A unified face identification
and resolution scheme using cloud computing in internet of things", Future
Generation Computer Systems, vol. 81, pp. 582-592, 2018.
Show Context CrossRef Google Scholar
4. P. Gope, R. Amin, S. H. Islam, N. Kumar, V. K. Bhalla, "Lightweight and privacy-
preserving rfid authentication scheme for distributed iot infrastructure with secure
localization services for smart city environment", Future Generation Computer
Systems, 2017.
Show Context Google Scholar
5. S. Piramuthu, R. Doss, "On sensor-based solutions for simultaneous presence of
multiple rfid tags", Decision Support Systems, vol. 95, pp. 102-109, 2017.
Show Context CrossRef Google Scholar
6. A. Tewari, B. Gupta, "Cryptanalysis of a novel ultra-lightweight mutual
authentication protocol for iot devices using rfid tags", The Journal of
Supercomputing, vol. 73, no. 3, pp. 1085-1102, 2017.
Show Context CrossRef Google Scholar
7. K.-H. Wang, C.-M. Chen, W. Fang, T.-Y. Wu, "On the security of a new ultra-
lightweight authentication protocol in iot environment for rfid tags", The Journal of
Supercomputing, vol. 74, no. 1, pp. 65-70, 2018.
Show Context CrossRef Google Scholar
8. N. Li, D. Liu, S. Nepal, "Lightweight mutual authentication for iot and its
applications", IEEE Transactions on Sustainable Computing, vol. 2, no. 4, pp. 359-
370, 2017.
Show Context View Article Full Text: PDF (604KB) Google Scholar
9. M. H. Ibrahim, "Octopus: An edge-fog mutual authentication scheme", IJ Network
Security, vol. 18, no. 6, pp. 1089-1101, 2016.
Show Context Google Scholar
10. M. A. Jan, F. Khan, M. Alam, M. Usman, "A payload-based mutual authentication
scheme for internet of things", Future Generation Computer Systems, 2017.
Show Context Google Scholar
6/20/19, 9)45 AMMutual Authentication for IoT in the Context of Fog Computing - IEEE Conference Publication
Page 5 of 6https://ieeexplore.ieee.org/document/8711402/references#references
Keywords !
Metrics !
11. F. Wu, X. Li, L. Xu, S. Kumari, A. K. Sangaiah, "A novel mutual authentication
scheme with formal proof for smart healthcare systems under global mobility
networks notion", Computers & Electrical Engineering, vol. 68, pp. 107-118, 2018.
Show Context CrossRef Google Scholar
12. P. M. Kumar, U. D. Gandhi, "Enhanced dtls with coap-based authentication
scheme for the internet of things in healthcare application", The Journal of
Supercomputing, pp. 1-21, 2017.
Show Context CrossRef Google Scholar
13. R. Amin, N. Kumar, G. Biswas, R. Iqbal, V. Chang, "A light weight authentication
protocol for iot-enabled devices in distributed cloud computing environment", Future
Generation Computer Systems, vol. 78, pp. 1005-1019, 2018.
Show Context CrossRef Google Scholar
14. M. Wazid, A. K. Das, M. K. Khan, A. A.-D. Al-Ghaiheb, N. Kumar, A. V.
Vasilakos, "Secure authentication scheme for medicine anti-counterfeiting system in
iot environment", IEEE Internet of Things Journal, vol. 4, no. 5, pp. 1634-1646,
2017.
Show Context View Article Full Text: PDF (1638KB) Google Scholar
15. A. Armando, D. Basin, J. Cuellar, M. Rusinowitch, L. Viganò, "Avispa: automated
validation of internet security protocols and applications", ERCIM News, vol. 64,
2006.
Show Context Google Scholar
16. V. Odelu, A. K. Das, A. Goswami, "A secure biometrics-based multi-server
authentication protocol using smart cards", IEEE Transactions on Information
Forensics and Security, vol. 10, no. 9, pp. 1953-1966, 2015.
Show Context View Article Full Text: PDF (2796KB) Google Scholar
IEEE Account !
Profile Information !
Purchase Details !
Need Help? !
Other !
6/20/19, 9)45 AMMutual Authentication for IoT in the Context of Fog Computing - IEEE Conference Publication
Page 6 of 6https://ieeexplore.ieee.org/document/8711402/references#references
A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.
© Copyright 2019 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.
US & Canada: +1 800 678 4333
Worldwide: +1 732 981 0060
IEEE Account
»Change Username/Password
»Update Address
Purchase Details
»Payment Options
»Order History
»View Purchased Documents
Profile Information
»Communications Preferences
»Profession and Education
»Technical Interests
Need Help?
»US & Canada: +1 800 678 4333
»Worldwide: +1 732 981 0060
»Contact & Support
A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.
© Copyright 2019 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.
About IEEE Xplore Contact Us
|Help
|Accessibility
|Terms of Use
|Nondiscrimination Policy
|Sitemap
|Privacy & Opting Out of Cookies
|
IEEE websites place cookies on your device to give you the best user experience. By using our
websites, you agree to the placement of these cookies. To learn more, read our Accept & Close
Privacy Policy.
... [2] The solution proposed in this paper aims to provide an end-to-end security service to the middleware architecture and for the contributors who upload sensing data from IoT devices to cloud. Leandro Loffi * , Carla Merkle Westphall †, Lukas Derner Grudtner ¨, Carlos Becker Westphall [3] The proposed scheme is aimed to provide an authentication scheme which verifies mutually in an IoT environment applied with the help of Fog Computing. ...
... In [3], the author proposes a new model to ensure the coherence of IoT contexts using Fog Computing into two processes: Hand Shaking and authorizing facts sections. During the handshake three things are analyzed to make sure Nonce, Challenge response and response time work. ...
... Traditional online authentication approaches can't be used directly in UAVbased fog computing because they need a lot of computing power and resources [40]. To enable device authentication and strong security in IoT applications double authentication watermarking strategy is proposed [41]. In this scheme, the cluster head collection node generates the authentication watermark sequence using the gathered information and uses the hash function with the key to insert a watermark to ensure authentication. ...
Article
Full-text available
div>With the recent advancement in technologies, researchers worldwide have a growing interest in unmanned aerial vehicles (UAVs). The last few years have been significant in terms of its global awareness, adoption, and applications across industries. In UAV-aided wireless networks, there are some limitations in terms of power consumption, data computation, data processing, endurance, and security. So, the idea of UAVs and Edge or Fog computing together deals with the limitations and provides intelligence at the network’s edge, which makes it more valuable to use in emergency applications. Fog computing distributes data in a decentralized way and blockchain also works on the principle of decentralization. Blockchain, as a decentralized database, uses cryptographic methods including hash functions and public key encryption to secure the user information. It is a prominent solution to secure the user’s information in blocks and maintain privacy. The ongoing development in collaborative UAVs and fog computing networks had put further a major challenge of security that need to be investigated. This article presents a study on security attacks and requirements needed to ensure security in UAV-based fog networks. We provide blockchain security in UAV-based fog computing to secure a large volume of data. The communicated data is stored in the form of blocks with hash functions, which guarantee security in the network. Thus, the aim of blockchain security is to guarantee that any hostile third party cannot corrupt or change the live missions or tasks allocated to actual UAV–Fog nodes.</div
... A malicious fog server may act as a legitimate fog server, and may pretend to be a fog user to connect to the fog [18], [22], [17]. Once connected, it can manipulate incoming and outgoing requests to the cloud, collect user data, etc. ...
Preprint
Full-text available
An identity preserving mutual authentication scheme between fog users and fog servers is an important and challenging issue in fog computing, because unlike cloud servers, fog servers and fog users may be malicious. Such a scheme should retain the true identity of the user from the opponent, because otherwise, the opponent will be able to track which fog user and fog server are communicating. This article proposes a safe and effective anonymous mutual authentication scheme between the fog user and the fog server at the edge of the network. In our solution, with the help of the registration authority (RA), they can authenticate each other and agree on a new session key, which will be used to encrypt messages in the session. Fog users can roam freely in the network and can authenticate to any fog server within its range without re-registering with RA. The proposed scheme requires few symmetric encryption/decryption and one-way hash functions, so that it can be efficiently implemented for resource-constrained fog user’s devices. The performance of the proposed scheme is compared with the existing scheme, in which the proposed scheme can withstand multiple attacks (known plaintext attacks, man-in-the-middle attacks, session hijacking, etc.). Finally, the proposed scheme is verified using the widely accepted Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The results show that our protocol can safely resist various attacks and can achieve the expected goals. Moreover, the proposed scheme is practically experimented using the NS3 simulator.
... A new mutual authentication method of IoT devices in fog environment proposed in [12]. The handshake step in the proposed method is similar to that used in TLS protocol. ...
... In [24] introduced a new mutual authentication in IoT networks for the fog computing contexts. Although, the authentication model's speed is notable, it applies the AES algorithm [25] which has lowperformance on IoT devices for data encryption and needs to be improved using TLS cipher suites. ...
Article
The Internet of Things (IoT) has converged with Cloud computing to provide comprehensive services to users in different places. However, with the exponential growth of smart devices connected to the Internet, Cloud computing has severe challenges, especially for applications that require low-latency and real-time processing. Therefore, the Fog computing paradigm emerged that is more compatible with the IoT, in which events are processed near where they occurred for practical and quick response time. Authentication is an essential issue for og computing security since fog gateways and IoT devices are subject to many attacks. The main problem to provide authentication between IoT devices is that they have limited resources and computational processing. On the one hand, certificate-based authentication algorithms are secure but they are heavy for IoT devices. On the other hand, Pre-shared authentication algorithms such as PSK are suitable for low resource devices but are not widely used due to their low security. Therefore, this paper proposes to use the Ephemeral Elliptic Curve Diffie–Hellman (ECDHE) key exchange algorithm along with the Pre-Shared Key (PSK) as a lightweight and secure authentication scheme between the fog gateway and IoT device based on the Message Queuing Telemetry Transport (MQTT) publish–subscribe protocol in a distributed fog computing architecture. The proposed ECDHE-PSK authentication scheme uses Ephemeral Pre-shared key instead of heavy certificates that is very lightweight and also provides Perfect Forward Secrecy (PFS) feature to enhance security in comparison with the static PSK algorithm. To evaluate the resource consumption and security resistance of the proposed scheme it was implemented on the real test environment and then was compared with two state-of-the-art certificate-based authentication schemes and a static PSK-based scheme. The comprehensive performance and security evaluations showed that in the distributed publish–subscribe fog computing architecture the proposed ECDHE-PSK is almost as light as the PSK algorithm while has all security features of certificate-based algorithms.
Article
As opposed to cloud servers, fog servers, and fog users may be malicious, so developing a mutual identity‐preserving authentication mechanism between them is a crucial and difficult problem in fog computing. Such a technique must conceal the user's true identity from the adversary; otherwise, the adversary will be able to determine which fog user and fog server are in communication. This article suggests a secure and reliable anonymous mutual authentication system for use at the network's edge between fog users and fog servers. With the aid of the registration authority (RA) in our system, they can verify one another and decide on a new session key that will be used to encrypt messages throughout the session. Fog users don't need to re‐register with RA to wander freely over the network and authenticate to any fog server that is within their range. The proposed technique only needs a small number of symmetric encryption/decryption and one‐way hash functions, making it easy to implement for fog‐user devices with limited resources. The new scheme's performance is evaluated in comparison to the existing one, showing that it is more resilient to various types of assaults (such as known plaintext attacks, man‐in‐the‐middle attacks, session hijacking, etc.). The widely used Automated Validation of Internet Security Protocols and Applications tool is used to verify the proposed system. The outcomes demonstrate that our approach can safely withstand different attacks and accomplish the desired outcomes. Additionally, the proposed method is tested in real‐world scenarios with the NS3 simulator.
Article
The fog assisted‐Internet of Things (IoT) enabled network has been a novel topic in recent years. With the rapid development of the IoT, it is imperative to accomplish security in the fog computing environment. The surface for cryptographic attacks is expanded since the fog node can analyze, store, and process data between cloud and IoT device. This article proposes elliptic curve cryptography (ECC) based mutual authentication and key agreement scheme to support secure communication between device and fog server. In this work, we have formally analyzed the proposed scheme using the most widely accepted automated validation of Internet security protocols and application (AVISPA) tool. The informal security analysis of the proposed scheme shows that the proposed method is robust against several attacks. The performance analysis has been evaluated in terms of computation and storage overhead. The security and performance analysis with theoretical proof indicates that proposed scheme attains better security than related schemes.
Article
The onboard diagnostic system (OBD) is almost standard on every modern vehicle. By exploiting the availability of wireless OBD dongles, vehicles can be assessed by the transportation authority and drivers to ensure compliance with emissions regulations. A vehicle’s OBD system can be remotely accessed by a fog node to retrieve a variety of the vehicle’s internal status and sensor readings. Such information can be shared with the transportation authority for registration renewal without the need for visiting emission stations. However, such automation comes at the risk of malicious intrusion into the OBD system by an attacker who aims to gain access to a vehicle’s internal network and control the vehicle. This article tackles this serious issue and proposes protocols for mutual authentication and securing the wireless connection between the OBD dongle, fog node, and authority. The robustness of the proposed protocols is verified using the Automated Validation of Internet Security Protocols and Applications (AVISPA) toolset.
Conference Paper
Full-text available
The scarcity of spectrum in sub-6 GHz frequency bands to meet projected wireless traffic demands has led to the wireless industry incorporating millimeter-wave technology in the design of next-generation wireless systems. The high path loss of millimeter-wave signals necessitates radios that operate in these frequencies to employ highly directional beams for transmission and reception. The transition from traditional omni-directional transmission and reception to highly directional links has drastic implications on the Medium Access Control (MAC) design, since it shifts the objective of the MAC layer from proactive interference avoidance to transmitter-receiver coordination to achieve beam alignment. In this paper, we present IRIS, a directional MAC protocol for mm-wave ad-hoc mobile networks that achieves this objective. Specifically, the Iris protocol is designed to distributedly coordinate the nodes so that transmitters and their intended receivers align their antenna boresights to establish a physical link between them when required. We establish certain performance guarantees that the Iris protocol provides, and illustrate the design process of a mm-wave ad-hoc MAC based on the Iris protocol.
Article
Full-text available
As health data are very sensitive, there is a need to prevent and control the health data with end-to-end security solutions. In general, a number of authentication and authorization schemes are available to prevent and protect the sensitive data, which are collected with the help of wearable Internet of Things (IoT) devices. The transport layer security (TLS) protocol is designed to transfer the data from source to destination in more reliable manner. This protocol enables a user to overcome the no lost or reordered messages. The more challenge with TLS is to tolerate unreliability. In order to overcome this issue, Datagram transport layer security (DTLS) protocol has been designed and used in low-power wireless constrained networks. The DTLS protocol consists of a base protocol, record layer, handshake protocol, ChangeCipherSpec and alert protocol. The complex issue with the DTLS protocol is the possibility of an attacker could send a number of ClientHello messages to a server. This scenario would cause a denial-of-service (DOS) attack against the server. This DoS attack enables new connection between the attacker and server, increasing attacker bandwidth, and allocation of resources for every ClientHello message. In order to overcome this issue, we have proposed a smart gateway-based authentication and authorization method to prevent and protect more sensitive physiological data from an attacker and malicious users. The enhanced smart gateway-based DTLS is demonstrated with the help of Contiki Network Simulator. The packet loss ratio is calculated for the CoAP, host identity protocol, CoAP-DTLS and CoAP-enhanced DTLS to evaluate the performance of the proposed work. Data transmission and handshake time are also calculated to evaluate the efficiency of the enhanced DTLS.
Article
Full-text available
Recently, Tewari and Gupta proposed a ultra-lightweight mutual authentication protocol in IoT environments for RFID tags. Their protocol aims to provide secure communication with least cost in both storage and computation. Unfortunately, in this paper, we exploit the vulnerability of this protocol. In this attack, an attacker can obtain the key shared between a back-end database server and a tag. We also explore the possibility in patching the system with some modifications.
Article
Smart healthcare is an emergent part in modern telemedical technology. To solve the problem of collecting information from roaming patients, global mobility network (GLOMONET) is a good way for data transferring. It is common sense that wireless circumstance is full of attacks, and the case how to protect the wireless network away from danger attracts researchers. We present a new two-factor authentication scheme for GLOMONETs to vanquish the hazard. Then the formal proof demonstrates that the attacker can crack the session key and the privacy of the scheme with a negligibly higher probability than directly guessing the password. Moreover, according to the informal analysis model, our scheme meets all the security properties. Finally, via performance comparison and network communication simulation by NS-3, our scheme is fit for practicality.
Article
The Internet of Things (IoT) is a vision that broadens the scope of the Internet by incorporating physical objects to identify themselves to the participating entities. This innovative concept enables a physical object to represent itself in the digital world. There have been a lot of speculations and future forecasts about these physical objects connected with the Internet, however, most of them lack secure features and are vulnerable to a wide range of attacks. Miniature sensor nodes, embedded in these physical objects, limit the support for computationally complex and resource-consuming secured algorithms. In this paper, we propose a lightweight mutual authentication scheme for the real-world physical objects of an IoT environment. It is a payload-based encryption scheme which uses a simple four-way handshake mechanism to verify the identities of the participating objects. The real-world objects communicate with each other using the client-server interaction model. Our proposed scheme uses the lightweight features of Constrained Application Protocol (CoAP) to enable the clients to observe resources residing on the server, in an energy-efficient manner. We use Advanced Encryption Standard (AES), with a key length of 128 bits, to establish a secured session for resource observation. We evaluate our scheme for a real-world scenario using NetDuino Plus 2 boards. Our scheme is computationally efficient, incurs less connection overhead and at the same time, provides a robust defence against various attacks such as, resource exhaustion, Denial-of-Service, replay and physical tampering.
Article
The Internet of Things (IoT) provides transparent and seamless incorporation of heterogeneous and different end systems. It has been widely used in many applications including smart cities such as public water system and vehicle traffic control system. In these smart city applications, a large number of IoT devices are deployed that can sense, communicate, compute and potentially actuate. The uninterrupted and accurate functioning of these devices are critical to smart city applications as crucial decisions will be made based on the data received. One of the challenging tasks is to assure the authenticity of the devices so that we can rely on the decision making process with a very high confidence. One of the characteristics of IoT devices deployed in such applications is that they have limited battery power. In this paper, we propose a lightweight mutual authentication protocol based on a novel public key encryption scheme for smart city applications. The proposed protocol takes a balance between the efficiency and communication cost without sacrificing the security. We evaluate the performance of our protocol in software and hardware environments. On the same security level, our protocol performance is significantly better than RSA and ECC based protocols.
Article
A counterfeit drug is a medication or pharmaceutical product, which is manufactured and made available on the market to deceptively represent its origin, authenticity and effectiveness, etc, and causes serious threats to the health of a patient. Counterfeited medicines make an adverse effect on the public health and also cause revenue loss to the legitimate manufacturing organizations. In this paper, we propose a new authentication scheme for medicine anti-counterfeiting system in the Internet of Things (IoT) environment which is used for checking the authenticity of pharmaceutical products (dosage forms). The proposed scheme utilizes the near field communication (NFC) and is suitable for mobile environment, which also provides efficient NFC update phase. The security analysis using the widely-accepted Real-Or-Random (ROR) model proves that the proposed scheme provides the session key (SK) security. The proposed scheme also protects other known attacks which are analyzed informally. Furthermore, the formal security verification using the broadly-accepted Automated Validation of Internet Security Protocols and Applications (AVISPA) tool shows that the proposed scheme is secure. The scheme is efficient with respect to computation and communication costs, and also it provides additional functionality features when compared to other existing schemes. Finally, for demonstration of the practicality of the scheme, we evaluate it using the broadlyaccepted NS-2 simulation.
Article
In the Internet of Things (IoT), identification and resolution of physical object is the crucial technology for authenticating object’s identity, controlling service access, and establishing trust between object and cloud service. With the development of computer vision and pattern recognition technologies, face has been used as a high-security identification and identity authentication method which has been deployed in various applications. Face identification can ensure the consistency between individual in physical-space and his/her identity in cyber-space during the physical-cyber space mapping. However, face is a non-code and unstructured identifier. With the increase of applications in current big data environment, the characteristic of face identification will result in the growing demands for computation power and storage capacity. In this paper, we propose a face identification and resolution scheme based on cloud computing to solve the above problem. The face identification and resolution system model is presented to introduce the processes of face identifier generation and matching. Then, parallel matching mechanism and cloud computing-based resolution framework are proposed to efficiently resolve face image, control personal data access and acquire individual’s identity information. It makes full use of the advantages of cloud computing to effectively improve computation power and storage capacity. The experimental result of prototype system indicates that the proposed scheme is practically feasible and can provide efficient face identification and resolution service.
Article
A majority of RFID authentication scenarios involve a single tag that is identified independent of other tags in the field of the reader. However, there are situations that necessitate simultaneous authentication of multiple tags as well as the verification of their simultaneous physical proximity to the reader. Juels (2004) introduced yoking proof for simultaneous authentication of multiple RFID tags. Several researchers have since then developed variants of yoking proof using both symmetric and asymmetric cryptography. Given that the ambient conditions are bound to be very similar for all objects that are in close physical proximity to one another, we critically evaluate the use of various relevant ambient conditions for this purpose. Based on our evaluation, we choose to use tag temperature and develop a variant of yoking proof protocol for simultaneous authentication of multiple tags.